urlscan.io logo urlscan.io
SecurityTrails logo

ichi-up.net Open in urlscan Pro
52.222.139.79  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ichi-up.net/
Effective URL: https://ichi-up.net/
Submission: On March 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 3 countries across 15 domains to perform 113 HTTP transactions. The main IP is 52.222.139.79, located in United States and belongs to AMAZON-02, US. The main domain is ichi-up.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on June 16th 2023. Valid for: a year.
This is the only time ichi-up.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.222.139.21 16509 (AMAZON-02)
24 52.222.139.79 16509 (AMAZON-02)
1 151.101.129.91 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:8e::84 54113 (FASTLY)
3 108.138.6.136 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 18.245.31.9 16509 (AMAZON-02)
34 2a00:1450:400... 15169 (GOOGLE)
1 108.138.3.46 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 44.230.228.4 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.160.89.38 396982 (GOOGLE-CL...)
1 151.101.128.84 54113 (FASTLY)
7 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
113 24
1    52.222.139.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-21.ams50.r.cloudfront.net
ichi-up.net
24    52.222.139.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-79.ams50.r.cloudfront.net
ichi-up.net
1    151.101.129.91 (United States)

ASN54113 (FASTLY, US)
flux-cdn.com
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a04:4e42:8e::84 (United States)

ASN54113 (FASTLY, US)
assets.pinterest.com
3    108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.245.31.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-9.fra56.r.cloudfront.net
config.aps.amazon-adsystem.com
34    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    108.138.3.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-3-46.fra56.r.cloudfront.net
aax.amazon-adsystem.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    44.230.228.4 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-228-4.us-west-2.compute.amazonaws.com
prod.tahoe-analytics.publishers.advertising.a2z.com
4    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    34.160.89.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.89.160.34.bc.googleusercontent.com
a.flux.jp
1    151.101.128.84 (United States)

ASN54113 (FASTLY, US)
log.pinterest.com
7    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
8    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
mts0.google.com
Apex Domain
Subdomains		 Transfer
46 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 143
98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 204
492 KB
25 ichi-up.net
ichi-up.net
1 MB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
305 KB
7 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 328
167 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 355
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 920
aax.amazon-adsystem.com — Cisco Umbrella Rank: 461
79 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
6 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
region1.google-analytics.com — Cisco Umbrella Rank: 1728
21 KB
3 pinterest.com
assets.pinterest.com — Cisco Umbrella Rank: 4139
log.pinterest.com — Cisco Umbrella Rank: 6112
19 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 275
stats.g.doubleclick.net — Cisco Umbrella Rank: 195
167 KB
2 a2z.com
prod.tahoe-analytics.publishers.advertising.a2z.com — Cisco Umbrella Rank: 5332
374 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
177 KB
1 google.com
mts0.google.com — Cisco Umbrella Rank: 7058
42 KB
1 flux.jp
a.flux.jp — Cisco Umbrella Rank: 96130
569 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 437
2 KB
1 flux-cdn.com
flux-cdn.com — Cisco Umbrella Rank: 95194
113 KB
113 15
Domain Requested by
34 pagead2.googlesyndication.com ichi-up.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
tpc.googlesyndication.com
25 ichi-up.net 1 redirects ichi-up.net
8 tpc.googlesyndication.com ichi-up.net
98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 cdn.ampproject.org securepubads.g.doubleclick.net
98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
5 fonts.gstatic.com fonts.googleapis.com
5 fonts.googleapis.com ichi-up.net
securepubads.g.doubleclick.net
98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
4 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 www.gstatic.com 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
3 c.amazon-adsystem.com ichi-up.net
c.amazon-adsystem.com
2 prod.tahoe-analytics.publishers.advertising.a2z.com c.amazon-adsystem.com
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com ichi-up.net
www.googletagmanager.com
2 assets.pinterest.com ichi-up.net
assets.pinterest.com
2 securepubads.g.doubleclick.net ichi-up.net
securepubads.g.doubleclick.net
1 mts0.google.com 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
1 log.pinterest.com ichi-up.net
1 a.flux.jp flux-cdn.com
1 cdn.jsdelivr.net flux-cdn.com
1 stats.g.doubleclick.net www.google-analytics.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 flux-cdn.com ichi-up.net
113 23

This site contains links to these domains. Also see Links.

Domain
www.pinterest.com
www.facebook.com
twitter.com
line.me
mugenup.com
Subject Issuer Validity Valid
ichi-up.net
Amazon RSA 2048 M01		 2023-06-16 -
2024-07-14		 a year crt.sh
flux-cdn.com
Certainly Intermediate R1		 2024-03-07 -
2024-04-06		 a month crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-31 -
2024-08-07		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-19 -
2024-12-29		 a year crt.sh
prod.tahoe-analytics.publishers.advertising.a2z.com
Amazon RSA 2048 M02		 2024-01-22 -
2025-02-20		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
a.flux.jp
GTS CA 1D4		 2024-02-02 -
2024-05-02		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://ichi-up.net/
Frame ID: B7005F8548E02921494CDA56C7CBB957
Requests: 57 HTTP requests in this frame

Frame: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 17B057926A948A02CB462C0893F68DEC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1464283416971592&output=html&h=250&slotname=4969401065&adk=3688094817&adf=2775484147&pi=t.ma~as.4969401065&w=300&lmt=1711214914&format=300x250&url=https%3A%2F%2Fichi-up.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711214913879&bpp=3&bdt=428&idt=218&shv=r20240320&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&correlator=6191885897805&frm=20&pv=2&ga_vid=1342329933.1711214914&ga_sid=1711214914&ga_hid=1809398601&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31082031%2C31082033%2C31082101%2C42532523%2C44798934%2C31082130%2C95320377%2C31081791%2C95321867%2C95326914&oid=2&pvsid=2112378457855819&tmod=353440530&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=227
Frame ID: B58228092434526ECB45455A94D2F7AD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1464283416971592&output=html&adk=1812271804&adf=3025194257&lmt=1711214914&plat=1%3A16777216%2C8%3A4194368%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x675_r&format=0x0&url=https%3A%2F%2Fichi-up.net%2F&pra=7&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711214913882&bpp=1&bdt=431&idt=236&shv=r20240320&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=6191885897805&frm=20&pv=1&ga_vid=1342329933.1711214914&ga_sid=1711214914&ga_hid=1809398601&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31082031%2C31082033%2C31082101%2C42532523%2C44798934%2C31082130%2C95320377%2C31081791%2C95321867%2C95326914&oid=2&pvsid=2112378457855819&tmod=353440530&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=245
Frame ID: A07EC0CD35B12D8F6AE41C8AC98EC331
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012402262017000/amp4ads-v0.mjs
Frame ID: 69AD1ED3A21CD26E437C7B0688C2441A
Requests: 13 HTTP requests in this frame

Frame: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D036A011C3DDC0589CAFE13339ADE794
Requests: 13 HTTP requests in this frame

Frame: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A51EDE65CCA2E9AB890762610D483B9D
Requests: 13 HTTP requests in this frame

Frame: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8DB22A6A9D3BB5F63308F591804E3A31
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/RHT_zY17L6srHmM0oGH2isr7WAJbgO4PD0Os-3lRiIM.js
Frame ID: 0656CD0E6A4ED8A6F9482144EA114C69
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9F3B8089CC0F076CA61B5CD87E50E279
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

いちあっぷ

Page URL History Show full URLs

  1. http://ichi-up.net/ HTTP 301
    https://ichi-up.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //assets\.pinterest\.com/js/pinit\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

113
Requests

100 %
HTTPS

63 %
IPv6

15
Domains

23
Subdomains

24
IPs

3
Countries

2734 kB
Transfer

5785 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ichi-up.net/ HTTP 301
    https://ichi-up.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

113 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ichi-up.net/
Redirect Chain
  • http://ichi-up.net/
  • https://ichi-up.net/
52 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
ab36bd1d6e931a627d42ee0a53a64440f15266d4b304bf528b1231e741248b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-type
text/html; charset=utf-8
date
Sat, 23 Mar 2024 17:28:33 GMT
etag
W/"ab36bd1d6e931a627d42ee0a53a64440"
server
nginx/1.4.6 (Ubuntu)
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
x-amz-cf-id
pcGUL5EHZ-DoC5K0TwKNbSoyquetZYkKkSBVIcMP5f7gGgkBdxUS9Q==
x-amz-cf-pop
AMS50-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-request-id
639cf01c-c535-45bf-89ae-c40f7039c59f
x-runtime
0.130960
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Sat, 23 Mar 2024 17:28:32 GMT
Location
https://ichi-up.net/
Server
CloudFront
Via
1.1 614841c4d4b9d16b3be042dd1938400c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
xh2pchkqgwc0tKduCSK4UFTNqOi_JirUhUJNAJmvVfbD1P_wtgS52A==
X-Amz-Cf-Pop
AMS50-C1
X-Cache
Redirect from cloudfront
ichiup_1250.min.js
flux-cdn.com/client/1000099/ 		364 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flux-cdn.com/client/1000099/ichiup_1250.min.js
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1de9babf15c948c8b9b47b0b064db76bebd75aa5207d9c719f3927b7147c4218
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:28:34 GMT
content-encoding
br
strict-transport-security
max-age=300
last-modified
Tue, 16 Jan 2024 01:09:12 GMT
age
0
x-amz-meta-release_job_id
657
etag
"ded490df9539cffc9b6f017952a32b62"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
115189
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7531f5d68e67dd614e5b937b172185a249d002ce1ece2ae9447ebea1efecc461
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:28:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29062
x-xss-protection
0
server
cafe
etag
684 / 19805 / 31082083 / config-hash: 14337009746000550812
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 23 Mar 2024 17:28:33 GMT
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 23 Mar 2024 17:28:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Mar 2024 17:28:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 23 Mar 2024 17:28:33 GMT
application-71621eba6b37a0e3e22f.css
ichi-up.net/assets/ 		117 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ichi-up.net/assets/application-71621eba6b37a0e3e22f.css
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
401c5b841b2f51dd164f9ad4854f269d92bd0892ccbb564b9ac2839706c699a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 02:05:21 GMT
content-encoding
gzip
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified
Tue, 12 Sep 2023 00:27:43 GMT
server
nginx/1.4.6 (Ubuntu)
x-amz-cf-pop
AMS50-C1
age
16730592
etag
W/"64ffb07f-1d47e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=315360000, max-age=31557600 public
x-amz-cf-id
LABx0OVioOu5eWvhSUlJ35jPqIz0g6rbXxQm-bW38820xKcbr9knGA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-71621eba6b37a0e3e22f.js
ichi-up.net/assets/ 		256 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ichi-up.net/assets/application-71621eba6b37a0e3e22f.js
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
bd5bc716133ae28c88570bd7073808ff662c616dfa23e3a8a6b714cfe6b5183e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 14:44:54 GMT
content-encoding
gzip
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified
Tue, 12 Sep 2023 00:27:43 GMT
server
nginx/1.4.6 (Ubuntu)
x-amz-cf-pop
AMS50-C1
age
13401819
etag
W/"64ffb07f-3ff74"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=315360000, max-age=31557600 public
x-amz-cf-id
vSGlrsT-UqDbtirqqtJ9kE5mupSdBBWt5n73vlK1U84GYD5VaYpotg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
pinit.js
assets.pinterest.com/js/ 		361 B
452 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:28:33 GMT
content-encoding
br
x-cdn
fastly
etag
"62d32c28f14783b94192cd8d35bc010d"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=300
alt-svc
h3=":443";ma=600
content-length
203
1up_logo.png
ichi-up.net/images/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichi-up.net/images/1up_logo.png
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
0afc4d2a2ee1f73f9c74e3060683fa6751582d2f79b8933526e34e87f41e3def

