r00t4bl3.com Open in urlscan Pro
2606:4700:3037::ac43:b4cd Public Scan

Go To Rescan
Add Verdict Report

URL:
https://r00t4bl3.com/
Submission: On September 15 via api (September 15th 2022, 11:36:04 am UTC) from JP — Scanned from JP

Summary HTTP 108 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 17 domains to perform 108 HTTP transactions. The main IP is 2606:4700:3037::ac43:b4cd, located in United States and belongs to CLOUDFLARENET, US. The main domain is r00t4bl3.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.

This is the only time r00t4bl3.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	2606:4700:303... 2606:4700:3037::ac43:b4cd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2404:6800:400... 2404:6800:4004:808::2002	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:822::200a	15169 (GOOGLE) (GOOGLE)
12	2404:6800:400... 2404:6800:4004:80a::2002	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4004:826::2003	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:825::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:826::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:811::200e	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4004:823::2003	15169 (GOOGLE) (GOOGLE)
17	2404:6800:400... 2404:6800:4004:826::2001	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:801::2002	15169 (GOOGLE) (GOOGLE)
2 4	2404:6800:400... 2404:6800:4004:810::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800e... 2620:116:800e:21:a878:7c6e:cf7b:3362	16509 (AMAZON-02) (AMAZON-02)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
5	172.217.174.98 172.217.174.98	15169 (GOOGLE) (GOOGLE)
1	103.231.99.243 103.231.99.243	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2406:da18:5a5... 2406:da18:5a5:3102:8c21:5134:8ae5:7863	16509 (AMAZON-02) (AMAZON-02)
1 1	18.177.23.231 18.177.23.231	16509 (AMAZON-02) (AMAZON-02)
108	18

29 2606:4700:3037::ac43:b4cd (United States)

ASN13335 (CLOUDFLARENET, US)

r00t4bl3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4004:808::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:822::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4004:80a::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:826::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80b::2002 (Australia)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:825::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:826::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:811::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2404:6800:4004:826::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:801::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:810::2004 (Australia) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800e:21:a878:7c6e:cf7b:3362 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.174.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.231.99.243 (Japan)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.141 (Los Angeles, United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da18:5a5:3102:8c21:5134:8ae5:7863 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.177.23.231 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-23-231.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	440 KB
29	r00t4bl3.com r00t4bl3.com	2 MB
16	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	113 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	222 KB
6	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	5 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	131 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438	2 KB
2	openx.net 2 redirects rtb.openx.net — Cisco Umbrella Rank: 1505	579 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
2	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 62283	914 B
1	adingo.jp 1 redirects cc.adingo.jp — Cisco Umbrella Rank: 3200	416 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1423	297 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 335	461 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 648	166 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1020	463 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 857	696 B
108	17

	Domain	Requested by
29	r00t4bl3.com	r00t4bl3.com
17	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	pagead2.googlesyndication.com	r00t4bl3.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
5	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	fonts.googleapis.com	r00t4bl3.com googleads.g.doubleclick.net
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net
2	ssum-sec.casalemedia.com	2 redirects
2	rtb.openx.net	2 redirects
2	www.google-analytics.com	r00t4bl3.com www.google-analytics.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.jp	pagead2.googlesyndication.com
1	cc.adingo.jp	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	image6.pubmatic.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
108	21

This site contains links to these domains. Also see Links.

Domain
therex.bk-ninja.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://r00t4bl3.com/
Frame ID: E9859103B2817D0F56D157ABC07A0888
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/zrt_lookup.html
Frame ID: F56A20CCB77C5F33C7A09F4EB52A14BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9476719135065556&output=html&adk=1812271804&adf=3025194257&lmt=1663241759&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fr00t4bl3.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663241758092&bpp=714&bdt=181&idt=1044&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3294981641468&frm=20&pv=2&ga_vid=1688741071.1663241759&ga_sid=1663241759&ga_hid=374429103&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667%2C42531706%2C44771547%2C31067826&oid=2&pvsid=3340341719441117&tmod=1069226771&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1059
Frame ID: 748AFF4528E38FB10FA1A7A8EC3730DC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9476719135065556&output=html&h=280&adk=2059623669&adf=3567397025&pi=t.aa~a.2756782728~rp.4&w=1080&fwrn=4&fwrnh=100&lmt=1663241759&rafmt=1&to=qs&pwprc=9125695584&psa=0&format=1080x280&url=https%3A%2F%2Fr00t4bl3.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663241759647&bpp=3&bdt=1736&idt=3&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D54d7624f1088d80c-225bf58b75d600cd%3AT%3D1663241759%3ART%3D1663241759%3AS%3DALNI_MZZ_02QYkXShPkgyt_o35IOC3fWtQ&gpic=UID%3D000009c8a0f178fc%3AT%3D1663241759%3ART%3D1663241759%3AS%3DALNI_MZ3MYXM3_LKPThDvF5MpP4Adb5Eig&prev_fmts=0x0&nras=2&correlator=3294981641468&frm=20&pv=1&ga_vid=1688741071.1663241759&ga_sid=1663241759&ga_hid=374429103&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667%2C42531706%2C44771547%2C31067826&oid=2&pvsid=3340341719441117&tmod=1069226771&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=0ao0EIzHyH&p=https%3A//r00t4bl3.com&dtd=16
Frame ID: F676383D845261E96BE8762167177DC3
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4F09153E459719CEF2934405B8CA9C2B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1
Frame ID: A15354A28F56187B1F83FFB0D3A2CB2A
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 9F44194074012E635368C73DE0A3E351
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 27A61113303E041D4F94FF07EC0C7B54
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4A83BE0CFB6E9ECFF98F9E4CFBA8D402
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OdDKsMxR2L_jTiLQalWX8qaF4EOl3zhymuRIoesSTkk.js
Frame ID: DC5E5020E79B6910073CD1A123D9214A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OdDKsMxR2L_jTiLQalWX8qaF4EOl3zhymuRIoesSTkk.js
Frame ID: 2C20186B48517CB6B7AEF1EA7F8BC247
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 50DA887036A2CDC2C7E658955C1A8DDA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OdDKsMxR2L_jTiLQalWX8qaF4EOl3zhymuRIoesSTkk.js
Frame ID: 731055AACC78FB892524DA080BCB679C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4D33BD4DA2062F8729D8F2AE494B3639
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 598BB25E716985300587A24F74597ECF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

r00t4bl3.com - Web Development and Stuff

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+s\d+\.wp\.com

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

108
Requests

96 %
HTTPS

71 %
IPv6

17
Domains

21
Subdomains

18
IPs

5
Countries

3436 kB
Transfer

5115 kB
Size

17
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://therex.bk-ninja.com/author/bkninja/
Title: r00t4bl3

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 75

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 93

https://rtb.openx.net/sync/dds?google_gid=CAESEIBUrBDU8AnpVjiupJLrclQ&google_cver=1&google_push=AZmPxg89-N5UMoXoCIfDD_y8o-mf9aygQ8-QnT_ihrS8PpbYdCRrnH_CQ1V50YyhJGAoymEp8sczCwk2HMAa6-sB9zChQ-byD94f HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEIBUrBDU8AnpVjiupJLrclQ&google_cver=1&google_push=AZmPxg89-N5UMoXoCIfDD_y8o-mf9aygQ8-QnT_ihrS8PpbYdCRrnH_CQ1V50YyhJGAoymEp8sczCwk2HMAa6-sB9zChQ-byD94f&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg89-N5UMoXoCIfDD_y8o-mf9aygQ8-QnT_ihrS8PpbYdCRrnH_CQ1V50YyhJGAoymEp8sczCwk2HMAa6-sB9zChQ-byD94f&google_hm=Vj3_R3jKzW0DjwCOg8wHiw==

Request Chain 95

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKjMzPwJbStSBsyBUEOozlc&google_cver=1&google_push=AZmPxg-wab3a3h3IUitW9WpmmV8OrHVsugagl1UfWGtfULHS220VnBmV3I7mcYPnpKHdgBsC27xKrc0W9OBXvNlsex7UkJtzLVSh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgyWjc4N1otMVotSDJJUQ==&google_push=AZmPxg-wab3a3h3IUitW9WpmmV8OrHVsugagl1UfWGtfULHS220VnBmV3I7mcYPnpKHdgBsC27xKrc0W9OBXvNlsex7UkJtzLVSh

Request Chain 96

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIgWRVqD6DGBg07KJpA8UdY&google_cver=1&google_push=AZmPxg-cqI8m3yem_a1Zel0uIzXyDAOlwEBLYAqFTnEhG9HBmH3A3V_5tOsvtyAu-1gZk_BhZEiBm1doc0WrJ_Tmik5nW6RLvJFr HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIgWRVqD6DGBg07KJpA8UdY&google_push=AZmPxg-cqI8m3yem_a1Zel0uIzXyDAOlwEBLYAqFTnEhG9HBmH3A3V_5tOsvtyAu-1gZk_BhZEiBm1doc0WrJ_Tmik5nW6RLvJFr&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIgWRVqD6DGBg07KJpA8UdY&google_hm=YyMOIM2QJvQ4HtasU1WFwwAAEokAAAIB&google_nid=index&google_push=AZmPxg-cqI8m3yem_a1Zel0uIzXyDAOlwEBLYAqFTnEhG9HBmH3A3V_5tOsvtyAu-1gZk_BhZEiBm1doc0WrJ_Tmik5nW6RLvJFr

Request Chain 98

https://cc.adingo.jp/adx/push/?google_gid=CAESENigTg8ggtfWnUTdJnXYRKw&google_cver=1&google_push=AZmPxg_NABoZvsu7VImN6f7kqU70K0-hKW-NQaAijW7gOYGD4earv8TM3JHFZZ4IeiBTuiF2vr312Uxwq8ohiHCNxIWAfvKehdo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg_NABoZvsu7VImN6f7kqU70K0-hKW-NQaAijW7gOYGD4earv8TM3JHFZZ4IeiBTuiF2vr312Uxwq8ohiHCNxIWAfvKehdo&google_hm=2d897ede7bb1493c1719463e19184efe

