jibundedekirukogao.dt25.net Open in urlscan Pro
210.188.201.43 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://jibundedekirukogao.dt25.net/
Submission Tags: phishtake
Submission: On April 20 via api (April 20th 2021, 10:45:15 pm UTC) from JP

Summary HTTP 121 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 21 domains to perform 121 HTTP transactions. The main IP is 210.188.201.43, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is jibundedekirukogao.dt25.net.

This is the only time jibundedekirukogao.dt25.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	210.188.201.43 210.188.201.43	131965 (XSERVER X...) (XSERVER Xserver Inc.)
17	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 26	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1 3	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1 1	3.120.24.152 3.120.24.152	16509 (AMAZON-02) (AMAZON-02)
20	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
4 4	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:5642:8a73:6264:9a1f	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2 2	54.149.220.116 54.149.220.116	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	79.137.69.120 79.137.69.120	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
121	21

13 210.188.201.43 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv82.xserver.jp

jibundedekirukogao.dt25.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.24.152 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-24-152.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.252.103 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.115 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.218.208.246 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:5642:8a73:6264:9a1f (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.149.220.116 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-220-116.us-west-2.compute.amazonaws.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.137.69.120 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm10.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	610 KB
38	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	121 KB
13	dt25.net jibundedekirukogao.dt25.net	22 KB
9	gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com fonts.gstatic.com	323 KB
6	google.com 3 redirects adservice.google.com www.google.com	444 B
5	googletagservices.com www.googletagservices.com	172 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com	4 KB
4	pubmatic.com 4 redirects image6.pubmatic.com	3 KB
4	openx.net 4 redirects rtb.openx.net	1 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com	1 KB
3	quantserve.com 1 redirects cms.quantserve.com	1006 B
2	rlcdn.com 2 redirects id.rlcdn.com	889 B
2	addthis.com 2 redirects e.dlx.addthis.com	2 KB
2	google.de adservice.google.de	287 B
1	2mdn.net s0.2mdn.net	23 KB
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	301 B
1	mookie1.com odr.mookie1.com	324 B
1	googleapis.com fonts.googleapis.com	627 B
1	innovid.com ag.innovid.com	296 B
1	agkn.com 1 redirects d.agkn.com	759 B
1	googleadservices.com partner.googleadservices.com	406 B
121	21

	Domain	Requested by
26	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net jibundedekirukogao.dt25.net tpc.googlesyndication.com pagead2.googlesyndication.com
20	cm.g.doubleclick.net	jibundedekirukogao.dt25.net googleads.g.doubleclick.net
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net jibundedekirukogao.dt25.net
17	pagead2.googlesyndication.com	jibundedekirukogao.dt25.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	jibundedekirukogao.dt25.net	jibundedekirukogao.dt25.net
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	ssum-sec.casalemedia.com	4 redirects
4	image6.pubmatic.com	4 redirects
4	rtb.openx.net	4 redirects
4	www.google.com	3 redirects googleads.g.doubleclick.net
3	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
3	pixel.rubiconproject.com	3 redirects
3	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	id.rlcdn.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	googlecm.hit.gemius.pl	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
121	29

This site contains links to these domains. Also see Links.

Domain
a11.yaruman.org
a12.yaruman.org
a13.yaruman.org
a14.yaruman.org

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh

This page contains 21 frames:

Primary Page: http://jibundedekirukogao.dt25.net/
Frame ID: A6A649569C8021FE5277C811BE354579
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210415/r20190131/zrt_lookup.html
Frame ID: 92943D8733F88EADC4C19E89A2B8AB23
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&adk=1812271804&adf=3025194257&lmt=1570747697&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&ea=0&flash=0&pra=5&wgl=1&dt=1618958697690&bpp=12&bdt=70&idt=70&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2239345179330&frm=20&pv=2&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&dtd=99
Frame ID: 95D4F4AADC03E005C3C784680CEC9A08
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=15&slotname=9751991989&adk=3845026852&adf=402710408&pi=t.ma~as.9751991989&w=728&lmt=1570747697&psa=0&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698147&bpp=2&bdt=528&idt=2&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=414&ady=87&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=ALZe2dgZqK&p=http%3A//jibundedekirukogao.dt25.net&dtd=9
Frame ID: 384D2FC885091A445DAD1085B1ECF1BD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=250&slotname=8561685583&adk=1410419542&adf=4274972013&pi=t.ma~as.8561685583&w=250&lmt=1570747697&psa=0&format=250x250&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698162&bpp=3&bdt=542&idt=3&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=647&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Po5asYNMzX&p=http%3A//jibundedekirukogao.dt25.net&dtd=7
Frame ID: C244D8ED9FFC79CB519179D8E633115E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=250&slotname=3379513183&adk=3419604076&adf=2457737313&pi=t.ma~as.3379513183&w=250&lmt=1570747697&psa=0&format=250x250&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698173&bpp=1&bdt=553&idt=0&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=907&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=Vinoqbvu5c&p=http%3A//jibundedekirukogao.dt25.net&dtd=4
Frame ID: F8CDB69337FB48CFB44F1CD18C7C52E8
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=600&slotname=3613768783&adk=94595765&adf=282678229&pi=t.ma~as.3613768783&w=160&lmt=1570747697&psa=0&format=160x600&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698212&bpp=1&bdt=592&idt=1&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250%2C250x250&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=427&ady=374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=dkPsbXrGz9&p=http%3A//jibundedekirukogao.dt25.net&dtd=4
Frame ID: FCC2C5FC44F0AAEF3D71E2369589F34C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=90&slotname=9366493185&adk=2171484123&adf=2334505472&pi=t.ma~as.9366493185&w=728&lmt=1570747697&psa=0&format=728x90&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698220&bpp=6&bdt=600&idt=6&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250%2C250x250%2C160x600&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=ktBDZfCbtr&p=http%3A//jibundedekirukogao.dt25.net&dtd=9
Frame ID: E710F82B1C27F26215D941C459EA3232
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=15&slotname=9751991989&adk=2477136073&adf=3017637576&pi=t.ma~as.9751991989&w=728&lmt=1570747697&psa=0&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698232&bpp=1&bdt=613&idt=1&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250%2C250x250%2C160x600%2C728x90&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=czzRupCMsM&p=http%3A//jibundedekirukogao.dt25.net&dtd=5
Frame ID: B9440B2AC1C689C2A71EC81C020A3A49
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 1EAB954A200C7DD50A8351ED6B3D5E82
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 95C0917DDA9B93B6B0B94E58B724CBF9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Frame ID: A79AB9A77D7130BA18FDB720EFC65EDD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 057E7C68596A515618D1E7EE01362472
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Frame ID: 65D4607B401C478B6FD51310811CDD8E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: EF784E93569BA52D2697286C6A9B2965
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2234ECED1644F88034F0EB3A887AE12F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html
Frame ID: 78126B970431EA692014EB252D9ED289
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CETaXall_YLOnC8jL7_UP9I6AuAuNpPKkYcaqg96rDfDtxMedFhABIPuuriBglYr4gZQHoAGj1rDEA8gBCakClwxWweAutD6oAwHIA0iqBM8BT9DyKfn7FZ40Gvg6tMi0mw2Akldvq_e_HUezWfSZAw8whUBNmv7TElDHoFTzNhpjPiOgrSmP76JCy_QC8e3C3hPNmmG4DbG2fn_3l6VtFqlukqDUq4woJ09SC7yT8GVMV3u0d8otpEfPNJ6EeAKRuu9PMiZo1SQSy2cQxFo2KFgGseutm514qC5X8PS2KDE0CzID_o3JE4cMkR6H6EPQzaqCKF9XMLY0rLkaRe2840mcPemmva1KMy3kVxNqM_N4CBZg6dBMJ5Gx8gzuI-phwATHz7S-sgKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHxanPO6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDFpBzSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItODgxOTIwNDc3ODAwMjkxMg&sigh=2MiGpYGiST4&template_id=419
Frame ID: 943BBB75C98286B4CDE19BEB341E843E
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Frame ID: 29B2A10BA277FE231354EDBBA2E4BEF2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 9F763D9AB2F83688F26CE73AF0F68DBA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 6C02BC3EDC9769D1B5ED656A32DB83CA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

121
Requests

87 %
HTTPS

57 %
IPv6

21
Domains

29
Subdomains

21
IPs

5
Countries

1273 kB
Transfer

2443 kB
Size

3
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://a11.yaruman.org/
Title: ハーブでヘアケア

Search URL Search Domain Scan URL

URL: http://a12.yaruman.org/
Title: 呼吸法をマスターして誰でもできる簡単ダイエット

Search URL Search Domain Scan URL

URL: http://a13.yaruman.org/
Title: 無理なくやせられるレコーディングダイエット

Search URL Search Domain Scan URL

URL: http://a14.yaruman.org/
Title: 便秘を治す方法

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 40

https://d.agkn.com/pixel/2175/?google_gid=CAESELfEpv1-Bej5CPAkoad9Njk&google_cver=1&google_push=AQvitUKvW4_6dhxo-LGP3pVcrxWqgzvHP1enA6TSBwturBAixoYryAVc2cx8YfJNVD0Mp7XiQIqVX-WUoRe2PDvJb3ix75p90s8o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUKvW4_6dhxo-LGP3pVcrxWqgzvHP1enA6TSBwturBAixoYryAVc2cx8YfJNVD0Mp7XiQIqVX-WUoRe2PDvJb3ix75p90s8o&google_hm=Q0FFU0VMZkVwdjEtQmVqNUNQQWtvYWQ5Tmpr

Request Chain 41

https://rtb.openx.net/sync/dds?google_gid=CAESED7fEPW3EnPUIZL4gQkwW_c&google_cver=1&google_push=AQvitULWu4uNMvBX5sJzMlKzuKSCswuDQ2Pw_3UthJmJrP1ZGnHKiOMWPwWMaAEM_e8zHoBKx0VkpztQqJdMZignstpNAB7qUwQ HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESED7fEPW3EnPUIZL4gQkwW_c&google_cver=1&google_push=AQvitULWu4uNMvBX5sJzMlKzuKSCswuDQ2Pw_3UthJmJrP1ZGnHKiOMWPwWMaAEM_e8zHoBKx0VkpztQqJdMZignstpNAB7qUwQ&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULWu4uNMvBX5sJzMlKzuKSCswuDQ2Pw_3UthJmJrP1ZGnHKiOMWPwWMaAEM_e8zHoBKx0VkpztQqJdMZignstpNAB7qUwQ&google_hm=P2KzklxTz18kSqo5VnWPMg==

Request Chain 42

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELlU7uL1IRGP5UVRs5ZXgkw&google_cver=1&google_push=AQvitUKniHJrjlFK0bO_EVRd7tNNVQAfJWHJJBN5hSHgygttdu3G2H7w8urkTATJSkouFy661DMHQVA8P1Pwsi20G5p_RdV3J8o HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELlU7uL1IRGP5UVRs5ZXgkw&google_cver=1&google_push=AQvitUKniHJrjlFK0bO_EVRd7tNNVQAfJWHJJBN5hSHgygttdu3G2H7w8urkTATJSkouFy661DMHQVA8P1Pwsi20G5p_RdV3J8o&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z4O9Q2ClQouTSKZnTSd9WA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKniHJrjlFK0bO_EVRd7tNNVQAfJWHJJBN5hSHgygttdu3G2H7w8urkTATJSkouFy661DMHQVA8P1Pwsi20G5p_RdV3J8o

Request Chain 43

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOhJzoPrgODd3Mfn_Iryb0U&google_cver=1&google_push=AQvitUI5r9W2Os_VxzGWOQSokosUjgROInNzyRTgWynM-WOSdJye8TKnl8IyCtoiTNpRTJ5_LXbrVHKEh3srPICtU7PpZIfAEjyO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05RTTdJTkMtVC0xUEZZ&google_push=AQvitUI5r9W2Os_VxzGWOQSokosUjgROInNzyRTgWynM-WOSdJye8TKnl8IyCtoiTNpRTJ5_LXbrVHKEh3srPICtU7PpZIfAEjyO

Request Chain 44

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIrszL6UCOk6HZP4ke1ofdE&google_cver=1&google_push=AQvitUJMoZRh3D64H3aQeCS-nDjUyjvwdf0GCdbrzdZ5iQ43laPU8UWC7s2w_aHQH0GAkXFnlv1CfRu2o5UaWathsOrGHkeu3MA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIrszL6UCOk6HZP4ke1ofdE&google_cver=1&google_push=AQvitUJMoZRh3D64H3aQeCS-nDjUyjvwdf0GCdbrzdZ5iQ43laPU8UWC7s2w_aHQH0GAkXFnlv1CfRu2o5UaWathsOrGHkeu3MA&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH9Zaj85siOvnQ6nyDhw8QAABJIAAAAB&google_cver=1&google_push=AQvitUJMoZRh3D64H3aQeCS-nDjUyjvwdf0GCdbrzdZ5iQ43laPU8UWC7s2w_aHQH0GAkXFnlv1CfRu2o5UaWathsOrGHkeu3MA&google_gid=CAESEIrszL6UCOk6HZP4ke1ofdE

