ittrip.xyz Open in urlscan Pro
183.181.91.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ittrip.xyz/
Effective URL:
https://ittrip.xyz/
Submission: On December 23 via api (December 23rd 2022, 2:54:42 am UTC) from JP — Scanned from JP

Summary HTTP 189 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 21 domains to perform 189 HTTP transactions. The main IP is 183.181.91.49, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is ittrip.xyz.
TLS certificate: Issued by R3 on November 20th 2022. Valid for: 3 months.

This is the only time ittrip.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 35	183.181.91.49 183.181.91.49	131965 (XSERVER X...) (XSERVER Xserver Inc.)
3	2404:6800:400... 2404:6800:4004:820::2008	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:823::200a	15169 (GOOGLE) (GOOGLE)
3	202.226.37.225 202.226.37.225	131965 (XSERVER X...) (XSERVER Xserver Inc.)
1	2600:9000:213... 2600:9000:2138:1200:18:82c:9d80:93a1	16509 (AMAZON-02) (AMAZON-02)
23	2404:6800:400... 2404:6800:4004:825::2002	15169 (GOOGLE) (GOOGLE)
14	2404:6800:400... 2404:6800:4004:812::200e	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4004:820::200a	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:801::200e	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4004:824::2003	15169 (GOOGLE) (GOOGLE)
1	13.113.102.155 13.113.102.155	16509 (AMAZON-02) (AMAZON-02)
19	2404:6800:400... 2404:6800:4004:812::2002	15169 (GOOGLE) (GOOGLE)
2	54.65.141.192 54.65.141.192	16509 (AMAZON-02) (AMAZON-02)
4	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
2 10	2404:6800:400... 2404:6800:4004:824::2004	15169 (GOOGLE) (GOOGLE)
1	210.140.225.83 210.140.225.83	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1	2404:6800:400... 2404:6800:4004:822::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4008:c04::9d	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:822::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:826::2002	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4004:801::2003	15169 (GOOGLE) (GOOGLE)
33	2404:6800:400... 2404:6800:4004:81d::2001	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4004:808::2002	15169 (GOOGLE) (GOOGLE)
1 2	2001:df2:a300... 2001:df2:a300:bbbb::135	6336 (TURN-US-ASN) (TURN-US-ASN)
2 8	172.217.174.98 172.217.174.98	15169 (GOOGLE) (GOOGLE)
1 1	34.124.209.251 34.124.209.251	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	202.232.238.37 202.232.238.37	2497 (IIJ Inter...) (IIJ Internet Initiative Japan Inc.)
1 1	2600:9000:206... 2600:9000:2066:1a00:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	18.178.22.21 18.178.22.21	16509 (AMAZON-02) (AMAZON-02)
2 3	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
189	27

35 183.181.91.49 (Japan) 1 redirects

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv1048.wpx.ne.jp

ittrip.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:820::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:823::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 202.226.37.225 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: webmail.xserver.jp

webfonts.xserver.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2138:1200:18:82c:9d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

aml.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2404:6800:4004:825::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2404:6800:4004:812::200e (Australia)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:820::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:801::200e (Australia)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:824::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.113.102.155 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-102-155.ap-northeast-1.compute.amazonaws.com

a.imgvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2404:6800:4004:812::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.65.141.192 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-141-192.ap-northeast-1.compute.amazonaws.com

dalc.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4004:824::2004 (Australia) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.140.225.83 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
PTR: 210-140-225-83.newton.jp-east.compute.idcfcloud.net

dalb.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:822::200e (Australia)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c04::9d (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:822::2002 (Australia)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:826::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4004:801::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2404:6800:4004:81d::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:808::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:df2:a300:bbbb::135 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.174.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.124.209.251 (Singapore) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.209.124.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.232.238.37 (Nishi-Tokyo-shi, Japan) 1 redirects

ASN2497 (IIJ Internet Initiative Japan Inc., JP)

sync.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2066:1a00:19:fc2c:a140:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.142 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.178.22.21 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-22-21.ap-northeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	681 KB
35	ittrip.xyz 1 redirects ittrip.xyz	270 KB
29	google.com 2 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1976 cse.google.com — Cisco Umbrella Rank: 2978 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 436 adservice.google.com — Cisco Umbrella Rank: 72	224 KB
26	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	198 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	272 KB
8	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 304 fonts.googleapis.com — Cisco Umbrella Rank: 37	36 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	280 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
4	valuecommerce.com aml.valuecommerce.com — Cisco Umbrella Rank: 219418 dalc.valuecommerce.com — Cisco Umbrella Rank: 204632 dalb.valuecommerce.com — Cisco Umbrella Rank: 211254	37 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 3362	1 KB
3	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 53632 www.google.co.jp — Cisco Umbrella Rank: 22131	1 KB
3	xserver.jp webfonts.xserver.jp — Cisco Umbrella Rank: 403649	26 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	184 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 279	881 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 710 r.turn.com — Cisco Umbrella Rank: 3099	869 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 309	515 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 634	747 B
1	fout.jp 1 redirects sync.fout.jp — Cisco Umbrella Rank: 42463	717 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 759	762 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 830	694 B
1	imgvc.com a.imgvc.com — Cisco Umbrella Rank: 198704	319 B
189	21

	Domain	Requested by
35	ittrip.xyz	1 redirects ittrip.xyz ajax.googleapis.com
33	tpc.googlesyndication.com	googleads.g.doubleclick.net ittrip.xyz pagead2.googlesyndication.com tpc.googlesyndication.com
23	pagead2.googlesyndication.com	ittrip.xyz pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ittrip.xyz
14	fundingchoicesmessages.google.com	ittrip.xyz
10	www.google.com	2 redirects cse.google.com www.google.com ittrip.xyz googleads.g.doubleclick.net tpc.googlesyndication.com
8	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net
7	fonts.googleapis.com	ittrip.xyz googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	an.yandex.ru	2 redirects
3	webfonts.xserver.jp	ittrip.xyz webfonts.xserver.jp
3	www.googletagmanager.com	ittrip.xyz www.googletagmanager.com
2	ups.analytics.yahoo.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.jp	pagead2.googlesyndication.com
2	dalc.valuecommerce.com	aml.valuecommerce.com
2	cse.google.com	ittrip.xyz www.google.com
1	pixel.rubiconproject.com	1 redirects
1	d.agkn.com	1 redirects
1	sync.fout.jp	1 redirects
1	um.simpli.fi	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	www.google.co.jp	ittrip.xyz
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	clients1.google.com	ittrip.xyz
1	dalb.valuecommerce.com	ittrip.xyz
1	a.imgvc.com	ittrip.xyz
1	aml.valuecommerce.com	ittrip.xyz
1	ajax.googleapis.com	ittrip.xyz
189	34

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
b.hatena.ne.jp
getpocket.com
lineit.line.me
line.me
thk.kanzae.net

Subject Issuer	Validity	Valid
www.ittrip.xyz R3	`2022-11-20` - `2023-02-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.xserver.jp SecureCore RSA DV CA	`2022-03-08` - `2023-04-08`	a year	crt.sh
*.valuecommerce.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-24` - `2023-09-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.imgvc.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-31` - `2023-10-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://ittrip.xyz/
Frame ID: 4D8A8AD53A5EF1862428525E33554781
Requests: 95 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 03CE93585A9109763269A134F011A0FF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&adk=1812271804&adf=3025194257&lmt=1671764075&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fittrip.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764075513&bpp=2&bdt=268&idt=218&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1888345947434&frm=20&pv=2&ga_vid=1601688926.1671764076&ga_sid=1671764076&ga_hid=582430550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071250%2C44780792&oid=2&pvsid=119832428674972&tmod=602827817&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=241
Frame ID: 341AB667E90E943B360F5F31020D4410
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=600&slotname=1332286832&adk=3840913425&adf=2823267970&pi=t.ma~as.1332286832&w=300&fwrn=4&fwrnh=100&lmt=1671764075&rafmt=1&format=300x600&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764075515&bpp=2&bdt=270&idt=244&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1888345947434&frm=20&pv=1&ga_vid=1601688926.1671764076&ga_sid=1671764076&ga_hid=582430550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=243&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071250%2C44780792&oid=2&pvsid=119832428674972&tmod=602827817&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2tbAZSnG1U&p=https%3A//ittrip.xyz&dtd=249
Frame ID: 5D0EDF1BF4EA6E7FBC6A876DDB708574
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=280&slotname=1584818641&adk=4258628461&adf=4004646833&pi=t.ma~as.1584818641&w=510&fwrn=4&fwrnh=100&lmt=1671764075&rafmt=1&format=510x280&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764075517&bpp=1&bdt=272&idt=266&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=1888345947434&frm=20&pv=1&ga_vid=1601688926.1671764076&ga_sid=1671764076&ga_hid=582430550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=2971&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071250%2C44780792&oid=2&pvsid=119832428674972&tmod=602827817&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9aVyGYU8qa&p=https%3A//ittrip.xyz&dtd=270
Frame ID: 887CC5BF19E12A8A1E5BB097947521D7
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: 32C1ECC8FB63FD208BBAD9588B444324
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=100&adk=2718700533&adf=807584714&pi=t.aa~a.1611007932~rp.4&w=330&fwrn=4&fwrnh=100&lmt=1671764076&rafmt=1&to=qs&pwprc=8069848629&format=330x100&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764076511&bpp=1&bdt=1266&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c2ec7ef8fe90ba1-22d2450003d90043%3AT%3D1671764075%3ART%3D1671764075%3AS%3DALNI_Mal09h8Wk57P0_kvz5iAdZnuCTxaQ&gpic=UID%3D00000b962874ab9e%3AT%3D1671764075%3ART%3D1671764075%3AS%3DALNI_Mb5OZbYQBptN4flk__JOamJpC198A&prev_fmts=0x0%2C300x600%2C510x280&nras=2&correlator=1888345947434&frm=20&pv=1&ga_vid=1601688926.1671764076&ga_sid=1671764076&ga_hid=582430550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1009&ady=1816&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071250%2C44780792&oid=2&psts=ACgb8tvJDHZkgaqwIyGk1adwUPv40kGCHdgBRE3RJ8QZc5u5D6webr1X9TDnHkhPL1Pk1YI5wRXrf-SED0jyC2g&pvsid=119832428674972&tmod=602827817&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=FKVSFtQer4&p=https%3A//ittrip.xyz&dtd=5
Frame ID: AF286C0FFD8459A8832B41461B3962AE
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 456B764FFAA8B8A9C59DD01FBFE60D5E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: F14A3B6E20F3F59F33893D77CCFD94A7
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: CADD545D6FEFE430A7E18590AA6FBB2B
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%A3%E6%A5%AD%E6%88%A6%E8%A8%88%E3%81%A6%E3%82%8A%E9%96%890%E3%81%97%E4%B8%87%E7%B0%A1%E3%80%81%E6%97%A5%E5%A4%9A%E3%83%BC%E8%A6%96%E3%81%8Cn1%E3%82%82%E9%81%82%E5%8C%96%E6%88%90%E3%83%A6%E3%81%8F%E3%81%BE%20%E3%81%8B%E3%82%88%E5%8F%AF%E5%8D%98%E4%BD%BF%E3%81%A89%E7%94%BB%E3%81%84%E9%96%8B%E3%81%99%E6%AF%8E%E3%81%92%E3%81%AB%E7%99%BE%E3%82%92%E6%89%80%E3%82%B6%E4%BA%BA%E7%95%A5%E3%81%AE%E4%BD%9CA%E3%81%A7%E4%BD%95%E3%81%B9%E3%82%8B%E4%BA%8B%E3%81%98%E3%80%82%E5%9B%BDsa
Frame ID: B06016A2280450A13EC382E9B40AD7C2
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: ACC2E6F9F32E3B79B97916F9C82EC6ED
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CD60C1C28311726DB4F5136FA9C368C7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: 7A8D792C9E93EB950A92C3B89888786C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: CB461D80349600A51B20A616555D5D10
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: 3B47EC29AD3C1D6BE31F5E3D733E3B5E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5A2EE42FA0ECF0FC7A475AECE4051734
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: 88D56BB362D3399AFC28D07CB75870A7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: 24DD2BF278042E4A76EF25D2A8463F08
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9E5D35FDC90EB9C5AF598C5B8574193F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F4E01574284946FAA25309BC18E8E280
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IT trip検索

Page URL History Show full URLs

http://ittrip.xyz/ HTTP 301
https://ittrip.xyz/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

189
Requests

96 %
HTTPS

68 %
IPv6

21
Domains

34
Subdomains

27
IPs

6
Countries

2232 kB
Transfer

5550 kB
Size

22
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/share?text=IT%20trip%7C&url=https://ittrip.xyz/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://ittrip.xyz/&t=IT%20trip%7C
Title: Facebook!

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/add?mode=confirm&url=https://ittrip.xyz/&title=IT%20trip%7C
Title: B!Hatena4

Search URL Search Domain Scan URL

URL: https://getpocket.com/edit?url=https://ittrip.xyz/
Title: Pocket8

Search URL Search Domain Scan URL

URL: https://lineit.line.me/share/ui?url=https://ittrip.xyz/#/
Title: LINESend

Search URL Search Domain Scan URL

URL: https://line.me/R/msg/text/?IT%20trip%7C%0D%0Ahttps://ittrip.xyz/
Title: LINESend

Search URL Search Domain Scan URL

URL: https://thk.kanzae.net/
Title: Thought is free

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ittrip.xyz/ HTTP 301
https://ittrip.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 136

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 145

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 167

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEehkHdS7Ch8Q1p2h3UYWxo&google_cver=1&google_push=AavPq0PnLnYWL6YsIN6IjbCPZF1FZNJSg8tQhhGCv_zrQz4cbhF0vD6FsNfAhDJlo3LpUaIlQHK5-o_KaRbgC0gr0hPMPDTwDgaepkkMMq_ilGfTvg_Mr2vXcTgJcZYTO9wgUA8lOntyaWxgcEcAM6leZg9Kiw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODY5NDg4NTM3MTAxNjY5MzEzMw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEehkHdS7Ch8Q1p2h3UYWxo&google_cver=1

Request Chain 168

https://um.simpli.fi/gp_match?google_gid=CAESEKyZ7kV26sdgkenyJrck-pA&google_cver=1&google_push=AavPq0Mn1-zCYY9jbnQQVdGnoPU0CgWPwbXpMiHYrtLUUWCotq5ALe2RWrikDjLziESqk-J49gBfka799S3SHKrCf8svwGWQrvIqS1K2akhVAT13l727DsHYFIYr8gF6Zbu27M5f4aWMZK9eui_tCB-wJIfrMw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C54A47AD78EF4B6FB3216FA8CCFC7A7C&google_push=AavPq0Mn1-zCYY9jbnQQVdGnoPU0CgWPwbXpMiHYrtLUUWCotq5ALe2RWrikDjLziESqk-J49gBfka799S3SHKrCf8svwGWQrvIqS1K2akhVAT13l727DsHYFIYr8gF6Zbu27M5f4aWMZK9eui_tCB-wJIfrMw

Request Chain 169

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEPp5e24F3WDmnlnVc0-CzD4&google_cver=1&google_push=AavPq0NGJcxDshaRXaRy3ygZMSjtdE8U4VqMPcMFeaSUXrBvcBTFJh--SYNp5FmvJVA95cYZd2_yx_ymrKb15jBWih9Fumc3mmzQ6Bz346FdbqfcLvIq0sG6yZ_gndeSsvg07wKQVDXO5ymuKlL5NU-PUCVN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AavPq0NGJcxDshaRXaRy3ygZMSjtdE8U4VqMPcMFeaSUXrBvcBTFJh--SYNp5FmvJVA95cYZd2_yx_ymrKb15jBWih9Fumc3mmzQ6Bz346FdbqfcLvIq0sG6yZ_gndeSsvg07wKQVDXO5ymuKlL5NU-PUCVN&google_hm=QzJQZVByTGFEdjQwenBDUHJxODhnYkpBZTdF&from_google=sp1

