Submitted URL: http://onimama.com/kawaretaotoko
Effective URL: https://onimama.com/kawaretaotoko/
Submission: On October 31 via api from US — Scanned from JP

Summary

This website contacted 91 IPs in 9 countries across 57 domains to perform 357 HTTP transactions. The main IP is 162.43.104.88, located in Hyakuninchō, Japan and belongs to XSERVER Xserver Inc., JP. The main domain is onimama.com.
TLS certificate: Issued by R11 on October 20th 2024. Valid for: 3 months.
This is the only time onimama.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 33 162.43.104.88 131965 (XSERVER X...)
15 2606:4700:10:... 13335 (CLOUDFLAR...)
5 172.217.25.162 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 104.17.25.14 13335 (CLOUDFLAR...)
2 202.226.37.225 131965 (XSERVER X...)
2 99.84.133.105 16509 (AMAZON-02)
7 202.231.228.162 4686 (BEKKOAME ...)
3 3.164.110.64 16509 (AMAZON-02)
1 18.65.216.127 16509 (AMAZON-02)
4 172.67.174.127 13335 (CLOUDFLAR...)
1 184.26.43.70 20940 (AKAMAI-ASN1)
1 3 2406:2600:4::b 55569 (CRITEO-AS...)
5 51.79.154.9 16276 (OVH)
2 2620:116:800e... 16509 (AMAZON-02)
1 54.72.209.132 16509 (AMAZON-02)
1 54.171.214.164 16509 (AMAZON-02)
2 34.248.22.168 16509 (AMAZON-02)
2 2600:140b:a00... 20940 (AKAMAI-ASN1)
1 2 35.244.193.51 396982 (GOOGLE-CL...)
2 182.161.74.11 55569 (CRITEO-AS...)
3 10 141.95.98.65 16276 (OVH)
1 13.229.7.13 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 54.168.15.149 16509 (AMAZON-02)
4 212.83.160.162 12876 (Online SAS)
1 2600:140b:a00... 20940 (AKAMAI-ASN1)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2404:6800:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.74.242.98 16509 (AMAZON-02)
4 131.153.206.103 59210 (PHOENIXNA...)
4 51.79.152.81 16276 (OVH)
4 2606:4700:440... 13335 (CLOUDFLAR...)
3 8 103.43.91.249 29990 (ASN-APPNEX)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 69.173.158.65 26667 (RUBICONPR...)
4 35.227.252.103 396982 (GOOGLE-CL...)
4 54.151.166.244 16509 (AMAZON-02)
4 8 35.213.17.49 15169 (GOOGLE)
1 54.168.247.123 16509 (AMAZON-02)
1 5 50.31.142.127 22075 (AS-OUTBRAIN)
3 141.95.98.64 16276 (OVH)
1 2 52.223.40.198 16509 (AMAZON-02)
1 18.65.216.106 16509 (AMAZON-02)
1 2600:140b:a00... 20940 (AKAMAI-ASN1)
1 35.73.194.241 16509 (AMAZON-02)
4 4 23.215.255.183 16625 (AKAMAI-AS)
6 23.35.101.65 16625 (AKAMAI-AS)
11 202.210.188.66 4686 (BEKKOAME ...)
4 34.249.158.60 16509 (AMAZON-02)
9 54.178.127.118 16509 (AMAZON-02)
2 54.249.60.50 16509 (AMAZON-02)
11 35.241.34.106 15169 (GOOGLE)
1 2600:1901:0:e... 396982 (GOOGLE-CL...)
4 35.79.122.42 16509 (AMAZON-02)
4 18.65.207.107 16509 (AMAZON-02)
9 185.84.60.20 198622 (ADFORM)
2 34.120.92.238 396982 (GOOGLE-CL...)
1 23.106.50.36 59253 (LEASEWEB-...)
2 103.132.192.30 138552 (RTBHOUSE-...)
1 69.173.158.67 26667 (RUBICONPR...)
10 185.84.60.57 198622 (ADFORM)
1 1 69.173.158.64 26667 (RUBICONPR...)
1 12 142.250.76.130 15169 (GOOGLE)
1 207.65.34.80 62713 (AS-PUBMATIC)
1 4 64.120.110.136 59253 (LEASEWEB-...)
3 35.244.159.8 396982 (GOOGLE-CL...)
3 34.149.40.38 396982 (GOOGLE-CL...)
1 1 23.106.127.56 59253 (LEASEWEB-...)
2 2 37.157.6.254 198622 (ADFORM)
2 37.157.2.250 198622 (ADFORM)
1 1 44.225.202.104 16509 (AMAZON-02)
1 44.240.32.106 16509 (AMAZON-02)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
2 2 35.71.131.137 16509 (AMAZON-02)
2 18.141.48.81 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 184.27.185.91 20940 (AKAMAI-ASN1)
1 131.153.206.100 59210 (PHOENIXNA...)
1 13.115.236.196 16509 (AMAZON-02)
1 107.178.248.96 15169 (GOOGLE)
1 2 151.101.66.49 54113 (FASTLY)
1 35.71.178.8 16509 (AMAZON-02)
1 23.32.224.239 16625 (AKAMAI-AS)
4 4 74.118.186.107 6336 (TURN-US-ASN)
1 1 2001:df2:a300... 6336 (TURN-US-ASN)
46 2606:4700::68... 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
6 142.250.207.98 15169 (GOOGLE)
4 151.101.108.157 54113 (FASTLY)
2 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 142.250.206.195 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
10 142.250.206.206 15169 (GOOGLE)
1 142.250.207.46 15169 (GOOGLE)
357 91
Apex Domain
Subdomains
Transfer
46 bannerflow.net
c.bannerflow.net — Cisco Umbrella Rank: 8586
1 MB
33 onimama.com
onimama.com
2 MB
23 adform.net
asia.adform.net — Cisco Umbrella Rank: 71004
s2.adform.net — Cisco Umbrella Rank: 6863
track.adform.net — Cisco Umbrella Rank: 5808
s1.adform.net — Cisco Umbrella Rank: 12796
96 KB
19 4dex.io
script.4dex.io — Cisco Umbrella Rank: 3596
mp.4dex.io — Cisco Umbrella Rank: 3227
c.4dex.io — Cisco Umbrella Rank: 6698
u.4dex.io — Cisco Umbrella Rank: 3160
27 KB
19 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