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 15:33:52 GMT
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jul 2023 00:04:24 GMT
server
nginx/1.4.6 (Ubuntu)
x-amz-cf-pop
AMS50-C1
age
15990881
etag
"64a4b388-ec03"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=315360000, max-age=31557600 public
accept-ranges
bytes
content-length
60419
x-amz-cf-id
UX7t19IdH5gIYs_xcVOHk1DQrA3C9CGnINFux8h4Klap9d6mlvbFdA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
content_contest4v2.jpg
ichi-up.net/_images/8a67a620/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichi-up.net/_images/8a67a620/content_contest4v2.jpg
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
b47a282b42e3dfe1a2a4b2b1828f20d7ee2e25023d375e40565755a87db1630f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 18:03:08 GMT
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 09:16:46 GMT
server
nginx/1.4.6 (Ubuntu)
x-amz-cf-pop
AMS50-C1
age
257124
etag
"f9a05b36328381eb8ef186e6eea2a2d1"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000, max-age=31557600 public
accept-ranges
bytes
content-length
101109
x-amz-cf-id
k71NCH34GMmbO3ZCb9kY8EfuGUokEmQSNHOmTayK81YmpzZ1zYwVdw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
content_content_%E3%82%B5%E3%83%A0%E3%83%8D%E3%82%A4%E3%83%ABv2.jpg
ichi-up.net/_images/26d37b73/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichi-up.net/_images/26d37b73/content_content_%E3%82%B5%E3%83%A0%E3%83%8D%E3%82%A4%E3%83%ABv2.jpg
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
c99eabb1f86d8d0faa5f53838143d11422a7ce2f57df91dc6792363a1e6d30db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 18:03:08 GMT
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified
Thu, 21 Dec 2023 03:56:33 GMT
server
nginx/1.4.6 (Ubuntu)
x-amz-cf-pop
AMS50-C1
age
257124
etag
"4c9e5177e11dbbbc07246d452a360473"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000, max-age=31557600 public
accept-ranges
bytes
content-length
47269
x-amz-cf-id
_sirjKj3F9ms5nwDNxcQ8ZNH-JaLaexxgY2z1uARgpkPxB-QjlWqsg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
content_%E3%82%B5%E3%83%A0%E3%83%8D%E3%82%A4%E3%83%AB.jpg
ichi-up.net/_images/e1580e13/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichi-up.net/_images/e1580e13/content_%E3%82%B5%E3%83%A0%E3%83%8D%E3%82%A4%E3%83%AB.jpg
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
76502a37a6b99a74207aab3a6f09d1648ab929a3d40d872d7a0dbf43ec23f307

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 18:03:09 GMT
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified
Mon, 19 Dec 2022 10:03:01 GMT
server
nginx/1.4.6 (Ubuntu)
x-amz-cf-pop
AMS50-C1
age
257124
etag
"199fe3ece777e91c1c32cf0b62861996"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000, max-age=31557600 public
accept-ranges
bytes
content-length
85535
x-amz-cf-id
Q_Z2WvusltCq4vcaM2XM8JafGzvIGXXeGeB7GPqdfGspIhrUpdm77A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
content_%E3%83%A1%E3%83%AD%E5%89%8D%E7%B7%A8%E3%82%B5%E3%83%A0%E3%83%8D.jpg
ichi-up.net/_images/0bbbafa0/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichi-up.net/_images/0bbbafa0/content_%E3%83%A1%E3%83%AD%E5%89%8D%E7%B7%A8%E3%82%B5%E3%83%A0%E3%83%8D.jpg
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
c55c6165b64ceaaff64e853a8db613cd4001b9100889e0a917099573b0c5a084

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 18:03:09 GMT
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified
Fri, 27 May 2022 09:04:18 GMT
server
nginx/1.4.6 (Ubuntu)
x-amz-cf-pop
AMS50-C1
age
257124
etag
"e7a4c512f9c972f1c05e08ad40efb14d"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000, max-age=31557600 public
accept-ranges
bytes
content-length
71134
x-amz-cf-id
Mu7EKRwov0wPkzVIyxsdNYFVv-mvtNOf3CMqfcqvakwUyjLy5XMrtg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
dummy.png
ichi-up.net/images/ 		185 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichi-up.net/images/dummy.png
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
246012b348c836d716a8b43cecad9cfce0770789ea2a716d914bc26e071c7252

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 20:09:49 GMT
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jul 2023 00:04:24 GMT
server
nginx/1.4.6 (Ubuntu)
x-amz-cf-pop
AMS50-C1
age
14764724
etag
"64a4b388-b9"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=315360000, max-age=31557600 public
accept-ranges
bytes
content-length
185
x-amz-cf-id
yGR6Rz7uhvbWN0m6mjeBE9AXyEk10oM6Gw5X2tJ_Zvb7nfvP4VE5XA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		301 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4fed25c522546f1b2e83ec7d466da2382d7ebac5c10ce2d77605b2796f3572eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 16:50:51 GMT
content-encoding
gzip
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront), 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified
Thu, 21 Mar 2024 21:31:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
2263
x-amz-server-side-encryption
AES256
etag
W/"3bc15e34b43d9d067b221c136d54b522"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
XWFfvXeQFAcQy-3g3rfHZSyOf-kwL8Xom5i1bnKdSREZmJzBxnCl6w==
gtm.js
www.googletagmanager.com/ 		242 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W2CQMM
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
67c269c6db30d5990a013dd382ca4c4db19097afb41dc8ce1a717db33d09731c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:28:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80818
x-xss-protection
0
last-modified
Sat, 23 Mar 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Mar 2024 17:28:33 GMT
bg-img-c6532426c6b667669f8801641536f48e.png
ichi-up.net/assets/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichi-up.net/assets/bg-img-c6532426c6b667669f8801641536f48e.png
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/assets/application-71621eba6b37a0e3e22f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
79b7ddc4647e82e12149e606a578db93a4d232a2c14da0cf27adde40fbdb1330

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/assets/application-71621eba6b37a0e3e22f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 10:43:02 GMT
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified
Tue, 12 Sep 2023 00:27:43 GMT
server
nginx/1.4.6 (Ubuntu)
x-amz-cf-pop
AMS50-C1
age
11688331
etag
"64ffb07f-8be"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=315360000, max-age=31557600 public
accept-ranges
bytes
content-length
2238
x-amz-cf-id
amENESJnzD1OPMeDKxL9LBX21eRcJUe9QaYrEcQy7GbwWeasAk_KyQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
%E3%81%84%E3%81%A1%E3%81%82%E3%81%A3%E3%81%B7%E3%83%88%E3%83%83%E3%83%97%E3%83%9A%E3%83%BC%E3%82%B8%E3%83%90%E3%83%8A%E3%83%BC_TOP_BANNER_-_PC.png.jpg
ichi-up.net/_images/banners/f9839038/ 		160 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichi-up.net/_images/banners/f9839038/%E3%81%84%E3%81%A1%E3%81%82%E3%81%A3%E3%81%B7%E3%83%88%E3%83%83%E3%83%97%E3%83%9A%E3%83%BC%E3%82%B8%E3%83%90%E3%83%8A%E3%83%BC_TOP_BANNER_-_PC.png.jpg
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
39286afdc8458a46ca5159cf7da8335b21b5b3b707753956f972953d70d33637

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 03:44:50 GMT
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified
Fri, 17 Nov 2023 09:57:22 GMT
server
nginx/1.4.6 (Ubuntu)
x-amz-cf-pop
AMS50-C1
age
10763022
etag
"ff59f5ac20213cf932ab016dd221bdad"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000, max-age=31557600 public
accept-ranges
bytes
content-length
164037
x-amz-cf-id
sX4CjRQuWEwraJINiIb1HPLctBVnqMjS7xbgZTLUh5F8bBciZeErvg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v141/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v141/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ichi-up.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 18:11:12 GMT
x-content-type-options
nosniff
age
170241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 23:11:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Mar 2025 18:11:12 GMT
pinit_main.js
assets.pinterest.com/js/ 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.8622210751920025
Requested by
Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:28:33 GMT
content-encoding
br
x-cdn
fastly
etag
"3725764cf05d1a0938de73d398772331"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=300
alt-svc
h3=":443";ma=600
content-length
18679
c06cc614-f284-4373-8e7b-e334e4dcb9d3
config.aps.amazon-adsystem.com/configs/ 		563 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/c06cc614-f284-4373-8e7b-e334e4dcb9d3
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-9.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
dd37a814db49e7d44d5dbea2d92d1016d0d009f5ec5f2a0c15827f8f2e4ab9ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 16:31:53 GMT
via
1.1 f36453eb82bc9ab0c6e360ac52cc5972.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P8
age
3400
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
Kptis6Ms_cePrduAztytrERaRyi3NxOxUO8BDCQKQgfPk-LGqKj16g==
config
c.amazon-adsystem.com/cdn/prod/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fichi-up.net&pubid=c06cc614-f284-4373-8e7b-e334e4dcb9d3
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:28:33 GMT
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
access-control-allow-origin
https://ichi-up.net
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
_TZ4tcVtiqzGSxc_3yTLosAHslmym6eLmVdWfWWII92NMTf0jBgSvQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
date
Sat, 23 Mar 2024 06:02:30 GMT
x-amz-cf-pop
FRA56-P6
age
41164
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
S8uDano_IIiSFk2AJ-Oye85fbhdR6cL_8o_6BKWyXlgl2aDU8Qo3WQ==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403200101/ 		439 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403200101/pubads_impl.js?cb=31082083
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df9592b48b705333bf1569635691c5cac45c37b62b12e6d0ac21f85d4bb5254b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 14:20:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
11287
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141349
x-xss-protection
0
server
cafe
etag
11472626096978793655
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 23 Mar 2025 14:20:26 GMT
ichiup-chan.png
ichi-up.net/images/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichi-up.net/images/ichiup-chan.png
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
f9d5f6c779351626e777b32bba2cf30d4276b6f7b23e07a2ca92453f7ff5a70c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 20:22:58 GMT
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jul 2023 00:04:24 GMT
server
nginx/1.4.6 (Ubuntu)
x-amz-cf-pop
AMS50-C1
age
16232734
etag
"64a4b388-160eb"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=315360000, max-age=31557600 public
accept-ranges
bytes
content-length
90347
x-amz-cf-id
jpcE311crhwgZVgLpJXhCl0WVpBij-bczGTQRf2Kff8I9gOxxV8O_Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af789d23222405cde8d3158a0f1793aced56448fe17af67dd8ab14376efadeb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:28:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50906
x-xss-protection
0
server
cafe
etag
11721488536958383262
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 23 Mar 2024 17:28:33 GMT
banner-writer.png
ichi-up.net/_images/banners/2d9ebf48/ 		164 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichi-up.net/_images/banners/2d9ebf48/banner-writer.png
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
17859f93791e21e1ad2b719ea49b34aa5ca3c0600345bd0715a351011bad28b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 20:22:59 GMT
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified
Fri, 03 Mar 2017 01:56:16 GMT
server
nginx/1.4.6 (Ubuntu)
x-amz-cf-pop
AMS50-C1
age
16232734
etag
"132624656612cedf972d6b95c9e9286d"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=315360000, max-age=31557600 public
accept-ranges
bytes
content-length
168392
x-amz-cf-id
CNHURmPS8_QBu69teEKX7HKCw_MKQaGQLgYSBRhdcbEtlTzr3sSkvA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
footer-logo.png
ichi-up.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichi-up.net/images/footer-logo.png
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
b03e47be670af718e58c80ac4d4af0e6bfcae1f71c53139003eed82ccc155a43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 17:16:55 GMT
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jul 2023 00:04:24 GMT
server
nginx/1.4.6 (Ubuntu)
x-amz-cf-pop
AMS50-C1
age
12183098
etag
"64a4b388-66a"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=315360000, max-age=31557600 public
accept-ranges
bytes
content-length
1642
x-amz-cf-id
ajcLU27HKKLFFblmjhy9kVRXy3RQtSC-H8-IlnUozeHY4c5iPdoLxA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1aa8258e85de9dc0f6d9c36b4705e32950d6f2ef5d841ca41fb4f70f3286fdd1