Request Chain 65

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrk9_CyQEQsAkYsAkyCAHYambP8BMk HTTP 301
https://tpc.googlesyndication.com/simgad/778386939095909474

Request Chain 69

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED0lWP_uCACeZCviUCctqRI&google_cver=1&google_push=AQvitUJfoZ2AgYbV4K4ubdna1p5-IGLd-sWuNJKtSNKht40XwP6k63MpGzr98sryRzYA5bGIz_lQ2V8qxkizevKPran3W4KTm8E HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUJfoZ2AgYbV4K4ubdna1p5-IGLd-sWuNJKtSNKht40XwP6k63MpGzr98sryRzYA5bGIz_lQ2V8qxkizevKPran3W4KTm8E&google_hm=LhnJmc8KYB3EeeQvNVq0bw

Request Chain 70

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUKbGcCv_Qf-6K0so6aGvLlxsRMbW1Jz0ojW4pwearb3eNLzgzMbflpEbpDInWTytd17YOek7mQDow_JMjAaJ8mfasdI_-8&google_gid=CAESELT_FyiCI_tGP9ZfYhhyoX4&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUKbGcCv_Qf-6K0so6aGvLlxsRMbW1Jz0ojW4pwearb3eNLzgzMbflpEbpDInWTytd17YOek7mQDow_JMjAaJ8mfasdI_-8&google_gid=CAESELT_FyiCI_tGP9ZfYhhyoX4&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MjAyMjQ0NTk0OTUzOTExODAxMzMyNw%3D%3D&google_push=AQvitUKbGcCv_Qf-6K0so6aGvLlxsRMbW1Jz0ojW4pwearb3eNLzgzMbflpEbpDInWTytd17YOek7mQDow_JMjAaJ8mfasdI_-8

Request Chain 72

https://rtb.openx.net/sync/dds?google_gid=CAESEPw-fSzqDj3jgMleTPJYf4w&google_cver=1&google_push=AQvitUKTEI5cjcYiD7b58-33NwYsddkQb6MPjN1ftzCBFtdImUpiMMVhDkkxP8FeLK6GlpsRWKWFmH16owyz7oTNUUP31sCUCbI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKTEI5cjcYiD7b58-33NwYsddkQb6MPjN1ftzCBFtdImUpiMMVhDkkxP8FeLK6GlpsRWKWFmH16owyz7oTNUUP31sCUCbI&google_hm=P2KzklxTz18kSqo5VnWPMg==

Request Chain 73

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOLRr6rWxQZUMgJh3B42Vl0&google_cver=1&google_push=AQvitUKyq-JdIKg7PEeFXpiCEPlFaQfXZ7075kzQpiGQz4LdJZt2A6ArjMmKP4DI6lWSkpq-xQ5qiFaAKoZmOjkf40LDJIPGueI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z4O9Q2ClQouTSKZnTSd9WA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKyq-JdIKg7PEeFXpiCEPlFaQfXZ7075kzQpiGQz4LdJZt2A6ArjMmKP4DI6lWSkpq-xQ5qiFaAKoZmOjkf40LDJIPGueI

Request Chain 74

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEn4VUSKls0drCJLUkv__bk&google_cver=1&google_push=AQvitUKhzAU7YJcEb2yPyu7fKfZkmhXP3_ZrRBYy3TGK_enBH4kZjeCu28aHggoV8R_0RuVK5d0WmD0NvyICMjXMlQ9Hu9xNU0w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05RTTdJUlItMUwtN0pHNQ==&google_push=AQvitUKhzAU7YJcEb2yPyu7fKfZkmhXP3_ZrRBYy3TGK_enBH4kZjeCu28aHggoV8R_0RuVK5d0WmD0NvyICMjXMlQ9Hu9xNU0w

Request Chain 75

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEOhAjqg_CGG6Y9aQ5uxGmE&google_cver=1&google_push=AQvitUJ5m_V06Go9hHGx8PhvwG5yXPrxT1-m79_VhxZRx7TVVzUWXnL0g1slaqM1-G4sFWC0FN5bPdfYKW-1mbkfI_MLm56HHow HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH9Zaj85siOvnQ6nyDhw8QAABJIAAAAB&google_push=AQvitUJ5m_V06Go9hHGx8PhvwG5yXPrxT1-m79_VhxZRx7TVVzUWXnL0g1slaqM1-G4sFWC0FN5bPdfYKW-1mbkfI_MLm56HHow&google_gid=CAESEEOhAjqg_CGG6Y9aQ5uxGmE&google_cver=1

Request Chain 95

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitULrUTpvFc1UHKqUhSV-MIi1WSE4ELasE_KeDTZ5y0mhAKQTSVDmXCtd_athvUrALN4TyYIIgXc5A71AA6j7uf2DsmPzgA&google_gid=CAESEAYWGeq1b-SGsBv6roSlNs8&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOuy_YMGEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BUXZpdFVMclVUcHZGYzFVSEtxVWhTVi1NSWkxV1NFNEVMYXNFX0tlRFRaNXkwbWhBS1FUU1ZEbVhDdGRfYXRodlVyQUxONFR5WUlJZ1hjNUE3MUFBNmo3dWYyRHNtUHpnQQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwejBEcjc5YUp5eU15TTJzQnN1ZERQRy14NnhWWHVoalF5c2QwVWRXWERRdw==&google_push

Request Chain 96

https://rtb.openx.net/sync/dds?google_gid=CAESEHokrg-nr-VGXLaUKv2NSLc&google_cver=1&google_push=AQvitUK0gjrw_jiRY5XQ5vnmgVOUN2PTTcVc7d2OLm9s5hNUIvYQ4IWFKyFX_ctI7UHbErjdVuGD9t7XwVLXMXup2MsXGSUcNVU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK0gjrw_jiRY5XQ5vnmgVOUN2PTTcVc7d2OLm9s5hNUIvYQ4IWFKyFX_ctI7UHbErjdVuGD9t7XwVLXMXup2MsXGSUcNVU&google_hm=P2KzklxTz18kSqo5VnWPMg==

Request Chain 97

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELdYvwQeNqBN-pWfyLXO5V4&google_cver=1&google_push=AQvitUJAGVwAdDXBdxAzucH1ygqBe2kLWLLV8JPsrRJMTF0zqNK0sBX5mk_ZUjmgsmAROebM5g0afp9THQi1NPGV98UCsENF7A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z4O9Q2ClQouTSKZnTSd9WA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJAGVwAdDXBdxAzucH1ygqBe2kLWLLV8JPsrRJMTF0zqNK0sBX5mk_ZUjmgsmAROebM5g0afp9THQi1NPGV98UCsENF7A

Request Chain 98

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEII0FiAlVxdFWSWu5e5_7mk&google_cver=1&google_push=AQvitULb1IpTz5k1O2t7ierga8FrSuzSCKmGQwvlnAtEy7GGhuF5ugzvuBQzMetutoOH5OwHgnCpOPxXdXDGg3UKWcect_q8Ag HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05RTTdJWFEtMVUtREpTRw==&google_push=AQvitULb1IpTz5k1O2t7ierga8FrSuzSCKmGQwvlnAtEy7GGhuF5ugzvuBQzMetutoOH5OwHgnCpOPxXdXDGg3UKWcect_q8Ag

Request Chain 99

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECHLfzbj7HOBA3HZFHU786c&google_cver=1&google_push=AQvitUIAE4kLIs2dvw7zIEnBjckL4-qYVO7JU5VC_ghq2-0jJ5EC5MMo11Idn9CjQCkP5baM_vLgBdmjs-tf-01wFFLnGM1Z-EY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH9Zaj85siOvnQ6nyDhw8QAABJIAAAAB&google_cver=1&google_push=AQvitUIAE4kLIs2dvw7zIEnBjckL4-qYVO7JU5VC_ghq2-0jJ5EC5MMo11Idn9CjQCkP5baM_vLgBdmjs-tf-01wFFLnGM1Z-EY&google_gid=CAESECHLfzbj7HOBA3HZFHU786c

Request Chain 100

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKrxivvHG2HD9gGtsICUf7M&google_cver=1&google_push=AQvitUIi2oRg7-6SR0vr6x4_lRe2JFz4EYBqjDX3Pi-lJOO81a8K09QfJe99gG4c8D30p57_4UUu-sveCnJPkJP2pg15uuX1D8w HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIi2oRg7-6SR0vr6x4_lRe2JFz4EYBqjDX3Pi-lJOO81a8K09QfJe99gG4c8D30p57_4UUu-sveCnJPkJP2pg15uuX1D8w&google_hm=

Request Chain 102

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 113

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

121 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
jibundedekirukogao.dt25.net/ 8 KB
3 KB 524ms
509ms Document
text/html 210.188.201.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://jibundedekirukogao.dt25.net/
Protocol: HTTP/1.1
Server: 210.188.201.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv82.xserver.jp
Software: nginx /
Resource Hash: 1a0ac2a3a3c0169bbe335a8075500254a2771928031924123e78844a5ee3897c

Request headers

Host: jibundedekirukogao.dt25.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Tue, 20 Apr 2021 22:44:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 10 Oct 2019 22:48:17 GMT
ETag: W/"1f18-59496328df9e4"
Content-Encoding: gzip

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
48 KB 42ms
23ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e7e1c0ca7f4b5de4bf685edab1b4db31bff56e83fa2745700947fea85ff3095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://jibundedekirukogao.dt25.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48177
x-xss-protection: 0
server: cafe
etag: 991419791532950054
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Apr 2021 22:44:57 GMT

GET
H/1.1 200
OK base.css
jibundedekirukogao.dt25.net/style/css/ 8 KB
3 KB 264ms
263ms Stylesheet
text/css 210.188.201.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://jibundedekirukogao.dt25.net/style/css/base.css
Requested by: Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/
Protocol: HTTP/1.1
Server: 210.188.201.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv82.xserver.jp
Software: nginx /
Resource Hash: 7b6efeab19d4d63217545b21b431633d67960189397bfeec860dc9dfd4519744

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jibundedekirukogao.dt25.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://jibundedekirukogao.dt25.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jibundedekirukogao.dt25.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 22:44:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 May 2019 19:58:00 GMT
Server: nginx
ETag: W/"2148-587ed0d1c20cb"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK style.css
jibundedekirukogao.dt25.net/style/css/ 7 KB
1 KB 520ms
506ms Stylesheet
text/css 210.188.201.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://jibundedekirukogao.dt25.net/style/css/style.css
Requested by: Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/
Protocol: HTTP/1.1
Server: 210.188.201.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv82.xserver.jp
Software: nginx /
Resource Hash: cbeda32f538a5c88837b4231b37ef6f0fec2f295a6a8f7c0dcf92a610afb821a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jibundedekirukogao.dt25.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://jibundedekirukogao.dt25.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jibundedekirukogao.dt25.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 22:44:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 May 2019 19:58:00 GMT
Server: nginx
ETag: W/"1ac8-587ed0d1ff92c"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK ie.css
jibundedekirukogao.dt25.net/style/css/ 249 B
483 B 525ms
510ms Stylesheet
text/css 210.188.201.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://jibundedekirukogao.dt25.net/style/css/ie.css
Requested by: Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/
Protocol: HTTP/1.1
Server: 210.188.201.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv82.xserver.jp
Software: nginx /
Resource Hash: 374c8dbc4170be246f238b17dc43ab7ab5a56793a5d67b91e345dcb4f5aed18d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jibundedekirukogao.dt25.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://jibundedekirukogao.dt25.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jibundedekirukogao.dt25.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 22:44:58 GMT
Last-Modified: Thu, 02 May 2019 19:58:00 GMT
Server: nginx
ETag: "f9-587ed0d1dd64c"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 249