108 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
r00t4bl3.com/ 96 KB
11 KB 727ms
607ms Document
text/html 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cc6edbc5706d48617028e790c5b7aadcfd739764457c9e52c7c3de0ac0d940d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74b10fd72e8c80e3-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 15 Sep 2022 11:35:57 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sAjcujQj11U7GZOpW6Irp2FMWkKGrLM34qi4yeVi2HPrcLnkAof0U%2BufNdLGJF5AnnvVrhqPm79h9K6tx1277HgzVueHoSJ0v%2FmYXfxJGnPI0tQAYhBveeq4cyb8CyUCPuxPzpl6%2Bt%2Bz5PY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
57 KB 153ms
74ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: r00t4bl3.com
URL: https://r00t4bl3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65fd23678c5ee28844494816eb77ec8c57a2236238eba2629be2cc62e6959e47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57943
x-xss-protection: 0
server: cafe
etag: 10625534632525845596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 11:35:58 GMT

GET
H2 200 combined.css
r00t4bl3.com/css/ 154 KB
30 KB 877ms
876ms Stylesheet
text/css 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r00t4bl3.com/css/combined.css
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37a4ab1d5860e49ae5322676b363550dd23d88b068c484bdee441d5a9c210113

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 May 2020 12:59:43 GMT
server: cloudflare
etag: W/"5ed258bf-26751"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2Bnazy5z4YHgrOx1hi5F8LYRtTJT9bydWexZRgtnRatIJkKQ7kuyUxOZXp%2FvygmD25MXd3hHFFJ%2Fg%2F%2FIU6zE6kBbvW1X7aTrlOk5UgGpqRtFSPITfCQ42XcWuug5u9PjZ%2Ffy5rfODzoFMHk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b10fdafc7780e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
2 KB 95ms
49ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Archivo+Narrow&family=Inconsolata&family=Lato:ital@0;1&family=Open+Sans:wght@400;600&family=Roboto&family=Roboto+Condensed&family=Volkhov:wght@700&display=swap

Requested by

Host: r00t4bl3.com
URL: https://r00t4bl3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32cebd0d14e3a387471fd732306c9161dc9f4728c137ec67d58105efcb18ec36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 11:35:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 15 Sep 2022 11:35:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Sep 2022 11:35:57 GMT

GET
H2 200 jquery.js Show response
r00t4bl3.com/js/ 95 KB
34 KB 461ms
461ms Script
application/javascript 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r00t4bl3.com/js/jquery.js
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 28 May 2020 14:11:05 GMT
server: cloudflare
etag: W/"5ecfc679-17a6a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vY%2ByU1icfDnACNKb8DMQXWJ6bjA7OMZrdAvt9rf4KkLRnaGlKspWgf%2F67HGbSh%2B557qXNdZ%2BYJBc%2FKhc%2B%2F5q4yXBmYPcUP9OtQECZMVTthZfWss3jRcXv6WPJWdNqjNKZpa1hJcZGaZLwC4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b10fdafc7a80e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 logo.png
r00t4bl3.com/images/ 8 KB
9 KB 441ms
439ms Image
image/png 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r00t4bl3.com/images/logo.png
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769806d127f1b68b8030871975c95fcd738f8bde0fce5cbf8a00e4db94dccc0e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 28 May 2020 14:11:05 GMT
server: cloudflare
etag: "5ecfc679-20ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16mQIhI9I49AqI6RacL2ltEvlggvBGHdhhIC9g8sJ4%2FhwU7s05Utypz9G58NvPzoAHs1agbrprHSnj%2F59NAjAOqbldCiPKlFD3WEFLpi6ZNuVJlBN1w0ly23p9zr2FfZclg7eJ4hqaZWEgY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b10fe08d6f80e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8431

GET
H2 200 attachment-freebsd-featured-e16f8dd76f66dfdb9a9bd3178ead67b0.png
r00t4bl3.com/uploads/ 115 KB
116 KB 446ms
443ms Image
image/png 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r00t4bl3.com/uploads/attachment-freebsd-featured-e16f8dd76f66dfdb9a9bd3178ead67b0.png
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7bae93bf9ca848c0b932220ac036e4eb3de728785a5f26e8fc00c02ba65c46f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 27 Dec 2021 12:11:44 GMT
server: cloudflare
etag: "61c9ad80-1cded"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TclXxkCtXQO0%2FcRanF6ls6jU0cf23E6kPn4XNXrjoHYKCUz6wT7ldExMZYLRThJ3n0BjxpXYy1EfrQ%2FN%2B7PQUUByPZvTSUpM8sQOC8kUw1hybl2rRdHRI32dOcmcfU88juwOE%2F21MuyMACI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b10fe08d7080e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 118253

GET
H2 200 attachment-ubuntu-featured-80829b90cce87306a0d7ce8f027b779d.png
r00t4bl3.com/uploads/ 97 KB
97 KB 464ms
461ms Image
image/png 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r00t4bl3.com/uploads/attachment-ubuntu-featured-80829b90cce87306a0d7ce8f027b779d.png
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8597bfc87400b244c503b8e721ff3ffd4860ef6b8527554cc3f098eccd04a77

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 03 Aug 2022 03:13:29 GMT
server: cloudflare
etag: "62e9e7d9-18283"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfRCNJSv6R6s0P13Nx2bEbStTYpLk9N2DVNVvMMQ5rSnfJ8NxNCRM7c2x2wcMJjw4mTO3Mmmo%2BLa3yF%2FWGDhYsX2W9gVHHhpArJe8s0gIATC4iMw5AjjU%2Bw%2Bmbt%2B1mbLSYpG5%2BU0mivGrsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b10fe08d7180e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 98947

GET
H2 200 attachment-xfce4-ubuntu-featured-da309236812774039beec0b69f5421cb.png
r00t4bl3.com/uploads/ 161 KB
161 KB 460ms
457ms Image
image/png 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r00t4bl3.com/uploads/attachment-xfce4-ubuntu-featured-da309236812774039beec0b69f5421cb.png
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb7d03599fc1f740963f60a434dae392a1977f9b24b67cda0f46cad500c0135f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 12 Jan 2022 12:22:52 GMT
server: cloudflare
etag: "61dec81c-283ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AyME5Wt1Z48uxKqUIrx%2F4nnFYWcawUTcbZV%2B16pnIaxoIQOUokdQEbQmUiulLMNvXURFdnDSilnIFtGb011ZQpq0o9ptpVrAw4MBMQay9Hi3zvIr5KWGmFjVs9bjE3amqaKKqhoIt3bOcGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b10fe08d7280e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 164842

GET
H2 200 attachment-xfce4-fedora-185d46afab776e718930fb16b86d834b.png
r00t4bl3.com/uploads/ 172 KB
173 KB 457ms
455ms Image
image/png 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r00t4bl3.com/uploads/attachment-xfce4-fedora-185d46afab776e718930fb16b86d834b.png
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a3a3eb88ab646be5c29a5459e7c13b3deffa222cc5686ebfe674d20667cbc76

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 30 Dec 2021 12:14:27 GMT
server: cloudflare
etag: "61cda2a3-2b052"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbDakHgyLqmeRc6KF%2BjnRtcgXUEyhNvrS7y9SqDjbbFS%2Ft4kk5g705fki16aDid9A%2FYHQUP0mRUshfXWfmID3i8HBp%2B74nF%2FS6KFgfeWE2V0jizjwoaBmqKzLEx1Lf2r7Iwdw4GkdWISAh0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b10fe08d7380e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 176210

GET
H2 200 featured-linux-mint-featured-c61b1323c3770e436a215e27561dd1ee.png
r00t4bl3.com/uploads/ 135 KB
136 KB 155ms
153ms Image
image/png 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r00t4bl3.com/uploads/featured-linux-mint-featured-c61b1323c3770e436a215e27561dd1ee.png
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2da208cbcd324a7042176ce90222d9b024ea004211db101c224485138d5845d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:58 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 14 Feb 2021 02:03:26 GMT
server: cloudflare
etag: "602884ee-21c82"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1eNONfKDs7Dp586qTlaZ8o4sifmqhUFR3S2BGHjAXHz68KFgv0YRQryQKM%2BF0JJXvmteLt51rHRyj2uCOyRiKRXXOstls04jdjxBqiORsjEerSqhvnxk1EU3vM8Rj0ubSiJm3Ix2199gvU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b10fe08d7480e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 138370

GET
H2 200 attachment-mongodb-debian-featured-6a182cec83bb77a25f763cff60628364.png
r00t4bl3.com/uploads/ 110 KB
110 KB 723ms
721ms Image
image/png 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r00t4bl3.com/uploads/attachment-mongodb-debian-featured-6a182cec83bb77a25f763cff60628364.png
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 785d149e2cab7dada1be7b4c9e536ebeca949f4e883e7f5dcc4c5a6e1f2ac4c2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Jan 2022 05:33:32 GMT
server: cloudflare
etag: "61dfb9ac-1b6e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPSN8g41rjfH8tNMGQG2DXoFLTT1MGr3G6AdA10oAXGxl4Y8al4vHq5bho6aEeC8d4hKHrlpHHJy%2B776frG2thVoFUrJGWfndhxknqRBSCLRszE1YTgslwPjhDmHgygqjcTzFtmf5QbcvqE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b10fe08d7580e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 112352

GET
H2 200 postgresql-slider-23b0b2f96890d67e2b428141a7ae3c88.png
r00t4bl3.com/uploads/ 125 KB
126 KB 733ms
731ms Image
image/png 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r00t4bl3.com/uploads/postgresql-slider-23b0b2f96890d67e2b428141a7ae3c88.png
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8c726837f204a2c7e3809c8c7591619e097c639e71f0600995582e4166d6a77

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
cf-cache-status: MISS
last-modified: Wed, 23 Dec 2020 08:37:33 GMT
server: cloudflare
etag: "5fe301cd-1f438"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ya%2B1f5Krh61fBFxemM0J0BqqyHTXoKaB0C8jzs1T5fMPCu%2FB0kZ892sE9EOwY0StybVyeMPTTtvWRX4Sx2pAe8qA%2BVJfgMtrlX29ROrdK9e1cQknGXppz7iAGGzbEU%2F7k7lxl4jjokZ%2BMkw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b10fe08d7680e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 128056