Request headers

Referer
Origin
https://ichi-up.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
application/font-woff
middle_%E3%81%84%E3%81%A1%E3%81%82%E3%81%A3%E3%81%B7%E8%A8%98%E4%BA%8B%E3%82%B5%E3%83%A0%E3%83%8D_%E7%B7%9A%E7%94%BB.jpg
ichi-up.net/_images/7c288162/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichi-up.net/_images/7c288162/middle_%E3%81%84%E3%81%A1%E3%81%82%E3%81%A3%E3%81%B7%E8%A8%98%E4%BA%8B%E3%82%B5%E3%83%A0%E3%83%8D_%E7%B7%9A%E7%94%BB.jpg
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
087fb13d26389c6b974bb936987308d63544da22724979fc209364956d9a3b4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 09:00:34 GMT
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified
Mon, 21 Aug 2023 00:40:44 GMT
server
nginx/1.4.6 (Ubuntu)
x-amz-cf-pop
AMS50-C1
age
116878
etag
"2314663270042c6fc676570a8e32eac1"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000, max-age=31557600 public
accept-ranges
bytes
content-length
16447
x-amz-cf-id
R_OSCYY5y56QtNu_N3ZMYiZ-EbkYdeEma0HJte_R5LeILcMhQs1C9Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
middle_%E3%82%B5%E3%83%A0%E3%83%8D.jpeg
ichi-up.net/_images/0229cf26/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichi-up.net/_images/0229cf26/middle_%E3%82%B5%E3%83%A0%E3%83%8D.jpeg
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
7f47d789ffebf33e619be6fcb6e01ad084f2eadc5193bb444f0358d97b498940

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:28:34 GMT
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 02:24:06 GMT
server
nginx/1.4.6 (Ubuntu)
x-amz-cf-pop
AMS50-C1
etag
"a3b54b7ae8e800f0c2975002792a25f7"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000, max-age=31557600 public
accept-ranges
bytes
content-length
19859
x-amz-cf-id
VhKadrH26jcsfytnsVk64nwomp9yORtmEXj2KLjY1vEaa5VNjt6u8Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
middle_12.png
ichi-up.net/_images/5d801694/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichi-up.net/_images/5d801694/middle_12.png
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
42105d93aee9dec7cbfa7220e7fd8590601dede50b991ec1419d5d2ebd02e7d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:28:34 GMT
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified
Tue, 27 Feb 2024 01:37:17 GMT
server
nginx/1.4.6 (Ubuntu)
x-amz-cf-pop
AMS50-C1
etag
"4fe9c9458eb85c4d41dcfdadda15077f"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=315360000, max-age=31557600 public
accept-ranges
bytes
content-length
54552
x-amz-cf-id
lCMKr9OOzkBzEdPE_y5eW2G_0CRzk2K6cwZVzz4Fp6fcsPM_K_b7GQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
middle_%E3%81%8B%E3%82%99%E3%81%8A%E3%82%B5%E3%83%A0%E3%83%8D%E3%82%A4%E3%83%AB3.png
ichi-up.net/_images/7f134a50/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichi-up.net/_images/7f134a50/middle_%E3%81%8B%E3%82%99%E3%81%8A%E3%82%B5%E3%83%A0%E3%83%8D%E3%82%A4%E3%83%AB3.png
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
ccb1962bde7345332dbb2177ee19139b799c3366ff6629c37dc85bcd9bed056c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:28:34 GMT
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified
Wed, 07 Feb 2024 05:50:32 GMT
server
nginx/1.4.6 (Ubuntu)
x-amz-cf-pop
AMS50-C1
etag
"bb48a1f403d6892cfeacd320ebae034a"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=315360000, max-age=31557600 public
accept-ranges
bytes
content-length
72736
x-amz-cf-id
rL3uSXEMKv8RioI9dmofdhel78I4tbqzx6X5TixknkDb7oTMQtEq1g==
expires
Thu, 31 Dec 2037 23:55:55 GMT
middle_contest4v2.jpg
ichi-up.net/_images/8a67a620/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichi-up.net/_images/8a67a620/middle_contest4v2.jpg
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
96e56bdfbcc7771fe4c43701e4ac2a8b0f6a04d1adfc14661fa9317c6ed04d9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 08:38:14 GMT
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 09:16:46 GMT
server
nginx/1.4.6 (Ubuntu)
x-amz-cf-pop
AMS50-C1
age
291019
etag
"acda53e898193f5842eee74fc18a6fba"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000, max-age=31557600 public
accept-ranges
bytes
content-length
23038
x-amz-cf-id
voSf2ALNK55g7OaB155qpWtlCoH6bySzzuZTG_u4hnwQsXlguvmOOw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
ajax-loader-c5cd7f5300576ab4c88202b42f6ded62.gif
ichi-up.net/assets/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichi-up.net/assets/ajax-loader-c5cd7f5300576ab4c88202b42f6ded62.gif
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/assets/application-71621eba6b37a0e3e22f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/assets/application-71621eba6b37a0e3e22f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 07:21:09 GMT
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified
Tue, 12 Sep 2023 00:27:43 GMT
server
nginx/1.4.6 (Ubuntu)
x-amz-cf-pop
AMS50-C1
age
36444
etag
"64ffb07f-1052"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=315360000, max-age=31557600 public
accept-ranges
bytes
content-length
4178
x-amz-cf-id
_XjqPKhOi2TtcAwIYOR33XpZ_nzBS3K1NviklkpRbmB3lNG8VZwyBg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		1 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Request headers