cm.g.doubleclick.net — Cisco Umbrella Rank: 283
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
td.doubleclick.net — Cisco Umbrella Rank: 192
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
222 KB
18 zucks.net
j.zoe.zucks.net — Cisco Umbrella Rank: 909123
ll.zucks.net
sh.zucks.net — Cisco Umbrella Rank: 178765
k.zucks.net — Cisco Umbrella Rank: 176901
42 KB
18 fam-8.net
fam-8.net — Cisco Umbrella Rank: 231053
img.fam-8.net — Cisco Umbrella Rank: 711483
3 MB
16 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 492
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1029
eus.rubiconproject.com — Cisco Umbrella Rank: 600
beacon-sin1.rubiconproject.com — Cisco Umbrella Rank: 14709
pixel.rubiconproject.com — Cisco Umbrella Rank: 413
6 KB
15 google.com
analytics.google.com — Cisco Umbrella Rank: 147
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682
73 KB
15 themoneytizer.com
ads.themoneytizer.com — Cisco Umbrella Rank: 58103
70 KB
11 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 522
cdn.id5-sync.com — Cisco Umbrella Rank: 994
38 KB
9 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 7172
penta.a.one.impact-ad.jp — Cisco Umbrella Rank: 130952
3 KB
9 openx.net
rtb.openx.net — Cisco Umbrella Rank: 556
ox-rtb-asia-east1.openx.net — Cisco Umbrella Rank: 117536
eu-u.openx.net — Cisco Umbrella Rank: 3005
moneytizer-d.openx.net — Cisco Umbrella Rank: 125327
4 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 267
secure.adnxs.com — Cisco Umbrella Rank: 479
acdn.adnxs.com — Cisco Umbrella Rank: 613
9 KB
9 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 691
2 KB
8 googlesyndication.com
9dea7713ca7699124c2e97dc40dc0af3.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
337 KB
5 creativecdn.com
sin.creativecdn.com — Cisco Umbrella Rank: 23769
creativecdn.com — Cisco Umbrella Rank: 545
2 KB
5 zemanta.com
b1h.zemanta.com — Cisco Umbrella Rank: 6856
1 KB
5 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 535
eb2.3lift.com — Cisco Umbrella Rank: 415
4 KB
5 sparteo.com
bid.sparteo.com — Cisco Umbrella Rank: 67997
sync.sparteo.com — Cisco Umbrella Rank: 53528
747 B
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 777
sync.a-mo.net — Cisco Umbrella Rank: 1710
4 KB
5 cpx.to
p.cpx.to — Cisco Umbrella Rank: 11565
s.cpx.to — Cisco Umbrella Rank: 10156
6 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 461
mug.criteo.com — Cisco Umbrella Rank: 3626
2 KB
4 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1472
30 KB
4 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 2664
328 B
4 zimg.jp
static.zucks.net.zimg.jp — Cisco Umbrella Rank: 361156
83 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 373
2 KB
4 sddan.com
kvt.sddan.com — Cisco Umbrella Rank: 46574
3 KB
4 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 13680
ced-ns.sascdn.com — Cisco Umbrella Rank: 3166
28 KB
4 themoneytizer.fr
cdn.themoneytizer.fr — Cisco Umbrella Rank: 72243
tmzr.themoneytizer.fr — Cisco Umbrella Rank: 78648
142 KB
4 ust-ad.com
adjs.ust-ad.com — Cisco Umbrella Rank: 509073
ad.ust-ad.com — Cisco Umbrella Rank: 504318
6 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 503
2 KB
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 917
847 B
3 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1420
usersync.gumgum.com — Cisco Umbrella Rank: 1549
2 KB
3 ad-stir.com
js.ad-stir.com — Cisco Umbrella Rank: 344127
ad.ad-stir.com — Cisco Umbrella Rank: 296005
23 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 780
498 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 774
ce.lijit.com — Cisco Umbrella Rank: 912
177 B
2 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 867
ads.pubmatic.com — Cisco Umbrella Rank: 557
225 B
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 748
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 739
441 B
2 im-apps.net
dmp.im-apps.net — Cisco Umbrella Rank: 30606
audiencedata.im-apps.net — Cisco Umbrella Rank: 31673
3 KB
2 missena.io
bid.missena.io — Cisco Umbrella Rank: 63981
sync.missena.io — Cisco Umbrella Rank: 5783
260 B
2 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1340
593 B
2 biddertmz.com
metrics.biddertmz.com — Cisco Umbrella Rank: 69005
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1471
pixel.quantserve.com — Cisco Umbrella Rank: 1044
10 KB
2 xserver.jp
webfonts.xserver.jp — Cisco Umbrella Rank: 508823
48 KB
1 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 26226
63 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
111 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1136
487 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 928