GET
H2 200 raspberrypi-slider-a54cb9eda8579bed4d0be1152edb44b0.png
r00t4bl3.com/uploads/ 109 KB
110 KB 436ms
434ms Image
image/png 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r00t4bl3.com/uploads/raspberrypi-slider-a54cb9eda8579bed4d0be1152edb44b0.png
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebd700b2251272fffa185587df976422f006e14872407822efb086f398efd0f7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 23 Dec 2020 08:45:55 GMT
server: cloudflare
etag: "5fe303c3-1b4b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aobsOscnEVas5Lt1vbMGj9SHLjlaoHhh2zljEoCXYMxsUB8ylJwDQuyr4i2tDcVaqbjoHDQeh3CTS7tjaI57cndR2wzXnMX23MfhFbGzc7aKtjVIJjkvgMXQILphGC0RVjA%2FRs5LTxmXDjE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b10fe08d7880e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 111794

GET
H2 200 postman-295a12547c5f7c3320143dd0dbe54084.png
r00t4bl3.com/uploads/ 94 KB
95 KB 462ms
461ms Image
image/png 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r00t4bl3.com/uploads/postman-295a12547c5f7c3320143dd0dbe54084.png
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62132056d6ccbbe01718c1864c319273171a796c8b3857bdd3864b996f743aea

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 08 Jan 2021 17:18:40 GMT
server: cloudflare
etag: "5ff893f0-17910"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIzMC%2BFSG2V2qkfzjGKY1xacS%2BWDLtabphVyDQb1f%2FoY9dbET%2FclzxUntLsFV%2B7r2jSWj6nsYzqsiHzL%2BDOzoiiLNHQX4%2F2NbtmvbGuXmc9lwi3ADlHNKwzD6GdxUUwPc%2Bn4AfCQD7rJ7eU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b10fe08d7980e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 96528

GET
H2 200 laravellogo-18d06285eb4e09393e13898e119f3854.png
r00t4bl3.com/uploads/ 94 KB
94 KB 463ms
461ms Image
image/png 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r00t4bl3.com/uploads/laravellogo-18d06285eb4e09393e13898e119f3854.png
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4621afb2cbe14a5f20cefc658113db2a638718ac8cc3c98885ee593c8a950329

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 23 Dec 2020 21:02:02 GMT
server: cloudflare
etag: "5fe3b04a-177e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pl1ZLV0oWnF6cBcyLoGdW9bUdigBfA%2FOnZeqalLclSOZtTKzcTy7%2BCYY8hccurKLiOTfLIgFXJkO2eBmkKqES%2F5RrqwDtlLQczQmKrxHSEYc5ZjmEZeLcd9LJ9OJmN6PzkLLIzR7JBjKJUQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b10fe08d7a80e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 96233

GET
H2 200 php-logo-svg-2cef10039f7c9cd395ca32ced2508bcf.png
r00t4bl3.com/uploads/ 15 KB
15 KB 469ms
468ms Image
image/png 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r00t4bl3.com/uploads/php-logo-svg-2cef10039f7c9cd395ca32ced2508bcf.png
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e351a3461f6ed76f5b5f58d92e71358144b67cf302df82a07d377f8a84ecc30c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 28 May 2020 15:16:42 GMT
server: cloudflare
etag: "5ecfd5da-3b24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSY7h8bPaEVhmm3vv735WPV1J9wiBIUJ66KveI18BLlQ8Uj3%2FVoCZURyWUwYeEaWVXwPilejdWyVgnS7KhUqPEEX%2B%2BgZgUtcGrqIKjjlh7JKiwlMXLoQoySUSzDfSUi4Jee7AZKTWn%2FfSP8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b10fe08d7c80e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15140

GET
H2 200 theme_plugins.js Show response
r00t4bl3.com/js/ 105 KB
35 KB 449ms
449ms Script
application/javascript 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r00t4bl3.com/js/theme_plugins.js
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a28725e56b4c299f27b00f1ce910ad39fa55dc679254f08ee2650f3c54c3f9b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 28 May 2020 14:11:05 GMT
server: cloudflare
etag: W/"5ecfc679-1a32b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPux7WLeJOIkSx8H3x2%2Fw%2B7lz%2FIpsGZ32YMCL8ThrmweGAFu2sgzBD8pLA1WaBtqZIBQNblaAcW%2FmLEjJGIW1zUh0jDUIdHYynVlvN3Rfw%2B5I%2BywZjvTtIkEAqrLqC%2Fe7r3oQmYLWV4Kix0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b10fddd90a80e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 onviewport.js Show response
r00t4bl3.com/js/ 4 KB
1 KB 442ms
442ms Script
application/javascript 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r00t4bl3.com/js/onviewport.js
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad92cd2e0e233c5ef4efa820e9e7d4d359a1c5befdb7f7d7ec8afcfe66586427

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 29 May 2020 04:31:16 GMT
server: cloudflare
etag: W/"5ed09014-e35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vsLxQIzsYBYxKLw%2F7XswsJHKMCNCCFv9h5QxGYdxPf7YXK4AULjF7oBJ%2F31lkb59u%2Fb0gf8N90TAp705eTXkHdSfgX8BX9I%2B2b32pr%2B0f4B1Gz6V0iFrWcaHwZI8vq5SNJwcG%2Ft2Dii%2Bj8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b10fe06d5280e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pagespeed.js Show response
r00t4bl3.com/js/ 47 KB
14 KB 443ms
441ms Script
application/javascript 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r00t4bl3.com/js/pagespeed.js
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4c1d114a7c58328699834702a212f3863646882e4cf6059a1d1e33d6b11b4f6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 28 May 2020 14:11:05 GMT
server: cloudflare
etag: W/"5ecfc679-bc11"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQxs0PTQ%2BIy9EYBwBMc1T3g2lKBh%2F7BcnaGZtUrCT1OcHeMjJrl9Z3EBMicc6hVXQk9zsdaXEuvVjNTUjQF6Bn8MhG6RPDCt33JE6DZX51CjREa%2FC3ex6SaqNDLb7qn%2FvB%2Bhsk4gaZk92L4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b10fe08d6c80e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 346 KB
122 KB 184ms
183ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cccca9a6c9adaa2526729e831f78ec1f5ce66e425ea01d4e8c9801fd4febc7ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124744
x-xss-protection: 0
server: cafe
etag: 13418789787273729823
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 11:35:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/ Frame F56A 10 KB
5 KB 46ms
5ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r00t4bl3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 10322
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 08:43:56 GMT
etag: 8616628553774171045
expires: Thu, 29 Sep 2022 08:43:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 50ms
11ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Archivo+Narrow&family=Inconsolata&family=Lato:ital@0;1&family=Open+Sans:wght@400;600&family=Roboto&family=Roboto+Condensed&family=Volkhov:wght@700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://r00t4bl3.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:58:45 GMT
x-content-type-options: nosniff
age: 232633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 18:58:45 GMT

GET
H2 200 fontawesome-webfont.woff
r00t4bl3.com/fonts/ 96 KB
96 KB 455ms
455ms Font
application/font-woff 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r00t4bl3.com/fonts/fontawesome-webfont.woff
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/css/combined.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://r00t4bl3.com/css/combined.css
Origin: https://r00t4bl3.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 28 May 2020 14:11:05 GMT
server: cloudflare
etag: W/"5ecfc679-17ee8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZJZQ9w%2BiMMIEXhLmFx%2FjbPy5npruqzx3MaRasulTO2je6%2FvjaKOOwmAZytD7sBKJZAN5OUikAWpJ9nwfG%2FcwVA3felJqjHH%2F3DVg6Wf6vbST6n3XTGY8uqi4iOQfohQ4f7Pbyi36qWI78I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b10fe08d7d80e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 51ms
12ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://r00t4bl3.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:32:01 GMT
x-content-type-options: nosniff
age: 57837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 19:32:01 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 49ms
13ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://r00t4bl3.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:09:40 GMT
x-content-type-options: nosniff
age: 152778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:09:40 GMT

GET
H2 200 divider.png
r00t4bl3.com/images/ 940 B
1 KB 450ms
450ms Image
image/png 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r00t4bl3.com/images/divider.png
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/css/combined.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2532dac09559dd6fb2cd05a4e691207f968d8268525217349cff002d0baffa70

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/css/combined.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 28 May 2020 14:11:05 GMT
server: cloudflare
etag: "5ecfc679-3ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVYcgdqCQuhDJmogxWK4cWEm5BNZbX%2BvSNqr0NsTRlSMyPFBYcWOOErNU0Xb0HXFKscrIPa69QA%2BWGPIv4NspO1DpD%2F9jYCmJ4gyF4vZaUmuaf20g3Z4R8Ti%2BBpbhoRW82Q5Tf9DXEcMSU0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b10fe09d9a80e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 940

GET
H2 200 tss5ApVBdCYD5Q7hcxTE1ArZ0Zz8oY2KRmwvKhhvLFG6o3ms.woff2
fonts.gstatic.com/s/archivonarrow/v24/ 10 KB
10 KB 40ms
14ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivonarrow/v24/tss5ApVBdCYD5Q7hcxTE1ArZ0Zz8oY2KRmwvKhhvLFG6o3ms.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fe6376419d1b2b5b3114da291dbbb4bdf1165bc7a17dcc7b5322befc738e26a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://r00t4bl3.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:38:26 GMT
x-content-type-options: nosniff
age: 241052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10116
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:03:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 16:38:26 GMT