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
48 KB 28ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e7e1c0ca7f4b5de4bf685edab1b4db31bff56e83fa2745700947fea85ff3095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://jibundedekirukogao.dt25.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 20 Apr 2021 22:44:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 991419791532950054
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 48177
X-XSS-Protection: 0
Expires: Tue, 20 Apr 2021 22:44:57 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210415/r20190131/ 222 KB
83 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210415/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8819204778002912&plah=jibundedekirukogao.dt25.net&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f54415e29eb70befe2473a69a097e33e3f1e90376016243b2af5173f2c87bd23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://jibundedekirukogao.dt25.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84655
x-xss-protection: 0
server: cafe
etag: 16615013293570182620
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Apr 2021 22:44:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210415/r20190131/ Frame 9294 10 KB
5 KB 25ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210415/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210415/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://jibundedekirukogao.dt25.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://jibundedekirukogao.dt25.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 20 Apr 2021 14:42:17 GMT
expires: Tue, 04 May 2021 14:42:17 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 28960
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 198 B
406 B 48ms
47ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=jibundedekirukogao.dt25.net&callback=_gfp_s_&client=ca-pub-8819204778002912

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210415/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8819204778002912&plah=jibundedekirukogao.dt25.net&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8b0aac1bea0a1176fa37ec9e1839bdba8b10641430bfee3051e3590381152442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://jibundedekirukogao.dt25.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=jibundedekirukogao.dt25.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://jibundedekirukogao.dt25.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 22:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=jibundedekirukogao.dt25.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://jibundedekirukogao.dt25.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 22:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 95D4 54 B
56 B 84ms
83ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&adk=1812271804&adf=3025194257&lmt=1570747697&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&ea=0&flash=0&pra=5&wgl=1&dt=1618958697690&bpp=12&bdt=70&idt=70&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2239345179330&frm=20&pv=2&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&dtd=99

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8819204778002912&output=html&adk=1812271804&adf=3025194257&lmt=1570747697&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&ea=0&flash=0&pra=5&wgl=1&dt=1618958697690&bpp=12&bdt=70&idt=70&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2239345179330&frm=20&pv=2&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&dtd=99
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://jibundedekirukogao.dt25.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://jibundedekirukogao.dt25.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Apr 2021 22:44:57 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 20-Apr-2021 22:59:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Apr 2021 22:44:57 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://jibundedekirukogao.dt25.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831909828443"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Tue, 20 Apr 2021 22:44:57 GMT

GET
H/1.1 200
OK body_bg.gif
jibundedekirukogao.dt25.net/style/img/ 205 B
440 B 263ms
263ms Image
image/gif 210.188.201.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jibundedekirukogao.dt25.net/style/img/body_bg.gif
Requested by: Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/style/css/base.css
Protocol: HTTP/1.1
Server: 210.188.201.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv82.xserver.jp
Software: nginx /
Resource Hash: 36e919f0513f552e7e796f66fde18b1b2e19625b054e96b7089cc2d31edbb0f1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jibundedekirukogao.dt25.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://jibundedekirukogao.dt25.net/style/css/base.css
Cookie: __gads=ID=a1941c347418daa0-2220e2ff2bbb00a5:T=1618958697:RT=1618958697:S=ALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jibundedekirukogao.dt25.net/style/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 22:44:58 GMT
Last-Modified: Thu, 02 May 2019 19:58:01 GMT
Server: nginx
ETag: "cd-587ed0d2567cd"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 205

GET
H/1.1 200
OK wrapper_bg_left.gif
jibundedekirukogao.dt25.net/style/img/ 263 B
499 B 523ms
509ms Image
image/gif 210.188.201.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jibundedekirukogao.dt25.net/style/img/wrapper_bg_left.gif
Requested by: Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/style/css/base.css
Protocol: HTTP/1.1
Server: 210.188.201.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv82.xserver.jp
Software: nginx /
Resource Hash: 966c211fe65ffa6a9480283eeb514b5c85c4f88cf76946b843507571f05e262a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jibundedekirukogao.dt25.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://jibundedekirukogao.dt25.net/style/css/base.css
Cookie: __gads=ID=a1941c347418daa0-2220e2ff2bbb00a5:T=1618958697:RT=1618958697:S=ALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jibundedekirukogao.dt25.net/style/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 22:44:58 GMT
Last-Modified: Thu, 02 May 2019 19:58:02 GMT
Server: nginx
ETag: "107-587ed0d3e3f33"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 263

GET
H/1.1 200
OK kanban_bg.jpg
jibundedekirukogao.dt25.net/style/img/ 8 KB
8 KB 525ms
510ms Image
image/jpeg 210.188.201.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jibundedekirukogao.dt25.net/style/img/kanban_bg.jpg
Requested by: Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/style/css/base.css
Protocol: HTTP/1.1
Server: 210.188.201.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv82.xserver.jp
Software: nginx /
Resource Hash: 61f3994bd79e8f77a3a8e7630d7ad11ea2b4d6ab5bcdefa5c4b8a5ca0e7dc82a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jibundedekirukogao.dt25.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://jibundedekirukogao.dt25.net/style/css/base.css
Cookie: __gads=ID=a1941c347418daa0-2220e2ff2bbb00a5:T=1618958697:RT=1618958697:S=ALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jibundedekirukogao.dt25.net/style/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 22:44:58 GMT
Last-Modified: Thu, 02 May 2019 19:58:01 GMT
Server: nginx
ETag: "1ef4-587ed0d2ce9af"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7924

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 23ms
22ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=jibundedekirukogao.dt25.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://jibundedekirukogao.dt25.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 22:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 23ms
22ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=jibundedekirukogao.dt25.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://jibundedekirukogao.dt25.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 22:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 384D 405 B
229 B 78ms
78ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=15&slotname=9751991989&adk=3845026852&adf=402710408&pi=t.ma~as.9751991989&w=728&lmt=1570747697&psa=0&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698147&bpp=2&bdt=528&idt=2&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=414&ady=87&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=ALZe2dgZqK&p=http%3A//jibundedekirukogao.dt25.net&dtd=9

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

475432c8ecef822f9cb8e555e070634a8413923fb0bf0339e98e71a6d4ef15c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8819204778002912&output=html&h=15&slotname=9751991989&adk=3845026852&adf=402710408&pi=t.ma~as.9751991989&w=728&lmt=1570747697&psa=0&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698147&bpp=2&bdt=528&idt=2&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=414&ady=87&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=ALZe2dgZqK&p=http%3A//jibundedekirukogao.dt25.net&dtd=9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://jibundedekirukogao.dt25.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://jibundedekirukogao.dt25.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Apr 2021 22:44:58 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUnP-dvFxX2vDUD0m1Jqg9xjswwciqcJ-D5SBa079_dgUm0JadbDyZD9I4f8vmk; expires=Sun, 15-May-2022 22:44:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Apr 2021 22:44:58 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C244 107 KB
35 KB 596ms
596ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=250&slotname=8561685583&adk=1410419542&adf=4274972013&pi=t.ma~as.8561685583&w=250&lmt=1570747697&psa=0&format=250x250&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698162&bpp=3&bdt=542&idt=3&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=647&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Po5asYNMzX&p=http%3A//jibundedekirukogao.dt25.net&dtd=7

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b92e946f69ea1fbc9737d09d01255f3aedf94d788d113008e7c9c36c9be365d5

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLOE8pDzjfACFcjluwgddAcAtw&gqi=all_YM3xCsqH7_UP4KW5kAc&layout=/sadbundle/%24csp%253Der3%24/5442514344972767536/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8819204778002912&output=html&h=250&slotname=8561685583&adk=1410419542&adf=4274972013&pi=t.ma~as.8561685583&w=250&lmt=1570747697&psa=0&format=250x250&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698162&bpp=3&bdt=542&idt=3&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=647&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Po5asYNMzX&p=http%3A//jibundedekirukogao.dt25.net&dtd=7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://jibundedekirukogao.dt25.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://jibundedekirukogao.dt25.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLOE8pDzjfACFcjluwgddAcAtw&gqi=all_YM3xCsqH7_UP4KW5kAc&layout=/sadbundle/%24csp%253Der3%24/5442514344972767536/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Apr 2021 22:44:58 GMT
server: cafe
content-length: 35364
x-xss-protection: 0
set-cookie: IDE=AHWqTUnTBLL6h_lHVeOxMu_-UCnFEQqoPbNljb8grovqN0l6dj-bcod-SEjzhyGXJHw; expires=Sun, 15-May-2022 22:44:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Apr 2021 22:44:58 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F8CD 63 KB
24 KB 187ms
187ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=250&slotname=3379513183&adk=3419604076&adf=2457737313&pi=t.ma~as.3379513183&w=250&lmt=1570747697&psa=0&format=250x250&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698173&bpp=1&bdt=553&idt=0&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=907&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=Vinoqbvu5c&p=http%3A//jibundedekirukogao.dt25.net&dtd=4

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

580b14eb9c0568105f93b9ecb9c213cc69a2ba961045dd1d866e2036d440dbbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8819204778002912&output=html&h=250&slotname=3379513183&adk=3419604076&adf=2457737313&pi=t.ma~as.3379513183&w=250&lmt=1570747697&psa=0&format=250x250&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698173&bpp=1&bdt=553&idt=0&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=907&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=Vinoqbvu5c&p=http%3A//jibundedekirukogao.dt25.net&dtd=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://jibundedekirukogao.dt25.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://jibundedekirukogao.dt25.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Apr 2021 22:44:58 GMT
server: cafe
content-length: 24786
x-xss-protection: 0
set-cookie: IDE=AHWqTUm8DzA4UUXQvkUbwWA6S1dQoTIp8XcgOvYhs14MuXZPCHWnMRgo0I6wqknRPjE; expires=Sun, 15-May-2022 22:44:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Apr 2021 22:44:58 GMT
cache-control: private

GET
H/1.1 200
OK h2_bg.gif
jibundedekirukogao.dt25.net/style/img/ 1 KB
2 KB 264ms
263ms Image
image/gif 210.188.201.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jibundedekirukogao.dt25.net/style/img/h2_bg.gif
Requested by: Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/style/css/base.css
Protocol: HTTP/1.1
Server: 210.188.201.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv82.xserver.jp
Software: nginx /
Resource Hash: cab74b4c1b5e1ffd31e4b19e6e20f56a7895cd7a301cbfd0ca901d26bf4622bd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jibundedekirukogao.dt25.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://jibundedekirukogao.dt25.net/style/css/base.css
Cookie: __gads=ID=a1941c347418daa0-2220e2ff2bbb00a5:T=1618958697:RT=1618958697:S=ALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jibundedekirukogao.dt25.net/style/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 22:44:58 GMT
Last-Modified: Thu, 02 May 2019 19:58:01 GMT
Server: nginx
ETag: "5aa-587ed0d297eae"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1450

GET
H/1.1 200
OK h3_bg.gif
jibundedekirukogao.dt25.net/style/img/ 52 B
286 B 261ms
261ms Image
image/gif 210.188.201.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jibundedekirukogao.dt25.net/style/img/h3_bg.gif
Requested by: Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/style/css/base.css
Protocol: HTTP/1.1
Server: 210.188.201.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv82.xserver.jp
Software: nginx /
Resource Hash: 4100200983407896b68dba6990abd1f94c96da85961db6d94718fda3eb4c462c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jibundedekirukogao.dt25.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://jibundedekirukogao.dt25.net/style/css/base.css
Cookie: __gads=ID=a1941c347418daa0-2220e2ff2bbb00a5:T=1618958697:RT=1618958697:S=ALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jibundedekirukogao.dt25.net/style/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 22:44:58 GMT
Last-Modified: Thu, 02 May 2019 19:58:01 GMT
Server: nginx
ETag: "34-587ed0d2b14ef"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52

GET
H/1.1 200
OK page_btn.gif
jibundedekirukogao.dt25.net/style/img/ 120 B
355 B 522ms
260ms Image
image/gif 210.188.201.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jibundedekirukogao.dt25.net/style/img/page_btn.gif
Requested by: Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/style/css/base.css
Protocol: HTTP/1.1
Server: 210.188.201.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv82.xserver.jp
Software: nginx /
Resource Hash: 92979cafefd4019ad1e8f1b2012125d62b48b3b2cbc4d765e9e5aaaf0bee688e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jibundedekirukogao.dt25.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://jibundedekirukogao.dt25.net/style/css/base.css
Cookie: __gads=ID=a1941c347418daa0-2220e2ff2bbb00a5:T=1618958697:RT=1618958697:S=ALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jibundedekirukogao.dt25.net/style/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 22:44:58 GMT
Last-Modified: Thu, 02 May 2019 19:58:01 GMT
Server: nginx
ETag: "78-587ed0d32e4f1"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 120