434 B
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1583
239 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1501
1 KB
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2543
899 B
1 adleadevent.com
adtrack.adleadevent.com — Cisco Umbrella Rank: 59094
859 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
4 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 412
31 KB
0 semasio.net Failed
uipapac.semasio.net Failed
0 adform.com Failed
adx3.adform.com Failed
357 57
Domain Requested by
46 c.bannerflow.net onimama.com
c.bannerflow.net
33 onimama.com 1 redirects onimama.com
15 ads.themoneytizer.com onimama.com
ads.themoneytizer.com
tmzr.themoneytizer.fr
12 fundingchoicesmessages.google.com pagead2.googlesyndication.com
11 c.4dex.io tmzr.themoneytizer.fr
11 img.fam-8.net onimama.com
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
10 s2.adform.net asia.adform.net
s2.adform.net
onimama.com
10 id5-sync.com 3 redirects tmzr.themoneytizer.fr
cdn.id5-sync.com
onimama.com
9 asia.adform.net tmzr.themoneytizer.fr
s2.adform.net
9 ll.zucks.net j.zoe.zucks.net
9 onetag-sys.com ads.themoneytizer.com
tmzr.themoneytizer.fr
script.4dex.io
8 y.one.impact-ad.jp 4 redirects onimama.com
tmzr.themoneytizer.fr
7 ib.adnxs.com 2 redirects tmzr.themoneytizer.fr
p.cpx.to
7 fam-8.net onimama.com
fam-8.net
6 pagead2.googlesyndication.com onimama.com
pagead2.googlesyndication.com
6 eus.rubiconproject.com script.4dex.io
onimama.com
tmzr.themoneytizer.fr
5 b1h.zemanta.com 1 redirects tmzr.themoneytizer.fr
onimama.com
5 securepubads.g.doubleclick.net onimama.com
securepubads.g.doubleclick.net
4 platform.twitter.com onimama.com
platform.twitter.com
4 ads.us.e-planning.net 1 redirects script.4dex.io
4 static.zucks.net.zimg.jp onimama.com
4 k.zucks.net j.zoe.zucks.net
4 s.cpx.to p.cpx.to
onimama.com
4 secure-assets.rubiconproject.com 4 redirects
4 match.adsrvr.org 3 redirects p.cpx.to
4 tlx.3lift.com tmzr.themoneytizer.fr
4 rtb.openx.net tmzr.themoneytizer.fr
4 fastlane.rubiconproject.com tmzr.themoneytizer.fr
4 bid.sparteo.com tmzr.themoneytizer.fr
4 mp.4dex.io tmzr.themoneytizer.fr
4 prebid.a-mo.net tmzr.themoneytizer.fr
4 kvt.sddan.com tmzr.themoneytizer.fr
3 analytics.google.com www.googletagmanager.com
3 sync.1rx.io 3 redirects
3 creativecdn.com 3 redirects
3 u.4dex.io onimama.com
3 lb.eu-1-id5-sync.com cdn.id5-sync.com
tmzr.themoneytizer.fr
3 ced-ns.sascdn.com ced.sascdn.com
ced-ns.sascdn.com
onimama.com
3 gum.criteo.com 1 redirects ads.themoneytizer.com
3 cdn.themoneytizer.fr ads.themoneytizer.com
3 j.zoe.zucks.net onimama.com
2 sync-tm.everesttech.net 1 redirects tmzr.themoneytizer.fr
2 usersync.gumgum.com tmzr.themoneytizer.fr
2 s1.adform.net onimama.com
2 track.adform.net 2 redirects
2 eu-u.openx.net onimama.com
2 cm.g.doubleclick.net 1 redirects tmzr.themoneytizer.fr
2 sin.creativecdn.com onimama.com
2 ox-rtb-asia-east1.openx.net tmzr.themoneytizer.fr
2 sh.zucks.net j.zoe.zucks.net
2 9dea7713ca7699124c2e97dc40dc0af3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 ad.ust-ad.com adjs.ust-ad.com
2 mug.criteo.com onimama.com
2 lexicon.33across.com 1 redirects onimama.com
2 metrics.biddertmz.com ads.themoneytizer.com
2 js.ad-stir.com onimama.com
js.ad-stir.com
2 adjs.ust-ad.com onimama.com
2 webfonts.xserver.jp onimama.com
webfonts.xserver.jp
1 www.google.co.jp onimama.com
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 www.googletagmanager.com onimama.com
1 sync.targeting.unrulymedia.com 1 redirects
1 ad.turn.com 1 redirects
1 ads.pubmatic.com tmzr.themoneytizer.fr
1 eb2.3lift.com tmzr.themoneytizer.fr
1 penta.a.one.impact-ad.jp tmzr.themoneytizer.fr
1 sync.missena.io tmzr.themoneytizer.fr
1 moneytizer-d.openx.net tmzr.themoneytizer.fr
1 sync.a-mo.net tmzr.themoneytizer.fr
1 acdn.adnxs.com tmzr.themoneytizer.fr
1 sync.sparteo.com tmzr.themoneytizer.fr
1 ce.lijit.com script.4dex.io
1 ap.lijit.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 image2.pubmatic.com onimama.com
1 secure.adnxs.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 beacon-sin1.rubiconproject.com onimama.com
1 ssbsync.smartadserver.com script.4dex.io
1 audiencedata.im-apps.net dmp.im-apps.net
1 ad.ad-stir.com js.ad-stir.com
1 dmp.im-apps.net js.ad-stir.com
1 bid.missena.io tmzr.themoneytizer.fr
1 g2.gumgum.com tmzr.themoneytizer.fr
1 pixel.quantserve.com onimama.com
1 cadmus.script.ac script.4dex.io
1 rules.quantcount.com secure.quantserve.com
1 cdn.id5-sync.com ced.sascdn.com
1 script.4dex.io tmzr.themoneytizer.fr
1 id.crwdcntrl.net tmzr.themoneytizer.fr
1 tmzr.themoneytizer.fr ads.themoneytizer.com