GET
H2 200 SlGVmQieoJcKemNeeY4hkHNSbQ.woff2
fonts.gstatic.com/s/volkhov/v17/ 26 KB
27 KB 36ms
9ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/volkhov/v17/SlGVmQieoJcKemNeeY4hkHNSbQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6659edd30afbce2323bb2b3443be4e8a5258d1260d0e68fd99df4d828f0ff718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://r00t4bl3.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 00:06:37 GMT
x-content-type-options: nosniff
age: 41361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 00:06:37 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v23/ 24 KB
24 KB 34ms
8ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://r00t4bl3.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:47:28 GMT
x-content-type-options: nosniff
age: 150510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:47:28 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
696 B 128ms
45ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=r00t4bl3.com&callback=_gfp_s_&client=ca-pub-9476719135065556&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21cc3a1f6a6a2bac4f030f90cc908a490b05070ad0092129cef51c02a3c148ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 161ms
37ms Script
application/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=r00t4bl3.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Sep 2022 11:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 82ms
40ms Script
application/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=r00t4bl3.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Sep 2022 11:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 748A 256 KB
64 KB 427ms
385ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9476719135065556&output=html&adk=1812271804&adf=3025194257&lmt=1663241759&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fr00t4bl3.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663241758092&bpp=714&bdt=181&idt=1044&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3294981641468&frm=20&pv=2&ga_vid=1688741071.1663241759&ga_sid=1663241759&ga_hid=374429103&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667%2C42531706%2C44771547%2C31067826&oid=2&pvsid=3340341719441117&tmod=1069226771&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1059

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63f0bb0fbf26308f7b4868bcb28064ac7bee9c3d7ef551f613fac17ccf7f75f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r00t4bl3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 65816
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 11:35:59 GMT
expires: Thu, 15 Sep 2022 11:35:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 43ms
2ms Script
text/javascript 2404:6800:4004:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: r00t4bl3.com
URL: https://r00t4bl3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 7011
date: Thu, 15 Sep 2022 09:39:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 15 Sep 2022 11:39:08 GMT

GET
H2 200 laravel-tailwind-8b6d01d15f1ffd881f960a853a859d01.png
r00t4bl3.com/uploads/ 253 KB
254 KB 442ms
441ms Image
image/png 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r00t4bl3.com/uploads/laravel-tailwind-8b6d01d15f1ffd881f960a853a859d01.png
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e45b37ccff9615d3df7d5fe80ca12994f6a3d6ecbb9d6c1fbb38199dadccdd42

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 01 Jun 2020 00:11:24 GMT
server: cloudflare
etag: "5ed447ac-3f551"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgHFyEkXtk4p2vkaBHHd%2BC3dlL998NiNSqOXsos2adXLpbRdH2uJO%2F1nthygUIEISQOv7sqmcfoV43OpilkYJvNU1WSnBhWoSW7Df4RTuhgZAgbF0We1IrzrrwR0YOcTE2C4WfamQiUT00c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b10fe38a2d80e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 259409

GET
H2 200 featured-how-to-read-smart-log-from-nvme-device-on-linux-dcf291eb8bd964caa355093ca93fd1e4.png
r00t4bl3.com/uploads/ 112 KB
113 KB 445ms
444ms Image
image/png 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r00t4bl3.com/uploads/featured-how-to-read-smart-log-from-nvme-device-on-linux-dcf291eb8bd964caa355093ca93fd1e4.png
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1afa3fa0ab59a5d59fe63f64d8f19310231c0514e504033868b8a06c7e720f69

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 23 Dec 2020 21:07:37 GMT
server: cloudflare
etag: "5fe3b199-1c0cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLZAkohN9j%2Bh1SYmselyUoKDyFE%2BIQiym1qV%2FBy8Fvxsf6KzxLSWuyJXLuzlOiXMRBTs3OWZfL%2F92POORrxNmpJmT229iRvSclRn%2FJ99JyOplfi1YMtl3cEScy11OOZMHd6I8Q%2FSvFJIUjU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b10fe38a2f80e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 114892

GET
H2 200 attachment-focalfossa-ed9e6852323bbc92960fc1d8be012282.jpg
r00t4bl3.com/uploads/ 27 KB
28 KB 451ms
450ms Image
image/jpeg 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r00t4bl3.com/uploads/attachment-focalfossa-ed9e6852323bbc92960fc1d8be012282.jpg
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3e0bb0b3d0d6c1178398fcc53c39ab1016715277b1e7baa0af2d8274b91129d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 31 May 2020 06:09:43 GMT
server: cloudflare
etag: "5ed34a27-6db3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNw8mFEXqvQYj9hcofNRtAiJ3vguzysYn9PTkYHM8xlXSVqpyjlnWQ3IebOy%2F8VQWeYdArGSsbPidwg436mFKZpyjxBMc3jL5%2Ft3Vd9nGyfJ9O%2BkYNEoY8ETlfp3SYFVJRYAarApiw6GJEQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b10fe38a3180e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28083

GET
H2 200 attachment-openldap-e88a5a01499545b0f180231db1ff075e.png
r00t4bl3.com/uploads/ 99 KB
99 KB 431ms
430ms Image
image/png 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r00t4bl3.com/uploads/attachment-openldap-e88a5a01499545b0f180231db1ff075e.png
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5681b393ebe2a7bfc7233f3075a08a130b782db0aaaa789fab2b31dde622b08

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Sep 2020 22:56:24 GMT
server: cloudflare
etag: "5f63e998-18ad7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BomWPXbscKt0RPFOa8wUCTlGUwvuf40xjlgT5dumFZmaYvDcknnbJUc1u4bRBlZVKXZU240KHBrCWrHVzeq%2FCRzXyBJIAGSyAc5x3xrDZYE7M5U%2Fy8iMJFklmIfh1SxQkuBMZuJQIooP7I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b10fe38a3280e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 101079

GET
H2 200 mongodb-logo-39d3026cd557c2ff1912112d620b88c7.png
r00t4bl3.com/uploads/ 94 KB
95 KB 752ms
751ms Image
image/png 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r00t4bl3.com/uploads/mongodb-logo-39d3026cd557c2ff1912112d620b88c7.png
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da72ececf98a3cf404b83563ac432a519c6fbe9d211a4c7c543c466cfdc15233

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:36:00 GMT
cf-cache-status: MISS
last-modified: Wed, 23 Dec 2020 20:47:53 GMT
server: cloudflare
etag: "5fe3acf9-17871"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pm%2BZCNi0FHR2RDCcv%2BYZyC4lUXPrkOAeIrqM3dXth2gzPbjnjrdqF%2Bz1cvg8rzKNQAxMcLv3J%2FYSnY1BjeuVlpNnEOaC6i3Mp7OE5gCDOny4qAo4s%2F6RZBcAIl9NHqN%2BU5SH8YoSi4UeKHE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b10fe38a3580e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 96369

GET
H2 200 featured-calculate-distance-between-two-coordinates-in-php-40d7561572f6663979d5333e77b8201a.png
r00t4bl3.com/uploads/ 86 KB
86 KB 730ms
729ms Image
image/png 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r00t4bl3.com/uploads/featured-calculate-distance-between-two-coordinates-in-php-40d7561572f6663979d5333e77b8201a.png
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15ef2d40fc5e51ee0e978caa5085f44668266f38cbc6de49255fb556671e1b34

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:36:00 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Dec 2020 09:06:11 GMT
server: cloudflare
etag: "5fe45a03-157f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CYZf03nShriV1ffyy4lGwYmIytwcs%2FhjPJAM3RNrxBdSFZiy2mP3EbMHjqI2ZnjehOmQksDxtuV6M3syAN%2FsXHslJz8DorSxrkh177QFheqnnlwJIxDU6NxBXOKRLXDYkI0EuMqZOMih64%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b10fe38a3680e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 88057

GET
H2 200 featured-slackware-featured-2c2b0ba87511190b20346cf96bcb868b.png
r00t4bl3.com/uploads/ 121 KB
122 KB 465ms
464ms Image
image/png 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r00t4bl3.com/uploads/featured-slackware-featured-2c2b0ba87511190b20346cf96bcb868b.png
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d1a54964c7f4561ea0c2b5e7f01e355fdc58a6eb0786220e198097193a9b59e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 08 Jan 2021 17:10:40 GMT
server: cloudflare
etag: "5ff89210-1e5ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0%2FblHrO6ZKrS2rD%2F3J4m%2FxzQ2x11v0k9NZit1ZHwjBuQzVjdqVwzjY%2Fl8V1NY%2FDa1MxtgKYOvK8dTY8noUGnnSV0ptuP87jxPIvBjdVT7wJJKkrVCZbB%2F4vC6szPCAGmupkcB3j4uWDgb4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b10fe38a3780e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 124399

GET
H2 200 featured-how-to-install-mariadb-10-4-on-centos-7-c64dfb65750e13dc2ba7f12d1494cb8e.png
r00t4bl3.com/uploads/ 106 KB
106 KB 737ms
736ms Image
image/png 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r00t4bl3.com/uploads/featured-how-to-install-mariadb-10-4-on-centos-7-c64dfb65750e13dc2ba7f12d1494cb8e.png
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25aac8aa6ea3c444034306b4ddb824cb74472b928ab7d308ec03aab539cbdb72

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:36:00 GMT
cf-cache-status: MISS
last-modified: Sun, 23 Aug 2020 06:41:19 GMT
server: cloudflare
etag: "5f420f8f-1a739"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rKoyk04UQ2OCn%2FhBgX1HawuUpoT0jWWvWjQp%2BePFbXUrpvxdKg9eftqRrJ1jr0HyioQJi%2FABEceytp9IPbHG20Lb91xoyvwwKCNFt6MKB0wcAmpWyDonXEujbB%2FLWKjMXLZUmTxzPTPvEjc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b10fe38a3980e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 108345

GET
H2 200 virtualbox-logo-e1cfb333c4c19bc100138ef795e95d3c.png
r00t4bl3.com/uploads/ 132 KB
133 KB 455ms
455ms Image
image/png 2606:4700:3037::ac43:b4cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r00t4bl3.com/uploads/virtualbox-logo-e1cfb333c4c19bc100138ef795e95d3c.png
Requested by: Host: r00t4bl3.com
URL: https://r00t4bl3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b4cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38b4d00728162fee0eefd1108636b28c25dff9202c137eaf0ce0c924c4b0013a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 17 Nov 2021 16:06:34 GMT
server: cloudflare
etag: "6195288a-2117a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwHJX8Ji9weHXJt4aGcjbGIZBICaP9aCmuTP7Jnvb6KcZ25kHhmVS4MKarT8FXzJ1kbIN9qptHR1%2FJtrsRZS1ifCKawe53v3%2FRhgdxZgRxwhrSqOqrh2t%2FNmZXYCZLEbBYY3JYfZt2bhmvg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74b10fe38a3a80e3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 135546