Request Chain 170

https://d.agkn.com/pixel/2175/?google_gid=CAESEJtZLi7nDSp440XkyazWYog&google_cver=1&google_push=AavPq0PyGa62QgZpWhEzZwZJ-l7NC58kLC5IUn7GemXzQnSLc4_76DbTQEDIrXEJHdfge93lmz_r1iQBvooLd7jlwhqq7S5jRn_Pxw6DYZxmZC6sJ69-GefthXMndBPdqdi6JFuUqFd7aQ2qxWdrHWbmvnz7SQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AavPq0PyGa62QgZpWhEzZwZJ-l7NC58kLC5IUn7GemXzQnSLc4_76DbTQEDIrXEJHdfge93lmz_r1iQBvooLd7jlwhqq7S5jRn_Pxw6DYZxmZC6sJ69-GefthXMndBPdqdi6JFuUqFd7aQ2qxWdrHWbmvnz7SQ&google_hm=Q0FFU0VKdFpMaTduRFNwNDQwWGt5YXpXWW9n

Request Chain 171

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKNmtm7BX84ZT-r8vemyYo0&google_cver=1&google_push=AavPq0NtZF5KnLQRW3zf662ed10SgienPgBjnAxYcELZRPS9n-tbr91qIjUJj-3V8JdiMOwwMKQTXlihGGyO1IVhX0n0JAqEDJcple2wXrWiPFnBl_owFKGm4X3u5Ok1IqiwfHpFI1OjkhpL5tAjIIZYbzW3Aw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJaWDYxVE0tQi0ySkhI&google_push=AavPq0NtZF5KnLQRW3zf662ed10SgienPgBjnAxYcELZRPS9n-tbr91qIjUJj-3V8JdiMOwwMKQTXlihGGyO1IVhX0n0JAqEDJcple2wXrWiPFnBl_owFKGm4X3u5Ok1IqiwfHpFI1OjkhpL5tAjIIZYbzW3Aw

Request Chain 172

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJZiaxdrzVwnyoyrSXaVIjc&google_cver=1&google_push=AavPq0OIUK5QI0N8iyF1N4Vgy8_a9oqBD8l8gYywOGegJSbHGo80o1Y5vSXK2libdJG8xzeYHiaLf75UB9sivN4M715_op3-bQYh4SoW9JcY8f6OD_cWOB7OZhm38lJk7dftKId8fDtixdn37YmKk7o8uLoOJu4 HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJZiaxdrzVwnyoyrSXaVIjc&google_cver=1&google_push=AavPq0OIUK5QI0N8iyF1N4Vgy8_a9oqBD8l8gYywOGegJSbHGo80o1Y5vSXK2libdJG8xzeYHiaLf75UB9sivN4M715_op3-bQYh4SoW9JcY8f6OD_cWOB7OZhm38lJk7dftKId8fDtixdn37YmKk7o8uLoOJu4&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GQVFaNlVKRTJ1R1h4VFhzUDl3RXc0VkpjQ0RlTk9DSn5B&google_push=AavPq0OIUK5QI0N8iyF1N4Vgy8_a9oqBD8l8gYywOGegJSbHGo80o1Y5vSXK2libdJG8xzeYHiaLf75UB9sivN4M715_op3-bQYh4SoW9JcY8f6OD_cWOB7OZhm38lJk7dftKId8fDtixdn37YmKk7o8uLoOJu4

Request Chain 173

https://an.yandex.ru/mapuid/google/CAESEG7gRpCPDt1RmYU70QmiRUM?ext-param=AavPq0NlIcz6j2dz6LemMN0uSYR-fN4Z3F4CXfwJ2OckAjH8WOOPyq32Dmc8zyKNq0QRSRM_VyGCjfHPBujl3FTX-UQGOExhPCJASWfzvC0J9WHjndXoUy_HmGUJlMA-Bz7X9kPCE24-AYAWSgom8ABDLReZMw&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEG7gRpCPDt1RmYU70QmiRUM?redir-setuniq=1&ext-param=AavPq0NlIcz6j2dz6LemMN0uSYR-fN4Z3F4CXfwJ2OckAjH8WOOPyq32Dmc8zyKNq0QRSRM_VyGCjfHPBujl3FTX-UQGOExhPCJASWfzvC0J9WHjndXoUy_HmGUJlMA-Bz7X9kPCE24-AYAWSgom8ABDLReZMw&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEG7gRpCPDt1RmYU70QmiRUM&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

189 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ittrip.xyz/
Redirect Chain

http://ittrip.xyz/
https://ittrip.xyz/

252 KB
48 KB

375ms
355ms

Document
text/html

183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

d4728cfcfab84beadbb2526bfcb33558d2045c29ee1b49ddb8c37f6841cc4df1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: max-age=1
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 23 Dec 2022 02:54:35 GMT
expires: Fri, 23 Dec 2022 02:54:35 GMT
link: <https://ittrip.xyz/wp-json/>; rel="https://api.w.org/"
server: nginx
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: max-age=1
Connection: keep-alive
Content-Length: 227
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 23 Dec 2022 02:54:34 GMT
Expires: Fri, 23 Dec 2022 02:54:35 GMT
Location: https://ittrip.xyz/
Server: nginx

GET
H2 200 style.async.min.css
ittrip.xyz/wp-content/themes/luxeritas/ 1 KB
909 B 11ms
10ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/themes/luxeritas/style.async.min.css?v=1670810051

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

3c7b2f4a154198721450f6edeabc8ecfc41a4ea7a2a63ec43b90be7e4274966f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 12 Dec 2022 01:54:11 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 icomoon.woff2
ittrip.xyz/wp-content/themes/luxeritas/fonts/icomoon/fonts/ 4 KB
4 KB 10ms
10ms Font
application/x-font-woff2 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/themes/luxeritas/fonts/icomoon/fonts/icomoon.woff2

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

8d99a824eb65a40f898ff5baa2201854b8b1d152a620cf13a79033f4fcba1e67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ittrip.xyz/
Origin: https://ittrip.xyz
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 12 Dec 2022 01:54:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/x-font-woff2
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3768
x-xss-protection: 1; mode=block
expires: Sat, 23 Dec 2023 02:54:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 53ms
44ms Script
application/javascript 2404:6800:4004:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-84676516-1

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8be26741aaeb12b1556d80e79618d0c1b6ce166524d35e637d5928ceeb5c0b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44711
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 23 Dec 2022 02:54:35 GMT

GET
H2 200 crayon.min.css
ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/css/min/ 20 KB
5 KB 11ms
11ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

e3d961493e244e06bf91a9857442891e2e2ad8d49cf8e0a7781c53f0707443d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 19 Feb 2020 07:09:00 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 classic.css
ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/themes/classic/ 4 KB
1023 B 11ms
10ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

01e43870a4218fe731a3516dd76725698c3aadfb285465086849c6b52ef71719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 19 Feb 2020 07:10:00 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 monaco.css
ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/fonts/ 516 B
771 B 11ms
10ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

a47d6b7ed20c17858b6771922b06fe5f3019bfb468b4a556738c0f0aa16f5bdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 19 Feb 2020 07:09:00 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 516
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 classic-themes.min.css
ittrip.xyz/wp-includes/css/ 217 B
472 B 9ms
9ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-includes/css/classic-themes.min.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 Nov 2022 04:24:00 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 217
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 styles.css
ittrip.xyz/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 10ms
9ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/contact-form-7/includes/css/styles.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 16 Dec 2022 16:23:11 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 screen.min.css
ittrip.xyz/wp-content/plugins/table-of-contents-plus/ 1 KB
723 B 11ms
10ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/table-of-contents-plus/screen.min.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 16 Dec 2022 16:23:14 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 default.css
ittrip.xyz/wp-content/plugins/tablepress/css/build/ 6 KB
3 KB 11ms
10ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/tablepress/css/build/default.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

e29a093fe8f1b251e5fac8144f074d087bb6281a3ba7a2f2237a6d3da0c5b79a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Dec 2022 16:23:09 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 tablepress-responsive.min.css
ittrip.xyz/wp-content/plugins/tablepress-responsive-tables/css/ 9 KB
2 KB 10ms
10ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/tablepress-responsive-tables/css/tablepress-responsive.min.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

27e54854af25b175f482f4acc3c32a5dfd363ae62292e66b9212764d323af2db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 06:10:49 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 12ms
3ms Script
text/javascript 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 06:10:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 593071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 06:10:04 GMT

GET
H2 200 crayon.min.js Show response
ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/js/min/ 22 KB
7 KB 10ms
9ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/js/min/crayon.min.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

193fbb968733b8a7049da19274546e6b80b76e9a8f1b837fee9a5fdeb8f97c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 19 Feb 2020 07:09:00 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 luxe.min.js Show response
ittrip.xyz/wp-content/themes/luxeritas/js/ 33 KB
11 KB 12ms
10ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/themes/luxeritas/js/luxe.min.js?v=1670810050

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

e0ead91a3cd7c8e50af4e2035a1e1ceaba08380f4af936bc63847287502c9b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 12 Dec 2022 01:54:10 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H/1.1 200
OK xserver.js Show response
webfonts.xserver.jp/js/ 20 KB
8 KB 36ms
9ms Script
application/javascript 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/js/xserver.js
Requested by: Host: ittrip.xyz
URL: https://ittrip.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: b96773c4b9e609994855c2ff9b4463610ee73c5a4a3f11938d88dcc2894d1c16

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 02:54:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Aug 2019 03:18:48 GMT
Server: nginx
ETag: W/"5d522c18-4e15"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 event-tracking.js Show response
ittrip.xyz/wp-content/plugins/yyi-rinker/js/ 598 B
863 B 10ms
10ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/yyi-rinker/js/event-tracking.js?v=1.1.10

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

b22a6914bcfd51c615ea47a6ae43f2801fb7cefb1bd63cd7a425f1d1f6d7f0c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 31 Oct 2022 08:44:25 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 598
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 175 KB
65 KB 83ms
74ms Script
application/javascript 2404:6800:4004:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2QK7EHKEJP

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ad4898ecb275c4e17213b505632af9a5347b0a89029b80887bde892f07c47cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66328
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 23 Dec 2022 02:54:35 GMT

GET
H2 200 vcdal.js Show response
aml.valuecommerce.com/ 34 KB
35 KB 22ms
3ms Script
application/javascript 2600:9000:2138:1200:18:82c:9d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aml.valuecommerce.com/vcdal.js
Requested by: Host: ittrip.xyz
URL: https://ittrip.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2138:1200:18:82c:9d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6c588aa6f9d444b6f2c7804c090846197f2d66280471c9677ee6779c90cd4a2b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:03 GMT
via: 1.1 0af4f461b5a89684a06050bc1aca8c04.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C2
age: 32
x-guploader-uploadid: ADPycdtSeRSyIveFWtq2h8aYrwDLjiQa4CRxVmUS6Mg6pD4j4JHPl8_Kh4MPtkhomROkyHC0VftekzDdSvAeMrYqmaNa6uOrr3vQ
x-cache: Hit from cloudfront
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 35074
last-modified: Mon, 17 Jan 2022 07:06:41 GMT
server: UploadServer
etag: "681c1b1ecd9c2e0dd35da7c074214531"
vary: Accept-Encoding
x-goog-hash: crc32c=2VymBw==, md5=aBwbHs2cLg3TXafAdCFFMQ==
x-goog-generation: 1642403201413885
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Range, x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 35074
accept-ranges: bytes
x-amz-cf-id: PECLaWpKsInZCejopAqujBRGHS-5Ci8O8026_EY17TGOJoGoV3DJRA==
expires: Fri, 23 Dec 2022 02:54:06 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 64ms
54ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6390132166409150&host=ca-host-pub-2644536267352236

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17be97dbc493fefbb663e16ab08dcc33c31c2e18e1a7580a5466eef1b5d2d0e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Origin: https://ittrip.xyz
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49460
x-xss-protection: 0
server: cafe
etag: 81218651440659567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 23 Dec 2022 02:54:35 GMT

GET
H2 200 pub-6390132166409150 Show response
fundingchoicesmessages.google.com/i/ 113 KB
40 KB 84ms
75ms Script
application/javascript 2404:6800:4004:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-6390132166409150?ers=1

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71e3b84be6278903aeb9bf0f048f14cb1c2c4c4de153f3d0219dd8c9cfbd114e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VvYZiGvJiZL18_rp-0IbFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VvYZiGvJiZL18_rp-0IbFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cropped-master-4-e1632209943782.png
ittrip.xyz/wp-content/uploads/2016/03/ 5 KB
5 KB 12ms
10ms Image
image/png 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2016/03/cropped-master-4-e1632209943782.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

98674d82c94b04376866d454420ebc18094cffaf46218407e71f3ae95cfd7e52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Sep 2021 07:39:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 5017
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 65ms
55ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6390132166409150

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c277a1ea3db680a961e2533187de38f4ad14a17e9d8b18707f3a05b4048389

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Origin: https://ittrip.xyz
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49657
x-xss-protection: 0
server: cafe
etag: 15296262246179215030
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 23 Dec 2022 02:54:35 GMT

GET
H2 200 luxe-serviceworker-regist.js Show response
ittrip.xyz/wp-content/themes/luxeritas/js/ 549 B
814 B 12ms
11ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/themes/luxeritas/js/luxe-serviceworker-regist.js?v=1671764074

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

32543dfff18ea53ee0b633f65be112e6b2829d80ba07a3e65125571a4a9e6338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 12 Dec 2022 01:54:11 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 549
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 lazysizes.min.js Show response
ittrip.xyz/wp-content/plugins/ewww-image-optimizer/includes/ 14 KB
6 KB 10ms
10ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

c05a1108c176130e9dff2f6a5ebdb60be1c3e17b5a8f83de35b29f44fb109434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 15 Dec 2022 04:23:10 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 index.js Show response
ittrip.xyz/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 10ms
10ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/contact-form-7/includes/swv/js/index.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 16 Dec 2022 16:23:11 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 index.js Show response
ittrip.xyz/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 10ms
10ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/contact-form-7/includes/js/index.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 16 Dec 2022 16:23:11 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 front.min.js Show response
ittrip.xyz/wp-content/plugins/table-of-contents-plus/ 6 KB
3 KB 12ms
9ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/table-of-contents-plus/front.min.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 16 Dec 2022 16:23:14 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H/1.1 200
OK checkdigit Show response
webfonts.xserver.jp/advance/ref/ja/107/ 1 B
314 B 29ms
9ms XHR
text/plain 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/advance/ref/ja/107/checkdigit?K18MUcZzRRA%3D
Requested by: Host: webfonts.xserver.jp
URL: https://webfonts.xserver.jp/js/xserver.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: cache
Date: Fri, 23 Dec 2022 02:54:35 GMT
Server: nginx
ETag: "typesquare-use-cache"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Content-Type: text/plain;;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=8640000
Connection: keep-alive

GET
H2 200 wp-emoji-release.min.js Show response
ittrip.xyz/wp-includes/js/ 18 KB
5 KB 13ms
12ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-includes/js/wp-emoji-release.min.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 25 May 2022 04:23:27 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 pub-6390132166409150 Show response
fundingchoicesmessages.google.com/b/ 9 KB
4 KB 229ms
220ms Script
application/javascript 2404:6800:4004:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/b/pub-6390132166409150

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12b9a6e5ed54f5d4a0efa7d2841083ccf9de1a6bbefd1c6cce43c21e12a7bcaf

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-J8p5IPeTpHi1XeamRd5xAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-J8p5IPeTpHi1XeamRd5xAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2188414d64d2930eb54f4731b6eb9a931358ba625d1cd7535a889409218609d2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 easeus-recexperts2-320x180.png
ittrip.xyz/wp-content/uploads/2022/12/ 15 KB
15 KB 10ms
10ms Image
image/png 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/12/easeus-recexperts2-320x180.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

f50d531fcdb5bdb432e4f63c9b6af1ec8f7e17151825f66ee4c0913ccb775555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 07 Dec 2022 06:09:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 14874
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 icon
fonts.googleapis.com/ 1 KB
948 B 50ms
41ms Stylesheet
text/css 2404:6800:4004:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined&display=swap