1 adtrack.adleadevent.com ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 ced.sascdn.com ads.themoneytizer.com
1 cdnjs.cloudflare.com onimama.com
1 ajax.googleapis.com onimama.com
0 uipapac.semasio.net Failed onimama.com
0 adx3.adform.com Failed tmzr.themoneytizer.fr
357 101
Subject Issuer Validity Valid
www.onimama.com
R11
2024-10-20 -
2025-01-18
3 months crt.sh
ads.themoneytizer.com
WE1
2024-09-05 -
2024-12-04
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
upload.video.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-09-28 -
2024-12-27
3 months crt.sh
*.xserver.jp
CloudSecure RSA Domain Validation Secure Server CA 2
2024-03-11 -
2025-04-11
a year crt.sh
*.ust-ad.com
Amazon RSA 2048 M03
2024-02-13 -
2025-03-14
a year crt.sh
fam-8.net
FujiSSL Public Validation Authority - G3
2024-05-10 -
2025-06-05
a year crt.sh
*.zoe.zucks.net
Amazon RSA 2048 M02
2023-12-17 -
2025-01-14
a year crt.sh
*.ad-stir.com
Sectigo ECC Domain Validation Secure Server CA
2024-10-21 -
2025-11-20
a year crt.sh
themoneytizer.fr
WE1
2024-09-20 -
2024-12-19
3 months crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-16 -
2025-07-16
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-24 -
2024-12-25
3 months crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-23 -
2025-01-29
a year crt.sh
quantserve.com
R11
2024-10-22 -
2025-01-20
3 months crt.sh
p.cpx.to
Amazon RSA 2048 M03
2024-04-24 -
2025-05-23
a year crt.sh
*.adleadevent.com
Amazon RSA 2048 M02
2024-05-27 -
2025-06-26
a year crt.sh
metrics.biddertmz.com
R10
2024-09-20 -
2024-12-19
3 months crt.sh
*.id5-sync.com
E5
2024-09-01 -
2024-11-30
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M03
2024-09-08 -
2025-10-08
a year crt.sh
script.4dex.io
WE1
2024-09-21 -
2024-12-21
3 months crt.sh
kvt.sddan.com
R10
2024-10-11 -
2025-01-09
3 months crt.sh
id5-sync.com
WE1
2024-09-30 -
2024-12-29
3 months crt.sh
script.ac
E5
2024-10-19 -
2025-01-17
3 months crt.sh
sp-ad-exch-prd-two-eks.prd.eks.sp.adexchange.gumgum.com
Amazon RSA 2048 M02
2024-04-05 -
2025-05-04
a year crt.sh
*.a-mo.net
R11
2024-10-11 -
2025-01-09
3 months crt.sh
mp.4dex.io
WE1
2024-10-27 -
2025-01-25
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2024-02-14 -
2025-03-16
a year crt.sh
sparteo.com
WE1
2024-10-14 -
2025-01-12
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-04-03
8 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2024-08-14 -
2025-08-18
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2024-03-13 -
2025-04-11
a year crt.sh
*.missena.io
Amazon RSA 2048 M03
2024-01-29 -
2025-02-27
a year crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-02 -
2025-09-05
a year crt.sh
y.one.impact-ad.jp
Sectigo RSA Domain Validation Secure Server CA
2024-03-13 -
2025-03-13
a year crt.sh
*.eu-1-id5-sync.com
R10
2024-09-01 -
2024-11-30
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2024-04-23 -
2025-05-25
a year crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1
2024-03-11 -
2025-03-11
a year crt.sh
img.fam-8.net
FujiSSL Public Validation Authority - G3
2024-05-10 -
2025-06-05
a year crt.sh
s.cpx.to
Amazon RSA 2048 M02
2024-04-24 -
2025-05-23
a year crt.sh
ll.zucks.net
Amazon RSA 2048 M03
2024-04-20 -
2025-05-19
a year crt.sh
sh.zucks.net
Amazon RSA 2048 M02
2024-03-02 -
2025-03-31
a year crt.sh
c.4dex.io
WR3
2024-10-16 -
2025-01-14
3 months crt.sh
audiencedata.im-apps.net
WR3
2024-09-24 -
2024-12-23
3 months crt.sh
k.zucks.net
Amazon RSA 2048 M02
2024-06-08 -
2025-07-07
a year crt.sh
static.zucks.net.zimg.jp
Amazon RSA 2048 M03
2024-08-29 -
2025-09-27
a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-03 -
2025-09-24
a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-17 -
2025-01-16
a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1
2024-04-05 -
2025-04-30
a year crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-03-19 -
2025-04-19
a year crt.sh
ads.us.e-planning.net
R11
2024-08-31 -
2024-11-29
3 months crt.sh
*.lijit.com
Amazon RSA 2048 M03
2024-09-18 -
2025-10-18
a year crt.sh
*.ad-server.k8s.sp.ggops.com
Amazon RSA 2048 M02
2024-05-07 -
2025-06-05
a year crt.sh
cdn.adnxs.com
R11
2024-08-20 -
2024-11-18
3 months crt.sh
a.one.impact-ad.jp
SECOM Passport for Web SR 3.0 CA
2024-03-22 -
2025-03-31
a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2024 Q2
2024-06-13 -
2025-07-15
a year crt.sh
bannerflow.net
WE1
2024-10-04 -
2025-01-02
3 months crt.sh
*.google-analytics.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-24 -
2025-07-25
a year crt.sh
*.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.google.co.jp
WR2
2024-10-07 -
2024-12-30
3 months crt.sh