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 79ms
38ms XHR
text/plain 2404:6800:4004:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=374429103&t=pageview&_s=1&dl=https%3A%2F%2Fr00t4bl3.com%2F&ul=en-us&de=UTF-8&dt=r00t4bl3.com%20-%20Web%20Development%20and%20Stuff&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1131300050&gjid=957386470&cid=1688741071.1663241759&tid=UA-89516337-2&_gid=131587792.1663241759&_r=1&_slc=1&z=1909431962

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://r00t4bl3.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 11:35:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://r00t4bl3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 149 KB
53 KB 79ms
79ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ec17d53ff6cf7293199816eb83383468a357afc6a9d1d7dd33973c1a43c79a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54571
x-xss-protection: 0
server: cafe
etag: 12269420582922562411
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 11:35:59 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
122 B 89ms
46ms Script
application/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=r00t4bl3.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Sep 2022 11:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 87ms
45ms Script
application/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=r00t4bl3.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Sep 2022 11:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F676 97 KB
34 KB 408ms
407ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9476719135065556&output=html&h=280&adk=2059623669&adf=3567397025&pi=t.aa~a.2756782728~rp.4&w=1080&fwrn=4&fwrnh=100&lmt=1663241759&rafmt=1&to=qs&pwprc=9125695584&psa=0&format=1080x280&url=https%3A%2F%2Fr00t4bl3.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663241759647&bpp=3&bdt=1736&idt=3&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D54d7624f1088d80c-225bf58b75d600cd%3AT%3D1663241759%3ART%3D1663241759%3AS%3DALNI_MZZ_02QYkXShPkgyt_o35IOC3fWtQ&gpic=UID%3D000009c8a0f178fc%3AT%3D1663241759%3ART%3D1663241759%3AS%3DALNI_MZ3MYXM3_LKPThDvF5MpP4Adb5Eig&prev_fmts=0x0&nras=2&correlator=3294981641468&frm=20&pv=1&ga_vid=1688741071.1663241759&ga_sid=1663241759&ga_hid=374429103&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667%2C42531706%2C44771547%2C31067826&oid=2&pvsid=3340341719441117&tmod=1069226771&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=0ao0EIzHyH&p=https%3A//r00t4bl3.com&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a31b18d15a5bcf65a132815504983095f868070bf469e670d625022d104ed7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r00t4bl3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34523
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 11:36:00 GMT
expires: Thu, 15 Sep 2022 11:36:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/ Frame 4F09 10 KB
4 KB 11ms
10ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r00t4bl3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 40133
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 00:27:06 GMT
etag: 8616628553774171045
expires: Thu, 29 Sep 2022 00:27:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/ Frame A153 10 KB
4 KB 11ms
10ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r00t4bl3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 40133
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 00:27:06 GMT
etag: 8616628553774171045
expires: Thu, 29 Sep 2022 00:27:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 4F09 4 KB
636 B 82ms
38ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 11:03:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 15 Sep 2022 11:35:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Sep 2022 11:35:59 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4F09 205 B
295 B 56ms
5ms Image
image/png 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 08:48:00 GMT
x-content-type-options: nosniff
age: 10079
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 15 Sep 2023 08:48:00 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4F09 604 B
920 B 56ms
4ms Image
image/png 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 22:45:22 GMT
x-content-type-options: nosniff
age: 219037
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 12 Sep 2023 22:45:22 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/ Frame 4F09 19 KB
9 KB 82ms
3ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2444b20b28c18d89accf5ab8a6dfa4698fa053aaf043abcce252588c2ce45528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8199
x-xss-protection: 0
server: cafe
etag: 4999025364649203088
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 11:29:22 GMT

GET
H2 200 0cf29303bb18303a156bc2ce1c098e89.js Show response
www.gstatic.com/mysidia/ Frame A153 10 KB
5 KB 50ms
3ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0cf29303bb18303a156bc2ce1c098e89.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a89baeeddf42182b6b6847f1ad6f45d2c81457c4970ed9baec3be9e44d84fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 01:34:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4398
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 08 Dec 2022 01:34:45 GMT

GET
H2 200 02632b5986d153635495a6e5331c83d6.js Show response
www.gstatic.com/mysidia/ Frame A153 10 KB
4 KB 51ms
4ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/02632b5986d153635495a6e5331c83d6.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c76f9b25bafc531d4218b90bd300b95cc09216ef4e28b181b190d347e4dd1f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 01:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4445
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 08 Dec 2022 01:35:27 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A153 8 KB
893 B 76ms
39ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 10:56:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 15 Sep 2022 11:35:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Sep 2022 11:35:59 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame A153 2 KB
983 B 78ms
5ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:33:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 11:33:40 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame A153 23 KB
9 KB 77ms
4ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e712845e4270c8a710a9c3564807a29239c2d8c8a71495afe621dd2e2fe2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:34:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 8244505166375133744
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 11:34:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame A153 3 KB
1 KB 78ms
6ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:34:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 11:34:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A153 141 KB
44 KB 120ms
74ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Sep 2022 11:35:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame A153 17 KB
7 KB 77ms
4ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7572
x-xss-protection: 0
server: cafe
etag: 3190241002381566568
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 11:35:14 GMT

GET
H2 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame A153 33 KB
13 KB 50ms
5ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 00:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 08 Dec 2022 00:21:51 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A153 0
0 45ms
45ms Fetch
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpOs6Hw4jY5XiDfuFpt8P_M6e2AzR0rGoaui-8JDzDsCNtwEQASC_iLcgYInzxYT0E6ABp461_gPIAQGoAwHIA8MEqgTpAU_QmCylTZWTr1FJMtB-3e3CtSFhRB9z5ZkWWY4-Q8na3k_cJEx9Rz_Qc3NDCI5ie14LRYq65uJYSCqOpchTt87u2M-0dqD-c60sFPqYqS9bqGuCJzJlbIi_xicu3gsE4oP6__cxEQFA6TCa48M_-RXPMpubIxfNcgwosjihbuRBiiLXYc35YtwkHqKzjclex_G6uBjyZLlMbR6FTbFx8ZGZZ4O7FEt2f9ghhdq3ba1_A8nn76Luv_QdF5Z0euIG-r5PQg26SWecnWj1HQzbz5Lc6GHkFYPLEKaRmPSKqw3_8jeQM6l6a3SVwATFsfRgkgUECAQYAZIFBAgFGASgBmaAB8HxygGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCP_QHSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwKIFALQFQGYFgGAFwGyFxwKGggAEhRwdWItOTQ3NjcxOTEzNTA2NTU1NhgA&sigh=L4JPu_bMrsM&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 15 Sep 2022 11:35:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 15 Sep 2022 11:35:59 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9F44 8 KB
893 B 42ms
41ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 11:03:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 15 Sep 2022 11:35:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Sep 2022 11:35:59 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 9F44 2 KB
902 B 45ms
4ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:33:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 11:33:40 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame 9F44 23 KB
9 KB 43ms
4ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e712845e4270c8a710a9c3564807a29239c2d8c8a71495afe621dd2e2fe2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:34:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 8244505166375133744
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 11:34:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 9F44 3 KB
1 KB 44ms
4ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:34:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 11:34:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9F44 141 KB
44 KB 93ms
92ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Sep 2022 11:35:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 9F44 17 KB
7 KB 41ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7572
x-xss-protection: 0
server: cafe
etag: 3190241002381566568
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 11:35:14 GMT

GET
H3 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame 9F44 33 KB
13 KB 41ms
4ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 00:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 08 Dec 2022 00:21:51 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 27A6 143 B
166 B 2ms
2ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 11:30:49 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 27A6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

76ms
76ms

Document
text/html

2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 11:36:00 GMT
expires: Thu, 15 Sep 2022 11:36:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 11:35:59 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4A83 143 B
166 B 2ms
2ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 11:30:49 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A153 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8be3e2f47230fd0bd7a78794bfed9dd940e40566a1285f70aa7a1e247d5f408

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4A83
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