Referer
Origin
https://ichi-up.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
application/font-woff
prev-84b76dee6b27b795e89e3649078a11c2.png
ichi-up.net/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichi-up.net/assets/prev-84b76dee6b27b795e89e3649078a11c2.png
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/assets/application-71621eba6b37a0e3e22f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/assets/application-71621eba6b37a0e3e22f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 20:22:59 GMT
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified
Tue, 12 Sep 2023 00:27:43 GMT
server
nginx/1.4.6 (Ubuntu)
x-amz-cf-pop
AMS50-C1
age
16232734
etag
"64ffb07f-550"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=315360000, max-age=31557600 public
accept-ranges
bytes
content-length
1360
x-amz-cf-id
fv3cPDpWAu3FbPP9yuN-be9SeCoUVTzHjrzjP9c1wPE_P-dFwS_8kQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
next-31f15875975aab69085470aabbfec802.png
ichi-up.net/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichi-up.net/assets/next-31f15875975aab69085470aabbfec802.png
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/assets/application-71621eba6b37a0e3e22f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/assets/application-71621eba6b37a0e3e22f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 18:02:04 GMT
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified
Tue, 12 Sep 2023 00:27:43 GMT
server
nginx/1.4.6 (Ubuntu)
x-amz-cf-pop
AMS50-C1
age
10625189
etag
"64ffb07f-546"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=315360000, max-age=31557600 public
accept-ranges
bytes
content-length
1350
x-amz-cf-id
m76EwMsZAGhif-UQrpryRmV5BnYB19Va7ATm_KzRtlrgcf0zvglUcg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
loading-2299ad0b3f63413f026dfec20c205b8f.gif
ichi-up.net/assets/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichi-up.net/assets/loading-2299ad0b3f63413f026dfec20c205b8f.gif
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/assets/application-71621eba6b37a0e3e22f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/assets/application-71621eba6b37a0e3e22f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 20:22:59 GMT
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified
Tue, 12 Sep 2023 00:27:43 GMT
server
nginx/1.4.6 (Ubuntu)
x-amz-cf-pop
AMS50-C1
age
16232734
etag
"64ffb07f-211c"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=315360000, max-age=31557600 public
accept-ranges
bytes
content-length
8476
x-amz-cf-id
iDOgTUsxr_kPKIAiPR0T5JZFe8dOYh_mbImAZ45fz0lXSWczieQhqg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
close-d9d2d0b1308cb694aa8116915592e2a9.png
ichi-up.net/assets/ 		280 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichi-up.net/assets/close-d9d2d0b1308cb694aa8116915592e2a9.png
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/assets/application-71621eba6b37a0e3e22f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-79.ams50.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/assets/application-71621eba6b37a0e3e22f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 00:51:24 GMT
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
last-modified
Tue, 12 Sep 2023 00:27:43 GMT
server
nginx/1.4.6 (Ubuntu)
x-amz-cf-pop
AMS50-C1
age
11551029
etag
"64ffb07f-118"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=315360000, max-age=31557600 public
accept-ranges
bytes
content-length
280
x-amz-cf-id
cEUYjmCyZQoVrGgyv-SvZZ9Hax6sfSK_4MWeC_3iZ__76lqnoO73wA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/gif
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fichi-up.net%2F&pid=Ef2xINizMkmk4&cb=0&ws=1600x1200&v=24.319.2210&t=1000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1668761879249-0%22%2C%22s%22%3A%5B%22320x100%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F9176203%2F1805127%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1668761937691-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F9176203%2F1805128%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1668761996302-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F9176203%2F1805129%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1668762057729-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F9176203%2F1805130%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1668762128580-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F9176203%2F1805131%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1668762198179-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F9176203%2F1805132%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1668762339974-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F9176203%2F1805134%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1668762410932-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F9176203%2F1805135%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1672130223661-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F9176203%2F1809118%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1672130286488-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F9176203%2F1809119%22%7D%5D&schain=1.0%2C1%21i-mobile.co.jp%2C79163%2C1%2C%2C%2C&pubid=c06cc614-f284-4373-8e7b-e334e4dcb9d3&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-46.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:28:33 GMT
via
1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ichi-up.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
fOdBhqpzQIbxLfz0RXnCnwJbHUy-6oEvVIFmqhNkJIcZZk8yL1s5ow==
js
www.googletagmanager.com/gtag/ 		294 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3GQ50Z5BRG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2CQMM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
030d42287ad79ac527fb23d6fd8fbd5cb577f290ecb878706e38b90e2eac1847
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:28:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99529
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 23 Mar 2024 17:28:33 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2CQMM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 23 Mar 2024 15:48:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6025
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 23 Mar 2024 17:48:08 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/ 		407 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1464283416971592&plah=ichi-up.net&aplac=true&bust=31082130
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc8e0c22a948aefc27fe45768b02b233585531476905de6f87b96c2800da2f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:28:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141334
x-xss-protection
0
server
cafe
etag
10784416890982161037
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 23 Mar 2024 17:28:33 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3GQ50Z5BRG&gtm=45je43k0v893133020z871265102za200&_p=1711214913534&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1342329933.1711214914&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711214913&sct=1&seg=0&dl=https%3A%2F%2Fichi-up.net%2F&dt=%E3%81%84%E3%81%A1%E3%81%82%E3%81%A3%E3%81%B7&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1698
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3GQ50Z5BRG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Mar 2024 17:28:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ichi-up.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1809398601&t=pageview&_s=1&dl=https%3A%2F%2Fichi-up.net%2F&ul=en-us&de=UTF-8&dt=%E3%81%84%E3%81%A1%E3%81%82%E3%81%A3%E3%81%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAABAAAAAC~&jid=408166687&gjid=1303859131&cid=1342329933.1711214914&tid=UA-62708784-1&_gid=357729265.1711214914&_slc=1&gtm=45He43k0n71W2CQMMv71265102za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=303210781
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ichi-up.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Mar 2024 17:28:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ichi-up.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-62708784-1&cid=1342329933.1711214914&jid=408166687&gjid=1303859131&_gid=357729265.1711214914&npa=1&_u=YCDAgAABAAAAAG~&z=415197851
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ichi-up.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 23 Mar 2024 17:28:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ichi-up.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
putRecords
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.230.228.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-228-4.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://ichi-up.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
date
Sat, 23 Mar 2024 17:28:34 GMT
x-amz-apigw-id
VF-icFe4vHcEEIQ=
x-amzn-requestid
39f5787f-918d-4584-897a-df771f343a9b
putRecords
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ 		146 B
374 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.230.228.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-228-4.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
59e8c0ec368538006fbfbf3ff9ded0fa89ce2bd9e25525b4b3688f32a275d96a

Request headers

Referer
https://ichi-up.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
x-api-key
5e0b19374596b1c8abfb0560fcb956220131d0a7f7100979de5d18cfada355d5
Content-Type
application/json

Response headers

date
Sat, 23 Mar 2024 17:28:34 GMT
x-amzn-trace-id
Root=1-65ff1142-452d3de05672fedc64b78f6a
x-amzn-requestid
f5056e49-4341-4def-9612-4bb539262f40
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
VF-ieGX4vHcEv0A=
content-length
146
ads
pagead2.googlesyndication.com/gampad/ 		387 KB
67 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=2112378457855819&correlator=2151420990923954&eid=44809527%2C31081969%2C95327889%2C31082083&output=ldjh&gdfp_req=1&vrg=202403200101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=9176203%3A21801059843%2C1805134%2C1805135%2C1809118%2C1809119&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%2C300x250%7C300x250%2C300x250%2C300x250&ifi=3&sfv=1-0-40&eri=5&sc=1&abxe=1&dt=1711214914035&adxs=436%2C986%2C314%2C638&adys=1110%2C664%2C1654%2C2644&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fichi-up.net%2F&vis=1&psz=1600x-1%7C300x250%7C300x250%7C300x250&msz=1600x-1%7C300x250%7C300x0%7C300x0&fws=512%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&dlt=1711214913451&idt=315&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&cust_params=amznbid%3D0%26amznp%3D0&adks=30271958%2C1684366703%2C878665748%2C3943408266&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403200101/pubads_impl.js?cb=31082083
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7dfeca8dba6257ad5557edf38de300f4b81d41144cd99ae47a783300e2d2f0c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:28:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68193
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ichi-up.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 17B0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403200101/pubads_impl.js?cb=31082083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ichi-up.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 23 Mar 2024 17:28:34 GMT
expires
Sun, 23 Mar 2025 17:28:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame B582 		575 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1464283416971592&output=html&h=250&slotname=4969401065&adk=3688094817&adf=2775484147&pi=t.ma~as.4969401065&w=300&lmt=1711214914&format=300x250&url=https%3A%2F%2Fichi-up.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711214913879&bpp=3&bdt=428&idt=218&shv=r20240320&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&correlator=6191885897805&frm=20&pv=2&ga_vid=1342329933.1711214914&ga_sid=1711214914&ga_hid=1809398601&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31082031%2C31082033%2C31082101%2C42532523%2C44798934%2C31082130%2C95320377%2C31081791%2C95321867%2C95326914&oid=2&pvsid=2112378457855819&tmod=353440530&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=227
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1464283416971592&plah=ichi-up.net&aplac=true&bust=31082130
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e47254d7d3eaa92e41dc7e4237ceb0e045b3fcffe87c9f2a892d3a2435781be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ichi-up.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
306
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Mar 2024 17:28:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame A07E 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1464283416971592&output=html&adk=1812271804&adf=3025194257&lmt=1711214914&plat=1%3A16777216%2C8%3A4194368%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x675_r&format=0x0&url=https%3A%2F%2Fichi-up.net%2F&pra=7&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711214913882&bpp=1&bdt=431&idt=236&shv=r20240320&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=6191885897805&frm=20&pv=1&ga_vid=1342329933.1711214914&ga_sid=1711214914&ga_hid=1809398601&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31082031%2C31082033%2C31082101%2C42532523%2C44798934%2C31082130%2C95320377%2C31081791%2C95321867%2C95326914&oid=2&pvsid=2112378457855819&tmod=353440530&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=245
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1464283416971592&plah=ichi-up.net&aplac=true&bust=31082130
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ichi-up.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Mar 2024 17:28:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&ign=false&pw=1600&ph=1200&x=0&y=1130.4
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Mar 2024 17:28:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/1000099/ichiup_1250.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd76449b4d4593d9dd976fa29a63acf3e39efc36da17f002d778c52a8cab826e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ichi-up.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 23 Mar 2024 17:28:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2
x-jsd-version
1.0.2003
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
860
x-served-by
cache-fra-eddf8230103-FRA, cache-lga21927-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"63d-wernsPsjjJaV0E0SlgNUlaHabWY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dn4GeYuSv8N8N5k5wA0BannAVwjl%2Fz85a8OPIeEy4XmDaaySl2JhefMtxjBUW0HtwIhekFPKaZ5TgqoVRnZJGu%2BCwxHm0NzttmuH5uRdkWBM%2FO4kUwCWnZ4%2F2UHacr34URA07Qdr%2BTpqqliWBQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8690237dc8d539df-FRA
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/1000099/ichiup_1250.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://ichi-up.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 23 Mar 2024 17:28:34 GMT
content-encoding
gzip
via
1.1 google, 1.1 google
accept-encoding
gzip
server
Google Frontend
traceparent
00-3d7fcf0345c95f3e52731dbe99f10bf1-a485d4ba49223ec1-00
vary
Origin
content-type
application/json
access-control-allow-origin
https://ichi-up.net
access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context
3d7fcf0345c95f3e52731dbe99f10bf1/11855115490678685377
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
/
log.pinterest.com/ 		0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.pinterest.com/?type=pidget&guid=acWkmDk3x8dN&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fichi-up.net%2F
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 23 Mar 2024 17:28:34 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
4
alt-svc
h3=":443";ma=600
x-pinterest-rid
8770673721564372
content-length
0
x-served-by
cache-fra-etou8220118-FRA
pragma
no-cache
server
envoy
x-timer
S1711214915.765701,VS0,VE33
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
accept-ranges
bytes
expires
Sat, 01 Jan 2000 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012402262017000/ Frame 69AD 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403200101/pubads_impl.js?cb=31082083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ec3f51275e9591ecc8a2cc293de405e036b86192cef5c919c1ae19a9b5fb3c7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Mar 2024 07:49:16 GMT
age
380358
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56141
x-xss-protection
0
server
sffe
etag
"28cb2d39d2a36ad8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 19 Mar 2025 07:49:16 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame 69AD 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403200101/pubads_impl.js?cb=31082083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57c1d1b1b0b9057e20276bead208fa9c95048bfce328b24c73c15d0c0e158e5d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 18 Mar 2024 18:11:24 GMT
age
429430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5220
x-xss-protection
0
server
sffe
etag
"49cab81f34612748"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 18 Mar 2025 18:11:24 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame 69AD 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403200101/pubads_impl.js?cb=31082083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a6187838cc4af1fd500f6de6c5dc5b10af97a8db371ffd1feca4981e28a149a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Mar 2024 07:53:37 GMT
age
380097
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29016
x-xss-protection
0
server
sffe
etag
"d87e4eaec13170fc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 19 Mar 2025 07:53:37 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame 69AD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403200101/pubads_impl.js?cb=31082083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbf6ee11b4dc9fce4e7a0e68c509a883ad3dc18779ed25d8c22eb7f2cec45ea4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 18 Mar 2024 18:11:24 GMT
age
429430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1906
x-xss-protection
0
server
sffe
etag
"92d49a70059f031a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 18 Mar 2025 18:11:24 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame 69AD 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403200101/pubads_impl.js?cb=31082083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2770e2403192a7b11afe55d92fcda866ca008ff7e05e08ea98e8da20ece4b6d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 18 Mar 2024 18:11:24 GMT
age
429430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12941
x-xss-protection
0
server
sffe
etag
"abc788b0a91a2b6d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 18 Mar 2025 18:11:24 GMT
css
fonts.googleapis.com/ Frame 69AD 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403200101/pubads_impl.js?cb=31082083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 23 Mar 2024 17:28:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Mar 2024 16:38:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 23 Mar 2024 17:28:34 GMT
en_bl.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 69AD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/en_bl.png
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f1343ca74e009a2949392688b30d4a9a8f7f642ae4b593c9fdc76284531b049
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 07:04:33 GMT
x-content-type-options
nosniff
server
cafe
age
37441
etag
3004170791804808702
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2980
x-xss-protection
0
expires
Sun, 24 Mar 2024 07:04:33 GMT
icon.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 69AD 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 13:46:44 GMT
x-content-type-options
nosniff
server
cafe
age
13310
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sun, 24 Mar 2024 13:46:44 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/2914349705548515401/ Frame 69AD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2914349705548515401/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37d5b07c436cfe35ab0ea2083b687e03cf6df5f288863c988f997e258b2a9751
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Tue, 18 Mar 2025 23:53:42 GMT
date
Mon, 18 Mar 2024 23:53:42 GMT
x-content-type-options
nosniff
age
408892
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2705
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 15:45:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 69AD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8cc8916bdd1863ec01e544e1e68ac1502193f0c89be99c42cee62aa4bccf5856