This page contains 62 frames:

Primary Page: https://onimama.com/kawaretaotoko/
Frame ID: E9339128A0C399746FD8DD977C6DECAF
Requests: 238 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7b2ec27f127242e&cb=1730340924233
Frame ID: 8993D17B3729589D37E92C9C4A931E79
Requests: 1 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/js/assets/topics_frame.html
Frame ID: 1EBA486D1B98A236EFDA8B76A53E2E01
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 40B9A5358D91EFC26FC1ED9597BBD32B
Requests: 1 HTTP requests in this frame

Frame: https://9dea7713ca7699124c2e97dc40dc0af3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E23BC28763FC9C36E278DC60768B040D
Requests: 1 HTTP requests in this frame

Frame: https://9dea7713ca7699124c2e97dc40dc0af3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A9BB93236E300A7D844DA32AC7E4C7AC
Requests: 1 HTTP requests in this frame

Frame: https://js.ad-stir.com/js/tpcs.html
Frame ID: BCDE12D3AC7054A5C16F047F97449DC3
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 89C097BBFB577E4CF2099D47262E3F6D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Frame ID: C1A62E54F05EA16184B4478046868299
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 8378E76F4952097B282CE00CF65AAD21
Requests: 1 HTTP requests in this frame

Frame: https://asia.adform.net/adfscript/?bn=75278735;rtbwp=AAABkuBbMMVh7YvYkPglFsIvaX86GGeHggcw3w-FMmBVXQHzJs-7475qANUueZoI1qkro6U0;rtbdata=312cwcTv8VKExX84FwHCRysgP-0Epz_MbBCywza91ZACoVcUYzic21bchIwNHLIEWIwDrCDaBJ5vjsFU3MuM-GUxNgY4nbbjJnlnvo9EU9jdGEWCccP9e0hSprhvtcvEaJ1ZpzPcgMjH0J8eL6aBaiPw7iiNDWhFJQ_jc6XxZa0gW426Ex3JRZYIRrp1F568mZ-QrBlMXl-stYvxI7T29GaCmSpvMqzj0urOu3zTIfkpTB3AA_3k0X9dCwJEuX80yCNzzNzpCaVOcUwtBcUNtLu_umNZVn4v0gAwE4bFIK9zLY-fF7B5VY3uKUpEzrQe0
Frame ID: 4A248069EBEC0FDBAE5F70F4339563F2
Requests: 8 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: B5594BF65370417ED993F022DCCC8F5C
Requests: 1 HTTP requests in this frame