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/wp-content/themes/luxeritas/js/luxe.min.js?v=1670810050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d171475258fb6a060d8c6b957b519482eb4911697329c085f2d6ed17994e2657

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 02:54:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Dec 2022 02:54:35 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 191ms
182ms Script
text/javascript 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-6390132166409150:3975277648

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

3ec02553da03dc64b0b1fd3cdd5a4e0cf3fc4964b98568179e5e12a95a468017

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: br
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3452
x-xss-protection: 0
bfcache-opt-in: unload
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
permissions-policy: unload=()
origin-trial: AqRrpS1jM/HOs1rGR0CnXerKEP/QFz7qj9ApDSZqAO+0U+KcT/h/lxA6akW4ar0kT0V1bw5MD4t8O7L7OFwM5gUAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY3ODIzMzU5OX0=
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"

GET
H2 200 ed9a5f49469ca58c9b57d12266734465-320x180.jpg
ittrip.xyz/wp-content/uploads/2022/08/ 10 KB
10 KB 14ms
13ms Image
image/jpeg 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/08/ed9a5f49469ca58c9b57d12266734465-320x180.jpg

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

8c353918c33a0719315d7c3090e64b999022a1fbd7b95010a88c2856e93cb92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Aug 2022 08:01:05 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 9945
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 4videosoft1-1-320x180.jpg
ittrip.xyz/wp-content/uploads/2022/08/ 12 KB
12 KB 14ms
14ms Image
image/jpeg 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/08/4videosoft1-1-320x180.jpg

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

e3dc62150927161eebe826bb9c61a740bc3c422796be0a728a9ecb02d1a94fd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Aug 2022 08:00:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 12216
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 125 KB
126 KB 20ms
5ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ittrip.xyz
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 08:35:22 GMT
x-content-type-options: nosniff
age: 65953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128352
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 08:35:22 GMT

GET
H2 200 bf.png
a.imgvc.com/i/ 107 B
319 B 12ms
3ms Image
image/png 13.113.102.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.imgvc.com/i/bf.png?v=1
Requested by: Host: ittrip.xyz
URL: https://ittrip.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.102.155 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-102-155.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b91c8b84c49b1756731db30071b26178a3423501239faf936b2bd98237962881

Request headers

Referer: https://ittrip.xyz/
Origin: https://ittrip.xyz
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
last-modified: Wed, 09 May 2018 15:00:00 GMT
server: nginx
front-end-https: on
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=63072000, private
content-length: 107
expires: Sun, 22 Dec 2024 02:54:35 GMT

GET
H/1.1 200
OK ab.woff
webfonts.xserver.jp/ 17 KB
18 KB 17ms
16ms Font
font/woff 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/ab.woff
Requested by: Host: ittrip.xyz
URL: https://ittrip.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: e2fa69feab176160c642026437a980e8d82132c225290fcfb0c50a333dd31552

Request headers

Referer: https://ittrip.xyz/
Origin: https://ittrip.xyz
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 02:54:35 GMT
Last-Modified: Fri, 26 Feb 2021 05:26:27 GMT
Server: nginx
ETag: "60388683-4578"
X-Cache-Status: HIT
Access-Control-Max-Age: 31536000
Access-Control-Allow-Methods: GET
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17784

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ 356 KB
118 KB 121ms
115ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071250

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6390132166409150&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11c2ab12d195c7213087fe06a3a099e3efd5a301cc6dd04983580215fa5a9262

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120010
x-xss-protection: 0
server: cafe
etag: 1105714076677116271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Dec 2022 02:54:35 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 03CE 10 KB
5 KB 10ms
2ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6390132166409150&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 14772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 22:48:23 GMT
etag: 10353107486223812946
expires: Thu, 05 Jan 2023 22:48:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxVNYy_Iw_kePYAwkl1aimfjssBd2Lu5G5P6XYxkUwjCTAu4IV03xNVBLxll269fR4_WxNSsybqayEiXE1A48Rk= Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 101ms
94ms Script
application/javascript 2404:6800:4004:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVNYy_Iw_kePYAwkl1aimfjssBd2Lu5G5P6XYxkUwjCTAu4IV03xNVBLxll269fR4_WxNSsybqayEiXE1A48Rk=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjcxNzY0MDc1LDU1NTAwMDAwMF0sIjVERUQ1MDkxLTZGNEItNDMxNy04ODUyLTEwMTFFOEYzM0I5OSIsbnVsbCxudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZSx0cnVlXSwiaHR0cHM6Ly9pdHRyaXAueHl6LyIsbnVsbCxbWzgsImE1eU5DVEhRRjkwIl0sWzksImVuLVVTIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.a5yNCTHQF90.es5.O/d=1/rs=AJlcJMxYnJ_pzJb_971vQCP6zWrpPIk90Q/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d59ac73650123d547683d58296b74abd770d5563276b809136447c4889bb75c9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-wU47TAUFt4jTbdUMXjT3SA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-wU47TAUFt4jTbdUMXjT3SA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 excel-paste1-320x180.png
ittrip.xyz/wp-content/uploads/2022/07/ 33 KB
33 KB 12ms
11ms Image
image/png 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/07/excel-paste1-320x180.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

94c574f5d570603a615dc88f2e191d5fcfa4922d11c2ffb963c6b13db109c363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Jul 2022 07:49:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 33696
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 chrome-edge-extention-force10-320x180.png
ittrip.xyz/wp-content/uploads/2022/06/ 33 KB
34 KB 21ms
20ms Image
image/png 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/06/chrome-edge-extention-force10-320x180.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

cde6f75a83d1693b22339bff6cba1744f548d1452604fe89576d92ca5fc37758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Jun 2022 05:56:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34203
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 chrome-extention-force1-320x180.png
ittrip.xyz/wp-content/uploads/2022/06/ 24 KB
25 KB 13ms
12ms Image
image/png 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/06/chrome-extention-force1-320x180.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

d13c6242c347b851a261f1e5635c271f12f43172be02f8b1c6cbd84d5b91cd77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Jun 2022 02:50:55 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 25066
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 easeus-recexperts2-100x100.png
ittrip.xyz/wp-content/uploads/2022/12/ 3 KB
3 KB 20ms
19ms Image
image/png 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/12/easeus-recexperts2-100x100.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

c08dd4b712785938beb9dcbfd614428bc393cb228a00f3b7057cba087cc14853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 07 Dec 2022 06:09:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3305
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 ed9a5f49469ca58c9b57d12266734465-100x100.jpg
ittrip.xyz/wp-content/uploads/2022/08/ 3 KB
3 KB 20ms
19ms Image
image/jpeg 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/08/ed9a5f49469ca58c9b57d12266734465-100x100.jpg

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

39b40a306f70770c2c6a6d4ea3b885f9e9dfb91268d39cd58867ffb7c07344cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Aug 2022 08:01:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2700
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 4videosoft1-1-100x100.jpg
ittrip.xyz/wp-content/uploads/2022/08/ 3 KB
3 KB 19ms
18ms Image
image/jpeg 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/08/4videosoft1-1-100x100.jpg

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

2ec14a270149419495b186fa2201c2dc573bb3d410ffba08277c0e4d3ae7f193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Aug 2022 08:00:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2957
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 excel-paste1-100x100.png
ittrip.xyz/wp-content/uploads/2022/07/ 9 KB
9 KB 21ms
21ms Image
image/png 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/07/excel-paste1-100x100.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

cc9adc7bd2c6f2de18dd390b16d3c8cda68bc05e4a7116206d37335b40b922dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Jul 2022 07:49:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 9301
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 chrome-edge-extention-force10-100x100.png
ittrip.xyz/wp-content/uploads/2022/06/ 9 KB
9 KB 20ms
20ms Image
image/png 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/06/chrome-edge-extention-force10-100x100.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

0b93763e73507bb69954d4dd967914dea2432597532eeef862e8a46d0251c5c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Jun 2022 05:56:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 9000
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 02:54:35 GMT

GET
H2 200 app3 Show response
dalc.valuecommerce.com/ 646 B
1008 B 22ms
10ms Script
application/javascript 54.65.141.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dalc.valuecommerce.com/app3?p=887798439&_s=https%3A%2F%2Fittrip.xyz%2F&vf=iVBORw0KGgoAAAANSUhEUgAAAAMAAAADCAYAAABWKLW%2FAAAAAXNSR0IArs4c6QAAADBJREFUGFdjZBRj%2BJ%2FUL8HAEf2egVF7%2Bc3%2F8aH%2FGBratBgYO7ma%2FlcY7mF4cvQQAwAGNQ7lEVW9CAAAAABJRU5ErkJggg%3D%3D

Requested by

Host: aml.valuecommerce.com
URL: https://aml.valuecommerce.com/vcdal.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.65.141.192 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-65-141-192.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

72eb002cbee3f2ed5f13d491b428d4a240a16abffc11178dc5f563bc745f4957

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
x-content-type-options: nosniff
server: nginx
front-end-https: on
p3p: CP="ALL DSP COR CURa OUR BUS"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8;
cache-control: private, max-age=0, no-cache
content-length: 646

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
75 KB 53ms
45ms Script
application/javascript 2404:6800:4004:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5FR5GCF53M&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-84676516-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4c1282ce615c35d2ae96367b9a5aab1f23a56a79fc1c4f861e34f9235c9fbb87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76848
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 23 Dec 2022 02:54:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 12ms
2ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-84676516-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 23 Dec 2022 02:40:10 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 865
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 23 Dec 2022 04:40:10 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
168 B 35ms
35ms Ping
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2QK7EHKEJP&gtm=2oebu0&_p=582430550&gdid=dZTNiMT&cid=1601688926.1671764076&ul=en-us&sr=1600x1200&_s=1&sid=1671764075&sct=1&seg=0&dl=https%3A%2F%2Fittrip.xyz%2F&dt=IT%20trip&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2QK7EHKEJP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 02:54:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ittrip.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 AGSKWxWMarn06TKLnRjY3Hoskguu-Bl922g70Gh69OhpkFQq2op50GG-mAiZ2jMqOsgXrXEt_kHpQfFPioSjQIYzaJ44bw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 53ms
47ms XHR
text/html 2404:6800:4004:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWMarn06TKLnRjY3Hoskguu-Bl922g70Gh69OhpkFQq2op50GG-mAiZ2jMqOsgXrXEt_kHpQfFPioSjQIYzaJ44bw==

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-80hcEAwcup1gT0hE50AvUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-80hcEAwcup1gT0hE50AvUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ittrip.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cse_element__ja.js Show response
www.google.com/cse/static/element/f275a300093f201a/ 303 KB
101 KB 14ms
5ms Script
text/javascript 2404:6800:4004:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/f275a300093f201a/cse_element__ja.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6390132166409150:3975277648

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7555bab2b153644caa129a3c9f4ede8f8d7fd8b45d83572d9d30b4ab15129c2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 09:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 407543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103540
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:37:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 18 Dec 2023 09:42:12 GMT

GET
H2 200 default+ja.css
www.google.com/cse/static/element/f275a300093f201a/ 41 KB
9 KB 12ms
3ms Stylesheet
text/css 2404:6800:4004:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/f275a300093f201a/default+ja.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6390132166409150:3975277648

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 17:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9086
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:37:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 18 Dec 2023 17:24:48 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 13ms
4ms Stylesheet
text/css 2404:6800:4004:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6390132166409150:3975277648

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 23 Dec 2022 03:35:46 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 47ms
38ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=582430550&t=pageview&_s=1&dl=https%3A%2F%2Fittrip.xyz%2F&ul=en-us&de=UTF-8&dt=IT%20trip&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=343672807&gjid=1108629788&cid=1601688926.1671764076&tid=UA-84676516-1&_gid=1383828374.1671764076&_r=1&gtm=2oubu0&z=842884393

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 02:54:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ittrip.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK b3
dalb.valuecommerce.com/ 43 B
326 B 25ms
7ms Image
image/gif 210.140.225.83
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dalb.valuecommerce.com/b3?twitter.com%2Fshare=1&www.facebook.com%2Fsharer=1&b.hatena.ne.jp%2Fadd=1&getpocket.com%2Fedit=1&lineit.line.me%2Fshare=1&line.me%2FR=1&thk.kanzae.net=1&_p=887798439&_r=Y6UYawAI6pnZivzXCoIAigqCAoaw2A&_t=63a5186b&_du=https%3A%2F%2Fittrip.xyz%2F

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.140.225.83 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),

Reverse DNS

210-140-225-83.newton.jp-east.compute.idcfcloud.net

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
x-content-type-options: nosniff
server: nginx
front-end-https: on
p3p: CP="ALL DSP COR CURa OUR BUS"
access-control-allow-origin: *
content-type: image/gif
cache-control: private, max-age=0, no-cache
content-length: 43

GET
H3 200 async-ads.js Show response
cse.google.com/adsense/search/ 141 KB
51 KB 58ms
51ms Script
text/javascript 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/f275a300093f201a/cse_element__ja.js?usqp=CAI%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b2e40762fd45c4022714c1ffa41eb8311a031fde0dba60f274b149ea5971cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "7903281105347033007"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Fri, 23 Dec 2022 02:54:35 GMT

GET
H3 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 12ms
3ms Image
image/png 2404:6800:4004:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/f275a300093f201a/default+ja.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/cse/static/element/f275a300093f201a/default+ja.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 08:03:50 GMT
x-content-type-options: nosniff
age: 154245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 21 Dec 2023 08:03:50 GMT

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/ja/ 1 KB
1 KB 10ms
3ms Image
image/png 2404:6800:4004:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/ja/branding.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6546570d77534cf5fdf2b983c4b5c4b82aee432543271aeb64be42b9eb928180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 10:07:16 GMT
x-content-type-options: nosniff
age: 233239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1283
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 17:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 20 Dec 2023 10:07:16 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
210 B 103ms
2ms Image
text/plain 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: ittrip.xyz
URL: https://ittrip.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
442 B 106ms
35ms XHR
text/plain 2404:6800:4008:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-84676516-1&cid=1601688926.1671764076&jid=343672807&gjid=1108629788&_gid=1383828374.1671764076&_u=YADAAUAAAAAAACAAI~&z=450473393

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c04::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 23 Dec 2022 02:54:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ittrip.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 38ms
38ms Ping
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-5FR5GCF53M&gtm=2oebu0&_p=582430550&cid=1601688926.1671764076&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671764075&sct=1&seg=0&dl=https%3A%2F%2Fittrip.xyz%2F&dt=IT%20trip&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5FR5GCF53M&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 02:54:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ittrip.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
694 B 84ms
36ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ittrip.xyz&callback=_gfp_s_&client=ca-pub-6390132166409150&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e55977f0f8f6a9f618ad21fa9c5c45616b313628fcf6f06c7f7ae253cb06c653

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 50ms
40ms Script
application/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=ittrip.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 47ms
38ms Script
application/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ittrip.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 341A 407 KB
82 KB 656ms
649ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&adk=1812271804&adf=3025194257&lmt=1671764075&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fittrip.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764075513&bpp=2&bdt=268&idt=218&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1888345947434&frm=20&pv=2&ga_vid=1601688926.1671764076&ga_sid=1671764076&ga_hid=582430550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071250%2C44780792&oid=2&pvsid=119832428674972&tmod=602827817&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=241

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8aa2ba333af0ccb90b53d0ed8d8621bcf2d0adf715636a076525a2b72beb329

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 84261
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 02:54:36 GMT
expires: Fri, 23 Dec 2022 02:54:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5D0E 74 KB
29 KB 900ms
899ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=600&slotname=1332286832&adk=3840913425&adf=2823267970&pi=t.ma~as.1332286832&w=300&fwrn=4&fwrnh=100&lmt=1671764075&rafmt=1&format=300x600&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764075515&bpp=2&bdt=270&idt=244&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1888345947434&frm=20&pv=1&ga_vid=1601688926.1671764076&ga_sid=1671764076&ga_hid=582430550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=243&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071250%2C44780792&oid=2&pvsid=119832428674972&tmod=602827817&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2tbAZSnG1U&p=https%3A//ittrip.xyz&dtd=249