GET
H/1.1 404
Not Found side_title_bg.gif
jibundedekirukogao.dt25.net/style/img/ 3 KB
3 KB 530ms
522ms Image
text/html 210.188.201.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jibundedekirukogao.dt25.net/style/img/side_title_bg.gif
Requested by: Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/style/css/base.css
Protocol: HTTP/1.1
Server: 210.188.201.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv82.xserver.jp
Software: nginx /
Resource Hash: d365165afdcb6f4108f403153aa460fd81c69824524df90d8a9ed4853f82e49f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jibundedekirukogao.dt25.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://jibundedekirukogao.dt25.net/style/css/base.css
Cookie: __gads=ID=a1941c347418daa0-2220e2ff2bbb00a5:T=1618958697:RT=1618958697:S=ALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jibundedekirukogao.dt25.net/style/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 22:44:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Jul 2018 17:31:35 GMT
Server: nginx
ETag: W/"afe-571496f2aa9e3"
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK navies_li.gif
jibundedekirukogao.dt25.net/style/img/ 110 B
345 B 268ms
262ms Image
image/gif 210.188.201.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jibundedekirukogao.dt25.net/style/img/navies_li.gif
Requested by: Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/style/css/base.css
Protocol: HTTP/1.1
Server: 210.188.201.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv82.xserver.jp
Software: nginx /
Resource Hash: 3710d76ed137904196e68411fa784229749f004a0b4b16cfc191bbc273244f57

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jibundedekirukogao.dt25.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://jibundedekirukogao.dt25.net/style/css/base.css
Cookie: __gads=ID=a1941c347418daa0-2220e2ff2bbb00a5:T=1618958697:RT=1618958697:S=ALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jibundedekirukogao.dt25.net/style/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 22:44:58 GMT
Last-Modified: Thu, 02 May 2019 19:58:01 GMT
Server: nginx
ETag: "6e-587ed0d2f0c90"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FCC2 66 KB
25 KB 447ms
447ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=600&slotname=3613768783&adk=94595765&adf=282678229&pi=t.ma~as.3613768783&w=160&lmt=1570747697&psa=0&format=160x600&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698212&bpp=1&bdt=592&idt=1&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250%2C250x250&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=427&ady=374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=dkPsbXrGz9&p=http%3A//jibundedekirukogao.dt25.net&dtd=4

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57593cbc7d9b30be1eb7107934c823297e04d0e5a310f3d5428aa37cd3429b28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8819204778002912&output=html&h=600&slotname=3613768783&adk=94595765&adf=282678229&pi=t.ma~as.3613768783&w=160&lmt=1570747697&psa=0&format=160x600&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698212&bpp=1&bdt=592&idt=1&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250%2C250x250&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=427&ady=374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=dkPsbXrGz9&p=http%3A//jibundedekirukogao.dt25.net&dtd=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://jibundedekirukogao.dt25.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://jibundedekirukogao.dt25.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Apr 2021 22:44:58 GMT
server: cafe
content-length: 25320
x-xss-protection: 0
set-cookie: IDE=AHWqTUm72MnDTKv2VzgWkU7xswV2WMYWFrzlk3LpfW5KjIbaifAMW3e56HrhtdLOUkk; expires=Sun, 15-May-2022 22:44:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Apr 2021 22:44:58 GMT
cache-control: private

GET
H/1.1 200
OK footer_bg.jpg
jibundedekirukogao.dt25.net/style/img/ 376 B
613 B 264ms
263ms Image
image/jpeg 210.188.201.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jibundedekirukogao.dt25.net/style/img/footer_bg.jpg
Requested by: Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/style/css/base.css
Protocol: HTTP/1.1
Server: 210.188.201.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv82.xserver.jp
Software: nginx /
Resource Hash: 570eb65eeda36596fbd65b7187972092ea068478cbad5f6dd3fc3149cd0ae572

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jibundedekirukogao.dt25.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://jibundedekirukogao.dt25.net/style/css/base.css
Cookie: __gads=ID=a1941c347418daa0-2220e2ff2bbb00a5:T=1618958697:RT=1618958697:S=ALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jibundedekirukogao.dt25.net/style/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 22:44:58 GMT
Last-Modified: Thu, 02 May 2019 19:58:01 GMT
Server: nginx
ETag: "178-587ed0d28174e"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 376

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E710 101 KB
28 KB 284ms
284ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=90&slotname=9366493185&adk=2171484123&adf=2334505472&pi=t.ma~as.9366493185&w=728&lmt=1570747697&psa=0&format=728x90&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698220&bpp=6&bdt=600&idt=6&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250%2C250x250%2C160x600&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=ktBDZfCbtr&p=http%3A//jibundedekirukogao.dt25.net&dtd=9

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a53510991dfb30ec6fb4970d9592c74c4a0e2888ce4a40bd4502d83f9cec88e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8819204778002912&output=html&h=90&slotname=9366493185&adk=2171484123&adf=2334505472&pi=t.ma~as.9366493185&w=728&lmt=1570747697&psa=0&format=728x90&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698220&bpp=6&bdt=600&idt=6&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250%2C250x250%2C160x600&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=ktBDZfCbtr&p=http%3A//jibundedekirukogao.dt25.net&dtd=9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://jibundedekirukogao.dt25.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://jibundedekirukogao.dt25.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Apr 2021 22:44:58 GMT
server: cafe
content-length: 28599
x-xss-protection: 0
set-cookie: IDE=AHWqTUk8E5JiDNezMkJt2Dj0jPHoqGFyJsHFgGBpodo6lJ-3sMHX3r5gXEWtqjhHFhU; expires=Sun, 15-May-2022 22:44:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Apr 2021 22:44:58 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B944 405 B
224 B 43ms
43ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=15&slotname=9751991989&adk=2477136073&adf=3017637576&pi=t.ma~as.9751991989&w=728&lmt=1570747697&psa=0&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698232&bpp=1&bdt=613&idt=1&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250%2C250x250%2C160x600%2C728x90&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=czzRupCMsM&p=http%3A//jibundedekirukogao.dt25.net&dtd=5

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e539561f9d9e891e8a97f5f9d15122e6217f29bde333203384871bd2e3d0d079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8819204778002912&output=html&h=15&slotname=9751991989&adk=2477136073&adf=3017637576&pi=t.ma~as.9751991989&w=728&lmt=1570747697&psa=0&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698232&bpp=1&bdt=613&idt=1&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250%2C250x250%2C160x600%2C728x90&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=czzRupCMsM&p=http%3A//jibundedekirukogao.dt25.net&dtd=5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://jibundedekirukogao.dt25.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnP-dvFxX2vDUD0m1Jqg9xjswwciqcJ-D5SBa079_dgUm0JadbDyZD9I4f8vmk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://jibundedekirukogao.dt25.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Apr 2021 22:44:58 GMT
server: cafe
content-length: 204
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 11334865311486290702
tpc.googlesyndication.com/simgad/ Frame F8CD 145 KB
146 KB 8ms
7ms Image
image/gif 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11334865311486290702

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=250&slotname=3379513183&adk=3419604076&adf=2457737313&pi=t.ma~as.3379513183&w=250&lmt=1570747697&psa=0&format=250x250&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698173&bpp=1&bdt=553&idt=0&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=907&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=Vinoqbvu5c&p=http%3A//jibundedekirukogao.dt25.net&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c9e93bee32bf4a67a4ff4436abd3e6200e88b795e00615045613dd06afca846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:40 GMT
x-content-type-options: nosniff
age: 218478
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148967
x-xss-protection: 0
last-modified: Thu, 21 May 2020 04:35:29 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Apr 2022 10:03:40 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame F8CD 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:41:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 5240039360651012885
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 22:41:09 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame F8CD 2 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 22:42:19 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F8CD 118 KB
36 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Tue, 20 Apr 2021 22:44:58 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame F8CD 13 KB
6 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 22:41:23 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame F8CD 25 KB
10 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95f66b0fd918f7a6d36f22a9ac49210439d74085bf0fedd1dec6061918f20c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 15:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10490
x-xss-protection: 0
server: cafe
etag: 4192951226220979311
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 15:58:04 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame F8CD 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwBhXall_YPfkC9vN7_UP0OKdqAGn0KDKYars76_iDBQQASD7rq4gYJWK-IGUB6AB8YP9lQPIAQOoAwHIA8kEqgTXAU_Q5bhbNp-tQxuj_DwqpGmkZwXmCrbIgLXmMZr8uvZN8qpTsJLF02X646zGfetFTE2kR8D-IFd6y9qKoH98cmHjMq-kGCkLnFMadbiuVi4MtBKR86lx-bDbVyuRrIw9yoj87i_xgDIR_W2bAFoTvWFJNJSF4ml14FcEwRMF5VhrUpP6vcAVcN66-huOoCgqs2XriPbHGg0njYFQgJuV5HUiJ1nSsp4L_3XgOXu4lemjDyW68blymRH1kO4s0eM3sx8Mchx7nCtPmbozW0pHEk-4UbHiPXIRwAS8-JDBsgKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGA4AHz-LTjwGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ2YsI0ggJCIDhgBAQARgfgAoByAsB2BMMshcaChgIABIUcHViLTg4MTkyMDQ3NzgwMDI5MTI&sigh=QD_SR3o5hWI

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=250&slotname=3379513183&adk=3419604076&adf=2457737313&pi=t.ma~as.3379513183&w=250&lmt=1570747697&psa=0&format=250x250&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698173&bpp=1&bdt=553&idt=0&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=907&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=Vinoqbvu5c&p=http%3A//jibundedekirukogao.dt25.net&dtd=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 20 Apr 2021 22:44:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1EAB 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=250&slotname=3379513183&adk=3419604076&adf=2457737313&pi=t.ma~as.3379513183&w=250&lmt=1570747697&psa=0&format=250x250&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698173&bpp=1&bdt=553&idt=0&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=907&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=Vinoqbvu5c&p=http%3A//jibundedekirukogao.dt25.net&dtd=4
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm8DzA4UUXQvkUbwWA6S1dQoTIp8XcgOvYhs14MuXZPCHWnMRgo0I6wqknRPjE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=250&slotname=3379513183&adk=3419604076&adf=2457737313&pi=t.ma~as.3379513183&w=250&lmt=1570747697&psa=0&format=250x250&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698173&bpp=1&bdt=553&idt=0&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=907&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=Vinoqbvu5c&p=http%3A//jibundedekirukogao.dt25.net&dtd=4

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 20 Apr 2021 22:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 939
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 95C0 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 20 Apr 2021 16:59:40 GMT
expires: Wed, 21 Apr 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 20718
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1EAB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm8DzA4UUXQvkUbwWA6S1dQoTIp8XcgOvYhs14MuXZPCHWnMRgo0I6wqknRPjE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 20 Apr 2021 22:44:58 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 20-Apr-2021 23:44:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Apr 2021 22:44:58 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 20 Apr 2021 22:44:58 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 95C0 35 B
463 B 22ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEA2sbIXZNos2n-bBNDiIrvc&google_cver=1&google_push=AQvitULGRPcUYudR5L1dxm8uksuxFKPEnJmtlDQOs4RyeRepKC9kakpTuAdKjoEJ9Bv7h29EDcW-EukdFuKwoTYNDODZh03RxmQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:58 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 95C0
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESELfEpv1-Bej5CPAkoad9Njk&google_cver=1&google_push=AQvitUKvW4_6dhxo-LGP3pVcrxWqgzvHP1enA6TSBwturBAixoYryAVc2cx8YfJNVD0Mp7XiQIqVX-WUoRe2PDvJb3ix75p90s8o
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUKvW4_6dhxo-LGP3pVcrxWqgzvHP1enA6TSBwturBAixoYryAVc2cx8YfJNVD0Mp7XiQIqVX-WUoRe2PDvJb3ix75p90s8o&google_hm=Q0FFU0VMZkVwdjEtQmVqN...