Frame: https://sin.creativecdn.com/imp-delivery?tk=iYF4RYGbCg4J4v0wguyM6Q3d4Zis4YTQ_H1td7ypVahq5eDm4wye4VladWrLQzqR69MkHLPs7yBax-uDCOTkPF2_r8gReGfsfNWJoDgeyb-ggDn8NW4VoEk6i-ZuK9DDvbXks-PV1Ojj0nRc6Bn7y0uM-lqxtm97pTVgmDGLDfcaMmMzaTHHSp8EkzKJ7Q7R16GfG2yZMcYEIHy7lhUCp6z8nDAW0AadTBaLGzu5yQZ8OwZwDuNY7ToGIgAJRtxMdTxO2KWYjqlebemzb-OuV3nD08x-Xg1u1TkneXBJ2jAeYft18nOXNKoOyc4KsKuVMC05sefn6xt2mkZepEhmNjnd2tzmRRZjqR8nLEMc4oOr85if3ukSNW5pzFFyGhWTakyDhyeua_xknLntUuQf_JWczd-IHaY6Eib5zpubo6U&curl=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv3%2Frs%2Fsin1%2F0%2Ff2993e3e-0fe5-47fa-9652-cbbce75d60d5%2F0%2FHoTF-WSF1jKJIwZ7I1QKlYmLNZQ%2F%3Furl%3Dhttps%253A%252F%252Fsin.creativecdn.com%252Fclicks%253Fid%253D20241031_pCaTLjqF2XHuzJokH95c%2526%257BEXTRA_CLICK_PARAMS%257D&tdc=sin
Frame ID: 51FBCDBFF3F99A97C969064F1B28745E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=au&co=jp
Frame ID: 71F1F3017BEFD4FD7ACE46858B20EC2A
Requests: 1 HTTP requests in this frame

Frame: https://sin.creativecdn.com/win-notify?tk=iYF4RYGbCg4J4v0wguyM6Q3d4Zis4YTQ_H1td7ypVahq5eDm4wye4VladWrLQzqR69MkHLPs7yBax-uDCOTkPF2_r8gReGfsfNWJoDgeyb-ggDn8NW4VoEk6i-ZuK9DDvbXks-PV1Ojj0nRc6Bn7y0uM-lqxtm97pTVgmDGLDfcaMmMzaTHHSp8EkzKJ7Q7R16GfG2yZMcYEIHy7lhUCp6z8nDAW0AadTBaLGzu5yQZ8OwZwDuNY7ToGIgAJRtxMdTxO2KWYjqlebemzb-OuV3nD08x-Xg1u1TkneXBJ2jAeYft18nOXNKoOyc4KsKuVMC05sefn6xt2mkZepEhmNjnd2tzmRRZjqR8nLEMc4oOr85if3ukSNW5pzFFyGhWTakyDhyeua_xknLntUuQf_JWczd-IHaY6Eib5zpubo6U&wp=F6FADAA6036D6C82&tdc=sin&auction=8c23431d199714d28f30705b94da635925f5b2da_15
Frame ID: 1D772BFE62977A433887664E5052E2F4
Requests: 2 HTTP requests in this frame

Frame: https://asia.adform.net/adfscript/?bn=75278727;rtbwp=AAABkuBbMwVuQNHl6YUngI_8H0nxCCF-3yNYuA-M8H87chMBLk8ynllpdnd3L3UIx1Rq08h0;rtbdata=z9rJJ25zbetjDTF67DSwK2e3daM5cMFZt61CjJRBTjGK0xHR9u8IOsUjmzS29jZ389LY67BXmLVvjsFU3MuM-GUxNgY4nbbjJnlnvo9EU9jdGEWCccP9e0hSprhvtcvEaJ1ZpzPcgMib5VfnPT5qVSPw7iiNDWhFJQ_jc6XxZa0gW426Ex3JRZYIRrp1F568lp8Z6Ho15z3g_heVN7Tx_wm6kYQ7CZ3f0urOu3zTIfkpTB3AA_3k0X9dCwJEuX80yCNzzNzpCaVOcUwtBcUNtLu_umNZVn4vBgb23Mqw_XG7GP2ZQDbbH-Xeqp5fSA1K0
Frame ID: C0CA16F7A06F6214071439447FBBFD6D
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Frame ID: D0581E0A5D411E4B3F38FA3B95C3ACDB
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Frame ID: AF3A70CCE99C1CAB189199D31EB81E8D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Frame ID: D6B1AF161267ED62B3A933CBC4C3F03F
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=52a09451-a89b-4b5b-b34c-48d3f1095aaa
Frame ID: BE0DB9C0BEAD1F3FD77B1474A94A7DC5
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=52a09451-a89b-4b5b-b34c-48d3f1095aaa
Frame ID: 45D7E67574ACED621C3CE74E73BBD665
Requests: 1 HTTP requests in this frame