76ms
75ms

Document
text/html

2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 11:36:00 GMT
expires: Thu, 15 Sep 2022 11:36:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 11:36:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame F676 8 KB
893 B 40ms
40ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9476719135065556&output=html&h=280&adk=2059623669&adf=3567397025&pi=t.aa~a.2756782728~rp.4&w=1080&fwrn=4&fwrnh=100&lmt=1663241759&rafmt=1&to=qs&pwprc=9125695584&psa=0&format=1080x280&url=https%3A%2F%2Fr00t4bl3.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663241759647&bpp=3&bdt=1736&idt=3&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D54d7624f1088d80c-225bf58b75d600cd%3AT%3D1663241759%3ART%3D1663241759%3AS%3DALNI_MZZ_02QYkXShPkgyt_o35IOC3fWtQ&gpic=UID%3D000009c8a0f178fc%3AT%3D1663241759%3ART%3D1663241759%3AS%3DALNI_MZ3MYXM3_LKPThDvF5MpP4Adb5Eig&prev_fmts=0x0&nras=2&correlator=3294981641468&frm=20&pv=1&ga_vid=1688741071.1663241759&ga_sid=1663241759&ga_hid=374429103&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667%2C42531706%2C44771547%2C31067826&oid=2&pvsid=3340341719441117&tmod=1069226771&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=0ao0EIzHyH&p=https%3A//r00t4bl3.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 10:58:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 15 Sep 2022 11:36:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Sep 2022 11:36:00 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame F676 2 KB
902 B 4ms
4ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:33:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 11:33:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F676 0
0 48ms
47ms Fetch
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLktZHw4jY7P5KqOOpt8P9Y60wAqc9q6QbK2cnqagEPzBtauuARABIL-ItyBgifPFhPQToAHss_LAAcgBCagDAcgDywSqBOIBT9DMsQdkAW5_Kwj7dmKwfZUijaeElUffJTULYVU9Bz_2Hb4YXoQ3gKw-mf5S2-os9MXRFz-wZF93n-17z2J5FxpCDZaL2duo6VnL4iY4ULBEWCOXWTjFAAiXLgtMnZNirRXc5Vj2Js48sCOd93zp7JX9eMn7-g0yiL_WveKVaxv3j_WfnQ7Cf6Uo5Hs1h8f9ymnOtzgz7NFy6f48iZyoQ1R9r125XpHeRtgm0nwH2UcsJyTz9Hcyqu5dgwB-0lQoSsoBrVImWQLMYE_FBjJLqtsvAZVQHjkZHzZt42pzJBkfYsAElK2ik58EkgUECAQYAZIFBAgFGASgBi6AB_zLjb8CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQubkC0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BML0BUBmBYBgBcBshccChoIABIUcHViLTk0NzY3MTkxMzUwNjU1NTYYAA&sigh=Qj0z8B9nVJI&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9476719135065556&output=html&h=280&adk=2059623669&adf=3567397025&pi=t.aa~a.2756782728~rp.4&w=1080&fwrn=4&fwrnh=100&lmt=1663241759&rafmt=1&to=qs&pwprc=9125695584&psa=0&format=1080x280&url=https%3A%2F%2Fr00t4bl3.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663241759647&bpp=3&bdt=1736&idt=3&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D54d7624f1088d80c-225bf58b75d600cd%3AT%3D1663241759%3ART%3D1663241759%3AS%3DALNI_MZZ_02QYkXShPkgyt_o35IOC3fWtQ&gpic=UID%3D000009c8a0f178fc%3AT%3D1663241759%3ART%3D1663241759%3AS%3DALNI_MZ3MYXM3_LKPThDvF5MpP4Adb5Eig&prev_fmts=0x0&nras=2&correlator=3294981641468&frm=20&pv=1&ga_vid=1688741071.1663241759&ga_sid=1663241759&ga_hid=374429103&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667%2C42531706%2C44771547%2C31067826&oid=2&pvsid=3340341719441117&tmod=1069226771&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=0ao0EIzHyH&p=https%3A//r00t4bl3.com&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 15 Sep 2022 11:36:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame F676 23 KB
9 KB 4ms
4ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e712845e4270c8a710a9c3564807a29239c2d8c8a71495afe621dd2e2fe2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:34:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 8244505166375133744
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 11:34:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame F676 3 KB
1 KB 8ms
6ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:34:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 11:34:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame F676 17 KB
7 KB 11ms
8ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7572
x-xss-protection: 0
server: cafe
etag: 3190241002381566568
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 11:35:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F676 0
0 79ms
38ms Image
text/html 2404:6800:4004:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaREx3nR00YcH0VFhavTxUaPs71VnZiP9aEIchFu8FBG--NaMfOFGP3GIIQNTt5s5OPZTy1dCl03wATazo9xnBz-SeesKQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9476719135065556&output=html&h=280&adk=2059623669&adf=3567397025&pi=t.aa~a.2756782728~rp.4&w=1080&fwrn=4&fwrnh=100&lmt=1663241759&rafmt=1&to=qs&pwprc=9125695584&psa=0&format=1080x280&url=https%3A%2F%2Fr00t4bl3.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663241759647&bpp=3&bdt=1736&idt=3&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D54d7624f1088d80c-225bf58b75d600cd%3AT%3D1663241759%3ART%3D1663241759%3AS%3DALNI_MZZ_02QYkXShPkgyt_o35IOC3fWtQ&gpic=UID%3D000009c8a0f178fc%3AT%3D1663241759%3ART%3D1663241759%3AS%3DALNI_MZ3MYXM3_LKPThDvF5MpP4Adb5Eig&prev_fmts=0x0&nras=2&correlator=3294981641468&frm=20&pv=1&ga_vid=1688741071.1663241759&ga_sid=1663241759&ga_hid=374429103&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667%2C42531706%2C44771547%2C31067826&oid=2&pvsid=3340341719441117&tmod=1069226771&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=0ao0EIzHyH&p=https%3A//r00t4bl3.com&dtd=16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F676 141 KB
44 KB 123ms
78ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Sep 2022 11:36:00 GMT

GET
H3 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame F676 33 KB
13 KB 9ms
7ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 00:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 08 Dec 2022 00:21:51 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13702045792927747939/ Frame F676 56 KB
56 KB 5ms
5ms Image
image/jpeg 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13702045792927747939/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184969c8fbc4111554bcb32c3b9fbebd19cfe5542c0c0502d406d8f9a811c8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 20:52:22 GMT
x-content-type-options: nosniff
age: 571418
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56946
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 12:26:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Sep 2023 20:52:22 GMT

GET
DATA 200
OK truncated
/ Frame F676 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F676 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 OdDKsMxR2L_jTiLQalWX8qaF4EOl3zhymuRIoesSTkk.js Show response
pagead2.googlesyndication.com/bg/ Frame DC5E 36 KB
16 KB 4ms
4ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OdDKsMxR2L_jTiLQalWX8qaF4EOl3zhymuRIoesSTkk.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39d0cab0cc51d8bfe34e22d06a5597f2a685e043a5df38729ae448a1eb124e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 19:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16231
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 19:45:26 GMT

GET
H3 200 OdDKsMxR2L_jTiLQalWX8qaF4EOl3zhymuRIoesSTkk.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C20 36 KB
16 KB 3ms
2ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OdDKsMxR2L_jTiLQalWX8qaF4EOl3zhymuRIoesSTkk.js

Requested by

Host: r00t4bl3.com
URL: https://r00t4bl3.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39d0cab0cc51d8bfe34e22d06a5597f2a685e043a5df38729ae448a1eb124e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 19:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16231
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 19:45:26 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 50DA 1 KB
749 B 3ms
3ms Document
text/html 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 75607
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 14:35:53 GMT
etag: 48472445140208031
expires: Thu, 15 Sep 2022 14:35:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F676 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f05045c71ff2131f081e8531eba3a954979b2e4c52e82015e39b5a1c54f2a527

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 50DA 35 B
463 B 223ms
70ms Image
image/gif 2620:116:800e:21:a878:7c6e:cf7b:3362
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKPp3xJlxp6ojBE6YJzix6A&google_cver=1&google_push=AZmPxg-2WNFFv5aROw04LyBu_MiXVmUUIrkkQ_K4UPfFeroNN5vIT4ehLBvgWsPLWX7FORTkeFQ24t2UVDG7G5GqcTblxjVFZek8

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:a878:7c6e:cf7b:3362 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 11:36:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 50DA
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEIBUrBDU8AnpVjiupJLrclQ&google_cver=1&google_push=AZmPxg89-N5UMoXoCIfDD_y8o-mf9aygQ8-QnT_ihrS8PpbYdCRrnH_CQ1V50YyhJGAoymEp8sczCwk2HMAa6-sB9zChQ-byD94f
https://rtb.openx.net/sync/dds?google_gid=CAESEIBUrBDU8AnpVjiupJLrclQ&google_cver=1&google_push=AZmPxg89-N5UMoXoCIfDD_y8o-mf9aygQ8-QnT_ihrS8PpbYdCRrnH_CQ1V50YyhJGAoymEp8sczCwk2HMAa6-sB9zChQ-byD94f&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg89-N5UMoXoCIfDD_y8o-mf9aygQ8-QnT_ihrS8PpbYdCRrnH_CQ1V50YyhJGAoymEp8sczCwk2HMAa6-sB9zChQ-byD94f&google_hm=Vj3_R3jKzW0DjwCOg8wHiw==

170 B
232 B

55ms
44ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg89-N5UMoXoCIfDD_y8o-mf9aygQ8-QnT_ihrS8PpbYdCRrnH_CQ1V50YyhJGAoymEp8sczCwk2HMAa6-sB9zChQ-byD94f&google_hm=Vj3_R3jKzW0DjwCOg8wHiw==

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 11:36:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Sep 2022 11:35:59 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg89-N5UMoXoCIfDD_y8o-mf9aygQ8-QnT_ihrS8PpbYdCRrnH_CQ1V50YyhJGAoymEp8sczCwk2HMAa6-sB9zChQ-byD94f&google_hm=Vj3_R3jKzW0DjwCOg8wHiw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: f2q26jvct7v3n240ch6qv4t5pgl9krf5

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 50DA 0
166 B 13ms
2ms Image
text/html 103.231.99.243
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBV9sZf_HtSIGfJnAFti2AA&google_cver=1&google_push=AZmPxg8kEWrZlfrB2-6Mh5LBWhPl6ZhXshYVCru_TJZbC2-u_GtPRxsyc-Lumerq642lHhCmYpVqIEveNBXlMYhoWigkaUF6_Whl
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9476719135065556&output=html&h=280&adk=2059623669&adf=3567397025&pi=t.aa~a.2756782728~rp.4&w=1080&fwrn=4&fwrnh=100&lmt=1663241759&rafmt=1&to=qs&pwprc=9125695584&psa=0&format=1080x280&url=https%3A%2F%2Fr00t4bl3.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663241759647&bpp=3&bdt=1736&idt=3&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D54d7624f1088d80c-225bf58b75d600cd%3AT%3D1663241759%3ART%3D1663241759%3AS%3DALNI_MZZ_02QYkXShPkgyt_o35IOC3fWtQ&gpic=UID%3D000009c8a0f178fc%3AT%3D1663241759%3ART%3D1663241759%3AS%3DALNI_MZ3MYXM3_LKPThDvF5MpP4Adb5Eig&prev_fmts=0x0&nras=2&correlator=3294981641468&frm=20&pv=1&ga_vid=1688741071.1663241759&ga_sid=1663241759&ga_hid=374429103&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667%2C42531706%2C44771547%2C31067826&oid=2&pvsid=3340341719441117&tmod=1069226771&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=0ao0EIzHyH&p=https%3A//r00t4bl3.com&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:36:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 50DA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKjMzPwJbStSBsyBUEOozlc&google_cver=1&google_push=AZmPxg-wab3a3h3IUitW9WpmmV8OrHVsugagl1UfWGtfULHS220VnBmV3I7mcYPnpKHdgBsC27x...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgyWjc4N1otMVotSDJJUQ==&google_push=AZmPxg-wab3a3h3IUitW9WpmmV8OrHVsugagl1UfWGtfULHS220VnBmV3I7mcYPnpKHdgBsC27xKrc0W9OBXvNlsex7UkJtzLVSh

170 B
188 B

39ms
39ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgyWjc4N1otMVotSDJJUQ==&google_push=AZmPxg-wab3a3h3IUitW9WpmmV8OrHVsugagl1UfWGtfULHS220VnBmV3I7mcYPnpKHdgBsC27xKrc0W9OBXvNlsex7UkJtzLVSh

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 11:36:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgyWjc4N1otMVotSDJJUQ==&google_push=AZmPxg-wab3a3h3IUitW9WpmmV8OrHVsugagl1UfWGtfULHS220VnBmV3I7mcYPnpKHdgBsC27xKrc0W9OBXvNlsex7UkJtzLVSh
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: b2a5c63b17f16a8024ffc6259157eaa8
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 50DA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIgWRVqD6DGBg07KJpA8UdY&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIgWRVqD6DGBg07KJpA8UdY&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIgWRVqD6DGBg07KJpA8UdY&google_hm=YyMOIM2QJvQ4HtasU1WFwwAAEokAAAIB&google_nid=index&google_push=AZmPxg-cqI8m3yem_a1Zel0uIzXyDAOlwEBLY...