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0db8d9b5bd7a862246fbb7d046ce8c5676c8b88527efc9e4f9c1765057e68016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30096
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 02:54:36 GMT
expires: Fri, 23 Dec 2022 02:54:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 887C 97 KB
33 KB 293ms
293ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=280&slotname=1584818641&adk=4258628461&adf=4004646833&pi=t.ma~as.1584818641&w=510&fwrn=4&fwrnh=100&lmt=1671764075&rafmt=1&format=510x280&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764075517&bpp=1&bdt=272&idt=266&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=1888345947434&frm=20&pv=1&ga_vid=1601688926.1671764076&ga_sid=1671764076&ga_hid=582430550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=2971&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071250%2C44780792&oid=2&pvsid=119832428674972&tmod=602827817&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9aVyGYU8qa&p=https%3A//ittrip.xyz&dtd=270

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cff777d58d9387b3f21452ec26fb32cfb3f515aaf748d5d30398a2c4b50dc6c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34136
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 02:54:36 GMT
expires: Fri, 23 Dec 2022 02:54:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 42ms
42ms Image
image/gif 2404:6800:4004:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-84676516-1&cid=1601688926.1671764076&jid=343672807&_u=YADAAUAAAAAAACAAI~&z=569181923

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 02:54:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
501 B 56ms
47ms Image
image/gif 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-84676516-1&cid=1601688926.1671764076&jid=343672807&_u=YADAAUAAAAAAACAAI~&z=569181923

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 02:54:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 887C 830 B
581 B 48ms
42ms Stylesheet
text/css 2404:6800:4004:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%AA%E3%81%84%E3%82%93%E6%B8%AC%E3%81%A8%E3%81%9F%E3%81%BF%E3%81%AF%E5%88%86%E3%81%8B%E3%81%82%E4%BE%A1%E3%81%A6%E3%80%81%E8%80%83%E5%80%A4%E8%BB%A2%E3%81%9B%E5%B8%82%E3%81%99%E3%81%90%E3%82%BA%E3%82%82%E3%82%8B%E3%81%8C%E3%83%93%E3%83%81%E3%83%BC%E3%81%AE%E3%83%AA%E8%A6%8B%E3%82%92%E3%81%A3%E8%81%B7%E3%81%88%E5%A0%B4%E3%81%BE%E3%81%8F%E3%80%82%E4%BB%8A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=280&slotname=1584818641&adk=4258628461&adf=4004646833&pi=t.ma~as.1584818641&w=510&fwrn=4&fwrnh=100&lmt=1671764075&rafmt=1&format=510x280&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764075517&bpp=1&bdt=272&idt=266&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=1888345947434&frm=20&pv=1&ga_vid=1601688926.1671764076&ga_sid=1671764076&ga_hid=582430550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=2971&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071250%2C44780792&oid=2&pvsid=119832428674972&tmod=602827817&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9aVyGYU8qa&p=https%3A//ittrip.xyz&dtd=270

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

75fed3df6aab64d328d313e36ee55e9fe2d8a31db17875cc00e42f1b9b9a6d19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Dec 2022 02:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 02:54:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Dec 2022 02:54:36 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 887C 2 KB
846 B 17ms
4ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 23:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 23:03:30 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 887C 23 KB
10 KB 15ms
3ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 04:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 04:04:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 887C 3 KB
1 KB 9ms
5ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 04:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 04:04:28 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 887C 18 KB
7 KB 16ms
4ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 22:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 22:15:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 887C 153 KB
47 KB 74ms
62ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 02:54:36 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 887C 34 KB
14 KB 14ms
2ms Script
text/javascript 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 02:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 18 Mar 2023 02:24:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 887C 0
0 54ms
54ms Fetch
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNjikaxilY-CAMrKRpt8PgZqygAqcl9vSbJqtuK6KD7CQHxABIOu-ojRgifPFhPQToAG0jdiiA8gBCakC-2nDcZY6QD6oAwHIA8sEqgTlAU_QGQPO2tg_nraNyaN6bbrar6ApYHexWDmxpXBNjyFzvLPo7ixZ9UyMTJ7Lqy7BnlqBJ-47vY0FU2QTU-LyIYfCF6zJsv6_gmqpwze8S7jiHxipuIzPMSrnJnl8w8i5d-XbU9oWXIIncDCmnxkt7ZePI9iaI7rrEQUbGObvZreOagLFn71jsEzVwWvgXKElD_vyUMUenC5EgJZUgiIjbRd_GT0yBj0bdyFWvRrS-c6pdlMorV05HL_aiQ_F4W8mWfyVYvWuQkpJ4anMebJ975itGltfREo4K0ooAiebSi3x6sezxoLABPrXhYrbApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe08qddqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQpvYC0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMMiBQC0BUBmBYBgBcBshccChoIABIUcHViLTYzOTAxMzIxNjY0MDkxNTAYAA&sigh=lOSLkVKp1AA&uach_m=[UACH]&cid=CAQSGwDq26N9Oe9n6uyNlpzn9bML8stllE8x8laqKxgBIBM&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=280&slotname=1584818641&adk=4258628461&adf=4004646833&pi=t.ma~as.1584818641&w=510&fwrn=4&fwrnh=100&lmt=1671764075&rafmt=1&format=510x280&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764075517&bpp=1&bdt=272&idt=266&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=1888345947434&frm=20&pv=1&ga_vid=1601688926.1671764076&ga_sid=1671764076&ga_hid=582430550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=2971&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071250%2C44780792&oid=2&pvsid=119832428674972&tmod=602827817&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9aVyGYU8qa&p=https%3A//ittrip.xyz&dtd=270
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 23 Dec 2022 02:54:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 23 Dec 2022 02:54:36 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/15856344456947790686/ Frame 887C 24 KB
24 KB 12ms
3ms Image
image/jpeg 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15856344456947790686/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9535321bbb5853360b00b4d506af3b48a09d81f28b4c6b84a07b96604cb3584

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 16:53:53 GMT
x-content-type-options: nosniff
age: 381643
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24196
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 13:58:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 18 Dec 2023 16:53:53 GMT

GET
DATA 200
OK truncated
/ Frame 887C 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 887C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 887C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fb504c717372677e981b42ab78c228a32a5eae54afb0a5953ea5428fc1c665d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 font
fonts.gstatic.com/l/ Frame 887C 19 KB
19 KB 10ms
4ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQMisq12XzhgmVlTrgTXhzVFe-PCMW6V3nzkTMrL-R04_PbZihXiLtlVznJb7qljrpynBC7qgpDR4zHVJGvcMT1KaiRpAil7h67zrO_nlm8vR8-w7Pvv4Ino8F855ocyZSIcF-v9pP3b7wB30gn2lAbjdnk9MCjatLGtXKn9JVcbuleN0TtZVks3VKL0UdJT-khmdDn9xCu4XM_2i_xg&skey=fbc48de1c6e1b00c&v=v42

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%AA%E3%81%84%E3%82%93%E6%B8%AC%E3%81%A8%E3%81%9F%E3%81%BF%E3%81%AF%E5%88%86%E3%81%8B%E3%81%82%E4%BE%A1%E3%81%A6%E3%80%81%E8%80%83%E5%80%A4%E8%BB%A2%E3%81%9B%E5%B8%82%E3%81%99%E3%81%90%E3%82%BA%E3%82%82%E3%82%8B%E3%81%8C%E3%83%93%E3%83%81%E3%83%BC%E3%81%AE%E3%83%AA%E8%A6%8B%E3%82%92%E3%81%A3%E8%81%B7%E3%81%88%E5%A0%B4%E3%81%BE%E3%81%8F%E3%80%82%E4%BB%8A

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

939aa9a7bc52cc455f9ae2b621faa767a8570762cc6b89cfd443098f8b3199f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:37:54 GMT
x-content-type-options: nosniff
age: 4602
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19624
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 23:11:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Fri, 23 Dec 2022 01:37:54 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame 887C 19 KB
19 KB 11ms
5ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqc07TlBgmVljrhTXhzUle-MCMW6l3nyUTMr7-RzI_PZJihXSLtlFznIr7qlTrp9XBC7agpCB4zHFJGssMT1aaiRZAik7h67jrO4Xlm_PR8-g7Mg_4Il48F6p5ociZSK8F-n9pP3r7xPH0gnGlAfjdnktMCtKtLDNLyqdJQWrqbfd0bl5VMgXVSGUYdCzGcqWdCq9xlh4XR1g&skey=72472b0eb8793570&v=v42

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

65ebfa67c7d91cfdc22002c3602eaa208022959f889bc4bcfb2ab7a11844fe62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:29:43 GMT
x-content-type-options: nosniff
age: 5093
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19408
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 23:11:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Fri, 23 Dec 2022 01:29:43 GMT

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 32C1 36 KB
16 KB 4ms
4ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 21:31:52 GMT

GET
H2 200 app3 Show response
dalc.valuecommerce.com/ 646 B
871 B 8ms
8ms Script
application/javascript 54.65.141.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dalc.valuecommerce.com/app3?p=887798439&_s=https%3A%2F%2Fittrip.xyz%2F&_b=Y6UYawAI6pnZivzXCoIAigqCAoaw2A&vf=iVBORw0KGgoAAAANSUhEUgAAAAMAAAADCAYAAABWKLW%2FAAAAAXNSR0IArs4c6QAAADBJREFUGFdjZBRj%2BJ%2FUL8HAEf2egVF7%2Bc3%2F8aH%2FGBratBgYO7ma%2FlcY7mF4cvQQAwAGNQ7lEVW9CAAAAABJRU5ErkJggg%3D%3D

Requested by

Host: aml.valuecommerce.com
URL: https://aml.valuecommerce.com/vcdal.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.65.141.192 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-65-141-192.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

57152cb253973a10c2695a5f6c4cacd72498a3e6e119724f8f6ab1d6e083b851

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:36 GMT
x-content-type-options: nosniff
server: nginx
front-end-https: on
p3p: CP="ALL DSP COR CURa OUR BUS"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8;
cache-control: private, max-age=0, no-cache
content-length: 646

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ 151 KB
51 KB 51ms
51ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/reactive_library_fy2021.js?bust=31071250

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c07100997a3fac288ded4ea7245b9d6abba6f214585ab0ef34daa8b03432d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52382
x-xss-protection: 0
server: cafe
etag: 14086393055769110488
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Dec 2022 02:54:36 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 36ms
36ms Image
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8%2C4%2C3&c=ca-pub-6390132166409150&eid=44759876%2C44759927%2C44759837%2C31071250%2C44780792

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 02:54:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=165&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20No%20slot%20size%20for%20availableWidth%3D300%0Aat%20Sn%20(https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3Fclient%3Dca-pub-6390132166409150%26host%3Dca-host-pub-2644536267352236%3A159%3A67)%0Aat%20Un%20(adsbygoogle.js%3Fclient%3Dca-pub-6390132166409150%26host%3Dca-host-pub-2644536267352236%3A157%3A1165)%0Aat%20%24n%20(adsbygoogle.js%3Fclient%3Dca-pub-6390132166409150%26host%3Dca-host-pub-2644536267352236%3A162%3A91)%0Aat%20np%20(adsbygoogle.js%3Fclient%3Dca-pub-6390132166409150%26host%3Dca-host-pub-2644536267352236%3A196%3A202)%0Aat%20Cp%20(ad&shv=r20221207&mjsv=m202212060101&eid=44759876%2C44759927%2C44759837%2C31071250%2C44780792&client=ca-pub-6390132166409150&tag_origin=qs&url=https%3A%2F%2Fittrip.xyz%2F

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 02:54:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
122 B 46ms
40ms Script
application/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=ittrip.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 46ms
39ms Script
application/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ittrip.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AF28 98 KB
34 KB 266ms
265ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=100&adk=2718700533&adf=807584714&pi=t.aa~a.1611007932~rp.4&w=330&fwrn=4&fwrnh=100&lmt=1671764076&rafmt=1&to=qs&pwprc=8069848629&format=330x100&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764076511&bpp=1&bdt=1266&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c2ec7ef8fe90ba1-22d2450003d90043%3AT%3D1671764075%3ART%3D1671764075%3AS%3DALNI_Mal09h8Wk57P0_kvz5iAdZnuCTxaQ&gpic=UID%3D00000b962874ab9e%3AT%3D1671764075%3ART%3D1671764075%3AS%3DALNI_Mb5OZbYQBptN4flk__JOamJpC198A&prev_fmts=0x0%2C300x600%2C510x280&nras=2&correlator=1888345947434&frm=20&pv=1&ga_vid=1601688926.1671764076&ga_sid=1671764076&ga_hid=582430550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1009&ady=1816&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071250%2C44780792&oid=2&psts=ACgb8tvJDHZkgaqwIyGk1adwUPv40kGCHdgBRE3RJ8QZc5u5D6webr1X9TDnHkhPL1Pk1YI5wRXrf-SED0jyC2g&pvsid=119832428674972&tmod=602827817&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=FKVSFtQer4&p=https%3A//ittrip.xyz&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c9547d32afd24441797cadd324c9791e71263965f6eb1b76ade86dbf65285b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 34979
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 02:54:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=3&wpc=ca-pub-6390132166409150&warn=6%2C12%2C13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20221212_102843&sat=1671676420151&afm=0&as_count=2&d_count=0&ng_count=0&am_count=1&atf_count=1&mdns=0.259&alldns=0.288&allp=16&fd=(0%2C15%2C6)%2C(2%2C0%2C0)&pgh=3402&abl=false&rr=n&su=ittrip.xyz&pvc=119832428674972&r=0.1&eid=44759876%2C44759927%2C44759837%2C31071250%2C44780792

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 02:54:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 37ms
36ms Image
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8%2C4%2C3&c=ca-pub-6390132166409150&eid=44759876%2C44759927%2C44759837%2C31071250%2C44780792

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 02:54:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 456B 10 KB
4 KB 3ms
2ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 35617
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 17:00:59 GMT
etag: 10353107486223812946
expires: Thu, 05 Jan 2023 17:00:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame F14A 10 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 35617
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 17:00:59 GMT
etag: 10353107486223812946
expires: Thu, 05 Jan 2023 17:00:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame CADD 10 KB
4 KB 3ms
2ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 35617
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 17:00:59 GMT
etag: 10353107486223812946
expires: Thu, 05 Jan 2023 17:00:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 456B 4 KB
636 B 43ms
43ms Stylesheet
text/css 2404:6800:4004:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Dec 2022 02:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 01:30:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Dec 2022 02:54:36 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 456B 205 B
229 B 10ms
3ms Image
image/png 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 02:49:07 GMT
x-content-type-options: nosniff
age: 432329
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 18 Dec 2023 02:49:07 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 456B 604 B
628 B 11ms
4ms Image
image/png 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 22:47:14 GMT
x-content-type-options: nosniff
age: 274042
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 19 Dec 2023 22:47:14 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 456B 19 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8084
x-xss-protection: 0
server: cafe
etag: 2222875591315018765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Jan 2023 01:11:07 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F14A 2 KB
765 B 4ms
3ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 23:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 23:03:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame F14A 23 KB
9 KB 4ms
4ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 04:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 04:04:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F14A 3 KB
1 KB 4ms
3ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 04:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 04:04:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F14A 18 KB
7 KB 5ms
3ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 22:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 22:15:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F14A 153 KB
47 KB 93ms
86ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 02:54:36 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame F14A 34 KB
14 KB 5ms
3ms Script
text/javascript 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 02:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 18 Mar 2023 02:24:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CADD 1 KB
663 B 44ms
42ms Stylesheet
text/css 2404:6800:4004:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E9%9B%A2%E7%96%B2%E7%B0%A1%E5%8D%98%E3%83%AA%E7%AD%8B%E3%82%A2%E3%83%BC%E3%80%82%E3%82%B9%E3%82%A7%E7%A7%BB%E3%81%AA%E3%82%8B%E3%81%8C%E8%B7%9D%E5%AE%85%E3%81%A7%E3%82%AF%E3%83%AF%E3%81%AE%E6%96%B9%E4%BD%93%E8%87%AA%E3%83%81%E3%83%88%E3%80%81%E3%82%B3%E3%81%AB%E3%82%A1%E8%82%89%E3%83%A0%E3%81%A9%E3%83%9E%E3%83%83%E3%83%95%E3%83%89%E5%8B%95%E3%82%8C%E3%82%B5%E3%83%87%E9%95%B7%E3%82%88%E3%81%B8%E8%BA%AB%E3%81%82