Frame: https://s2.adform.net/Banners/Elements/Files/2052655/15495770/15495770.js?ADFassetID=15495770&bv=257
Frame ID: 402A5B00FE3152A99F17F84F175B0961
Requests: 11 HTTP requests in this frame

Frame: https://s2.adform.net/Banners/Elements/Files/2052655/15861425/15861425.js?ADFassetID=15861425&bv=257
Frame ID: 09BF5CC17D3F9C3CD208221A0A0768DA
Requests: 17 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Frame ID: D48C4694E1EC2410E0B71559B602D23A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: E3A6D3A7806C9F0ED67CFD6656DEE6FC
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Frame ID: 5D47979867FD7299D386E129DC3D860A
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26it%3Dadg-pb-clt%26uid%3D%24UID
Frame ID: 5183289A9A5EC60C06C6CD86C674AD87
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=bd2fdc33-61ce-4566-b346-f9999547567c
Frame ID: 44CE7DBD9C6F2CF2A1816D30BE0D2CAF
Requests: 1 HTTP requests in this frame

Frame: https://sync.sparteo.com/sync/iframe.html?from=prebidjs
Frame ID: 28449363753A2CD6466EE8E5C56104C8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 732FFE74BD70C7EEB82AA9C516768464
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1730340925708
Frame ID: 0C79E6C0318CBA7887F0E5BC2A26A37E
Requests: 1 HTTP requests in this frame

Frame: https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=Cu0BSgtvbmltYW1hLmNvbVILYWFzLTI5NzMwNzdaCHBiYTEuMy40agtvbmltYW1hLmNvbfoBBjkuMTYuMOgCAYgDvdCLuQaoAw_qAyRmNTM4M2Q1MS1mZWUyLTQ4YzItYmYzZi1mMmIyNGFkNmVlZDGiBCJodHRwczovL29uaW1hbWEuY29tL2thd2FyZXRhb3Rva28vqgQDRENIsgUDVVNE6gUHZGVza3RvcPoFA3NncMAGAMgGAaoHA3dlYsoHC29uaW1hbWEuY29t4AcBgggLb25pbWFtYS5jb22KCAZjaHJvbWWZCAAAAAAACAAA
Frame ID: 9808775A09941760A97667F891CE4839
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 87CA8169510B444422EA1C279F3D23B0
Requests: 1 HTTP requests in this frame

Frame: https://moneytizer-d.openx.net/w/1.0/pd
Frame ID: 6DDB52C5E34BBAA4C97F8CDA2BB71967
Requests: 1 HTTP requests in this frame

Frame: https://sync.missena.io/iframe
Frame ID: E5ADD188170C6D5182B59E76B5B6D974
Requests: 1 HTTP requests in this frame

Frame: https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Frame ID: D5F9731246A3C3FC5086FFF414602664
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZyLoQgABzjaXKwAR
Frame ID: 3BD56E9EA7C4F02E0491F040CCDC1EFA
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 5FBFDD22A85D6ED321D24C1D6E1FA794
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV84YjFkNmE1My0wMjA5LTRmMGYtODVhOC01NjhhZTY5ZjMyMWQ=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 5F08287B555276FABBFA6089AE6F0D3A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 47F38D8500D07E8859E7A5A61FCADF75
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: A1321D646684B33BCCA0180604DCDF1B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=VAeYdGzIdBcd3rJZwHWBif5PVKWcqDwbD8FBqQpNvOs&pi=gumgum
Frame ID: 885914AFBD33B58B0E863A1732237E89
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fonimama.com
Frame ID: 0CB9088FA709E224A0401D8BAF1B26F3
Requests: 1 HTTP requests in this frame