170 B
188 B

80ms
41ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIgWRVqD6DGBg07KJpA8UdY&google_hm=YyMOIM2QJvQ4HtasU1WFwwAAEokAAAIB&google_nid=index&google_push=AZmPxg-cqI8m3yem_a1Zel0uIzXyDAOlwEBLYAqFTnEhG9HBmH3A3V_5tOsvtyAu-1gZk_BhZEiBm1doc0WrJ_Tmik5nW6RLvJFr

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 11:36:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Sep 2022 11:36:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2F%2BCLOYyeawtZoLQDvSKWoBD4A%2B42DzwmMcFP%2BoF9xoLsiRCAJBe00O4aKuj9YB%2F5553fEggmnb1j3eUveJFnGUvEWt1iHgpAEpRPaV%2F5%2BLUFxXaHtgdZQ1GLsBhTRWBbv2YNtcE0HrnIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIgWRVqD6DGBg07KJpA8UdY&google_hm=YyMOIM2QJvQ4HtasU1WFwwAAEokAAAIB&google_nid=index&google_push=AZmPxg-cqI8m3yem_a1Zel0uIzXyDAOlwEBLYAqFTnEhG9HBmH3A3V_5tOsvtyAu-1gZk_BhZEiBm1doc0WrJ_Tmik5nW6RLvJFr
cache-control: no-cache
cf-ray: 74b10fea6ec7af67-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 50DA 43 B
297 B 293ms
67ms Image
image/gif 2406:da18:5a5:3102:8c21:5134:8ae5:7863
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESELfObeO2mFrhi7NsDZkvU7k&google_cver=1&google_push=AZmPxg8ftuv_bfpmSu0SyTj7MbJYjGrX2ctymNbQKgnzdUI4oowtcERApk5wtyIBH_ZTfCFrgd99P8NGMhEXLXvF7VHxaI4Slyc9
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9476719135065556&output=html&h=280&adk=2059623669&adf=3567397025&pi=t.aa~a.2756782728~rp.4&w=1080&fwrn=4&fwrnh=100&lmt=1663241759&rafmt=1&to=qs&pwprc=9125695584&psa=0&format=1080x280&url=https%3A%2F%2Fr00t4bl3.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663241759647&bpp=3&bdt=1736&idt=3&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D54d7624f1088d80c-225bf58b75d600cd%3AT%3D1663241759%3ART%3D1663241759%3AS%3DALNI_MZZ_02QYkXShPkgyt_o35IOC3fWtQ&gpic=UID%3D000009c8a0f178fc%3AT%3D1663241759%3ART%3D1663241759%3AS%3DALNI_MZ3MYXM3_LKPThDvF5MpP4Adb5Eig&prev_fmts=0x0&nras=2&correlator=3294981641468&frm=20&pv=1&ga_vid=1688741071.1663241759&ga_sid=1663241759&ga_hid=374429103&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667%2C42531706%2C44771547%2C31067826&oid=2&pvsid=3340341719441117&tmod=1069226771&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=0ao0EIzHyH&p=https%3A//r00t4bl3.com&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da18:5a5:3102:8c21:5134:8ae5:7863 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 11:36:00 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 50DA
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESENigTg8ggtfWnUTdJnXYRKw&google_cver=1&google_push=AZmPxg_NABoZvsu7VImN6f7kqU70K0-hKW-NQaAijW7gOYGD4earv8TM3JHFZZ4IeiBTuiF2vr312Uxwq8ohiHCNxIWAfvKehdo
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg_NABoZvsu7VImN6f7kqU70K0-hKW-NQaAijW7gOYGD4earv8TM3JHFZZ4IeiBTuiF2vr312Uxwq8ohiHCNxIWAfvKehdo&google_hm=2d897ede7bb1493c1719...

170 B
329 B

154ms
40ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg_NABoZvsu7VImN6f7kqU70K0-hKW-NQaAijW7gOYGD4earv8TM3JHFZZ4IeiBTuiF2vr312Uxwq8ohiHCNxIWAfvKehdo&google_hm=2d897ede7bb1493c1719463e19184efe

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 11:36:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg_NABoZvsu7VImN6f7kqU70K0-hKW-NQaAijW7gOYGD4earv8TM3JHFZZ4IeiBTuiF2vr312Uxwq8ohiHCNxIWAfvKehdo&google_hm=2d897ede7bb1493c1719463e19184efe
date: Thu, 15 Sep 2022 11:36:00 GMT
server: nginx
content-type: text/html; charset=UTF-8
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 50DA 0
232 B 182ms
37ms Image
text/html 172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LYgI2qoQ0sHfFUYtCMznVFyc5KigXH3sITvdpKIkRH25KsV9-JhHVAIl6okv_wxrY-jUkj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:36:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame F676 28 KB
28 KB 47ms
7ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 08:54:28 GMT
x-content-type-options: nosniff
age: 355292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Sep 2023 08:54:28 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 111ms
74ms XHR
application/json 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220912&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7617e08ef0d1ab6e2720e9600f944c22339474d28086a00a32c8742153398439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Sep 2022 11:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11161
x-xss-protection: 0

GET
H3 200 OdDKsMxR2L_jTiLQalWX8qaF4EOl3zhymuRIoesSTkk.js Show response
pagead2.googlesyndication.com/bg/ Frame 7310 36 KB
16 KB 3ms
3ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OdDKsMxR2L_jTiLQalWX8qaF4EOl3zhymuRIoesSTkk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39d0cab0cc51d8bfe34e22d06a5597f2a685e043a5df38729ae448a1eb124e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 19:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16231
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 19:45:26 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 45ms
44ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Sep 2022 11:36:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4D33 13 KB
5 KB 10ms
6ms Document
text/html 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r00t4bl3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 10323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 08:43:57 GMT
expires: Fri, 15 Sep 2023 08:43:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 598B 783 B
532 B 43ms
41ms Document
text/html 2404:6800:4004:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