170 B
188 B

61ms
61ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUKvW4_6dhxo-LGP3pVcrxWqgzvHP1enA6TSBwturBAixoYryAVc2cx8YfJNVD0Mp7XiQIqVX-WUoRe2PDvJb3ix75p90s8o&google_hm=Q0FFU0VMZkVwdjEtQmVqNUNQQWtvYWQ5Tmpr

Requested by

Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 22:44:58 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUKvW4_6dhxo-LGP3pVcrxWqgzvHP1enA6TSBwturBAixoYryAVc2cx8YfJNVD0Mp7XiQIqVX-WUoRe2PDvJb3ix75p90s8o&google_hm=Q0FFU0VMZkVwdjEtQmVqNUNQQWtvYWQ5Tmpr
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 95C0
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESED7fEPW3EnPUIZL4gQkwW_c&google_cver=1&google_push=AQvitULWu4uNMvBX5sJzMlKzuKSCswuDQ2Pw_3UthJmJrP1ZGnHKiOMWPwWMaAEM_e8zHoBKx0VkpztQqJdMZignstpNAB7qUwQ
https://rtb.openx.net/sync/dds?google_gid=CAESED7fEPW3EnPUIZL4gQkwW_c&google_cver=1&google_push=AQvitULWu4uNMvBX5sJzMlKzuKSCswuDQ2Pw_3UthJmJrP1ZGnHKiOMWPwWMaAEM_e8zHoBKx0VkpztQqJdMZignstpNAB7qUwQ&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULWu4uNMvBX5sJzMlKzuKSCswuDQ2Pw_3UthJmJrP1ZGnHKiOMWPwWMaAEM_e8zHoBKx0VkpztQqJdMZignstpNAB7qUwQ&google_hm=P2KzklxTz18kSqo5VnWPMg==

170 B
188 B

52ms
52ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULWu4uNMvBX5sJzMlKzuKSCswuDQ2Pw_3UthJmJrP1ZGnHKiOMWPwWMaAEM_e8zHoBKx0VkpztQqJdMZignstpNAB7qUwQ&google_hm=P2KzklxTz18kSqo5VnWPMg==

Requested by

Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:57 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULWu4uNMvBX5sJzMlKzuKSCswuDQ2Pw_3UthJmJrP1ZGnHKiOMWPwWMaAEM_e8zHoBKx0VkpztQqJdMZignstpNAB7qUwQ&google_hm=P2KzklxTz18kSqo5VnWPMg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 4faj49joq7e2volaaetpt3v94p3kqci2

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 95C0
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z4O9Q2ClQouTSKZnTSd9WA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

54ms
54ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z4O9Q2ClQouTSKZnTSd9WA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKniHJrjlFK0bO_EVRd7tNNVQAfJWHJJBN5hSHgygttdu3G2H7w8urkTATJSkouFy661DMHQVA8P1Pwsi20G5p_RdV3J8o

Requested by

Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z4O9Q2ClQouTSKZnTSd9WA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKniHJrjlFK0bO_EVRd7tNNVQAfJWHJJBN5hSHgygttdu3G2H7w8urkTATJSkouFy661DMHQVA8P1Pwsi20G5p_RdV3J8o
Date: Tue, 20 Apr 2021 22:44:58 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 95C0
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOhJzoPrgODd3Mfn_Iryb0U&google_cver=1&google_push=AQvitUI5r9W2Os_VxzGWOQSokosUjgROInNzyRTgWynM-WOSdJye8TKnl8IyCtoiTNpRTJ5_LXb...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05RTTdJTkMtVC0xUEZZ&google_push=AQvitUI5r9W2Os_VxzGWOQSokosUjgROInNzyRTgWynM-WOSdJye8TKnl8IyCtoiTNpRTJ5_LXbrVHKEh3srPICtU7PpZIfAEjyO

170 B
188 B

63ms
63ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05RTTdJTkMtVC0xUEZZ&google_push=AQvitUI5r9W2Os_VxzGWOQSokosUjgROInNzyRTgWynM-WOSdJye8TKnl8IyCtoiTNpRTJ5_LXbrVHKEh3srPICtU7PpZIfAEjyO

Requested by

Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05RTTdJTkMtVC0xUEZZ&google_push=AQvitUI5r9W2Os_VxzGWOQSokosUjgROInNzyRTgWynM-WOSdJye8TKnl8IyCtoiTNpRTJ5_LXbrVHKEh3srPICtU7PpZIfAEjyO
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 95C0
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIrszL6UCOk6HZP4ke1ofdE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIrszL6UCOk6HZP4ke1ofdE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH9Zaj85siOvnQ6nyDhw8QAABJIAAAAB&google_cver=1&google_push=AQvitUJMoZRh3D64H3aQeCS-nDjUyjvwdf0GCdbrzdZ5iQ43laPU8UWC7s2w_aHQH0GAkXFnlv1C...

170 B
188 B

53ms
52ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH9Zaj85siOvnQ6nyDhw8QAABJIAAAAB&google_cver=1&google_push=AQvitUJMoZRh3D64H3aQeCS-nDjUyjvwdf0GCdbrzdZ5iQ43laPU8UWC7s2w_aHQH0GAkXFnlv1CfRu2o5UaWathsOrGHkeu3MA&google_gid=CAESEIrszL6UCOk6HZP4ke1ofdE

Requested by

Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 22:44:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH9Zaj85siOvnQ6nyDhw8QAABJIAAAAB&google_cver=1&google_push=AQvitUJMoZRh3D64H3aQeCS-nDjUyjvwdf0GCdbrzdZ5iQ43laPU8UWC7s2w_aHQH0GAkXFnlv1CfRu2o5UaWathsOrGHkeu3MA&google_gid=CAESEIrszL6UCOk6HZP4ke1ofdE
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Tue, 20 Apr 2021 22:44:58 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 95C0 43 B
296 B 64ms
20ms Image
image/gif 2a05:d01c:1d8:8102:5642:8a73:6264:9a1f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEFepUM41US5bxRGlYXdjyGQ&google_cver=1&google_push=AQvitUJa9KQ6nY_kqhTShnFXzAXUb0-mxVDoU-VeOK9iuZpZdrZ1DAfVL-DcLuJKsPRhFhCFHiwv8rJ05opFzdcxF-ESr_qCOVBi
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=250&slotname=3379513183&adk=3419604076&adf=2457737313&pi=t.ma~as.3379513183&w=250&lmt=1570747697&psa=0&format=250x250&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698173&bpp=1&bdt=553&idt=0&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=907&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=Vinoqbvu5c&p=http%3A//jibundedekirukogao.dt25.net&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:5642:8a73:6264:9a1f London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:58 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 95C0 0
236 B 120ms
45ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JbV90Q1P1VXlEkS1soozS8WCdddy4T073Qzr2t75PnISDNB5U9ppwFh63Yj0M_ihuUpiKH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:44:58 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame F8CD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4565e14be4a0f150b2dfad26516f548fc08d38acaa3c94d409f8319bfff1f0f7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame A79A 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:09:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 2115
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Wed, 20 Apr 2022 22:09:43 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E710 2 KB
627 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=90&slotname=9366493185&adk=2171484123&adf=2334505472&pi=t.ma~as.9366493185&w=728&lmt=1570747697&psa=0&format=728x90&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698220&bpp=6&bdt=600&idt=6&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250%2C250x250%2C160x600&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=ktBDZfCbtr&p=http%3A//jibundedekirukogao.dt25.net&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 21:09:43 GMT
server: ESF
date: Tue, 20 Apr 2021 22:44:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Apr 2021 22:44:58 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame E710 1 KB
909 B 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 880
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 22:30:18 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame E710 17 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:41:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 5240039360651012885
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 22:41:09 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame E710 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 22:42:19 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E710 118 KB
36 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Tue, 20 Apr 2021 22:44:58 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame E710 13 KB
5 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 22:41:23 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame E710 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQCffQRsue9-4Z4eGbXgOHC6nUIWqeybt1ZNUiQqNyuAnEVcHKIinitZBtC7QDGjV0KBpqzDjv-GOxv_zxY7UkwjIXRcQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=90&slotname=9366493185&adk=2171484123&adf=2334505472&pi=t.ma~as.9366493185&w=728&lmt=1570747697&psa=0&format=728x90&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698220&bpp=6&bdt=600&idt=6&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250%2C250x250%2C160x600&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=ktBDZfCbtr&p=http%3A//jibundedekirukogao.dt25.net&dtd=9
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 b42b11247d0ebeb7b44892ca7e629453.js Show response
www.gstatic.com/mysidia/ Frame E710 25 KB
11 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b42b11247d0ebeb7b44892ca7e629453.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 01:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 10:35:46 GMT
server: sffe
age: 78202
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10497
x-xss-protection: 0
expires: Mon, 19 Jul 2021 01:01:36 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame E710 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzWx4all_YNb3DuqX7_UP0LO70Af8_bWlYovAzeesDJ_EgbaVHRABIPuuriBglYr4gZQHoAH_9P2ZA8gBCakCC92VFB8wtD6oAwHIA8sEqgTGAU_QXAorauf0dh906rRmPEBzmACu2kTBj91lMLQZruOLarh-fYsEgfFc2jjvZgkmud7ySfv9Z3vF388LtsmGAOiBZrC4xREqp3pgPoz8zk68E90R8orj0c8fqbvcv9G75lNFupP1AaGs3PN6ztSYkzGqIwh-xyxkX37A7ZsUly1vwFsvDRf0z3hUdj1f3zS0mG-f6bnufacLOVouxgkH4FfPhqmmSWxxgStsQtU6GlMcXIw1GVNDEXDWr3gPn3A3cde722CRG8AE1LrA17MDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_yRlzaoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEPC_CtIICQiA4YAQEAEYH4AKAcgLAdgTDIgUBrIXGgoYCAASFHB1Yi04ODE5MjA0Nzc4MDAyOTEy&sigh=_5CHNVWOZoc&template_id=494

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=90&slotname=9366493185&adk=2171484123&adf=2334505472&pi=t.ma~as.9366493185&w=728&lmt=1570747697&psa=0&format=728x90&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698220&bpp=6&bdt=600&idt=6&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250%2C250x250%2C160x600&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=ktBDZfCbtr&p=http%3A//jibundedekirukogao.dt25.net&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 20 Apr 2021 22:44:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame E710 28 KB
29 KB 28ms
6ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTzd4PGroHLrTfDP6I886gIU1pGmSmUADow2EQZmIR_BCz2OkTH&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac5f0aa0276496205434d1d0fbc8b3ebbe0cd8e69f1790179fa39917883edc0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:03:03 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Jan 2021 13:10:59 GMT
server: sffe
age: 506515
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28915
x-xss-protection: 0
expires: Fri, 15 Apr 2022 02:03:03 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame E710 22 KB
23 KB 27ms
5ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT_j6_c6T-OXgdfqDeI3bK7LGf3Qj7CykpSneDYIfCPBRhDfWAOYALJxTBVeQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a208335c1d937edec163ebf48e3927a2c1f60438ee2be002fb6041ed2143fe49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 16:40:45 GMT
x-content-type-options: nosniff
last-modified: Sat, 07 Nov 2020 10:00:17 GMT
server: sffe
age: 367453
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22909
x-xss-protection: 0
expires: Sat, 16 Apr 2022 16:40:45 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame E710 20 KB
20 KB 32ms
10ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcR4Xm_7-uXxZYmSAziwOoeE18rBLS1bP2dGT5T597C5a6hHMPeYuX58HcehYQk&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1205c7e29c59fc035d0d1c0a24e1c03f2875c9d0cb169ba8d9b6d100b9622ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Fri, 22 Jan 2021 11:14:42 GMT
server: sffe
age: 218480
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20731
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame E710 19 KB
19 KB 27ms
6ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRjNR1erLEujdL6EQKwypJGa1DcX0EcA0McXOUBc33Pt6BVSVqrpH8dKjaSPg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91924861d5504e2065b04fe15d2e9ef151446597028e52ec06d0b516d7dbb6f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 07:48:20 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 Jul 2018 11:32:43 GMT
server: sffe
age: 53798
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19259
x-xss-protection: 0
expires: Wed, 20 Apr 2022 07:48:20 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame E710 102 KB
102 KB 37ms
15ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSHRZosEcJ4qXT7FDHOKSCLuItHc04-K6ZIohNUadhaEH6D91ymH3BQ1yvKPQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9e09a9aa0c4cb7f3a0e569ba4994adb8d033a742b09f17985b8fae4967dabe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 07:13:48 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 02:18:19 GMT
server: sffe
age: 55870
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104291
x-xss-protection: 0
expires: Wed, 20 Apr 2022 07:13:48 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame E710 35 KB
36 KB 28ms
6ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQY6XG-ZFeyBbRlMGMVaSTdhVr_leZJCxr2kLsM4MuBG0kh15y6AksQqvtxPQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6ef9733e59d476e8be5ca37d114f9d7814ee6745261ecb007f934e7fbb5d29f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 07:01:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 16:22:54 GMT
server: sffe
age: 56618
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36136
x-xss-protection: 0
expires: Wed, 20 Apr 2022 07:01:20 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame E710 63 KB
63 KB 32ms
11ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRgZRfOxhon5qMBVR-yjjXQvB0xaqtl_dMhfaYbTADq-J4si-YkxvWBTP2svQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92777840820a41fd3ab58ccc2a4d8ac93890bf6aa3af28ee80c5e5baa8e1022f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:04:06 GMT
x-content-type-options: nosniff
last-modified: Fri, 29 Jan 2021 08:47:32 GMT
server: sffe
age: 506452
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64571
x-xss-protection: 0
expires: Fri, 15 Apr 2022 02:04:06 GMT

GET
H3-29

200

778386939095909474
tpc.googlesyndication.com/simgad/ Frame E710
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrk9_CyQEQsAkYsAkyCAHYambP8BMk
https://tpc.googlesyndication.com/simgad/778386939095909474

70 KB
70 KB

8ms
7ms

Image
image/jpeg

2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/778386939095909474

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ec24c654f0e2575395675bd259dd78049b429ea254686a0cea8ddc55317f320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
age: 218480
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71581
x-xss-protection: 0
last-modified: Wed, 19 Dec 2018 14:57:26 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Apr 2022 10:03:38 GMT

Redirect headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 21:52:32 GMT
x-content-type-options: nosniff
server: cafe
age: 3146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/778386939095909474
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 20 May 2021 21:52:32 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 057E 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 20 Apr 2021 16:59:40 GMT
expires: Wed, 21 Apr 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 20718
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E710 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 071f23c62d0446ea9ab03f3d77906007089f24c086ba11d833b931beb27ea1fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame E710 20 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 23:13:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
age: 84682
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Tue, 19 Apr 2022 23:13:36 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 057E
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED0lWP_uCACeZCviUCctqRI&google_cver=1&google_push=AQvitUJfoZ2AgYbV4K4ubdna1p5-IGLd-sWuNJKtSNKht40XwP6k63MpGz...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUJfoZ2AgYbV4K4ubdna1p5-IGLd-sWuNJKtSNKht40XwP6k63MpGzr98sryRzYA5bGIz_lQ2V8qxkizevKPran3W4KTm8E&google_hm=LhnJmc8...