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
container.html
98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D036 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403200101/pubads_impl.js?cb=31082083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ichi-up.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 23 Mar 2024 17:28:34 GMT
expires
Sun, 23 Mar 2025 17:28:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A51E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403200101/pubads_impl.js?cb=31082083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ichi-up.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 23 Mar 2024 17:28:34 GMT
expires
Sun, 23 Mar 2025 17:28:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8DB2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403200101/pubads_impl.js?cb=31082083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ichi-up.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 23 Mar 2024 17:28:34 GMT
expires
Sun, 23 Mar 2025 17:28:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 69AD 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ichi-up.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 04:01:15 GMT
x-content-type-options
nosniff
age
394039
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 04:01:15 GMT
css
fonts.googleapis.com/ Frame D036 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 23 Mar 2024 17:28:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Mar 2024 16:53:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 23 Mar 2024 17:28:34 GMT
load_preloaded_resource_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame D036 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 22:26:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
68498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Apr 2024 22:26:56 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame D036 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:15:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
756
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9106
x-xss-protection
0
server
cafe
etag
8408112003982630589
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Apr 2024 17:15:58 GMT
window_focus_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame D036 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:15:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
756
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Apr 2024 17:15:58 GMT
qs_click_protection_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame D036 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 22:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
68268
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8355
x-xss-protection
0
server
cafe
etag
17564575596476239644
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Apr 2024 22:30:46 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D036 		206 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 16:56:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
1921
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63909
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 23 Mar 2024 17:56:33 GMT
ef5ce9b2b01bfb848267c2a4546556c1.js
www.gstatic.com/mysidia/ Frame D036 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ef5ce9b2b01bfb848267c2a4546556c1.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 14:39:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15234
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 23:16:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 19 Jun 2024 14:39:56 GMT
data=e8Bj3QA__eDf5p3YUQ5zpDjZs8lWydN1b7Isw_J8zIKRgLoW2f46w5TVZZPH7aaaFybpvUEHTbK9a1uLW1ITAohYVkJfvUcM-CW5RUmOy8ItkQmUa_cle_nj6Q
mts0.google.com/vt/ Frame D036 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mts0.google.com/vt/data=e8Bj3QA__eDf5p3YUQ5zpDjZs8lWydN1b7Isw_J8zIKRgLoW2f46w5TVZZPH7aaaFybpvUEHTbK9a1uLW1ITAohYVkJfvUcM-CW5RUmOy8ItkQmUa_cle_nj6Q
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
0fbe070d8275fc9f951228c1a99fade1818142cec6863112a7fdcb6bc4b92fe1
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
date
Sat, 23 Mar 2024 16:34:25 GMT
x-content-type-options
nosniff
age
3250
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42603
x-xss-protection
0
x-server-version-bin
CgoIBBDx8OmvBhgB
server
scaffolding on HTTPServer2
etag
0cb761500dc533c4a
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=3572
expires
Sat, 23 Mar 2024 17:33:57 GMT
css
fonts.googleapis.com/ Frame A51E 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f0f179eba989a5d55300cbb2fbb9381421109c1ab9b099ebacb3dc91f6e62a1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 23 Mar 2024 17:28:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Mar 2024 16:43:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 23 Mar 2024 17:28:34 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ Frame A51E 		110 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f0fc10c5d39b3a4a9e61466a717d7836c651c9ee32a541b4a6b359d8912656c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Mar 2024 17:28:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32204
x-xss-protection
0
server
sffe
etag
"1f98ff79cb0552c7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Mar 2024 17:28:34 GMT
load_preloaded_resource_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame A51E 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 22:26:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
68498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Apr 2024 22:26:56 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame A51E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:15:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
756
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9106
x-xss-protection
0
server
cafe
etag
8408112003982630589
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Apr 2024 17:15:58 GMT
window_focus_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame A51E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:15:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
756
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Apr 2024 17:15:58 GMT
qs_click_protection_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame A51E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 22:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
68268
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8355
x-xss-protection
0
server
cafe
etag
17564575596476239644
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Apr 2024 22:30:46 GMT
ef5ce9b2b01bfb848267c2a4546556c1.js
www.gstatic.com/mysidia/ Frame A51E 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ef5ce9b2b01bfb848267c2a4546556c1.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 14:39:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15234
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 23:16:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 19 Jun 2024 14:39:56 GMT
css
fonts.googleapis.com/ Frame 8DB2 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f0f179eba989a5d55300cbb2fbb9381421109c1ab9b099ebacb3dc91f6e62a1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 23 Mar 2024 17:28:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Mar 2024 16:40:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 23 Mar 2024 17:28:34 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ Frame 8DB2 		110 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f0fc10c5d39b3a4a9e61466a717d7836c651c9ee32a541b4a6b359d8912656c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Mar 2024 17:28:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32204
x-xss-protection
0
server
sffe
etag
"1f98ff79cb0552c7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Mar 2024 17:28:34 GMT
load_preloaded_resource_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 8DB2 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 22:26:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
68498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Apr 2024 22:26:56 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame 8DB2 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:15:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
756
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9106
x-xss-protection
0
server
cafe
etag
8408112003982630589
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Apr 2024 17:15:58 GMT
window_focus_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 8DB2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:15:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
756
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Apr 2024 17:15:58 GMT
qs_click_protection_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 8DB2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 22:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
68268
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8355
x-xss-protection
0
server
cafe
etag
17564575596476239644
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Apr 2024 22:30:46 GMT
ef5ce9b2b01bfb848267c2a4546556c1.js
www.gstatic.com/mysidia/ Frame 8DB2 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ef5ce9b2b01bfb848267c2a4546556c1.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 14:39:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15234
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 23:16:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 19 Jun 2024 14:39:56 GMT
15530985770263221445
tpc.googlesyndication.com/simgad/12411827199048640748/ Frame A51E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12411827199048640748/15530985770263221445
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b2ec0064905b266e7f5cf0c6b85d5f028b59ef1a826679f55c164a58085f766
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Wed, 19 Mar 2025 07:51:22 GMT
date
Tue, 19 Mar 2024 07:51:22 GMT
x-content-type-options
nosniff
age
380232
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4842
x-xss-protection
0
last-modified
Sat, 18 Nov 2023 15:31:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
2914349705548515401
tpc.googlesyndication.com/simgad/ Frame A51E 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2914349705548515401
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2bce4ee30bf0d0d07cd7fb44f88ad4a6b3a6cc26ab95fc78184edf27c344a2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Fri, 21 Mar 2025 14:28:41 GMT
date
Thu, 21 Mar 2024 14:28:41 GMT
x-content-type-options
nosniff
age
183593
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15766
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 12:26:56 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
15530985770263221445
tpc.googlesyndication.com/simgad/12411827199048640748/ Frame 8DB2 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12411827199048640748/15530985770263221445
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b2ec0064905b266e7f5cf0c6b85d5f028b59ef1a826679f55c164a58085f766
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Wed, 19 Mar 2025 07:51:22 GMT
date
Tue, 19 Mar 2024 07:51:22 GMT
x-content-type-options
nosniff
age
380232
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4842
x-xss-protection
0
last-modified
Sat, 18 Nov 2023 15:31:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
2914349705548515401
tpc.googlesyndication.com/simgad/ Frame 8DB2 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2914349705548515401
Requested by
Host: 98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
URL: https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2bce4ee30bf0d0d07cd7fb44f88ad4a6b3a6cc26ab95fc78184edf27c344a2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Fri, 21 Mar 2025 14:28:41 GMT
date
Thu, 21 Mar 2024 14:28:41 GMT
x-content-type-options
nosniff
age
183593
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15766
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 12:26:56 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
adview
pagead2.googlesyndication.com/pagead/ Frame 69AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/adview?ai=C9-1-QhH_ZYW9CICe7_UPq8SNwAHYtYPIdqCUp8WdEmQQASDLvcUvYJX6moKsB6AB3fCqwCrIAQHgAgCoAwHIAwqqBIUCT9C8II1RsogweAKMJ4iVljzvUcsNl3ZUu7fT983ZnW4Vl7BYCX-VYQPK0WPTH4RqBPcBQbowHmWIg95527VXt8dGFZVtLPdzgSSFsNuq7b3JZs7WvwyXKbtdByBuBh0suyLWZLVBJnt0NWh6CoxSrUYaqzvW4gCsmwVZeAUuemZQa0SuBTCqEoecN3KKqy3IsRjuXtYShPC2vsb17wmD1t7f61mATTCe0AdRLC2Z_SkH5fCJpaRSkie-gZAnkUWPqikjNAg7tUU3KTtb6U4jZ3JOgbWrl4cbIrah27GnhKRgtidAIi1YRqphc9mFRabE_srwLMJoNEHHph9xv66sVzvF8EjYwATGq9Gh0gTgBAGIBanwm6BOkgUECAQYAZIFBAgFGASAB92o-58FqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQLYBwHyBwQQ1PEH0ggqCJHhgHAQARgdMgfri4Dgv4ANOggAgICAgICUKEi9_cE6WIrd26j0ioUDmgmJAWh0dHBzOi8vcGRmaXhlcnMuY29tL2Rvd25sb2FkRml4ZXIuaHRtbD9jYW1wYWlnbl9pZD0yMTAwNTUzMTE3NyZhZGdyb3VwX2lkPTE1OTUyMTE5OTU1OCZwbGFjZW1lbnRfaWQ9aWNoaS11cC5uZXQmY3JlYXRpdmVfaWQ9NjkxNDM2NjYyMDM5gAoDyAsB4g0TCI2-3Kj0ioUDFQDPuwgdK2IDGNgTDIgUBtAVAZgWAYAXAbIXHgocCAASFHB1Yi04NTQ3NTc1NjgzNzE2OTA4GLuAELIYCRIC3mgYASIBAOgYAQ&sigh=RccKnFLXgyY&uach_m=%5B%5D&ase=2&nis=5&template_id=5001&cbvp=2
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
truncated
/ Frame D036 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e093b7399fe6d48d1ec1b7157cc76a5cd1844d5590a8d7c8c85efb409eb60e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A51E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2fd6940d61cf2f74f074b15ee054920244461fa38808b7e6baa19bd95a11e162