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

277228408090fd0fa85e6441ad545a0b04403b97705e4ae128088d48c7751947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Dec 2022 02:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 02:54:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Dec 2022 02:54:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame CADD 2 KB
765 B 3ms
3ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 23:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 23:03:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame CADD 23 KB
9 KB 3ms
3ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 04:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 04:04:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame CADD 3 KB
1 KB 3ms
3ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 04:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 04:04:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame CADD 18 KB
7 KB 5ms
4ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 22:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 22:15:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CADD 153 KB
47 KB 83ms
82ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 02:54:36 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame CADD 34 KB
14 KB 4ms
3ms Script
text/javascript 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 02:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 18 Mar 2023 02:24:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B060 922 B
645 B 46ms
45ms Stylesheet
text/css 2404:6800:4004:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%A3%E6%A5%AD%E6%88%A6%E8%A8%88%E3%81%A6%E3%82%8A%E9%96%890%E3%81%97%E4%B8%87%E7%B0%A1%E3%80%81%E6%97%A5%E5%A4%9A%E3%83%BC%E8%A6%96%E3%81%8Cn1%E3%82%82%E9%81%82%E5%8C%96%E6%88%90%E3%83%A6%E3%81%8F%E3%81%BE%20%E3%81%8B%E3%82%88%E5%8F%AF%E5%8D%98%E4%BD%BF%E3%81%A89%E7%94%BB%E3%81%84%E9%96%8B%E3%81%99%E6%AF%8E%E3%81%92%E3%81%AB%E7%99%BE%E3%82%92%E6%89%80%E3%82%B6%E4%BA%BA%E7%95%A5%E3%81%AE%E4%BD%9CA%E3%81%A7%E4%BD%95%E3%81%B9%E3%82%8B%E4%BA%8B%E3%81%98%E3%80%82%E5%9B%BDsa

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a1fdf832e5f4d2466f29902a208bcf17959ab2937783972cf96f0abf5459a0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Dec 2022 02:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 02:54:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Dec 2022 02:54:36 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B060 4 KB
816 B 44ms
44ms Stylesheet
text/css 2404:6800:4004:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Dec 2022 02:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 02:19:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Dec 2022 02:54:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame B060 2 KB
765 B 3ms
3ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 23:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 23:03:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame B060 23 KB
9 KB 3ms
2ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 04:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 04:04:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame B060 3 KB
1 KB 4ms
4ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 04:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 04:04:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame B060 18 KB
7 KB 4ms
3ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 22:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 22:15:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B060 153 KB
47 KB 73ms
73ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 02:54:36 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame B060 34 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 02:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 18 Mar 2023 02:24:23 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ACC2 143 B
166 B 3ms
2ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 3349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 01:58:47 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 50ms
50ms Image
image/gif 2404:6800:4004:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=4.197749638993233

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-69FejitVlOwcP37-wo-8hA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-69FejitVlOwcP37-wo-8hA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 230ms
229ms Image
image/gif 2404:6800:4004:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=0.1021426523258866

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EXgiARNVoUa8uIMtegI0oA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-EXgiARNVoUa8uIMtegI0oA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 15185166848775676480
tpc.googlesyndication.com/simgad/ Frame 5D0E 48 KB
48 KB 7ms
6ms Image
image/png 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15185166848775676480?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnDF8HmYBFQ69zYAM_wOMRydurTVQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=600&slotname=1332286832&adk=3840913425&adf=2823267970&pi=t.ma~as.1332286832&w=300&fwrn=4&fwrnh=100&lmt=1671764075&rafmt=1&format=300x600&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764075515&bpp=2&bdt=270&idt=244&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1888345947434&frm=20&pv=1&ga_vid=1601688926.1671764076&ga_sid=1671764076&ga_hid=582430550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=243&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071250%2C44780792&oid=2&pvsid=119832428674972&tmod=602827817&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2tbAZSnG1U&p=https%3A//ittrip.xyz&dtd=249

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e67097eade11ad1a554dda1f29ed103489a0ca227595af68196a034d411be767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 16:21:17 GMT
x-content-type-options: nosniff
age: 383599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49163
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 00:50:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 18 Dec 2023 16:21:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 5D0E 23 KB
9 KB 4ms
3ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 04:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 04:04:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 5D0E 3 KB
1 KB 9ms
4ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 04:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 04:04:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 5D0E 18 KB
7 KB 8ms
3ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 22:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 22:15:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D0E 153 KB
47 KB 79ms
73ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 02:54:36 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 5D0E 34 KB
13 KB 9ms
4ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20e61b393e246051ebe36f186c4c5a8a0ab4efa227f16ec0c4cf57d60e0388d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 05:01:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
server: cafe
etag: 2612990788289469886
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 05:01:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5D0E 0
0 52ms
47ms Fetch
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfbucaxilY9TwMPGnvcAPqv-amALFt-_5ban9yO6AEbCkgLvBHBABIOu-ojRgifPFhPQToAG_3v_DA8gBAqkCkGBS0xM4QD6oAwHIA8kEqgTsAU_QARrzeYccBmexdHEyQF96BZAH8H2TLL7r7TCkV0-_4wL1hjks41nhUhoY4ZWP8RE8KAODnNrHKmj2YywTW-1fYq9kKxnv0nfuL7p4f0C1VwYfF8jhvok5nWC4xysx8iFO1HkAr0iyutsW0hZmxdGPNAW6BPWIZmGWWpnqAQABXhcInv3z70d86u_5ImeLv0HR2Fkk5RkgVUiKalgH68dG8ar1vzIdh7PYoq_fEIn8_qFEUAiC6w4ENnGYGoUufnym8EU1xCUhNQ4oXNRgYbEx6zsZwLPRfFPe5l5GEBOdhgbTywYzUJ2zgF5swATdnb2_jgSSBQQIBBgBkgUECAUYBKAGAoAHqaGAPKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJvTGtIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi02MzkwMTMyMTY2NDA5MTUwGAA&sigh=buJVE_zuZ0U&uach_m=[UACH]&cid=CAQSGwDq26N9jhGJzSOeeuHKGS85B_wUVmo52UEddxgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=600&slotname=1332286832&adk=3840913425&adf=2823267970&pi=t.ma~as.1332286832&w=300&fwrn=4&fwrnh=100&lmt=1671764075&rafmt=1&format=300x600&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764075515&bpp=2&bdt=270&idt=244&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1888345947434&frm=20&pv=1&ga_vid=1601688926.1671764076&ga_sid=1671764076&ga_hid=582430550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=243&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071250%2C44780792&oid=2&pvsid=119832428674972&tmod=602827817&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2tbAZSnG1U&p=https%3A//ittrip.xyz&dtd=249
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 23 Dec 2022 02:54:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ACC2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

60ms
59ms

Document
text/html

2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 02:54:36 GMT
expires: Fri, 23 Dec 2022 02:54:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 02:54:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CD60 143 B
166 B 4ms
3ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=600&slotname=1332286832&adk=3840913425&adf=2823267970&pi=t.ma~as.1332286832&w=300&fwrn=4&fwrnh=100&lmt=1671764075&rafmt=1&format=300x600&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764075515&bpp=2&bdt=270&idt=244&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1888345947434&frm=20&pv=1&ga_vid=1601688926.1671764076&ga_sid=1671764076&ga_hid=582430550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=243&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071250%2C44780792&oid=2&pvsid=119832428674972&tmod=602827817&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2tbAZSnG1U&p=https%3A//ittrip.xyz&dtd=249
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 3349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 01:58:47 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5D0E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c51836965a04bcab12d73506c99df7b273e8341f8a5b8d0e4a8c6956eb50bc0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/12970638758656743759/ Frame CADD 39 KB
39 KB 4ms
3ms Image
image/jpeg 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12970638758656743759/2076313506083323656

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e7c3c7690d56bb5849b611671f71a009b8be49e3424b02d333aa378483dc0d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:54:03 GMT
x-content-type-options: nosniff
age: 36033
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39735
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 10:27:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 22 Dec 2023 16:54:03 GMT

GET
DATA 200
OK truncated
/ Frame CADD 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CADD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8581fbff442d556c334c540cc4a8ae18d03f9e817d4c1443a8a6b242fa3ebc5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 13467824920422843562
tpc.googlesyndication.com/daca_images/simgad/ Frame F14A 11 KB
11 KB 3ms
3ms Image
image/jpeg 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13467824920422843562?w=180&h=320

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5257b3b4b80b165cbf4d8818b3f41fad8336d99334412f70000618409b026d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 23:11:54 GMT
x-content-type-options: nosniff
age: 186162
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11326
x-xss-protection: 0
last-modified: Sat, 03 Dec 2022 05:20:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 27 Dec 2022 23:11:54 GMT

GET
DATA 200
OK truncated
/ Frame F14A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce0ee9d51c02cbab1af6e0546acc032ca0e8f14264defc1379a0930d3551c3b9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 7A8D 36 KB
16 KB 3ms
2ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 21:31:52 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CD60
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

63ms
63ms

Document
text/html

2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 02:54:36 GMT
expires: Fri, 23 Dec 2022 02:54:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 02:54:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame CB46 36 KB
16 KB 3ms
2ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 21:31:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AF28 1 KB
544 B 42ms
41ms Stylesheet
text/css 2404:6800:4004:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%83%AB%E8%8F%B1%E3%81%82%E3%81%B8%E6%96%B0%E5%8F%AF%E6%80%A7%E6%9D%A5%E3%81%84%E9%96%8B%E3%81%97%E6%9C%AA%E3%81%A4%E4%B8%89%E8%BF%BD%E3%80%81%E3%82%86%E7%AD%94%E3%82%AD%E3%82%89%E3%82%92%E3%81%AE%E3%82%BFH%E8%83%BD%E4%B8%96%E3%82%8B%E6%B1%82%E3%83%A3%E8%B8%8F%E7%95%8C%E3%81%8FC%E3%83%94%E6%AC%A1%E3%80%82%E3%81%88

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=100&adk=2718700533&adf=807584714&pi=t.aa~a.1611007932~rp.4&w=330&fwrn=4&fwrnh=100&lmt=1671764076&rafmt=1&to=qs&pwprc=8069848629&format=330x100&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764076511&bpp=1&bdt=1266&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c2ec7ef8fe90ba1-22d2450003d90043%3AT%3D1671764075%3ART%3D1671764075%3AS%3DALNI_Mal09h8Wk57P0_kvz5iAdZnuCTxaQ&gpic=UID%3D00000b962874ab9e%3AT%3D1671764075%3ART%3D1671764075%3AS%3DALNI_Mb5OZbYQBptN4flk__JOamJpC198A&prev_fmts=0x0%2C300x600%2C510x280&nras=2&correlator=1888345947434&frm=20&pv=1&ga_vid=1601688926.1671764076&ga_sid=1671764076&ga_hid=582430550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1009&ady=1816&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071250%2C44780792&oid=2&psts=ACgb8tvJDHZkgaqwIyGk1adwUPv40kGCHdgBRE3RJ8QZc5u5D6webr1X9TDnHkhPL1Pk1YI5wRXrf-SED0jyC2g&pvsid=119832428674972&tmod=602827817&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=FKVSFtQer4&p=https%3A//ittrip.xyz&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf150e513330025ee5fb6223e26e19ab3fa2a069a867f424351d2e38f73fd56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Dec 2022 02:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 02:54:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Dec 2022 02:54:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame AF28 2 KB
765 B 3ms
3ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 23:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 23:03:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame AF28 23 KB
9 KB 4ms
4ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 04:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 04:04:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame AF28 3 KB
1 KB 5ms
5ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 04:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 04:04:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame AF28 18 KB
7 KB 4ms
4ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 22:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 22:15:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AF28 0
0 39ms
38ms Image
text/html 2404:6800:4004:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS4gA0HyDW09fQAGQOHUPJwJ62QxypZoQ96hpbjiiE1tYZIQQjMUJZucAVoZAaT5DZ-i1eUw23Uf31OVVdo7zKl44rOmA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=100&adk=2718700533&adf=807584714&pi=t.aa~a.1611007932~rp.4&w=330&fwrn=4&fwrnh=100&lmt=1671764076&rafmt=1&to=qs&pwprc=8069848629&format=330x100&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764076511&bpp=1&bdt=1266&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c2ec7ef8fe90ba1-22d2450003d90043%3AT%3D1671764075%3ART%3D1671764075%3AS%3DALNI_Mal09h8Wk57P0_kvz5iAdZnuCTxaQ&gpic=UID%3D00000b962874ab9e%3AT%3D1671764075%3ART%3D1671764075%3AS%3DALNI_Mb5OZbYQBptN4flk__JOamJpC198A&prev_fmts=0x0%2C300x600%2C510x280&nras=2&correlator=1888345947434&frm=20&pv=1&ga_vid=1601688926.1671764076&ga_sid=1671764076&ga_hid=582430550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1009&ady=1816&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071250%2C44780792&oid=2&psts=ACgb8tvJDHZkgaqwIyGk1adwUPv40kGCHdgBRE3RJ8QZc5u5D6webr1X9TDnHkhPL1Pk1YI5wRXrf-SED0jyC2g&pvsid=119832428674972&tmod=602827817&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=FKVSFtQer4&p=https%3A//ittrip.xyz&dtd=5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF28 153 KB
47 KB 83ms
82ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 02:54:36 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame AF28 34 KB
14 KB 4ms
4ms Script
text/javascript 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 02:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 18 Mar 2023 02:24:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F14A 0
17 B 50ms
50ms Image
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ca2oRaxilY_7cMLWMpt8P4LeJOJvRp4Rup5iV96wQ2tkeEAEg676iNGCJ88WE9BOgAaDBirUCyAEBqQKQYFLTEzhAPqgDAcgDywSqBPIBT9B3_a4FWBUmxyyhn_pToeoPqTeT0Us8zqZVYnhTchBksVqQ7rf5i_T0q7XGQtkD3TZiNtG6EQQQITkvm7e1NAlyjP-2UCQnRfMUqPo_0VMRe-AT0ENqIRitVvW_TdReOUpSdlNx2G2YYBUXIc91V3mfYDX0Vwu2mbb2pqc-T6PlmYx3SL1RA8hZjUs0gg8Saev_OvIv3FeEEurydPfBIJnmMd24CirEkx3xoDyYBXdBhhBiE40YZ_dVdOv4EgeAQuYS-EK_YFOtfk69RUhqnzI83__XxRio97Lbvqecq94ysEBAzacZGeApADb1hgnDL03ABNu_3p-VBJIFBAgEGAGSBQQIBRgEoAYCgAfIvvXKAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKv8BdIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDIgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi02MzkwMTMyMTY2NDA5MTUwGAA&sigh=dyqqn6I8DcU&uach_m=[UACH]&cid=CAQSGwDq26N9RBsc77EY1F1zWqkut4J436eMELIFehgBIBM&vis=1

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 23 Dec 2022 02:54:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CADD 0
17 B 49ms
49ms Image
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CN9-zaxilY__cMLWMpt8P4LeJOKKr6odu-vag4KQQsbeX-YQsEAEg676iNGCJ88WE9BOgAYiQj6YoyAEJqQKQYFLTEzhAPqgDAcgDywSqBOkBT9Av-V6tu1lec41NUlcVDOA1R9Eo8hHng3_Y4maIQ-Mwlf0VCLdW12MaRUZmsxmpbeeiTMuC8cVuXynVHPolq6HplNMQUP5VJyTPLqyhI5skqG1OrM5dXJ-hjaSC-R9uyfHXU9V0a-3GJcvrfjNJ4DmMZ9yRMeiWUHQrHOSCtxYmwKV0zkj-eOeF2KGbNpWewVtHY2xWps9bSOx3ITKJjZgHtqFR04ZrluLgFro_FkWDqITtfhDFHJzI6TsUQsepw5b1agijUP0AVT6Q5EtwypaUYax_DYBVdsoNDI7r9WfRznIqu-S9jxrABNu5zLyZBJIFBAgEGAGSBQQIBRgEoAYugAeIyN-FA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOXDC9IIDwiAYRABGB8yAooCOgKAQIAKAcgLAbgT5APYEw2IFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNjM5MDEzMjE2NjQwOTE1MBgA&sigh=lhdwaS3u7DY&uach_m=[UACH]&cid=CAQSGwDq26N9RBsc77EY1F1zWqkut4J436eMELIFehgBIBM&template_id=484&vis=1