170 B
188 B

52ms
52ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUJfoZ2AgYbV4K4ubdna1p5-IGLd-sWuNJKtSNKht40XwP6k63MpGzr98sryRzYA5bGIz_lQ2V8qxkizevKPran3W4KTm8E&google_hm=LhnJmc8KYB3EeeQvNVq0bw

Requested by

Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUJfoZ2AgYbV4K4ubdna1p5-IGLd-sWuNJKtSNKht40XwP6k63MpGzr98sryRzYA5bGIz_lQ2V8qxkizevKPran3W4KTm8E&google_hm=LhnJmc8KYB3EeeQvNVq0bw
pragma: no-cache
date: Tue, 20 Apr 2021 22:44:58 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 057E
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUKbGcCv...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUKbGcCv...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MjAyMjQ0NTk0OTUzOTExODAxMzMyNw%3D%3D&google_push=AQvitUKbGcCv_Qf-6K0so6aGvLlxsRMbW1Jz0ojW4pwearb3eNLzgzMbflpEbpDInWTytd...

170 B
188 B

53ms
53ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MjAyMjQ0NTk0OTUzOTExODAxMzMyNw%3D%3D&google_push=AQvitUKbGcCv_Qf-6K0so6aGvLlxsRMbW1Jz0ojW4pwearb3eNLzgzMbflpEbpDInWTytd17YOek7mQDow_JMjAaJ8mfasdI_-8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MjAyMjQ0NTk0OTUzOTExODAxMzMyNw%3D%3D&google_push=AQvitUKbGcCv_Qf-6K0so6aGvLlxsRMbW1Jz0ojW4pwearb3eNLzgzMbflpEbpDInWTytd17YOek7mQDow_JMjAaJ8mfasdI_-8
Pragma: no-cache
Date: Tue, 20 Apr 2021 22:44:59 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 057E 43 B
324 B 133ms
42ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESENzfhhVnZuvklYWDgQJWoSw&google_push=AQvitUKTygaA8g-L5pxzL0YDNUbAyF4I7IQNKq9DVAN1oNvvnYtKbjbmduFtQEnP03dcXV0G9xJXLTj1Pp-ZGBFpIQXLWYWIaB0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=90&slotname=9366493185&adk=2171484123&adf=2334505472&pi=t.ma~as.9366493185&w=728&lmt=1570747697&psa=0&format=728x90&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698220&bpp=6&bdt=600&idt=6&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250%2C250x250%2C160x600&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=ktBDZfCbtr&p=http%3A//jibundedekirukogao.dt25.net&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:58 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 057E
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEPw-fSzqDj3jgMleTPJYf4w&google_cver=1&google_push=AQvitUKTEI5cjcYiD7b58-33NwYsddkQb6MPjN1ftzCBFtdImUpiMMVhDkkxP8FeLK6GlpsRWKWFmH16owyz7oTNUUP31sCUCbI
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKTEI5cjcYiD7b58-33NwYsddkQb6MPjN1ftzCBFtdImUpiMMVhDkkxP8FeLK6GlpsRWKWFmH16owyz7oTNUUP31sCUCbI&google_hm=P2KzklxTz18kSqo5VnWPMg==

170 B
188 B

53ms
52ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKTEI5cjcYiD7b58-33NwYsddkQb6MPjN1ftzCBFtdImUpiMMVhDkkxP8FeLK6GlpsRWKWFmH16owyz7oTNUUP31sCUCbI&google_hm=P2KzklxTz18kSqo5VnWPMg==

Requested by

Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:58 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKTEI5cjcYiD7b58-33NwYsddkQb6MPjN1ftzCBFtdImUpiMMVhDkkxP8FeLK6GlpsRWKWFmH16owyz7oTNUUP31sCUCbI&google_hm=P2KzklxTz18kSqo5VnWPMg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 71ho0d242gkgq1gjcu0a9s19deamcrm8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 057E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z4O9Q2ClQouTSKZnTSd9WA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

53ms
53ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z4O9Q2ClQouTSKZnTSd9WA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKyq-JdIKg7PEeFXpiCEPlFaQfXZ7075kzQpiGQz4LdJZt2A6ArjMmKP4DI6lWSkpq-xQ5qiFaAKoZmOjkf40LDJIPGueI

Requested by

Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z4O9Q2ClQouTSKZnTSd9WA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKyq-JdIKg7PEeFXpiCEPlFaQfXZ7075kzQpiGQz4LdJZt2A6ArjMmKP4DI6lWSkpq-xQ5qiFaAKoZmOjkf40LDJIPGueI
Date: Tue, 20 Apr 2021 22:44:57 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 057E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEn4VUSKls0drCJLUkv__bk&google_cver=1&google_push=AQvitUKhzAU7YJcEb2yPyu7fKfZkmhXP3_ZrRBYy3TGK_enBH4kZjeCu28aHggoV8R_0RuVK5d0...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05RTTdJUlItMUwtN0pHNQ==&google_push=AQvitUKhzAU7YJcEb2yPyu7fKfZkmhXP3_ZrRBYy3TGK_enBH4kZjeCu28aHggoV8R_0RuVK5d0WmD0NvyICMjXMlQ9Hu9xNU0w

170 B
188 B

53ms
52ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05RTTdJUlItMUwtN0pHNQ==&google_push=AQvitUKhzAU7YJcEb2yPyu7fKfZkmhXP3_ZrRBYy3TGK_enBH4kZjeCu28aHggoV8R_0RuVK5d0WmD0NvyICMjXMlQ9Hu9xNU0w

Requested by

Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05RTTdJUlItMUwtN0pHNQ==&google_push=AQvitUKhzAU7YJcEb2yPyu7fKfZkmhXP3_ZrRBYy3TGK_enBH4kZjeCu28aHggoV8R_0RuVK5d0WmD0NvyICMjXMlQ9Hu9xNU0w
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 057E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEOhAjqg_CGG6Y9aQ5uxGmE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH9Zaj85siOvnQ6nyDhw8QAABJIAAAAB&google_push=AQvitUJ5m_V06Go9hHGx8PhvwG5yXPrxT1-m79_VhxZRx7TVVzUWXnL0g1slaqM1-G4sFWC0FN5bPdfYKW-1mbkfI_...

170 B
188 B

54ms
54ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH9Zaj85siOvnQ6nyDhw8QAABJIAAAAB&google_push=AQvitUJ5m_V06Go9hHGx8PhvwG5yXPrxT1-m79_VhxZRx7TVVzUWXnL0g1slaqM1-G4sFWC0FN5bPdfYKW-1mbkfI_MLm56HHow&google_gid=CAESEEOhAjqg_CGG6Y9aQ5uxGmE&google_cver=1

Requested by

Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 22:44:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH9Zaj85siOvnQ6nyDhw8QAABJIAAAAB&google_push=AQvitUJ5m_V06Go9hHGx8PhvwG5yXPrxT1-m79_VhxZRx7TVVzUWXnL0g1slaqM1-G4sFWC0FN5bPdfYKW-1mbkfI_MLm56HHow&google_gid=CAESEEOhAjqg_CGG6Y9aQ5uxGmE&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Tue, 20 Apr 2021 22:44:58 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 057E 0
12 B 52ms
50ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JlUom6qByspfDxA7HdRma9XS2OWGikC4644rA6yNBL7lbaS0FVHPMWbw7cZusx5E-85i8c

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:44:58 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 1286492535351366749
tpc.googlesyndication.com/daca_images/simgad/ Frame FCC2 37 KB
38 KB 8ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/1286492535351366749

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=600&slotname=3613768783&adk=94595765&adf=282678229&pi=t.ma~as.3613768783&w=160&lmt=1570747697&psa=0&format=160x600&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698212&bpp=1&bdt=592&idt=1&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250%2C250x250&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=427&ady=374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=dkPsbXrGz9&p=http%3A//jibundedekirukogao.dt25.net&dtd=4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d11af42c1c7b88329a1843400e8f37920ecaaeef0a1875e56eb4bb955b547c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 08:12:54 GMT
x-content-type-options: nosniff
age: 484324
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38378
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:48:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Apr 2022 08:12:54 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame FCC2 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:41:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 5240039360651012885
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 22:41:09 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame FCC2 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 22:42:19 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FCC2 118 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Tue, 20 Apr 2021 22:44:58 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame FCC2 13 KB
5 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 22:41:23 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame FCC2 25 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95f66b0fd918f7a6d36f22a9ac49210439d74085bf0fedd1dec6061918f20c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 15:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10490
x-xss-protection: 0
server: cafe
etag: 4192951226220979311
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 15:58:04 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame FCC2 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVq8Call_YJugDuSL7_UP8Y6OiAeCwqKlYpOuooCuDRQQASD7rq4gYJWK-IGUB6ABg96Y7QLIAQKpApcMVsHgLrQ-qAMByAPJBKoExwFP0DA_3-Hybb-NPFRFhOgGVYBW-cE5YWOqR3SvUa_uwY3QK4gSr3ZzwsTw807ro-ODerkRhF7UKQtY4p-qf-rFc5PJx24seatEHZv4jJAmFCwbUimMLO9S745x4pcwo0FWE4BrAW7q-IwRuL70xSjYR-hQeZ9GPgZHvNHxhGvwzDw9g-VXPvQIiNKI8VWBi6zKSJE8MoHw9JOfJk7pi9XCfZjzipPp8YjW7JIG9-n9ETP9hRqTER1eOKCr8qguLp_4Z6PkXpCPwATHxrHQugOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHksXedqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBC3_BPSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItODgxOTIwNDc3ODAwMjkxMg&sigh=_iAWS7Nfgy0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=600&slotname=3613768783&adk=94595765&adf=282678229&pi=t.ma~as.3613768783&w=160&lmt=1570747697&psa=0&format=160x600&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698212&bpp=1&bdt=592&idt=1&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250%2C250x250&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=427&ady=374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=dkPsbXrGz9&p=http%3A//jibundedekirukogao.dt25.net&dtd=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 20 Apr 2021 22:44:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame 65D4 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:09:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 2115
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Wed, 20 Apr 2022 22:09:43 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EF78 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=600&slotname=3613768783&adk=94595765&adf=282678229&pi=t.ma~as.3613768783&w=160&lmt=1570747697&psa=0&format=160x600&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698212&bpp=1&bdt=592&idt=1&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250%2C250x250&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=427&ady=374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=dkPsbXrGz9&p=http%3A//jibundedekirukogao.dt25.net&dtd=4
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUm72MnDTKv2VzgWkU7xswV2WMYWFrzlk3LpfW5KjIbaifAMW3e56HrhtdLOUkk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=600&slotname=3613768783&adk=94595765&adf=282678229&pi=t.ma~as.3613768783&w=160&lmt=1570747697&psa=0&format=160x600&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698212&bpp=1&bdt=592&idt=1&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0%2C250x250%2C250x250&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=427&ady=374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=dkPsbXrGz9&p=http%3A//jibundedekirukogao.dt25.net&dtd=4

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 20 Apr 2021 22:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 939
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2234 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 20 Apr 2021 16:59:40 GMT
expires: Wed, 21 Apr 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 20718
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame FCC2 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83396cc7152420a2d5cba35aace831d8391ca785a3d73a7e1b4278a1d57d8ab9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/ Frame 7812 11 KB
3 KB 12ms
12ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html