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8DB2 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c19efaa79dd48f735bcbcd1434148b220346b3093cea88ec1fc6f9e04612a583

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame D036 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 04:01:15 GMT
x-content-type-options
nosniff
age
394040
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 04:01:15 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame A51E 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 04:01:15 GMT
x-content-type-options
nosniff
age
394040
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 04:01:15 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 8DB2 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 04:01:15 GMT
x-content-type-options
nosniff
age
394040
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 04:01:15 GMT
adview
pagead2.googlesyndication.com/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/adview?ai=CmcrWQhH_ZYe9CICe7_UPq8SNwAHYtYPIdqCUp8WdEmQQASDLvcUvYJX6moKsB6AB3fCqwCrIAQHgAgCoAwHIAwqqBIwCT9DWX770nZa-fKKtE4A0zkXf8npUIQZie78KmawR2CROr3QsdWJNhNxyP-66LKwJZYELgrc_5xHB-IMSP2X4xvJq2n7JP5II24ZTIRoqz09lOvBaHLWWxYO3w2PEnDrK-5kKFmr6b6BAyU6W3D6VWUTvxZP7H1WaR209KtLQqce_xWdfQCUBucLH-hTTG0aSxUBeE2Qcq23WOXQFwDROADxoT2H5m7JcDrl0RM6C_KplRj3fJIJyF2H2sT5cexvfgGNsZqY-buJWEN5n-WmpnW30ebGOiGPiiHUdWOTtvx4s3xB3S_qTvt-Z7Por1CpqfWrYph9yOW6vSUtqbm4719ykwuU3BeLhHFwJjMAExqvRodIE4AQBiAWp8JugTpIFBAgEGAGSBQQIBRgEoAYugAfdqPufBagH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcB8gcEEOSUBtIIKgiR4YBwEAEYHTIH64uA4L-ADToIAICAgICAlChIvf3BOliK3duo9IqFA5oJiQFodHRwczovL3BkZml4ZXJzLmNvbS9kb3dubG9hZEZpeGVyLmh0bWw_Y2FtcGFpZ25faWQ9MjEwMDU1MzExNzcmYWRncm91cF9pZD0xNTk1MjExOTk1NTgmcGxhY2VtZW50X2lkPWljaGktdXAubmV0JmNyZWF0aXZlX2lkPTY5MTQzNjY2MjAzOYAKA8gLAeINEwiPvtyo9IqFAxUAz7sIHStiAxjYEwyIFAbQFQGYFgGAFwGyFx4KHAgAEhRwdWItODU0NzU3NTY4MzcxNjkwOBi7gBCyGAkSAt5oGC4iAQDoGAE&sigh=6gE-bCzo5-s&uach_m=%5BUACH%5D&ase=2&template_id=5004&cbvp=2&vis=1&nis=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 23 Mar 2024 17:28:35 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
pagead2.googlesyndication.com/pagead/ Frame A51E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/adview?ai=CmcrWQhH_ZYe9CICe7_UPq8SNwAHYtYPIdqCUp8WdEmQQASDLvcUvYJX6moKsB6AB3fCqwCrIAQHgAgCoAwHIAwqqBIwCT9DWX770nZa-fKKtE4A0zkXf8npUIQZie78KmawR2CROr3QsdWJNhNxyP-66LKwJZYELgrc_5xHB-IMSP2X4xvJq2n7JP5II24ZTIRoqz09lOvBaHLWWxYO3w2PEnDrK-5kKFmr6b6BAyU6W3D6VWUTvxZP7H1WaR209KtLQqce_xWdfQCUBucLH-hTTG0aSxUBeE2Qcq23WOXQFwDROADxoT2H5m7JcDrl0RM6C_KplRj3fJIJyF2H2sT5cexvfgGNsZqY-buJWEN5n-WmpnW30ebGOiGPiiHUdWOTtvx4s3xB3S_qTvt-Z7Por1CpqfWrYph9yOW6vSUtqbm4719ykwuU3BeLhHFwJjMAExqvRodIE4AQBiAWp8JugTpIFBAgEGAGSBQQIBRgEoAYugAfdqPufBagH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcB8gcEEOSUBtIIKgiR4YBwEAEYHTIH64uA4L-ADToIAICAgICAlChIvf3BOliK3duo9IqFA5oJiQFodHRwczovL3BkZml4ZXJzLmNvbS9kb3dubG9hZEZpeGVyLmh0bWw_Y2FtcGFpZ25faWQ9MjEwMDU1MzExNzcmYWRncm91cF9pZD0xNTk1MjExOTk1NTgmcGxhY2VtZW50X2lkPWljaGktdXAubmV0JmNyZWF0aXZlX2lkPTY5MTQzNjY2MjAzOYAKA8gLAeINEwiPvtyo9IqFAxUAz7sIHStiAxjYEwyIFAbQFQGYFgGAFwGyFx4KHAgAEhRwdWItODU0NzU3NTY4MzcxNjkwOBi7gBCyGAkSAt5oGC4iAQDoGAE&sigh=6gE-bCzo5-s&uach_m=%5BUACH%5D&ase=2&template_id=5004&cbvp=2&vis=1&nis=5
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible
event-source
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 23 Mar 2024 17:28:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
pagead2.googlesyndication.com/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/adview?ai=CMlPtQhH_ZYi9CICe7_UPq8SNwAHYtYPIdqCUp8WdEmQQASDLvcUvYJX6moKsB6AB3fCqwCrIAQHgAgCoAwHIAwqqBIwCT9AFnbs642LDOWIg7CSInpKJjAb4SCP4FwQmHnvTGuSsiiQXPiZU8mWwc8eU1pTAJTpjyRcsv324m6llAZLFChJcD2IKWevMoeUxuil9jH9EJwPNxdz14BuMXLkTsBnGMWgAq8JLBxCO7RWW6gVW8KGjje9OFTPWKSxAKmPcv8ra6Jdl2O-qNRxFritJcP9fxWzGWaJu6dT7w3KXAxk2CXSWiv30wo0U8KqoUrq6JUtOMnEdWcjgjFjhyWpsn4e_8vMign9NZ06YUzci9IskzNhhdx3KDuvDNTK0wXwWzaGePo-3iAOMBKw7uVp6HY2VtRIuBZWPOUpHNTGyLv1V41XEKET_-7LuV0SIt8AExqvRodIE4AQBiAWp8JugTpIFBAgEGAGSBQQIBRgEoAYugAfdqPufBagH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcB8gcEEKjqB9IIKgiR4YBwEAEYHTIH64uA4L-ADToIAICAgICAlChIvf3BOliK3duo9IqFA5oJiQFodHRwczovL3BkZml4ZXJzLmNvbS9kb3dubG9hZEZpeGVyLmh0bWw_Y2FtcGFpZ25faWQ9MjEwMDU1MzExNzcmYWRncm91cF9pZD0xNTk1MjExOTk1NTgmcGxhY2VtZW50X2lkPWljaGktdXAubmV0JmNyZWF0aXZlX2lkPTY5MTQzNjY2MjAzOYAKA8gLAeINEwiQvtyo9IqFAxUAz7sIHStiAxjYEwyIFAbQFQGYFgGAFwGyFx4KHAgAEhRwdWItODU0NzU3NTY4MzcxNjkwOBi7gBCyGAkSAt5oGC4iAQDoGAE&sigh=V_BsWaklwS4&uach_m=%5BUACH%5D&ase=2&template_id=5004&cbvp=2&vis=1&nis=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 23 Mar 2024 17:28:35 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
pagead2.googlesyndication.com/pagead/ Frame 8DB2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/adview?ai=CMlPtQhH_ZYi9CICe7_UPq8SNwAHYtYPIdqCUp8WdEmQQASDLvcUvYJX6moKsB6AB3fCqwCrIAQHgAgCoAwHIAwqqBIwCT9AFnbs642LDOWIg7CSInpKJjAb4SCP4FwQmHnvTGuSsiiQXPiZU8mWwc8eU1pTAJTpjyRcsv324m6llAZLFChJcD2IKWevMoeUxuil9jH9EJwPNxdz14BuMXLkTsBnGMWgAq8JLBxCO7RWW6gVW8KGjje9OFTPWKSxAKmPcv8ra6Jdl2O-qNRxFritJcP9fxWzGWaJu6dT7w3KXAxk2CXSWiv30wo0U8KqoUrq6JUtOMnEdWcjgjFjhyWpsn4e_8vMign9NZ06YUzci9IskzNhhdx3KDuvDNTK0wXwWzaGePo-3iAOMBKw7uVp6HY2VtRIuBZWPOUpHNTGyLv1V41XEKET_-7LuV0SIt8AExqvRodIE4AQBiAWp8JugTpIFBAgEGAGSBQQIBRgEoAYugAfdqPufBagH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcB8gcEEKjqB9IIKgiR4YBwEAEYHTIH64uA4L-ADToIAICAgICAlChIvf3BOliK3duo9IqFA5oJiQFodHRwczovL3BkZml4ZXJzLmNvbS9kb3dubG9hZEZpeGVyLmh0bWw_Y2FtcGFpZ25faWQ9MjEwMDU1MzExNzcmYWRncm91cF9pZD0xNTk1MjExOTk1NTgmcGxhY2VtZW50X2lkPWljaGktdXAubmV0JmNyZWF0aXZlX2lkPTY5MTQzNjY2MjAzOYAKA8gLAeINEwiQvtyo9IqFAxUAz7sIHStiAxjYEwyIFAbQFQGYFgGAFwGyFx4KHAgAEhRwdWItODU0NzU3NTY4MzcxNjkwOBi7gBCyGAkSAt5oGC4iAQDoGAE&sigh=V_BsWaklwS4&uach_m=%5BUACH%5D&ase=2&template_id=5004&cbvp=2&vis=1&nis=5
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible
event-source
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 23 Mar 2024 17:28:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
pagead2.googlesyndication.com/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/adview?ai=CeZYWQhH_ZYa9CICe7_UPq8SNwAGPyva0dq_HuZvBEmQQASDLvcUvYJX6moKsB6ABtMrX4wPIAQmpAivR1Qv0IbI-4AIAqAMByAPLBKoEjwJP0NOF9UucguQ56dpJR8-2QF2I-jSYbzjxVPm7HDWW_rNUAXIX-3BYrqwlqEY7_Lh6xCP3oQ93hdU4Vo0MmIBAcc_QkIjWrLii0tbDjQlNg5usUq2sG6i_YyDdyQ-j9F1TByFv1Aaxf-4EGr4unc6HpDwJlrn-pQxaV9nX6PKHr8lCXCpS9Zgp_jC2suK4jBs6oEt5eqgkrFmJq4ccJ4lU_5gkbW4YOwPKs9okwg0cj2AYlmvq0Oo2N4yNZz18GugB7lI7eO3Ja-HGr7Ea1aQMFOOvHcg6Xt2gQrQplhfgQU446tPCvR9amss8325tGJP7eiCOc1d-3HEd33tXIrnDE68P8DeOR0aYAQ5G8_-dwASAi-DN6QTgBAGIBZWb-JJKkgUECAQYAZIFBAgFGASgBi6AB7S1qByoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAtgHAPIHBBCVgQTSCCoIkeGAcBABGB0yB-uLgOC_gA06CACAgICAgJQoSL39wTpYit3bqPSKhQOaCS5odHRwczovL3d3dy5iYWJ5b25lLmRlL2ZhY2htYXJrdC9sdWVuZWJ1cmcvMDI3gAoDyAsBmAzH8ZP81ATiDRMIjr7cqPSKhQMVAM-7CB0rYgMYuBODBNgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi04NTQ3NTc1NjgzNzE2OTA4GLuAELIYCRICok8YLiIBAA&sigh=U9FqjflNHU0&uach_m=%5BUACH%5D&ase=2&template_id=515&cbvp=2&vis=1&nis=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 23 Mar 2024 17:28:35 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
pagead2.googlesyndication.com/pagead/ Frame D036 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/adview?ai=CeZYWQhH_ZYa9CICe7_UPq8SNwAGPyva0dq_HuZvBEmQQASDLvcUvYJX6moKsB6ABtMrX4wPIAQmpAivR1Qv0IbI-4AIAqAMByAPLBKoEjwJP0NOF9UucguQ56dpJR8-2QF2I-jSYbzjxVPm7HDWW_rNUAXIX-3BYrqwlqEY7_Lh6xCP3oQ93hdU4Vo0MmIBAcc_QkIjWrLii0tbDjQlNg5usUq2sG6i_YyDdyQ-j9F1TByFv1Aaxf-4EGr4unc6HpDwJlrn-pQxaV9nX6PKHr8lCXCpS9Zgp_jC2suK4jBs6oEt5eqgkrFmJq4ccJ4lU_5gkbW4YOwPKs9okwg0cj2AYlmvq0Oo2N4yNZz18GugB7lI7eO3Ja-HGr7Ea1aQMFOOvHcg6Xt2gQrQplhfgQU446tPCvR9amss8325tGJP7eiCOc1d-3HEd33tXIrnDE68P8DeOR0aYAQ5G8_-dwASAi-DN6QTgBAGIBZWb-JJKkgUECAQYAZIFBAgFGASgBi6AB7S1qByoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAtgHAPIHBBCVgQTSCCoIkeGAcBABGB0yB-uLgOC_gA06CACAgICAgJQoSL39wTpYit3bqPSKhQOaCS5odHRwczovL3d3dy5iYWJ5b25lLmRlL2ZhY2htYXJrdC9sdWVuZWJ1cmcvMDI3gAoDyAsBmAzH8ZP81ATiDRMIjr7cqPSKhQMVAM-7CB0rYgMYuBODBNgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi04NTQ3NTc1NjgzNzE2OTA4GLuAELIYCRICok8YLiIBAA&sigh=U9FqjflNHU0&uach_m=%5BUACH%5D&ase=2&template_id=515&cbvp=2&vis=1&nis=5