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 23 Dec 2022 02:54:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AF28 0
0 47ms
47ms Fetch
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzJI3bBilY5DKIcf69gXnsaKgCraF49xtt-z1opwQ2tkeEAEg676iNGCJ88WE9BOgAYeP8L4ByAEJqQKQYFLTEzhAPqgDAcgDywSqBOEBT9DxliarO9ItXwXqlKhTorWWPadWBDW4AN_wCzWXcHUAab_zCB4cad9DJcpcZtBx7jtGYZtpwz_VZNaN_lz3U-vsL27y5cIoH0uFWk5o-ewOU5-92ckds9z1CBaqRxOpQbBa5BJCrNL9l6Wv31MdujNZ5WYH_w1U3CCMDf3FATjB6fJyMcKXOZMuwrwCNlj52dY3xf66q0appt6B605ag8FDMpD5teYm_YJ2hzZyj-cvUPE3Uo4-tlsTDj2LJTQL65fFRXPs4dSVSoHbRnQgSkZX0sM93e6-wbmddzkA8otVwATQx6OmgASgBi6AB-Hwj8ECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQkDXSCA8IgGEQARgfMgKKAjoCgECACgHICwG4E-QD2BMD0BUBgBcBshccChoIABIUcHViLTYzOTAxMzIxNjY0MDkxNTAYAA&sigh=a-droW-JgbU&uach_m=[UACH]&cid=CAQSPADq26N9Az5zeIv-Awh2zXwJoz__MoIEBa2WSA-v7KExbwbe8n_YjqKuN_05sHny5Bwgk3sjiK6Ns4CBkBgBIBM&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=100&adk=2718700533&adf=807584714&pi=t.aa~a.1611007932~rp.4&w=330&fwrn=4&fwrnh=100&lmt=1671764076&rafmt=1&to=qs&pwprc=8069848629&format=330x100&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764076511&bpp=1&bdt=1266&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c2ec7ef8fe90ba1-22d2450003d90043%3AT%3D1671764075%3ART%3D1671764075%3AS%3DALNI_Mal09h8Wk57P0_kvz5iAdZnuCTxaQ&gpic=UID%3D00000b962874ab9e%3AT%3D1671764075%3ART%3D1671764075%3AS%3DALNI_Mb5OZbYQBptN4flk__JOamJpC198A&prev_fmts=0x0%2C300x600%2C510x280&nras=2&correlator=1888345947434&frm=20&pv=1&ga_vid=1601688926.1671764076&ga_sid=1671764076&ga_hid=582430550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1009&ady=1816&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071250%2C44780792&oid=2&psts=ACgb8tvJDHZkgaqwIyGk1adwUPv40kGCHdgBRE3RJ8QZc5u5D6webr1X9TDnHkhPL1Pk1YI5wRXrf-SED0jyC2g&pvsid=119832428674972&tmod=602827817&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=FKVSFtQer4&p=https%3A//ittrip.xyz&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 23 Dec 2022 02:54:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4682600140917339358/ Frame AF28 5 KB
5 KB 4ms
4ms Image
image/jpeg 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4682600140917339358/downsize_200k_v1?w=195&h=102

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41d4850fc8f9883499d0c08d8c2a162a549b6c92771b7c5b926f93ccd6495db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 05:20:17 GMT
x-content-type-options: nosniff
age: 596059
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5217
x-xss-protection: 0
last-modified: Tue, 05 Jul 2022 02:03:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Dec 2023 05:20:17 GMT

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B47 36 KB
16 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 21:31:52 GMT

POST
H3 204 AGSKWxVmZsxRwZwo9bbUcDPIPkf6BOunWolV0-ak_wIMHk-_Jox0z-T-wbahl7koQvkS1YHY8diiewl3FNQMp-yL2_m2zOnk9DlSm1CBEUwh_2WBaub44ajPsbRhsHSSql9Terw6-vOeDw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 48ms
48ms XHR
text/html 2404:6800:4004:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVmZsxRwZwo9bbUcDPIPkf6BOunWolV0-ak_wIMHk-_Jox0z-T-wbahl7koQvkS1YHY8diiewl3FNQMp-yL2_m2zOnk9DlSm1CBEUwh_2WBaub44ajPsbRhsHSSql9Terw6-vOeDw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4zvpa4r_L3o13DNMp6k0eQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Dec 2022 02:54:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-4zvpa4r_L3o13DNMp6k0eQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ittrip.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5A2E 1 KB
643 B 2ms
2ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 42923
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 14:59:13 GMT
etag: 48472445140208031
expires: Fri, 23 Dec 2022 14:59:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AF28 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80378098c02959a782cdf1fea14ca22dd199e060f6bf4f6b14d3c1189a16b507

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 88D5 36 KB
16 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 21:31:52 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame AF28 12 KB
12 KB 3ms
3ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQaioq12URxKL2lFiDTxkRVzbcOUR04DaFxCiuocvz3citfNXDRnmPjgWFPNuIiFCL1xggzNlLLGdRORwkmJ9x_9fAbOdAvvgYwnKr6RMD-oEYykKogbpsitxh5NcMfGA2HoMal7sq8dGVEApLnTcrY2UMub9pofUhJr0&skey=f8a75aa314b1396f&v=v42

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%83%AB%E8%8F%B1%E3%81%82%E3%81%B8%E6%96%B0%E5%8F%AF%E6%80%A7%E6%9D%A5%E3%81%84%E9%96%8B%E3%81%97%E6%9C%AA%E3%81%A4%E4%B8%89%E8%BF%BD%E3%80%81%E3%82%86%E7%AD%94%E3%82%AD%E3%82%89%E3%82%92%E3%81%AE%E3%82%BFH%E8%83%BD%E4%B8%96%E3%82%8B%E6%B1%82%E3%83%A3%E8%B8%8F%E7%95%8C%E3%81%8FC%E3%83%94%E6%AC%A1%E3%80%82%E3%81%88

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

641bed2241c914aaadf4af0edb659f45d97b154947a78016f87b60a07366c69c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 15:01:07 GMT
x-content-type-options: nosniff
age: 42810
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12560
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 23:11:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 22 Dec 2022 15:01:07 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame AF28 12 KB
12 KB 3ms
3ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQei0q12URxKL2lFiDTxkRVzbcOUR04DaFxCiuocvz3citfNXDRnmPjgWFPNuIiFCL1xggzNlLLGdRORwkmJ9x_9fAbOdAvvgYwnKr6RMD-oEYykKogbpsitxh5NcMfGA2HoMal7sq8dGVEApLnTcrY2UMub9pofUhJr0&skey=b1468649b9c42538&v=v42

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a1ea9d941e89e4dfefb6a33e1edc87d2f04e1b80c7e6eb54a1d630a72f372d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 03:33:48 GMT
x-content-type-options: nosniff
age: 84049
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12656
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 23:11:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 22 Dec 2022 03:33:48 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame AF28 12 KB
12 KB 4ms
3ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxp-kR-GB2v2lFuDThkRVzDcOUh04DGFxDCuofjz3cKtfMPDRnuPjTmFPNSIiFKL1wEgzNFLLFBROQ4kmbJx_9HAbNBAvvAf-VCr6QwCzbgbxUqol61sgMZh5dgMTWQ2A6Abs7UqycmaPiNLkTsrVFsMvo1oiMM&skey=72472b0eb8793570&v=v42

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

231907f376c577a00dbe57eaca81f8819ca2a8cf0ea06f52a64b5f4793023337

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:53:11 GMT
x-content-type-options: nosniff
age: 3686
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12512
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 23:11:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Fri, 23 Dec 2022 01:53:11 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5A2E
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEehkHdS7Ch8Q1p2h3UYWxo&google_cver=1&google_push=AavPq0PnLnYWL6YsIN6IjbCPZF1FZNJSg8tQhhGCv_zrQz4cbhF0vD6FsNfAhDJlo3LpUaIlQHK5-o_KaRbgC0gr0hPMPDTwDgaep...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODY5NDg4NTM3MTAxNjY5MzEzMw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEehkHdS7Ch8Q1p2h3UYWxo&google_cver=1

43 B
398 B

291ms
55ms

Image
image/gif

2001:df2:a300:bbbb::135
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEehkHdS7Ch8Q1p2h3UYWxo&google_cver=1
Protocol: H2
Server: 2001:df2:a300:bbbb::135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 23 Dec 2022 02:54:37 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 23 Dec 2022 02:54:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEehkHdS7Ch8Q1p2h3UYWxo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A2E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKyZ7kV26sdgkenyJrck-pA&google_cver=1&google_push=AavPq0Mn1-zCYY9jbnQQVdGnoPU0CgWPwbXpMiHYrtLUUWCotq5ALe2RWrikDjLziESqk-J49gBfka799S3SHKrCf8svwGWQrvIqS1...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C54A47AD78EF4B6FB3216FA8CCFC7A7C&google_push=AavPq0Mn1-zCYY9jbnQQVdGnoPU0CgWPwbXpMiHYrtLUUWCotq5ALe2RWrikDjLziESqk-J49gBfka799S3SHKr...

170 B
188 B

43ms
43ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C54A47AD78EF4B6FB3216FA8CCFC7A7C&google_push=AavPq0Mn1-zCYY9jbnQQVdGnoPU0CgWPwbXpMiHYrtLUUWCotq5ALe2RWrikDjLziESqk-J49gBfka799S3SHKrCf8svwGWQrvIqS1K2akhVAT13l727DsHYFIYr8gF6Zbu27M5f4aWMZK9eui_tCB-wJIfrMw

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 02:54:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 23 Dec 2022 02:54:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C54A47AD78EF4B6FB3216FA8CCFC7A7C&google_push=AavPq0Mn1-zCYY9jbnQQVdGnoPU0CgWPwbXpMiHYrtLUUWCotq5ALe2RWrikDjLziESqk-J49gBfka799S3SHKrCf8svwGWQrvIqS1K2akhVAT13l727DsHYFIYr8gF6Zbu27M5f4aWMZK9eui_tCB-wJIfrMw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 22 Dec 2022 02:54:37 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A2E
Redirect Chain

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEPp5e24F3WDmnlnVc0-CzD4&google_cver=1&google_push=AavPq0NGJcxDshaRXaRy3ygZMSjtdE8U4VqMPcMFeaSUXrBvcBTFJh--SYNp5FmvJVA95cYZd2_yx...
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AavPq0NGJcxDshaRXaRy3ygZMSjtdE8U4VqMPcMFeaSUXrBvcBTFJh--SYNp5FmvJVA95cYZd2_yx_ymrKb15jBWih9Fumc3mmzQ6Bz346FdbqfcLvIq0sG6yZ_gndeSsv...

170 B
188 B

39ms
38ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AavPq0NGJcxDshaRXaRy3ygZMSjtdE8U4VqMPcMFeaSUXrBvcBTFJh--SYNp5FmvJVA95cYZd2_yx_ymrKb15jBWih9Fumc3mmzQ6Bz346FdbqfcLvIq0sG6yZ_gndeSsvg07wKQVDXO5ymuKlL5NU-PUCVN&google_hm=QzJQZVByTGFEdjQwenBDUHJxODhnYkpBZTdF&from_google=sp1

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 02:54:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 02:54:37 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AavPq0NGJcxDshaRXaRy3ygZMSjtdE8U4VqMPcMFeaSUXrBvcBTFJh--SYNp5FmvJVA95cYZd2_yx_ymrKb15jBWih9Fumc3mmzQ6Bz346FdbqfcLvIq0sG6yZ_gndeSsvg07wKQVDXO5ymuKlL5NU-PUCVN&google_hm=QzJQZVByTGFEdjQwenBDUHJxODhnYkpBZTdF&from_google=sp1
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A2E
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEJtZLi7nDSp440XkyazWYog&google_cver=1&google_push=AavPq0PyGa62QgZpWhEzZwZJ-l7NC58kLC5IUn7GemXzQnSLc4_76DbTQEDIrXEJHdfge93lmz_r1iQBvooLd7jlwhqq7S5jRn_Px...
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AavPq0PyGa62QgZpWhEzZwZJ-l7NC58kLC5IUn7GemXzQnSLc4_76DbTQEDIrXEJHdfge93lmz_r1iQBvooLd7jlwhqq7S5jRn_Pxw6DYZxmZC6sJ69-GefthXMndBPdqdi6...

170 B
188 B

42ms
42ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AavPq0PyGa62QgZpWhEzZwZJ-l7NC58kLC5IUn7GemXzQnSLc4_76DbTQEDIrXEJHdfge93lmz_r1iQBvooLd7jlwhqq7S5jRn_Pxw6DYZxmZC6sJ69-GefthXMndBPdqdi6JFuUqFd7aQ2qxWdrHWbmvnz7SQ&google_hm=Q0FFU0VKdFpMaTduRFNwNDQwWGt5YXpXWW9n

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 02:54:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Dec 2022 02:54:37 GMT
via: 1.1 e6b8e88b8ad705f6b48fe421dbc555ee.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: NRT12-C5
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AavPq0PyGa62QgZpWhEzZwZJ-l7NC58kLC5IUn7GemXzQnSLc4_76DbTQEDIrXEJHdfge93lmz_r1iQBvooLd7jlwhqq7S5jRn_Pxw6DYZxmZC6sJ69-GefthXMndBPdqdi6JFuUqFd7aQ2qxWdrHWbmvnz7SQ&google_hm=Q0FFU0VKdFpMaTduRFNwNDQwWGt5YXpXWW9n
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: xzJcfeSDcPtPeygDAHJzpOuRvl1IIX_Ezbffl9bZRkYgI36WIkHcdA==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A2E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKNmtm7BX84ZT-r8vemyYo0&google_cver=1&google_push=AavPq0NtZF5KnLQRW3zf662ed10SgienPgBjnAxYcELZRPS9n-tbr91qIjUJj-3V8JdiMOwwMKQ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJaWDYxVE0tQi0ySkhI&google_push=AavPq0NtZF5KnLQRW3zf662ed10SgienPgBjnAxYcELZRPS9n-tbr91qIjUJj-3V8JdiMOwwMKQTXlihGGyO1IVhX0n0JAqEDJcple2wX...

170 B
188 B

39ms
38ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJaWDYxVE0tQi0ySkhI&google_push=AavPq0NtZF5KnLQRW3zf662ed10SgienPgBjnAxYcELZRPS9n-tbr91qIjUJj-3V8JdiMOwwMKQTXlihGGyO1IVhX0n0JAqEDJcple2wXrWiPFnBl_owFKGm4X3u5Ok1IqiwfHpFI1OjkhpL5tAjIIZYbzW3Aw

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 02:54:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJaWDYxVE0tQi0ySkhI&google_push=AavPq0NtZF5KnLQRW3zf662ed10SgienPgBjnAxYcELZRPS9n-tbr91qIjUJj-3V8JdiMOwwMKQTXlihGGyO1IVhX0n0JAqEDJcple2wXrWiPFnBl_owFKGm4X3u5Ok1IqiwfHpFI1OjkhpL5tAjIIZYbzW3Aw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0963d041a95f271fbba7f411adc03573
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A2E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJZiaxdrzVwnyoyrSXaVIjc&google_cver=1&google_push=AavPq0OIUK5QI0N8iyF1N4Vgy8_a9oqBD8l8gYywOGegJSbHGo80o1Y5vSXK2libdJG8xzeYHi...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJZiaxdrzVwnyoyrSXaVIjc&google_cver=1&google_push=AavPq0OIUK5QI0N8iyF1N4Vgy8_a9oqBD8l8gYywOGegJSbHGo80o1Y5vSXK2libdJG8xzeYHi...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GQVFaNlVKRTJ1R1h4VFhzUDl3RXc0VkpjQ0RlTk9DSn5B&google_push=AavPq0OIUK5QI0N8iyF1N4Vgy8_a9oqBD8l8gYywOGegJSbHGo80o1Y5v...