Requested by

Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dd3fa0ac0babf2ccc9285caa721a145c225a7d5207e9a662f32bf6e8b99e56e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/5442514344972767536/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2960
date: Fri, 16 Apr 2021 22:01:33 GMT
expires: Sat, 16 Apr 2022 22:01:33 GMT
last-modified: Thu, 11 Feb 2021 09:56:43 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 348205
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 943B 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CETaXall_YLOnC8jL7_UP9I6AuAuNpPKkYcaqg96rDfDtxMedFhABIPuuriBglYr4gZQHoAGj1rDEA8gBCakClwxWweAutD6oAwHIA0iqBM8BT9DyKfn7FZ40Gvg6tMi0mw2Akldvq_e_HUezWfSZAw8whUBNmv7TElDHoFTzNhpjPiOgrSmP76JCy_QC8e3C3hPNmmG4DbG2fn_3l6VtFqlukqDUq4woJ09SC7yT8GVMV3u0d8otpEfPNJ6EeAKRuu9PMiZo1SQSy2cQxFo2KFgGseutm514qC5X8PS2KDE0CzID_o3JE4cMkR6H6EPQzaqCKF9XMLY0rLkaRe2840mcPemmva1KMy3kVxNqM_N4CBZg6dBMJ5Gx8gzuI-phwATHz7S-sgKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHxanPO6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDFpBzSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItODgxOTIwNDc3ODAwMjkxMg&sigh=2MiGpYGiST4&template_id=419

Requested by

Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=250&slotname=8561685583&adk=1410419542&adf=4274972013&pi=t.ma~as.8561685583&w=250&lmt=1570747697&psa=0&format=250x250&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698162&bpp=3&bdt=542&idt=3&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=647&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Po5asYNMzX&p=http%3A//jibundedekirukogao.dt25.net&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 20 Apr 2021 22:44:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame 943B 17 KB
7 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=250&slotname=8561685583&adk=1410419542&adf=4274972013&pi=t.ma~as.8561685583&w=250&lmt=1570747697&psa=0&format=250x250&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698162&bpp=3&bdt=542&idt=3&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=647&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Po5asYNMzX&p=http%3A//jibundedekirukogao.dt25.net&dtd=7

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:41:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 5240039360651012885
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 22:41:09 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 943B 2 KB
1 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 22:42:19 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 943B 118 KB
36 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Tue, 20 Apr 2021 22:44:58 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 943B 13 KB
5 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 22:41:23 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 2234 35 B
210 B 14ms
11ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHtZEEcfyB2i_vClkwnLoNA&google_cver=1&google_push=AQvitUJpNLloE5XWSXPPX0JIOT8ElTW0EVi6ALmQNQxFxP6RvS25fZeUxXajZl_eQns7rHu9EEIfE1r4pGYn6ZTTJitRUCIKjxc

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:58 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2234
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitULrUTpvFc1UHKqUhSV-MIi1WSE4ELasE_KeDTZ5y0mhAKQTSVDmXCtd_athvUrALN4TyYIIgXc5A71AA6j7uf2DsmPzgA&google_gid=CAESEAYWGeq1b-SGsBv6roSlNs8&googl...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOuy_YMGEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BUXZpdFVMclVUcHZGYzFVSEtxVWhTVi1NSWkxV1NFNEVMYXNFX0tlRFRaNXkwbWhBS1FUU1ZEbVhDdGRfYXRodlVyQUxONFR5WUlJZ1hjNUE3MUFBNm...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwejBEcjc5YUp5eU15TTJzQnN1ZERQRy14NnhWWHVoalF5c2QwVWRXWERRdw==&google_push

170 B
188 B

52ms
52ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwejBEcjc5YUp5eU15TTJzQnN1ZERQRy14NnhWWHVoalF5c2QwVWRXWERRdw==&google_push

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Apr 2021 22:44:59 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwejBEcjc5YUp5eU15TTJzQnN1ZERQRy14NnhWWHVoalF5c2QwVWRXWERRdw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2234
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEHokrg-nr-VGXLaUKv2NSLc&google_cver=1&google_push=AQvitUK0gjrw_jiRY5XQ5vnmgVOUN2PTTcVc7d2OLm9s5hNUIvYQ4IWFKyFX_ctI7UHbErjdVuGD9t7XwVLXMXup2MsXGSUcNVU
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK0gjrw_jiRY5XQ5vnmgVOUN2PTTcVc7d2OLm9s5hNUIvYQ4IWFKyFX_ctI7UHbErjdVuGD9t7XwVLXMXup2MsXGSUcNVU&google_hm=P2KzklxTz18kSqo5VnWPMg==

170 B
188 B

64ms
63ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK0gjrw_jiRY5XQ5vnmgVOUN2PTTcVc7d2OLm9s5hNUIvYQ4IWFKyFX_ctI7UHbErjdVuGD9t7XwVLXMXup2MsXGSUcNVU&google_hm=P2KzklxTz18kSqo5VnWPMg==

Requested by

Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:58 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK0gjrw_jiRY5XQ5vnmgVOUN2PTTcVc7d2OLm9s5hNUIvYQ4IWFKyFX_ctI7UHbErjdVuGD9t7XwVLXMXup2MsXGSUcNVU&google_hm=P2KzklxTz18kSqo5VnWPMg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: lb0a6g53krm7b30q8ma9blh7q6juliaa

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2234
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z4O9Q2ClQouTSKZnTSd9WA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

54ms
54ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z4O9Q2ClQouTSKZnTSd9WA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJAGVwAdDXBdxAzucH1ygqBe2kLWLLV8JPsrRJMTF0zqNK0sBX5mk_ZUjmgsmAROebM5g0afp9THQi1NPGV98UCsENF7A

Requested by

Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z4O9Q2ClQouTSKZnTSd9WA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJAGVwAdDXBdxAzucH1ygqBe2kLWLLV8JPsrRJMTF0zqNK0sBX5mk_ZUjmgsmAROebM5g0afp9THQi1NPGV98UCsENF7A
Date: Tue, 20 Apr 2021 22:44:58 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2234
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEII0FiAlVxdFWSWu5e5_7mk&google_cver=1&google_push=AQvitULb1IpTz5k1O2t7ierga8FrSuzSCKmGQwvlnAtEy7GGhuF5ugzvuBQzMetutoOH5OwHgnC...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05RTTdJWFEtMVUtREpTRw==&google_push=AQvitULb1IpTz5k1O2t7ierga8FrSuzSCKmGQwvlnAtEy7GGhuF5ugzvuBQzMetutoOH5OwHgnCpOPxXdXDGg3UKWcect_q8Ag

170 B
188 B

54ms
54ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05RTTdJWFEtMVUtREpTRw==&google_push=AQvitULb1IpTz5k1O2t7ierga8FrSuzSCKmGQwvlnAtEy7GGhuF5ugzvuBQzMetutoOH5OwHgnCpOPxXdXDGg3UKWcect_q8Ag

Requested by

Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05RTTdJWFEtMVUtREpTRw==&google_push=AQvitULb1IpTz5k1O2t7ierga8FrSuzSCKmGQwvlnAtEy7GGhuF5ugzvuBQzMetutoOH5OwHgnCpOPxXdXDGg3UKWcect_q8Ag
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2234
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECHLfzbj7HOBA3HZFHU786c&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH9Zaj85siOvnQ6nyDhw8QAABJIAAAAB&google_cver=1&google_push=AQvitUIAE4kLIs2dvw7zIEnBjckL4-qYVO7JU5VC_ghq2-0jJ5EC5MMo11Idn9CjQCkP5baM_vLg...

170 B
188 B

57ms
57ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH9Zaj85siOvnQ6nyDhw8QAABJIAAAAB&google_cver=1&google_push=AQvitUIAE4kLIs2dvw7zIEnBjckL4-qYVO7JU5VC_ghq2-0jJ5EC5MMo11Idn9CjQCkP5baM_vLgBdmjs-tf-01wFFLnGM1Z-EY&google_gid=CAESECHLfzbj7HOBA3HZFHU786c

Requested by

Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 22:44:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH9Zaj85siOvnQ6nyDhw8QAABJIAAAAB&google_cver=1&google_push=AQvitUIAE4kLIs2dvw7zIEnBjckL4-qYVO7JU5VC_ghq2-0jJ5EC5MMo11Idn9CjQCkP5baM_vLgBdmjs-tf-01wFFLnGM1Z-EY&google_gid=CAESECHLfzbj7HOBA3HZFHU786c
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Tue, 20 Apr 2021 22:44:58 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2234
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKrxivvHG2HD9gGtsICUf7M&google_cver=1&google_push=AQvitUIi2oRg7-6SR0vr6x4_...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIi2oRg7-6SR0vr6x4_lRe2JFz4EYBqjDX3Pi-lJOO81a8K09QfJe99gG4c8D30p57_4UUu-sveCnJPkJP2pg15uuX1D8w&google_hm=

170 B
188 B

54ms
53ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIi2oRg7-6SR0vr6x4_lRe2JFz4EYBqjDX3Pi-lJOO81a8K09QfJe99gG4c8D30p57_4UUu-sveCnJPkJP2pg15uuX1D8w&google_hm=

Requested by

Host: jibundedekirukogao.dt25.net
URL: http://jibundedekirukogao.dt25.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:59 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIi2oRg7-6SR0vr6x4_lRe2JFz4EYBqjDX3Pi-lJOO81a8K09QfJe99gG4c8D30p57_4UUu-sveCnJPkJP2pg15uuX1D8w&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Mon, 19 Apr 2021 22:44:59 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 2234 0
12 B 51ms
50ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kk5rErihvuO00xmFCs1F09Od95M6RIbI9hGI_-1wNMtEwrb32v5X9QhwU67Cdf59zwSYNxug

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:44:58 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EF78
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
15ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUnTBLL6h_lHVeOxMu_-UCnFEQqoPbNljb8grovqN0l6dj-bcod-SEjzhyGXJHw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 20 Apr 2021 22:44:58 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 20-Apr-2021 23:44:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Apr 2021 22:44:58 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 20 Apr 2021 22:44:58 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame 29B2 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:09:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 2115
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Wed, 20 Apr 2022 22:09:43 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 7812 9 KB
3 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 12:33:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36691
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 21 Apr 2021 12:33:27 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7812 22 KB
9 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 21 Apr 2021 18:54:37 GMT

GET
H2 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7812 57 KB
23 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Apr 2021 22:44:58 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9F76 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=250&slotname=8561685583&adk=1410419542&adf=4274972013&pi=t.ma~as.8561685583&w=250&lmt=1570747697&psa=0&format=250x250&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698162&bpp=3&bdt=542&idt=3&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=647&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Po5asYNMzX&p=http%3A//jibundedekirukogao.dt25.net&dtd=7
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUnTBLL6h_lHVeOxMu_-UCnFEQqoPbNljb8grovqN0l6dj-bcod-SEjzhyGXJHw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819204778002912&output=html&h=250&slotname=8561685583&adk=1410419542&adf=4274972013&pi=t.ma~as.8561685583&w=250&lmt=1570747697&psa=0&format=250x250&url=http%3A%2F%2Fjibundedekirukogao.dt25.net%2F&flash=0&wgl=1&dt=1618958698162&bpp=3&bdt=542&idt=3&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1941c347418daa0-2220e2ff2bbb00a5%3AT%3D1618958697%3ART%3D1618958697%3AS%3DALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A&prev_fmts=0x0&prev_slotnames=9751991989&nras=1&correlator=2239345179330&frm=20&pv=1&ga_vid=548244428.1618958698&ga_sid=1618958698&ga_hid=1546352597&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=647&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1549433956913408&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Po5asYNMzX&p=http%3A//jibundedekirukogao.dt25.net&dtd=7

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 20 Apr 2021 22:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 939
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 943B 0
20 B 53ms
39ms Other
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLOE8pDzjfACFcjluwgddAcAtw&gqi=all_YM3xCsqH7_UP4KW5kAc&layout=/sadbundle/%24csp%253Der3%24/5442514344972767536/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 943B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60dd523437f1bff4a9f1b9bbffde08274b56ac1da60f5eac08720c735d3fe36d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 imagesuv0myt5eb1rnnbxsp1ds.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/ Frame 7812 906 B
936 B 7ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/imagesuv0myt5eb1rnnbxsp1ds.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a9ff3f6b8d132ef3022c28d875ab2217b7b35259a6bfd10b8e56b4b87046019

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 514295
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 906
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 09:56:43 GMT
server: sffe
date: Wed, 14 Apr 2021 23:53:24 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Apr 2022 23:53:24 GMT