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible
event-source
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 23 Mar 2024 17:28:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
RHT_zY17L6srHmM0oGH2isr7WAJbgO4PD0Os-3lRiIM.js
pagead2.googlesyndication.com/bg/ Frame 0656 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/RHT_zY17L6srHmM0oGH2isr7WAJbgO4PD0Os-3lRiIM.js
Requested by
Host: ichi-up.net
URL: https://ichi-up.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4474ffcd8d7b2fab2b1e6334a061f68acafb58025b80ee0f0f43acfb79518883
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 07:46:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
380519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20381
x-xss-protection
0
last-modified
Thu, 14 Mar 2024 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Mar 2025 07:46:36 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403200101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403200101/pubads_impl.js?cb=31082083
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50b646016ad0fa7c75b522bfb8b6ae8138fbe2c7636e1baa5f511adc296f1d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:28:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12334
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403200101/pubads_impl.js?cb=31082083
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Mar 2024 17:28:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9F3B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ichi-up.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
396
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 23 Mar 2024 17:21:59 GMT
expires
Sun, 23 Mar 2025 17:21:59 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js
pagead2.googlesyndication.com/bg/ Frame 9F3B 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 16:56:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
1920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15865
x-xss-protection
0
last-modified
Thu, 14 Mar 2024 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 23 Mar 2025 16:56:35 GMT
generate_204
tpc.googlesyndication.com/ Frame 9F3B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4rl32Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:28:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 69AD 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXEE8yChsAORZKW-yGg5y2an6lyttMRIzjO_a8YEdhRjnehnnpcrs1E0vRMJzlx3E5Fm8ckIaNvXK_UXz5twZ2_5YBmuEmChgBZnJ1RM0fjPRt9VZ8TcgP9z3FQAvZjx71dOo5Q1_xZhoEQwSk7UOsZzTyHA-wPzJKjKpI26A&sig=Cg0ArKJSzCgK0R-o20ITEAE&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=314&tls=1314&g=100&h=100&tt=1314&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Mar 2024 17:28:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403200101&jk=2112378457855819&bg=!MDOlM3zNAAZaswqNerM7ADQBe5WfODefFz6PTnq1e-n0qazR2XHB7DOI6dJd6sQ-O_ekKXmbUfFVW2LL13bdHFLttw_lAgAAADpSAAAAAmgBB34ANdNS02LrUQbSjO8Jbkggtto0piG4JjMo_D3KVqrsr_tCVHjqEBGKSJQUXQcIU_OLsVCjmSdkCgBmW923QLsaMs5TxupTQxG8Bz4EzKArCNyCEj860eLue_xuQhZCbiCZZLcVspnHw3Rxu18HZZdAiwHxrgKR8LU2tXZ2VQUPoI70i3Sa3O24l-o5uN6sDCNllW8Vm2A2p3P0g2Eiait6mQJsc4LtGgrykHGRBmVVLfhhIxO0KbQ7ZaG8c0TbhW5XWD_fVmN9qtfOxcsxP0gFR2l-BriyAZzpJKHqZhtJVVyb9EUB52Uv0Wq7BLF-GhvGBuVqxqw9lOVahimJY5JqY0YeYKmCKwif-81QEPYJ_t2Gf9kssKgbB4EWpY5bDRWxMeDaRK29xpFSVfJjrm2FB0nj5XsnmC9N2dBwcYP3uhJadUCJlIUavsBeiKd0O0XR9kWXHRsIFO5hgE71kTG4MA3OiIVF1Ts-maC4ROHLCcX1-1HOAQpdUJsnODxQpIgaZStXNmu33lYYbeSngSN77TNn96EqBeqfqcCqSSmgylYeehHeP84ZCH0ONwvg565NYz4NLmVKvPsnp2vf1DKIWvCCvuDr3k7JcSaoPFNY6GyM4U63QYScFbsBJE_fFJUJtY565s6VEYW44UJF12fwEo3ltU6nWJcCYwHTpr7IbyC6tZShiQBFmI0ZWAUask9Qt5ZV58-_NMllzQT8Dw-TYY0Z8vPDC5ItcOIRx-58LcwzKnxtG9t0mTzBerdNbJhr1YB8TKRf0vVs-7GTzjNUF9dri_c4B2fxx6933p2d79Q-0Ugih-zGpm83TqUsKjEWXGg30H5fhB6D92dI5BF6_BQ8Qj3XlwnwL5VFe6WraYr_xU8wuwX7M91JBPj-d7aVh9ppaHkTwEQz7gNuaimQR5U0vwOE1x2cCUjlcFBbWu4fSPIL0-h6mobR4DZMkKkF83qsMsq7eCVnYbC2KM-3l0nTSpuqmGdbyE-WiEKMpLrUag-Llu2o6VnJbXEEHRs--uIf9YpGt6OTf4hTtJ4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ichi-up.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame D036 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOpvRiQX9EkjSY2C0vYJ2Aim0WyyH_1kvuLbT7LUbc0Ryrx5X_AUryOmP-MBdWMy8KFjfD7ZVfqOf1fbSrQ5Y5tnXCHkjHd1L3BfGEm2veLY7COyRbIU5AvXJpwb7VwvpSZHhWho58EBIy30WB58hQE1Rckti4RaMCGSlCXHsHmOeIuWAOhYI7MQUyBd604eJLCKYxwA5ewUMAmWoKU-1czAktqRkbEA29CN5AxLSevWrhBePQDXtCW7zAgnqpWS8xiPdK401B44BnpgpwzlaS-EbxcEg43m9X8juUC5iE_96ZiWZB1MEYw1DelAbUO3qq-BBV4A3g1vgFC28-jNLmPnGLVaZkftXWeI_4pTmflRQNfjZnAgIqXDoepjaIwD0GKq2ZZ3iwPGPFbZoTth3xF9IjKdz1PfpQBhxH1LYUOamFA__aILjquRHZTBJlSkpphPrmn6EpsDNyooHVbkGfhnWEGBuGGPv0gnuCnMxiB5oEQBEDmG0vMoX4mXptxuU_6DcB6AH0pHTmV8vCzKHECu5K1ZHR_gUe6gRcWe3F3NurJVqfKGFacbInap-Pgij_QHlM7-rze5Q3O7MCeV-USoR_kZoXGaf-orH1Mkq9ghLl7KLIPEpOCV9DgYXL-rPiCTzyn_qzUodxIOIAooccSYnvyFxB71wVthhHO6jeXPoDrp5EeyT6MUPIRnqkNEnuo5FS-IFzvNX-Y5ySK_79paG0HSWYTsFIACtVll9Ab-dhFCyEKKSCdGY7bjCna8a10j3oXSB3201w1Aa1fCb0OglbAH0M8qBJrATCE2Z1mWeZHIq8HKDEnmSmjoytZlxKcpMlMmrlznAlkz0ib5VMBA5X9dum7x4rgXvRvC2682pAG6GQVgRPr_0dr9hyoayR3ShE4tzEUAYu1NxcRVh6nkb33SuxsrLeB9X5tazOcWdJB_8m6ZEi-M1lBuO91A0DsnjsDidnPsgSSHlDAjJlAqDvV4fPxKvsAXjLeSPTKf1UewwpeGvXlAbzWpNUd8vu1Cv_byx-6UBhFmfFOGr4JNoOsqqN0--sRRXkv8cIjAuct9AuDQ8Ofhp4g_iwh81uElVB464UDzEJRi94uTj2nT5fTcJvm4yeIUxQccLzXomHeayGoPh9O9n-LQ0EhDFiaoOehLIGJtfgdDTJF8u7iUJsqo3KJES5jyiC2EHUTY58JR6MiJBykax-D1EaO74tlcUZ6laXL4gpbSjDZsy8nExPICCHGlgfLaCLWKBlmBt3YOM9bMxqANIZK4covF-auergctKAFMiW9yxcVDGr0ldns_bAex9gSKq5VxPmaNta8gGtNtWprg9CPN6YJcN7E6dNA3pX2u-hKj67c1SNc6THJWdiLbFK0cxXYjr5NgBWWlEmJ645HVt7lZjnt_uT9kebVlc&sai=AMfl-YTs1m1K7kHKdCvueQFmt5UcSApzsox_YqdtCS2p8Adqop6y&sig=Cg0ArKJSzDq_X3uhYN6QEAE&id=lidar2&mcvt=1000&p=664,986,914,1286&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1684366703&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=714771500&rst=1711214914677&rpt=449&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Mar 2024 17:28:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3GQ50Z5BRG&gtm=45je43k0v893133020za200&_p=1711214913534&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1342329933.1711214914&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEI&sid=1711214913&sct=1&seg=0&dl=https%3A%2F%2Fichi-up.net%2F&dt=%E3%81%84%E3%81%A1%E3%81%82%E3%81%A3%E3%81%B7&_s=2&tfd=7440
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3GQ50Z5BRG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ichi-up.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 23 Mar 2024 17:28:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ichi-up.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| googletag object| pbjs object| fluxtag object| imobile_gam_slots object| apstag object| dataLayer number| PIN_19805 object| _aps boolean| apstagLOADED object| apscustom object| PIN_1711214913607 string| value string| key object| PinUtils object| ggeac object| google_tag_data object| google_js_reporting_queue object| adsbygoogle object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| google_tag_manager boolean| google_measure_js_timing object| google_reactive_ads_global_state string| GoogleAnalyticsObject function| ga number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint number| google_rum_task_id_counter function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests object| pbFlux function| prebidBidder object| $$PREBID_GLOBAL$$ object| _pbjsGlobals object| flux object| pbjsChunk object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms

7 Cookies

Domain/Path Name / Value
ichi-up.net/ Name: _ichiup_session
Value: Z0ZsUTE4T2kvc3VtVWJLYmh4VE5JcERMSzduamg3VlRRRmNzT3FBRlQwdmlKZXZZSElOdUlaaVl6dUU2MHlqZTU3eDAxc1FYUmFEZkx6ZG5EeDYyOWVDc3lLNHFMRkJLTjVCd051M1pUNG5TQStwSUJvZVI5VVFuZGZsUWtvU0grc1NTb3liZFBDaEY4T0tpbVdkYlIzczdCQ3dXU2tOYmpjQTh3bHlnS2dOMlplNXpleU9XbVhDMmxjd0pqMVhac3RmZzV1UVV0ZHdjRmN5MkcxYWQ0czRoTmQ1bWdSVWZGTTNYTHNxN3N6MFpCZVFqMm9IMlgxNU9zUE1zVi9VcTk2QTlLQlhoTm5jMVNNYnE5VHlROWpQZVE0OEtLbTlWT1ZNak5ZVE04K0E9LS0yYWFIUHlJK1M1cHpuR05iUkVvMDBBPT0%3D--791961e16bdcb4c382d33d46c6e0e9d5fc349f4a
.ichi-up.net/ Name: _ga
Value: GA1.2.1342329933.1711214914
.ichi-up.net/ Name: _gid
Value: GA1.2.357729265.1711214914
.ichi-up.net/ Name: _dc_gtm_UA-62708784-1
Value: 1
ichi-up.net/ Name: _flux_dataharbor
Value: 1
.ichi-up.net/ Name: __eoi
Value: ID=6d867f1626b5f4aa:T=1711214914:RT=1711214914:S=AA-AfjZWat2p5ezcGcgzYS74PVkf
.ichi-up.net/ Name: _ga_3GQ50Z5BRG
Value: GS1.1.1711214913.1.0.1711214914.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

98d81912afa87cbdafc217b142b4b2cf.safeframe.googlesyndication.com
a.flux.jp
aax.amazon-adsystem.com
assets.pinterest.com
c.amazon-adsystem.com
cdn.ampproject.org
cdn.jsdelivr.net
config.aps.amazon-adsystem.com
flux-cdn.com
fonts.googleapis.com
fonts.gstatic.com
ichi-up.net
log.pinterest.com
mts0.google.com
pagead2.googlesyndication.com
prod.tahoe-analytics.publishers.advertising.a2z.com
region1.google-analytics.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
108.138.3.46
108.138.6.136
151.101.128.84
151.101.129.91
18.245.31.9
2001:4860:4802:34::36
2606:4700::6810:5714
2a00:1450:4001:802::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2001
2a00:1450:4001:812::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2001
2a00:1450:400c:c00::9b
2a04:4e42:8e::84
34.160.89.38
44.230.228.4
52.222.139.21
52.222.139.79
030d42287ad79ac527fb23d6fd8fbd5cb577f290ecb878706e38b90e2eac1847
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
087fb13d26389c6b974bb936987308d63544da22724979fc209364956d9a3b4e
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
0afc4d2a2ee1f73f9c74e3060683fa6751582d2f79b8933526e34e87f41e3def
0e47254d7d3eaa92e41dc7e4237ceb0e045b3fcffe87c9f2a892d3a2435781be
0fbe070d8275fc9f951228c1a99fade1818142cec6863112a7fdcb6bc4b92fe1
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
17859f93791e21e1ad2b719ea49b34aa5ca3c0600345bd0715a351011bad28b8
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
1aa8258e85de9dc0f6d9c36b4705e32950d6f2ef5d841ca41fb4f70f3286fdd1
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1de9babf15c948c8b9b47b0b064db76bebd75aa5207d9c719f3927b7147c4218
1ec3f51275e9591ecc8a2cc293de405e036b86192cef5c919c1ae19a9b5fb3c7
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
246012b348c836d716a8b43cecad9cfce0770789ea2a716d914bc26e071c7252
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2770e2403192a7b11afe55d92fcda866ca008ff7e05e08ea98e8da20ece4b6d7
2b2ec0064905b266e7f5cf0c6b85d5f028b59ef1a826679f55c164a58085f766
2fd6940d61cf2f74f074b15ee054920244461fa38808b7e6baa19bd95a11e162
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37d5b07c436cfe35ab0ea2083b687e03cf6df5f288863c988f997e258b2a9751
39286afdc8458a46ca5159cf7da8335b21b5b3b707753956f972953d70d33637
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
401c5b841b2f51dd164f9ad4854f269d92bd0892ccbb564b9ac2839706c699a6
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42105d93aee9dec7cbfa7220e7fd8590601dede50b991ec1419d5d2ebd02e7d7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4474ffcd8d7b2fab2b1e6334a061f68acafb58025b80ee0f0f43acfb79518883
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4fed25c522546f1b2e83ec7d466da2382d7ebac5c10ce2d77605b2796f3572eb
50b646016ad0fa7c75b522bfb8b6ae8138fbe2c7636e1baa5f511adc296f1d96
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57c1d1b1b0b9057e20276bead208fa9c95048bfce328b24c73c15d0c0e158e5d
59e8c0ec368538006fbfbf3ff9ded0fa89ce2bd9e25525b4b3688f32a275d96a
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
5e093b7399fe6d48d1ec1b7157cc76a5cd1844d5590a8d7c8c85efb409eb60e0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67c269c6db30d5990a013dd382ca4c4db19097afb41dc8ce1a717db33d09731c
6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb
6a6187838cc4af1fd500f6de6c5dc5b10af97a8db371ffd1feca4981e28a149a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7531f5d68e67dd614e5b937b172185a249d002ce1ece2ae9447ebea1efecc461
76502a37a6b99a74207aab3a6f09d1648ab929a3d40d872d7a0dbf43ec23f307
79b7ddc4647e82e12149e606a578db93a4d232a2c14da0cf27adde40fbdb1330
7dfeca8dba6257ad5557edf38de300f4b81d41144cd99ae47a783300e2d2f0c3
7f1343ca74e009a2949392688b30d4a9a8f7f642ae4b593c9fdc76284531b049
7f47d789ffebf33e619be6fcb6e01ad084f2eadc5193bb444f0358d97b498940
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8cc8916bdd1863ec01e544e1e68ac1502193f0c89be99c42cee62aa4bccf5856
8f0fc10c5d39b3a4a9e61466a717d7836c651c9ee32a541b4a6b359d8912656c
96e56bdfbcc7771fe4c43701e4ac2a8b0f6a04d1adfc14661fa9317c6ed04d9c
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
ab36bd1d6e931a627d42ee0a53a64440f15266d4b304bf528b1231e741248b53
af789d23222405cde8d3158a0f1793aced56448fe17af67dd8ab14376efadeb8
b03e47be670af718e58c80ac4d4af0e6bfcae1f71c53139003eed82ccc155a43
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b47a282b42e3dfe1a2a4b2b1828f20d7ee2e25023d375e40565755a87db1630f
bd5bc716133ae28c88570bd7073808ff662c616dfa23e3a8a6b714cfe6b5183e
c19efaa79dd48f735bcbcd1434148b220346b3093cea88ec1fc6f9e04612a583
c2bce4ee30bf0d0d07cd7fb44f88ad4a6b3a6cc26ab95fc78184edf27c344a2c
c55c6165b64ceaaff64e853a8db613cd4001b9100889e0a917099573b0c5a084
c99eabb1f86d8d0faa5f53838143d11422a7ce2f57df91dc6792363a1e6d30db
cbf6ee11b4dc9fce4e7a0e68c509a883ad3dc18779ed25d8c22eb7f2cec45ea4
cc8e0c22a948aefc27fe45768b02b233585531476905de6f87b96c2800da2f1e
ccb1962bde7345332dbb2177ee19139b799c3366ff6629c37dc85bcd9bed056c
dd37a814db49e7d44d5dbea2d92d1016d0d009f5ec5f2a0c15827f8f2e4ab9ef
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df9592b48b705333bf1569635691c5cac45c37b62b12e6d0ac21f85d4bb5254b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f179eba989a5d55300cbb2fbb9381421109c1ab9b099ebacb3dc91f6e62a1e
f9d5f6c779351626e777b32bba2cf30d4276b6f7b23e07a2ca92453f7ff5a70c
fd76449b4d4593d9dd976fa29a63acf3e39efc36da17f002d778c52a8cab826e