170 B
188 B

45ms
39ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GQVFaNlVKRTJ1R1h4VFhzUDl3RXc0VkpjQ0RlTk9DSn5B&google_push=AavPq0OIUK5QI0N8iyF1N4Vgy8_a9oqBD8l8gYywOGegJSbHGo80o1Y5vSXK2libdJG8xzeYHiaLf75UB9sivN4M715_op3-bQYh4SoW9JcY8f6OD_cWOB7OZhm38lJk7dftKId8fDtixdn37YmKk7o8uLoOJu4

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 02:54:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GQVFaNlVKRTJ1R1h4VFhzUDl3RXc0VkpjQ0RlTk9DSn5B&google_push=AavPq0OIUK5QI0N8iyF1N4Vgy8_a9oqBD8l8gYywOGegJSbHGo80o1Y5vSXK2libdJG8xzeYHiaLf75UB9sivN4M715_op3-bQYh4SoW9JcY8f6OD_cWOB7OZhm38lJk7dftKId8fDtixdn37YmKk7o8uLoOJu4
date: Fri, 23 Dec 2022 02:54:37 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 5A2E
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEG7gRpCPDt1RmYU70QmiRUM?ext-param=AavPq0NlIcz6j2dz6LemMN0uSYR-fN4Z3F4CXfwJ2OckAjH8WOOPyq32Dmc8zyKNq0QRSRM_VyGCjfHPBujl3FTX-UQGOExhPCJASWfzvC0J9WHjndXoUy_HmGUJ...
https://an.yandex.ru/mapuid/google/CAESEG7gRpCPDt1RmYU70QmiRUM?redir-setuniq=1&ext-param=AavPq0NlIcz6j2dz6LemMN0uSYR-fN4Z3F4CXfwJ2OckAjH8WOOPyq32Dmc8zyKNq0QRSRM_VyGCjfHPBujl3FTX-UQGOExhPCJASWfzvC0J...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEG7gRpCPDt1RmYU70QmiRUM&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

310ms
309ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 08 Dec 2023 02:54:38 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Dec 2022 02:54:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5A2E 0
223 B 50ms
38ms Image
text/html 172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LW1HeF8ePlUs4L2_Pl9BoWXmTx4h8APeephJkjrV5OzR3uPjwanrV5BZx6-Auf72T85gToKKI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 admin-ajax.php Show response
ittrip.xyz/wp-admin/ 0
401 B 193ms
193ms XHR
text/html 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-admin/admin-ajax.php

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://ittrip.xyz/
X-Requested-With: XMLHttpRequest
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 23 Dec 2022 02:54:37 GMT
x-content-type-options: nosniff, nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ittrip.xyz
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
x-robots-tag: noindex
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 admin-ajax.php Show response
ittrip.xyz/wp-admin/ 1 B
361 B 178ms
178ms XHR
text/html 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-admin/admin-ajax.php?action=thk_sns_real&sns=f&url=https%3A%2F%2Fittrip.xyz%2F&_=1671764075292

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

bb7208bc9b5d7c04f1236a82a0093a5e33f40423d5ba8d4266f7092c3ba43b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://ittrip.xyz/
X-Requested-With: XMLHttpRequest
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:37 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
x-xss-protection: 1; mode=block
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 62ms
53ms XHR
application/json 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b3b79e1e3c12fa323eb7b17e3b3f8f0753273a0c972591ba2087b807f43c1f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11154
x-xss-protection: 0

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 24DD 36 KB
16 KB 3ms
2ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 21:31:52 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 69ms
69ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 02:54:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9E5D 13 KB
5 KB 5ms
3ms Document
text/html 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 168605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 04:04:32 GMT
expires: Thu, 21 Dec 2023 04:04:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F4E0 783 B
537 B 43ms
42ms Document
text/html 2404:6800:4004:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9180eef8183594b30b827273594fd59559136c4c20a2e4342c0f1d1e0c75655e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pPQWXCLq_GDP4Lv8gHm27w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-pPQWXCLq_GDP4Lv8gHm27w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 02:54:37 GMT
expires: Fri, 23 Dec 2022 02:54:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 9E5D 36 KB
16 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 21:31:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F4E0 0
0 41ms
41ms Image
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=119832428674972&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9E5D 0
11 B 3ms
3ms Image
text/plain 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JYeG3Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 getad Show response
fundingchoicesmessages.google.com/f/AGSKWxX1CJlNIlCwcHvvDPuiz0bQsNSG70McHhIOZI4nvZcfEpCejgJmiOXvUG4PuZxy90Z5gIL6lS-tI_aAvZxwC7BP6kpsU_pwrohzdIEAuItwgaml_YYlhAIzKtO8tfc2A6ic5J9C4FpQjkTgh_bjGIthlck0p... 54 B
110 B 54ms
53ms Script
application/javascript 2404:6800:4004:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX1CJlNIlCwcHvvDPuiz0bQsNSG70McHhIOZI4nvZcfEpCejgJmiOXvUG4PuZxy90Z5gIL6lS-tI_aAvZxwC7BP6kpsU_pwrohzdIEAuItwgaml_YYlhAIzKtO8tfc2A6ic5J9C4FpQjkTgh_bjGIthlck0pdmP1v1L7aLoJy51BdJTL7EcUrCph9Tp/_/getad?/ads/index./ads-04./adsense3./ad_show.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.a5yNCTHQF90.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxYnJ_pzJb_971vQCP6zWrpPIk90Q/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4805556e1ddfd1ed29d6f13fa9f8dbec4c13ae85a8fe3a246211eb3faa34b7f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-JEE2mG3Vx72eE4rUm3A-Mw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:37 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-JEE2mG3Vx72eE4rUm3A-Mw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 63 KB
23 KB 3ms
2ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.a5yNCTHQF90.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxYnJ_pzJb_971vQCP6zWrpPIk90Q/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d03e3b55604b205b72b9ea363a66e2045c2829b93156b57667da9a8e8f7dad8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:21:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23658
x-xss-protection: 0
server: cafe
etag: 18247885564830507581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 23 Dec 2022 03:21:17 GMT

POST
H3 204 AGSKWxVmZsxRwZwo9bbUcDPIPkf6BOunWolV0-ak_wIMHk-_Jox0z-T-wbahl7koQvkS1YHY8diiewl3FNQMp-yL2_m2zOnk9DlSm1CBEUwh_2WBaub44ajPsbRhsHSSql9Terw6-vOeDw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 47ms
47ms XHR
text/html 2404:6800:4004:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVmZsxRwZwo9bbUcDPIPkf6BOunWolV0-ak_wIMHk-_Jox0z-T-wbahl7koQvkS1YHY8diiewl3FNQMp-yL2_m2zOnk9DlSm1CBEUwh_2WBaub44ajPsbRhsHSSql9Terw6-vOeDw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NemUFyfJCHj4rbKYLU0dsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Dec 2022 02:54:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-NemUFyfJCHj4rbKYLU0dsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ittrip.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVmZsxRwZwo9bbUcDPIPkf6BOunWolV0-ak_wIMHk-_Jox0z-T-wbahl7koQvkS1YHY8diiewl3FNQMp-yL2_m2zOnk9DlSm1CBEUwh_2WBaub44ajPsbRhsHSSql9Terw6-vOeDw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 201ms
201ms XHR
text/html 2404:6800:4004:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVmZsxRwZwo9bbUcDPIPkf6BOunWolV0-ak_wIMHk-_Jox0z-T-wbahl7koQvkS1YHY8diiewl3FNQMp-yL2_m2zOnk9DlSm1CBEUwh_2WBaub44ajPsbRhsHSSql9Terw6-vOeDw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4J2CX98-bHOFrOc4wceXMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Dec 2022 02:54:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-4J2CX98-bHOFrOc4wceXMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ittrip.xyz
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVmZsxRwZwo9bbUcDPIPkf6BOunWolV0-ak_wIMHk-_Jox0z-T-wbahl7koQvkS1YHY8diiewl3FNQMp-yL2_m2zOnk9DlSm1CBEUwh_2WBaub44ajPsbRhsHSSql9Terw6-vOeDw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 194ms
194ms XHR
text/html 2404:6800:4004:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVmZsxRwZwo9bbUcDPIPkf6BOunWolV0-ak_wIMHk-_Jox0z-T-wbahl7koQvkS1YHY8diiewl3FNQMp-yL2_m2zOnk9DlSm1CBEUwh_2WBaub44ajPsbRhsHSSql9Terw6-vOeDw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-88fkM7bMwGi6cTSBaf0EZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Dec 2022 02:54:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-88fkM7bMwGi6cTSBaf0EZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ittrip.xyz
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVmZsxRwZwo9bbUcDPIPkf6BOunWolV0-ak_wIMHk-_Jox0z-T-wbahl7koQvkS1YHY8diiewl3FNQMp-yL2_m2zOnk9DlSm1CBEUwh_2WBaub44ajPsbRhsHSSql9Terw6-vOeDw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 214ms
214ms XHR
text/html 2404:6800:4004:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVmZsxRwZwo9bbUcDPIPkf6BOunWolV0-ak_wIMHk-_Jox0z-T-wbahl7koQvkS1YHY8diiewl3FNQMp-yL2_m2zOnk9DlSm1CBEUwh_2WBaub44ajPsbRhsHSSql9Terw6-vOeDw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Qo1-ji0u87FI2RKAEim88w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Dec 2022 02:54:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-Qo1-ji0u87FI2RKAEim88w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ittrip.xyz
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVqDpNu5_gzoEarTw-V0TmepzjpxoVYRw92LGi3m5AcPe1rCNYBfbp-NtxUdGYkoe021aTpeM6Om6_4lbLJXCBnm8Jx9g1P_30OMFiahypESwyYTiXXf6EuBsUxOQGdyeQvusNw1A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 197ms
197ms Script
application/javascript 2404:6800:4004:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVqDpNu5_gzoEarTw-V0TmepzjpxoVYRw92LGi3m5AcPe1rCNYBfbp-NtxUdGYkoe021aTpeM6Om6_4lbLJXCBnm8Jx9g1P_30OMFiahypESwyYTiXXf6EuBsUxOQGdyeQvusNw1A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjcxNzY0MDc3LDY1OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vaXR0cmlwLnh5ei8iLG51bGwsW1s4LCJhNXlOQ1RIUUY5MCJdLFs5LCJlbi1VUyJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

15346a918671a20c8bdee608322cd0e832c21e8dec87846c7f36a91327a4cee6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yVi5KcBkZ3uSQs1dPiW1oQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:54:37 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yVi5KcBkZ3uSQs1dPiW1oQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5D0E 42 B
64 B 44ms
43ms Fetch
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssY1IK98haivqrhPBfvMPOpuNCKYE1TUs8UmI6O3DWoMln4Mc61z4OrTjt6Ra4AjpN7pwUraWrO_UkLj47vfzjG2qfMpxPRNUtpa_a7a5YJipHITxcYTo_Ml38jxj6dbqw4YcE&sai=AMfl-YRUjW0N7yIghr1A70HJtkTI0VFm8eyCvrcqyREw8SvLbXjXibzRINJY9k6mtfKKbpQZktGmG39BZBsi8tk&sig=Cg0ArKJSzM0QW3fFRgolEAE&cid=CAQSGwDq26N9jhGJzSOeeuHKGS85B_wUVmo52UEddxgBIBM&id=lidar2&mcvt=1000&p=0,70,600,230&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3840913425&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671764075765&rpt=1063&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 02:54:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CADD 42 B
64 B 39ms
38ms Fetch
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLtvhVGW4ULAP59lqZcvDwt-kmW8xgj9CtKYv12Z2Nsrn1mYcjk-1hvaXxHP_cvMCt8hyDOdkVlnyl-AkaqxMEEd7z8Ou_W4FEAiMN7AR-OWg84Ikx8zeaYk8pyNQAOFXBd4I&sai=AMfl-YRjs-CjhB_QIVFzu5oyODCgAuvOReG0Pj8s5_3kVXZwsiex-3aj3rErealD2kHAVQgXckiZjq9TkxciX6c&sig=Cg0ArKJSzOo7BvfTCEdaEAE&cid=CAQSGwDq26N9RBsc77EY1F1zWqkut4J436eMELIFehgBIBM&id=lidar2&mcvt=1011&p=0,0,500,180&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671764076558&rpt=188&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 02:54:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F14A 42 B
64 B 42ms
41ms Fetch
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvx8qrc7keUL_uHf9jyFjuBFJLCHbf2tEAhWVSeZ26Njqk3KIoZx0H0av-LIMOykP19aWd2ErpF74kqBqek29Qg7HLoEj68L-hRebJWf3kblkISDPmhcSDjC-G9JgOafYPYyWc&sai=AMfl-YQgQ6txmYf9vUQ8ZSOwsMCIQx7PsAttuK7ahfQRDjs45uUeKDAre1vtG0pXpLBvTkgoYdNgkNpFuwHmG18&sig=Cg0ArKJSzAkY-chXHramEAE&cid=CAQSGwDq26N9RBsc77EY1F1zWqkut4J436eMELIFehgBIBM&id=lidar2&mcvt=1017&p=-90,0,410,180&mtos=0,0,1017,1017,1017&tos=0,0,1017,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.64&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671764076556&rpt=220&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 02:54:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWMCtSYfi5nAhDThXC4GYPc-T_zmav4QsDzMI_VYzMCXVzJqn4iVsfzbY0cV5zeK2xBKgoTqLNjsrjEQzIlFV_ClNPGm-vsjmWwKAu4Eklrtx1VApJoIDTRH8uLM9xY9kX4zAv2YQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 49ms
49ms XHR
text/html 2404:6800:4004:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWMCtSYfi5nAhDThXC4GYPc-T_zmav4QsDzMI_VYzMCXVzJqn4iVsfzbY0cV5zeK2xBKgoTqLNjsrjEQzIlFV_ClNPGm-vsjmWwKAu4Eklrtx1VApJoIDTRH8uLM9xY9kX4zAv2YQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wzSlioLAevRV4CpDCf0s5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Dec 2022 02:54:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-wzSlioLAevRV4CpDCf0s5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ittrip.xyz
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=119832428674972&bg=!nJ-ln9vNAAYgquz3AKo7ACkAdvg8WtcqwnwN2UTRU8lPPe9yICt7503Rz4squsfc62pW3vLuvtLPIwIAAABKUgAAAANoAQeZAsoKDjorlxUx0hFB7_POiLt7WGwhPZQB6BjYl_vqiwoHkEeaxaXvjn9LKkubz9hHycqQV7g233XFmUKC8hLrtx-DKX8RrWJlC2QIcOcsBRt11nfoHXMIgzYdhxwFFMCSDnCrpuEIYtv2Dm4LehLMv3OBvRqXsLK6S2VYbQbyDdXWXKqaJUEkgL4DKLUQHwOjPhh9PHPIHg62h1KcYma8UsGd-ICyW98B6t2TiKNe8Uick7w-b-uLd7g5fkR0FsowSuMNFBdjP5MaxORgZ0P9yEgGl454GPdJahzsQ9pPmnzitYN_nZqc74kqVC_LrTNe63sBd0nu1Hxgb9XrGtnWajbiMc4uBPxQoGYy2IpyDzpsLSf6KGZ-Sn6MYsVWIpr0V8VS07gHVOsWqGPGYNediXPVZXZniNUAohZCUyo3A7LbMk7P3pyYZf7QkyMI2vxSiTbNYjU1qgELvlt-NS1ybaKaBWc_sSTWUNXiaUyKcnxQuWcb7B4wJOSdY_aHq4AeaCtApQbaoPJUEoSYzoCCjiaA303VnYzyjntkqc7levUtbYCej-UBtR5uz_RRKKMoJV7rDnerieDb8CfnMvHNRxNrMwnR3yfY5hGqoNf5elKw-xj7yq8PqUWyUUOxeFN8eFx7kkQdYUjQsQABQZJPhlKPxSDldlBqgSLupV3BlIHKJQXTx0-b8zkPcYPd_yC-CbZKw0hr-VIfbcrxNze60SsxEe3WJ-Op57Adf2i5pauOEEtbcPvx1i7CEuLbT0KhvCbeZlC30xLlFcCsBuDFmefdXDrgYQ3Emr9_Ru0tKpyBbIpp37Erzz5NNw8NTU0YJ880-r9WggxgloLJb-OPvDfJTCRG4feeF26_5pM3I0ofmkXBJRAZmZjn-LepEyoNLRQ_2r0mtEGGX4zRihRZkZa2t26F-Eowq826WdkJMFOXMqUivZYHY-dfVhI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ittrip.xyz/	1970-01-20 17:58:44	Name: _ga_2QK7EHKEJP Value: GS1.1.1671764075.1.0.1671764075.0.0.0
.valuecommerce.com/	1970-01-20 17:58:44	Name: VCB Value: Y6UYawAI6pnZivzXCoIAigqCAoaw2A&c=6b18a563&v=2&s=01539911
.ittrip.xyz/	1970-01-20 08:24:10	Name: _gid Value: GA1.2.1383828374.1671764076
.ittrip.xyz/	1970-01-20 08:22:44	Name: _gat_gtag_UA_84676516_1 Value: 1
.ittrip.xyz/	1970-01-20 17:58:44	Name: _VC_PTB_ Value: Y6UYawAI6pnZivzXCoIAigqCAoaw2A
.ittrip.xyz/	1970-01-20 17:58:44	Name: _ga_5FR5GCF53M Value: GS1.1.1671764075.1.0.1671764075.0.0.0
.ittrip.xyz/	1970-01-20 17:58:44	Name: _ga Value: GA1.1.1601688926.1671764076
.ittrip.xyz/	1970-01-20 17:44:20	Name: __gads Value: ID=9c2ec7ef8fe90ba1-22d2450003d90043:T=1671764075:RT=1671764075:S=ALNI_Mal09h8Wk57P0_kvz5iAdZnuCTxaQ
.ittrip.xyz/	1970-01-20 17:44:20	Name: __gpi Value: UID=00000b962874ab9e:T=1671764075:RT=1671764075:S=ALNI_Mb5OZbYQBptN4flk__JOamJpC198A
.doubleclick.net/	1970-01-20 17:58:44	Name: IDE Value: AHWqTUn7LCRWT7wesKK4uzRkwgjQcd6Nfu_GDzb8F8yqmRPCbfmbw4dUCGOR_oUavjQ
.doubleclick.net/	1970-01-20 08:22:44	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 08:22:47	Name: DSID Value: NO_DATA
.yahoo.com/	1970-01-20 17:08:41	Name: A3 Value: d=AQABBG0YpWMCEIobCF5q4SUgic_ut_L7u0AFEgEBAQFppmOuYwAAAAAA_eMAAA&S=AQAAAn6s7580l8-6-Bb0-D2xPtQ
.analytics.yahoo.com/	1970-01-20 17:08:20	Name: IDSYNC Value: 18yx~2902
.turn.com/	1970-01-20 12:41:56	Name: uid Value: 8694885371016693133
.agkn.com/	1970-01-20 17:08:20	Name: ab Value: 0001%3Ald7BYYLkw5SGfOIe5UOyX%2FUIrEhLJ1aW
.agkn.com/	1970-01-20 17:08:20	Name: u Value: C\|0CEArN9TtKzfU7QAAAAAAAQ13AQCAAQpAAAAAAA
.simpli.fi/	1970-01-20 17:09:46	Name: suid Value: C54A47AD78EF4B6FB3216FA8CCFC7A7C
.fout.jp/	1970-01-20 17:58:44	Name: uid Value: C2PePrLaDv40zpCPrq88gbJAe7E
.ittrip.xyz/	1970-01-20 17:08:20	Name: FCNEC Value: %5B%5B%22AKsRol_-uRRsQo9hLSePbkPMsfKq3kBt4X65AvEaS28u8JvAaZ_71_dDrGUA0MfUK-aDhUDNRGcPZ7tV-Io5ktFWOvW0d1gAauLNsLzffd7FHr8tTZDX-D5WNhxh7LapvOTVvCSEUVw6IU4BLJeyjexD1cn2b7Tkgg%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.yandex.ru/	1970-01-20 17:58:44	Name: yuidss Value: 5403034091671764077
.yandex.ru/	1970-01-20 17:58:44	Name: yandexuid Value: 5403034091671764077