GET
H3-29 200 1ad6b5aa39cdeb703ff094f477328c96.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/ Frame 7812 38 KB
38 KB 8ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/1ad6b5aa39cdeb703ff094f477328c96.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

953ad5605189ea38166999307dd0641b5a3c42d4bd1dfd183848143c3fc2252b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 348104
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38697
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 09:56:43 GMT
server: sffe
date: Fri, 16 Apr 2021 22:03:15 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Apr 2022 22:03:15 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210415&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

688e3ff74ba871f6984918c46e4a9c0127543214ee56a1bbaa3a9f437778b721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://jibundedekirukogao.dt25.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 22:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6537
x-xss-protection: 0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9F76
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

16ms
14ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUnTBLL6h_lHVeOxMu_-UCnFEQqoPbNljb8grovqN0l6dj-bcod-SEjzhyGXJHw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 20 Apr 2021 22:44:59 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 20-Apr-2021 23:44:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Apr 2021 22:44:59 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 20 Apr 2021 22:44:59 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7812 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:09:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 2116
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Wed, 20 Apr 2022 22:09:43 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://jibundedekirukogao.dt25.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 20 Apr 2021 22:44:59 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 6C02 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://jibundedekirukogao.dt25.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://jibundedekirukogao.dt25.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 20 Apr 2021 21:04:19 GMT
expires: Wed, 20 Apr 2022 21:04:19 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6040
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6C02 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:09:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 2116
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Wed, 20 Apr 2022 22:09:43 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210415&jk=1549433956913408&bg=!e3ileDzNAAZUuIlwVLg7ACkAdvg8WvY5hTEoLI010W51noR7nYCtgEV1SYnxUX6Aa8mvIxKrFGHmCgIAAAB4UgAAABxoAQcKAIeFhXRI-jyCq-Sk82zU2J085FjO4uKznxPcuHBhq3F3mRSY3tYv_YtZDt2su9SrPLiayQcn1B65KFPTVMsVAkBe4i1OgOIPxVmKUm886LHP2rE11Exe6J6M6DzN7QBllOLzYFWk23EByaml3YadieLUa5tCa351JlwXBMFRrlI2gJfoBoX8zTCZAdvomyWJUBeCZx_LFVjEP4g2ExXS7uDKrMRa5_NZjOhmgrg0Rv_IR4hUNzCqhz0PZ5hYi6ZQYZoWUn4rLLWXqCavRTp9ok5DwAoC4JXfMclJrwlcVHt_ZcfB_EPdGCj0GH-gEHLZm-HJgBBPPq6h7SV42Bq-cOvjDFGbj37W1jJwNWiC70FxFXvJQagOWHs89nuGB903mvlTXjliCEYK7yP85VgrR0tDotJxrJj5Kt_q8CoIUblzKJdmFPAiotY2GC6lnctD_UIxqn97aADg_54StwsKRvcpjPtgEiTA2A4xhSJ4Cws8ribvjbxdj-3jb3P2GnHcQBgVK8-ChvmvCWv6mWHQUaoAkvwd7FhSVpx9ewsd9NCyGfH6gqThoeD3b5LP7in35AGcypqWrj1HCVti_qgCv2zrAEyeBNPoft7lc89QeTeH90DJkH1VVWeb4hOH69VQri_5pirvKf9OEqoDxdPHD60vhQXs15wRO9YKufSXba7B43Ni0Hk9En0bCqCp16mycSMeJ0lrVtaRM3HLHjNZiggtwlztF2e2DDz7x1pfONslpa9MdmxNYXL7UqpNYukx5SfayIkEfrKZvB47I4XwgQYcJ2Zj4wG7zg-r2aSvIGrR9XqY8-cp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://jibundedekirukogao.dt25.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F8CD 42 B
64 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueDfvQW7DOs931r9mI4_1eqFCPCErRg75VMjMSM_OjMhvh1A1Eodg1c-VPppEEhEZgLYoh6_sLvONqJ4vUGr6zg6Df0zIuH7b3UlQUdP6daYhsqUUjnma7Uninbw&sai=AMfl-YQIC0PMu-MbKi_Nb5Y7sLcAb8CY9WP5L4fSTKXstVf1cSQu2mMMn7XSe-_WTvqvOxYd-U7DnEapkV2ZKDCxa83RxHOfJJvyCMK4LWQnXbWnPsqFq1p1EB5OadP6&sig=Cg0ArKJSzPu2DnhnUrBUEAE&cid=CAASF-RoSrW0c9f7TSvGQgrOcewxJFf3926V&id=lidar2&mcvt=1034&p=176,907,384,1157&mtos=1034,1034,1034,1034,1034&tos=1034,0,0,0,0&v=20210419&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3419604076&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618958698178&dlt=234&rpt=2&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FCC2 42 B
64 B 48ms
47ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3GgvJYPTmY77KncYOm7NIvnK9m-Nejezs8DbI1DoeRFf7X3jISNxMjHZ2e7MhKjZ8jU56s5aHVA4sxN4WAESHzWeHHVc28b4UjW78e3OEOxhg0ca-_lmLF71ejg&sai=AMfl-YSmEAN4QKNwvLFNWNyU_eakcOu_VrqZthApInjJV34IOI1fo4jKFDAxxWmi5s7VIB6s0-f7d9uHjCNVau96JHoVc8YVwa2yZTVyN_l6MCZ4a5k1kTh3HAIW1gF1&sig=Cg0ArKJSzDyh6c854z9-EAE&cid=CAASF-RomksLh_fujDOcaHGjct3_5RntIt2k&id=lidar2&mcvt=1000&p=374,427,974,587&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210419&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=94595765&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618958698217&dlt=453&rpt=2&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 943B 42 B
64 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOirMw4A9V08bQ37EZig5lcXgao8aqjlVJxUnKGvvaAHwsQh4_NzdAanQeqUAweCk5-Fg1jxzOZTUsNZ_dKGDu6JeZcgxYpYdLgMcnd5DzPu9iWViGv5g5znJulGVCg2xQ21daEamkEuvSKgz7qt5D8A&sai=AMfl-YTGQvFA8IZ2_eEevZvsisWo5tgLXgA0l4EgkF-q4Taa4WLWizIViTvRY-LJG3OOobRr_-kajDGcIlDQylUdgri1qHf9KfxzMlgmevNUS155yMHRg3cq_LSmPPN7&sig=Cg0ArKJSzLYRSIIVf-bmEAE&cid=CAASF-RoI6KhceHdl2s84_Tqbvntrhvnm52Z&id=lidar2&mcvt=1002&p=176,647,384.34375,897&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210419&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1410419542&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618958698170&dlt=695&rpt=1&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 22:44:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 03:04:14	Name: IDE Value: AHWqTUnTBLL6h_lHVeOxMu_-UCnFEQqoPbNljb8grovqN0l6dj-bcod-SEjzhyGXJHw
.doubleclick.net/	1970-01-19 17:42:42	Name: DSID Value: NO_DATA
.dt25.net/	1970-01-20 03:04:14	Name: __gads Value: ID=a1941c347418daa0-2220e2ff2bbb00a5:T=1618958697:RT=1618958697:S=ALNI_MZM0T-o2KUyB9OkFkTzJRrAvymq-A

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
e.dlx.addthis.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
jibundedekirukogao.dt25.net
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
s0.2mdn.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.185.130
142.250.185.98
185.64.189.115
210.188.201.43
23.218.208.246
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a05:d01c:1d8:8102:5642:8a73:6264:9a1f
3.120.24.152
34.98.67.61
35.227.252.103
35.244.174.68
54.149.220.116
69.173.144.139
79.137.69.120
071f23c62d0446ea9ab03f3d77906007089f24c086ba11d833b931beb27ea1fa
0a9ff3f6b8d132ef3022c28d875ab2217b7b35259a6bfd10b8e56b4b87046019
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9e93bee32bf4a67a4ff4436abd3e6200e88b795e00615045613dd06afca846
1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084
1205c7e29c59fc035d0d1c0a24e1c03f2875c9d0cb169ba8d9b6d100b9622ab0
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a0ac2a3a3c0169bbe335a8075500254a2771928031924123e78844a5ee3897c
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0
36e919f0513f552e7e796f66fde18b1b2e19625b054e96b7089cc2d31edbb0f1
3710d76ed137904196e68411fa784229749f004a0b4b16cfc191bbc273244f57
374c8dbc4170be246f238b17dc43ab7ab5a56793a5d67b91e345dcb4f5aed18d
4100200983407896b68dba6990abd1f94c96da85961db6d94718fda3eb4c462c
4565e14be4a0f150b2dfad26516f548fc08d38acaa3c94d409f8319bfff1f0f7
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
475432c8ecef822f9cb8e555e070634a8413923fb0bf0339e98e71a6d4ef15c1
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
570eb65eeda36596fbd65b7187972092ea068478cbad5f6dd3fc3149cd0ae572
57593cbc7d9b30be1eb7107934c823297e04d0e5a310f3d5428aa37cd3429b28
580b14eb9c0568105f93b9ecb9c213cc69a2ba961045dd1d866e2036d440dbbc
5a53510991dfb30ec6fb4970d9592c74c4a0e2888ce4a40bd4502d83f9cec88e
60dd523437f1bff4a9f1b9bbffde08274b56ac1da60f5eac08720c735d3fe36d
61f3994bd79e8f77a3a8e7630d7ad11ea2b4d6ab5bcdefa5c4b8a5ca0e7dc82a
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
688e3ff74ba871f6984918c46e4a9c0127543214ee56a1bbaa3a9f437778b721
6dd3fa0ac0babf2ccc9285caa721a145c225a7d5207e9a662f32bf6e8b99e56e
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7b6efeab19d4d63217545b21b431633d67960189397bfeec860dc9dfd4519744
7ec24c654f0e2575395675bd259dd78049b429ea254686a0cea8ddc55317f320
83396cc7152420a2d5cba35aace831d8391ca785a3d73a7e1b4278a1d57d8ab9
8b0aac1bea0a1176fa37ec9e1839bdba8b10641430bfee3051e3590381152442
8e7e1c0ca7f4b5de4bf685edab1b4db31bff56e83fa2745700947fea85ff3095
91924861d5504e2065b04fe15d2e9ef151446597028e52ec06d0b516d7dbb6f0
92777840820a41fd3ab58ccc2a4d8ac93890bf6aa3af28ee80c5e5baa8e1022f
92979cafefd4019ad1e8f1b2012125d62b48b3b2cbc4d765e9e5aaaf0bee688e
953ad5605189ea38166999307dd0641b5a3c42d4bd1dfd183848143c3fc2252b
95f66b0fd918f7a6d36f22a9ac49210439d74085bf0fedd1dec6061918f20c1c
966c211fe65ffa6a9480283eeb514b5c85c4f88cf76946b843507571f05e262a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a208335c1d937edec163ebf48e3927a2c1f60438ee2be002fb6041ed2143fe49
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
ac5f0aa0276496205434d1d0fbc8b3ebbe0cd8e69f1790179fa39917883edc0d
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
b92e946f69ea1fbc9737d09d01255f3aedf94d788d113008e7c9c36c9be365d5
b9e09a9aa0c4cb7f3a0e569ba4994adb8d033a742b09f17985b8fae4967dabe9
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6ef9733e59d476e8be5ca37d114f9d7814ee6745261ecb007f934e7fbb5d29f
cab74b4c1b5e1ffd31e4b19e6e20f56a7895cd7a301cbfd0ca901d26bf4622bd
cbeda32f538a5c88837b4231b37ef6f0fec2f295a6a8f7c0dcf92a610afb821a
d11af42c1c7b88329a1843400e8f37920ecaaeef0a1875e56eb4bb955b547c4b
d365165afdcb6f4108f403153aa460fd81c69824524df90d8a9ed4853f82e49f
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e539561f9d9e891e8a97f5f9d15122e6217f29bde333203384871bd2e3d0d079
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f54415e29eb70befe2473a69a097e33e3f1e90376016243b2af5173f2c87bd23

jibundedekirukogao.dt25.net Open in urlscan Pro 210.188.201.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

121 Requests

87 %HTTPS

57 %IPv6

21 Domains

29 Subdomains

21 IPs

5 Countries

1273 kBTransfer

2443 kBSize

3 Cookies

4 Outgoing links

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

jibundedekirukogao.dt25.net Open in urlscan Pro
210.188.201.43 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

87 %
HTTPS

57 %
IPv6

21
Domains

29
Subdomains

21
IPs

5
Countries

1273 kB
Transfer

2443 kB
Size

3
Cookies

121 HTTP transactions
2 data transactions