54847588e661546b864e9d3b0ced38d0665d926972de908c2a241c328ed454de

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ds1OOCISTnZctBTUfIQfbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r00t4bl3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-ds1OOCISTnZctBTUfIQfbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 11:36:00 GMT
expires: Thu, 15 Sep 2022 11:36:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 OdDKsMxR2L_jTiLQalWX8qaF4EOl3zhymuRIoesSTkk.js Show response
pagead2.googlesyndication.com/bg/ Frame 4D33 36 KB
16 KB 3ms
3ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OdDKsMxR2L_jTiLQalWX8qaF4EOl3zhymuRIoesSTkk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39d0cab0cc51d8bfe34e22d06a5597f2a685e043a5df38729ae448a1eb124e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 19:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16231
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 19:45:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 598B 0
0 41ms
41ms Image
text/html 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220912&jk=3340341719441117&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4D33 0
10 B 13ms
12ms Image
text/plain 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mi9bew
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:36:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A153 42 B
64 B 44ms
44ms Fetch
image/gif 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcTef7Tc5adaf2Sf3-JgkoJMAx_W9rfn80HLZp5VIQDLXgx0KHGsW9uDSOHLeTCHdaeVNmCgWUoTeUSynPIYpVav6KUJb_GebYjky4J5-7Appr1i596-XKMsWs9M0VdHpYrF4&sai=AMfl-YQ1Z0AxfWcU0E96sAgfkQt1D5uFdk_wAr-pQqRyvXUqEAS7hw3y1kVp8wpOjdYh-oDjUKImj1IVmjZx&sig=Cg0ArKJSzCJfTTV5zQurEAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=108,792,1001,1001,1001&tos=108,684,209,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663241759739&rpt=399&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 11:36:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
42ms Image
text/html 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220912&jk=3340341719441117&bg=!AwClAETNAAbG3AOo5tw7ACkAdvg8Ws0nafIktyNKT8Yagbmg8FHMIussZL2VVjGGsrHRJIUYvE104gIAAABJUgAAAANoAQeZAtN4oRJBcUBpkZ54EeU0Q3RZocr_Zojc6geCIa0B9N7wDkCKDvfPJik3GfMYTKtmJxEL2RCzQHbgj5_WDX4UB6s5oVo8OjjDh8mhLYhen1LoYov_y6ZFVND_-V7Stq6PSh4HftXHvXYjrWVkA1yMJDckHwaNU1kPzlWAyt2PP231dWU6hVm3j9TnLGzUHqOSxkZdXO1NUmzjwzodnrRh8lnnGJvE9l_8l3mPeuybtprtCz6Oo_RKb9o0ZVspFNow0aEe9UkPLnnXOAl44f87zEalrVXwKHSGuhjr5lw5p-B1LMfMdfx8lZBTPsQH1AYnxodpZX0G4Jqz7yIy4O0nqFw2HdGLAfMJj3QS0A-XrOihNpgXGGHmPOLjOT19k6Z1P7rz6Y3TMbyCM6pPh-ZRUAZZkU9fjFpQCrlXIfWKxq8OyEw4q4AQJxGLKPbWZDxDXt63nxa0bOgq0kmTAtdV9RH8tM0uksO85PZn5VNHdkwGGtvKshGmMk0D8nqA5snBwmkEsvyXMCgNKknNnfiZgLlEKQ8KlX9fPYze_DBwMC99pnexhxBfzy7upz1DhFHK2JOlschV6YskU29dQ92rrDX7xVffGKn2u7Uwsm487aXCTn1U5T2qxkFPo0UOygVhoL2dR3k7AzyI-kmcuzsO3gwHrRv_KwtJUcc2GKbA8Zd5_wX1drLyp38MxLwHSHPTet0q2LfOGoGNxavEkAjbWyESsKfSbrOJafJOqWaozDyjpzT8ydPefcP6Gvl0pLfoc9YwFVMRtrqoHzmm0QSJ1RmUZjIvSMoxR5-DozL-rO4i4c1LMojouuLK2tf0-7ZmROHVQ9R6DYFpOMIohqUPT-O7Su8fzmw09a-V9paNbacIKqjJp_lONhBQOb_QWbAsyycISmWXwGBSpJNRufxWOkgvLUmJ1dZqgEzj9hTxGmX7GEoNodn9rYCQxAQ_xLJn2JqhFKg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://r00t4bl3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
r00t4bl3.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: f490teqrdr0s7d1bia4b648qj4
.r00t4bl3.com/	1970-01-20 15:22:17	Name: __gads Value: ID=54d7624f1088d80c-225bf58b75d600cd:T=1663241759:RT=1663241759:S=ALNI_MZZ_02QYkXShPkgyt_o35IOC3fWtQ
.r00t4bl3.com/	1970-01-20 15:22:17	Name: __gpi Value: UID=000009c8a0f178fc:T=1663241759:RT=1663241759:S=ALNI_MZ3MYXM3_LKPThDvF5MpP4Adb5Eig
.r00t4bl3.com/	1970-01-20 15:36:41	Name: _ga Value: GA1.2.1688741071.1663241759
.r00t4bl3.com/	1970-01-20 06:02:08	Name: _gid Value: GA1.2.131587792.1663241759
.r00t4bl3.com/	1970-01-20 06:00:41	Name: _gat Value: 1
.doubleclick.net/	1970-01-20 15:36:41	Name: IDE Value: AHWqTUkHJ2NBU7Nv2BxqLkWiCy9ZSXbwlCARwNYseQ0qZ6OraT30jAkRV6mNyz52sEI
.doubleclick.net/	1970-01-20 06:00:45	Name: DSID Value: NO_DATA
.adingo.jp/	1970-01-20 06:43:53	Name: ID Value: 2d897ede7bb1493c1719463e19184efe
.openx.net/	1970-01-20 14:46:17	Name: i Value: 5ac74a22-78cb-4bb4-bf2d-84d134f20ecc\|1663241760
.casalemedia.com/	1970-01-20 14:46:17	Name: CMID Value: YyMOIM2QJvQ4HtasU1WFwwAA
.casalemedia.com/	1970-01-20 08:10:17	Name: CMPS Value: 4745
.casalemedia.com/	1970-01-20 08:10:17	Name: CMPRO Value: 4745
.quantserve.com/	1970-01-20 08:10:17	Name: d Value: EDIBCQGNJ4EA
.quantserve.com/	1970-01-20 15:30:56	Name: mc Value: 63230e20-70c69-cbd75-cb80e
.casalemedia.com/	1970-01-20 08:10:17	Name: CMTS Value: 4794
.innovid.com/	1970-01-20 08:10:17	Name: uuid Value: b867afda-8ec0-4a78-953a-f5f74e3e33b6-20220915 07:36:00

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-9476719135065556&fa=1&ifi=4&uci=a!4&btvi=2&xpc=gIug4Bn6Fp&p=https%3A//r00t4bl3.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.jp
adservice.google.com
ag.innovid.com
cc.adingo.jp
cm.g.doubleclick.net
cms.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
r00t4bl3.com
rtb.openx.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
103.231.99.243
104.18.18.126
172.217.174.98
18.177.23.231
2404:6800:4004:801::2002
2404:6800:4004:808::2002
2404:6800:4004:80a::2002
2404:6800:4004:80b::2002
2404:6800:4004:810::2004
2404:6800:4004:811::200e
2404:6800:4004:822::200a
2404:6800:4004:823::2003
2404:6800:4004:825::2002
2404:6800:4004:826::2001
2404:6800:4004:826::2002
2404:6800:4004:826::2003
2406:da18:5a5:3102:8c21:5134:8ae5:7863
2606:4700:3037::ac43:b4cd
2620:116:800e:21:a878:7c6e:cf7b:3362
35.186.253.211
8.39.36.141
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fe6376419d1b2b5b3114da291dbbb4bdf1165bc7a17dcc7b5322befc738e26a
15ef2d40fc5e51ee0e978caa5085f44668266f38cbc6de49255fb556671e1b34
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
184969c8fbc4111554bcb32c3b9fbebd19cfe5542c0c0502d406d8f9a811c8f3
1a3a3eb88ab646be5c29a5459e7c13b3deffa222cc5686ebfe674d20667cbc76
1afa3fa0ab59a5d59fe63f64d8f19310231c0514e504033868b8a06c7e720f69
21cc3a1f6a6a2bac4f030f90cc908a490b05070ad0092129cef51c02a3c148ba
2444b20b28c18d89accf5ab8a6dfa4698fa053aaf043abcce252588c2ce45528
2532dac09559dd6fb2cd05a4e691207f968d8268525217349cff002d0baffa70
25aac8aa6ea3c444034306b4ddb824cb74472b928ab7d308ec03aab539cbdb72
2ec17d53ff6cf7293199816eb83383468a357afc6a9d1d7dd33973c1a43c79a1
2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254
32cebd0d14e3a387471fd732306c9161dc9f4728c137ec67d58105efcb18ec36
37a4ab1d5860e49ae5322676b363550dd23d88b068c484bdee441d5a9c210113
38b4d00728162fee0eefd1108636b28c25dff9202c137eaf0ce0c924c4b0013a
39d0cab0cc51d8bfe34e22d06a5597f2a685e043a5df38729ae448a1eb124e49
3a89baeeddf42182b6b6847f1ad6f45d2c81457c4970ed9baec3be9e44d84fc5
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4621afb2cbe14a5f20cefc658113db2a638718ac8cc3c98885ee593c8a950329
4a28725e56b4c299f27b00f1ce910ad39fa55dc679254f08ee2650f3c54c3f9b
4a31b18d15a5bcf65a132815504983095f868070bf469e670d625022d104ed7b
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4cc6edbc5706d48617028e790c5b7aadcfd739764457c9e52c7c3de0ac0d940d
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d1a54964c7f4561ea0c2b5e7f01e355fdc58a6eb0786220e198097193a9b59e
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54847588e661546b864e9d3b0ced38d0665d926972de908c2a241c328ed454de
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62132056d6ccbbe01718c1864c319273171a796c8b3857bdd3864b996f743aea
63f0bb0fbf26308f7b4868bcb28064ac7bee9c3d7ef551f613fac17ccf7f75f5
65fd23678c5ee28844494816eb77ec8c57a2236238eba2629be2cc62e6959e47
6659edd30afbce2323bb2b3443be4e8a5258d1260d0e68fd99df4d828f0ff718
7617e08ef0d1ab6e2720e9600f944c22339474d28086a00a32c8742153398439
769806d127f1b68b8030871975c95fcd738f8bde0fce5cbf8a00e4db94dccc0e
785d149e2cab7dada1be7b4c9e536ebeca949f4e883e7f5dcc4c5a6e1f2ac4c2
7c76f9b25bafc531d4218b90bd300b95cc09216ef4e28b181b190d347e4dd1f4
87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
9e712845e4270c8a710a9c3564807a29239c2d8c8a71495afe621dd2e2fe2742
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2da208cbcd324a7042176ce90222d9b024ea004211db101c224485138d5845d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c1d114a7c58328699834702a212f3863646882e4cf6059a1d1e33d6b11b4f6
a8597bfc87400b244c503b8e721ff3ffd4860ef6b8527554cc3f098eccd04a77
a8be3e2f47230fd0bd7a78794bfed9dd940e40566a1285f70aa7a1e247d5f408
ad92cd2e0e233c5ef4efa820e9e7d4d359a1c5befdb7f7d7ec8afcfe66586427
b3e0bb0b3d0d6c1178398fcc53c39ab1016715277b1e7baa0af2d8274b91129d
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c7bae93bf9ca848c0b932220ac036e4eb3de728785a5f26e8fc00c02ba65c46f
cccca9a6c9adaa2526729e831f78ec1f5ce66e425ea01d4e8c9801fd4febc7ce
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d5681b393ebe2a7bfc7233f3075a08a130b782db0aaaa789fab2b31dde622b08
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da72ececf98a3cf404b83563ac432a519c6fbe9d211a4c7c543c466cfdc15233
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e351a3461f6ed76f5b5f58d92e71358144b67cf302df82a07d377f8a84ecc30c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45b37ccff9615d3df7d5fe80ca12994f6a3d6ecbb9d6c1fbb38199dadccdd42
e8c726837f204a2c7e3809c8c7591619e097c639e71f0600995582e4166d6a77
ebd700b2251272fffa185587df976422f006e14872407822efb086f398efd0f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05045c71ff2131f081e8531eba3a954979b2e4c52e82015e39b5a1c54f2a527
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb7d03599fc1f740963f60a434dae392a1977f9b24b67cda0f46cad500c0135f

r00t4bl3.com Open in urlscan Pro 2606:4700:3037::ac43:b4cd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

108 Requests

96 %HTTPS

71 %IPv6

17 Domains

21 Subdomains

18 IPs

5 Countries

3436 kBTransfer

5115 kBSize

17 Cookies

1 Outgoing links

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

r00t4bl3.com Open in urlscan Pro
2606:4700:3037::ac43:b4cd Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

96 %
HTTPS

71 %
IPv6

17
Domains

21
Subdomains

18
IPs

5
Countries

3436 kB
Transfer

5115 kB
Size

17
Cookies

108 HTTP transactions
4 data transactions