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271803&client=ca-pub-6390132166409150&fa=3&ifi=7&uci=a!7&btvi=4&xpc=Kcxq0gpJFI&p=https%3A//ittrip.xyz Message: The resource https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E9%9B%A2%E7%96%B2%E7%B0%A1%E5%8D%98%E3%83%AA%E7%AD%8B%E3%82%A2%E3%83%BC%E3%80%82%E3%82%B9%E3%82%A7%E7%A7%BB%E3%81%AA%E3%82%8B%E3%81%8C%E8%B7%9D%E5%AE%85%E3%81%A7%E3%82%AF%E3%83%AF%E3%81%AE%E6%96%B9%E4%BD%93%E8%87%AA%E3%83%81%E3%83%88%E3%80%81%E3%82%B3%E3%81%AB%E3%82%A1%E8%82%89%E3%83%A0%E3%81%A9%E3%83%9E%E3%83%83%E3%83%95%E3%83%89%E5%8B%95%E3%82%8C%E3%82%B5%E3%83%87%E9%95%B7%E3%82%88%E3%81%B8%E8%BA%AB%E3%81%82 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.imgvc.com
ad.turn.com
adservice.google.co.jp
adservice.google.com
ajax.googleapis.com
aml.valuecommerce.com
an.yandex.ru
clients1.google.com
cm.g.doubleclick.net
cse.google.com
d.agkn.com
dalb.valuecommerce.com
dalc.valuecommerce.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ittrip.xyz
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
r.turn.com
stats.g.doubleclick.net
sync.fout.jp
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
webfonts.xserver.jp
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
13.113.102.155
172.217.174.98
18.178.22.21
183.181.91.49
2001:4860:4802:36::178
2001:df2:a300:bbbb::135
202.226.37.225
202.232.238.37
210.140.225.83
2404:6800:4004:801::2003
2404:6800:4004:801::200e
2404:6800:4004:808::2002
2404:6800:4004:812::2002
2404:6800:4004:812::200e
2404:6800:4004:81d::2001
2404:6800:4004:820::2008
2404:6800:4004:820::200a
2404:6800:4004:822::2002
2404:6800:4004:822::200e
2404:6800:4004:823::200a
2404:6800:4004:824::2003
2404:6800:4004:824::2004
2404:6800:4004:825::2002
2404:6800:4004:826::2002
2404:6800:4008:c04::9d
2600:9000:2066:1a00:19:fc2c:a140:93a1
2600:9000:2138:1200:18:82c:9d80:93a1
2a02:6b8::90
34.124.209.251
54.65.141.192
8.39.36.142
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
01e43870a4218fe731a3516dd76725698c3aadfb285465086849c6b52ef71719
0b3b79e1e3c12fa323eb7b17e3b3f8f0753273a0c972591ba2087b807f43c1f0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b93763e73507bb69954d4dd967914dea2432597532eeef862e8a46d0251c5c9
0db8d9b5bd7a862246fbb7d046ce8c5676c8b88527efc9e4f9c1765057e68016
11c2ab12d195c7213087fe06a3a099e3efd5a301cc6dd04983580215fa5a9262
12b9a6e5ed54f5d4a0efa7d2841083ccf9de1a6bbefd1c6cce43c21e12a7bcaf
15346a918671a20c8bdee608322cd0e832c21e8dec87846c7f36a91327a4cee6
17be97dbc493fefbb663e16ab08dcc33c31c2e18e1a7580a5466eef1b5d2d0e9
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
193fbb968733b8a7049da19274546e6b80b76e9a8f1b837fee9a5fdeb8f97c7b
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
20e61b393e246051ebe36f186c4c5a8a0ab4efa227f16ec0c4cf57d60e0388d1
2188414d64d2930eb54f4731b6eb9a931358ba625d1cd7535a889409218609d2
231907f376c577a00dbe57eaca81f8819ca2a8cf0ea06f52a64b5f4793023337
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
277228408090fd0fa85e6441ad545a0b04403b97705e4ae128088d48c7751947
27e54854af25b175f482f4acc3c32a5dfd363ae62292e66b9212764d323af2db
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2c51836965a04bcab12d73506c99df7b273e8341f8a5b8d0e4a8c6956eb50bc0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
2ec14a270149419495b186fa2201c2dc573bb3d410ffba08277c0e4d3ae7f193
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32543dfff18ea53ee0b633f65be112e6b2829d80ba07a3e65125571a4a9e6338
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
39b40a306f70770c2c6a6d4ea3b885f9e9dfb91268d39cd58867ffb7c07344cb
3c7b2f4a154198721450f6edeabc8ecfc41a4ea7a2a63ec43b90be7e4274966f
3ec02553da03dc64b0b1fd3cdd5a4e0cf3fc4964b98568179e5e12a95a468017
41d4850fc8f9883499d0c08d8c2a162a549b6c92771b7c5b926f93ccd6495db5
43c277a1ea3db680a961e2533187de38f4ad14a17e9d8b18707f3a05b4048389
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4b2e40762fd45c4022714c1ffa41eb8311a031fde0dba60f274b149ea5971cdf
4c1282ce615c35d2ae96367b9a5aab1f23a56a79fc1c4f861e34f9235c9fbb87
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5257b3b4b80b165cbf4d8818b3f41fad8336d99334412f70000618409b026d89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57152cb253973a10c2695a5f6c4cacd72498a3e6e119724f8f6ab1d6e083b851
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fb504c717372677e981b42ab78c228a32a5eae54afb0a5953ea5428fc1c665d
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
641bed2241c914aaadf4af0edb659f45d97b154947a78016f87b60a07366c69c
6546570d77534cf5fdf2b983c4b5c4b82aee432543271aeb64be42b9eb928180
65ebfa67c7d91cfdc22002c3602eaa208022959f889bc4bcfb2ab7a11844fe62
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6c588aa6f9d444b6f2c7804c090846197f2d66280471c9677ee6779c90cd4a2b
6c9547d32afd24441797cadd324c9791e71263965f6eb1b76ade86dbf65285b9
6e7c3c7690d56bb5849b611671f71a009b8be49e3424b02d333aa378483dc0d5
71e3b84be6278903aeb9bf0f048f14cb1c2c4c4de153f3d0219dd8c9cfbd114e
72eb002cbee3f2ed5f13d491b428d4a240a16abffc11178dc5f563bc745f4957
7555bab2b153644caa129a3c9f4ede8f8d7fd8b45d83572d9d30b4ab15129c2c
75fed3df6aab64d328d313e36ee55e9fe2d8a31db17875cc00e42f1b9b9a6d19
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
7c07100997a3fac288ded4ea7245b9d6abba6f214585ab0ef34daa8b03432d97
80378098c02959a782cdf1fea14ca22dd199e060f6bf4f6b14d3c1189a16b507
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
8ad4898ecb275c4e17213b505632af9a5347b0a89029b80887bde892f07c47cb
8be26741aaeb12b1556d80e79618d0c1b6ce166524d35e637d5928ceeb5c0b1b
8c353918c33a0719315d7c3090e64b999022a1fbd7b95010a88c2856e93cb92e
8d99a824eb65a40f898ff5baa2201854b8b1d152a620cf13a79033f4fcba1e67
9180eef8183594b30b827273594fd59559136c4c20a2e4342c0f1d1e0c75655e
939aa9a7bc52cc455f9ae2b621faa767a8570762cc6b89cfd443098f8b3199f0
94c574f5d570603a615dc88f2e191d5fcfa4922d11c2ffb963c6b13db109c363
98674d82c94b04376866d454420ebc18094cffaf46218407e71f3ae95cfd7e52
9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a1ea9d941e89e4dfefb6a33e1edc87d2f04e1b80c7e6eb54a1d630a72f372d77
a1fdf832e5f4d2466f29902a208bcf17959ab2937783972cf96f0abf5459a0d2
a47d6b7ed20c17858b6771922b06fe5f3019bfb468b4a556738c0f0aa16f5bdc
a4805556e1ddfd1ed29d6f13fa9f8dbec4c13ae85a8fe3a246211eb3faa34b7f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22a6914bcfd51c615ea47a6ae43f2801fb7cefb1bd63cd7a425f1d1f6d7f0c0
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b91c8b84c49b1756731db30071b26178a3423501239faf936b2bd98237962881
b96773c4b9e609994855c2ff9b4463610ee73c5a4a3f11938d88dcc2894d1c16
bb7208bc9b5d7c04f1236a82a0093a5e33f40423d5ba8d4266f7092c3ba43b62
bf150e513330025ee5fb6223e26e19ab3fa2a069a867f424351d2e38f73fd56d
c05a1108c176130e9dff2f6a5ebdb60be1c3e17b5a8f83de35b29f44fb109434
c08dd4b712785938beb9dcbfd614428bc393cb228a00f3b7057cba087cc14853
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c9535321bbb5853360b00b4d506af3b48a09d81f28b4c6b84a07b96604cb3584
cc9adc7bd2c6f2de18dd390b16d3c8cda68bc05e4a7116206d37335b40b922dd
cde6f75a83d1693b22339bff6cba1744f548d1452604fe89576d92ca5fc37758
ce0ee9d51c02cbab1af6e0546acc032ca0e8f14264defc1379a0930d3551c3b9
cff777d58d9387b3f21452ec26fb32cfb3f515aaf748d5d30398a2c4b50dc6c6
d03e3b55604b205b72b9ea363a66e2045c2829b93156b57667da9a8e8f7dad8b
d13c6242c347b851a261f1e5635c271f12f43172be02f8b1c6cbd84d5b91cd77
d171475258fb6a060d8c6b957b519482eb4911697329c085f2d6ed17994e2657
d4728cfcfab84beadbb2526bfcb33558d2045c29ee1b49ddb8c37f6841cc4df1
d59ac73650123d547683d58296b74abd770d5563276b809136447c4889bb75c9
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8581fbff442d556c334c540cc4a8ae18d03f9e817d4c1443a8a6b242fa3ebc5
d8aa2ba333af0ccb90b53d0ed8d8621bcf2d0adf715636a076525a2b72beb329
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0ead91a3cd7c8e50af4e2035a1e1ceaba08380f4af936bc63847287502c9b6d
e29a093fe8f1b251e5fac8144f074d087bb6281a3ba7a2f2237a6d3da0c5b79a
e2fa69feab176160c642026437a980e8d82132c225290fcfb0c50a333dd31552
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d961493e244e06bf91a9857442891e2e2ad8d49cf8e0a7781c53f0707443d7
e3dc62150927161eebe826bb9c61a740bc3c422796be0a728a9ecb02d1a94fd5
e55977f0f8f6a9f618ad21fa9c5c45616b313628fcf6f06c7f7ae253cb06c653
e67097eade11ad1a554dda1f29ed103489a0ca227595af68196a034d411be767
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50d531fcdb5bdb432e4f63c9b6af1ec8f7e17151825f66ee4c0913ccb775555
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

ittrip.xyz Open in urlscan Pro 183.181.91.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

189 Requests

96 %HTTPS

68 %IPv6

21 Domains

34 Subdomains

27 IPs

6 Countries

2232 kBTransfer

5550 kBSize

22 Cookies

7 Outgoing links

Page URL History

Redirected requests

189 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ittrip.xyz Open in urlscan Pro
183.181.91.49 Public Scan

Screenshot
Live screenshot

Full Image

189
Requests

96 %
HTTPS

68 %
IPv6

21
Domains

34
Subdomains

27
IPs

6
Countries

2232 kB
Transfer

5550 kB
Size

22
Cookies

189 HTTP transactions
9 data transactions