Frame: blob://https://onimama.com/aa8bcdae-bbe3-4d48-bb59-19b66cb7aeff
Frame ID: 0FF30C0529AA928307940FE43C8FE3FB
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-FDDX0429DD&gacid=1040711136.1730340931&gtm=45je4as0v9164619937za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533421~101823848~101878899~101878944~101925629&z=1713543355
Frame ID: 2885D246CE643CA81D6F5EC4555C8E08
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F9126764%2F10827407%2F6b5bedc8-e965-4e6b-a4d4-2a3527e8fa1c.jpg&w=300&h=250&q=85&f=webp&rt=contain
Frame ID: 289FC82C306E6819C83956CB28C16A36
Requests: 15 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/design-store/57d7b22dbd8d3e134cf20f9a/images/995a8f930d924c778c584a8fc101a3ea.png
Frame ID: 81A8F8420378FC151FF89694FD3BDB01
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F9126764%2F10827407%2Fa3e721d0-4eea-4468-8547-31050c8d2e54.png&w=60&h=60&q=85&f=webp&rt=contain
Frame ID: AD0E1D604F2BC84D67718F940C8FCD86
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F9126764%2F10827407%2Fa3e721d0-4eea-4468-8547-31050c8d2e54.png&w=60&h=60&q=85&f=webp&rt=contain
Frame ID: BD0431FE1749DABA644DBB1E44E04654
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241028/r20190131/zrt_lookup_fy2021.html
Frame ID: F0FE2A6D5E4AB3776653BCC23361C950
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3377996120013427&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730340931&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730340930757&bpp=7&bdt=6632&idt=484&shv=r20241028&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53762134c22380ca%3AT%3D1730340924%3ART%3D1730340924%3AS%3DALNI_MZ9O5PCF0ecnLSOfiWrCWvyDeGtlg&gpic=UID%3D00000f45fff7c593%3AT%3D1730340924%3ART%3D1730340924%3AS%3DALNI_MZd9odYAgvmYQYrAejd0XAROFnZrA&eo_id_str=ID%3D4ad20f9fd793bb28%3AT%3D1730340924%3ART%3D1730340924%3AS%3DAA-AfjaYqeOpUJk5KEZmZDmVAAng&nras=1&correlator=327011485915&frm=20&pv=2&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31088482%2C95333412%2C95344188%2C31088249%2C95345788%2C95345963%2C95345967&oid=2&pvsid=3623168876653648&tmod=650966878&uas=0&nvt=1&fsapi=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=5&uci=a!5&fsb=1&dtd=511
Frame ID: DF8BDD8F1661477CC9EA064D3C687994
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1780726875880563193&lang=ja&origin=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&sessionId=550d0d1e066fb00253e8a2238c5abba144c5efb3&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Frame ID: 8D73B3E8CA26F74BBADFA9D10B1AC301
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3377996120013427&output=html&h=280&slotname=4624193569&adk=1432757465&adf=1627254144&pi=t.ma~as.4624193569&w=800&abgtt=6&fwrn=4&fwrnh=100&lmt=1730340931&rafmt=1&format=800x280&url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730340930764&bpp=3&bdt=6639&idt=536&shv=r20241028&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53762134c22380ca%3AT%3D1730340924%3ART%3D1730340924%3AS%3DALNI_MZ9O5PCF0ecnLSOfiWrCWvyDeGtlg&gpic=UID%3D00000f45fff7c593%3AT%3D1730340924%3ART%3D1730340924%3AS%3DALNI_MZd9odYAgvmYQYrAejd0XAROFnZrA&eo_id_str=ID%3D4ad20f9fd793bb28%3AT%3D1730340924%3ART%3D1730340924%3AS%3DAA-AfjaYqeOpUJk5KEZmZDmVAAng&prev_fmts=0x0&nras=1&correlator=327011485915&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=1374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31088482%2C95333412%2C95344188%2C31088249%2C95345788%2C95345963%2C95345967&oid=2&pvsid=3623168876653648&tmod=650966878&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=6&uci=a!6&btvi=1&fsb=1&dtd=551
Frame ID: 3D1D0758EA5571F671CE1D6E6D4D0018
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3377996120013427&output=html&h=280&slotname=3612680018&adk=3966371379&adf=2609138781&pi=t.ma~as.3612680018&w=800&abgtt=6&fwrn=4&fwrnh=100&lmt=1730340931&rafmt=1&format=800x280&url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730340930767&bpp=1&bdt=6643&idt=620&shv=r20241028&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53762134c22380ca%3AT%3D1730340924%3ART%3D1730340924%3AS%3DALNI_MZ9O5PCF0ecnLSOfiWrCWvyDeGtlg&gpic=UID%3D00000f45fff7c593%3AT%3D1730340924%3ART%3D1730340924%3AS%3DALNI_MZd9odYAgvmYQYrAejd0XAROFnZrA&eo_id_str=ID%3D4ad20f9fd793bb28%3AT%3D1730340924%3ART%3D1730340924%3AS%3DAA-AfjaYqeOpUJk5KEZmZDmVAAng&prev_fmts=0x0%2C800x280&nras=1&correlator=327011485915&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=4400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31088482%2C95333412%2C95344188%2C31088249%2C95345788%2C95345963%2C95345967&oid=2&pvsid=3623168876653648&tmod=650966878&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=7&uci=a!7&btvi=2&fsb=1&dtd=626
Frame ID: F9852B6FB92AB20FD9580F63557AD30F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3377996120013427&output=html&h=280&slotname=3612680018&adk=3966371379&adf=786153766&pi=t.ma~as.3612680018&w=800&abgtt=6&fwrn=4&fwrnh=100&lmt=1730340931&rafmt=1&format=800x280&url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730340930768&bpp=1&bdt=6644&idt=668&shv=r20241028&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53762134c22380ca%3AT%3D1730340924%3ART%3D1730340924%3AS%3DALNI_MZ9O5PCF0ecnLSOfiWrCWvyDeGtlg&gpic=UID%3D00000f45fff7c593%3AT%3D1730340924%3ART%3D1730340924%3AS%3DALNI_MZd9odYAgvmYQYrAejd0XAROFnZrA&eo_id_str=ID%3D4ad20f9fd793bb28%3AT%3D1730340924%3ART%3D1730340924%3AS%3DAA-AfjaYqeOpUJk5KEZmZDmVAAng&prev_fmts=0x0%2C800x280%2C800x280&nras=1&correlator=327011485915&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=6217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31088482%2C95333412%2C95344188%2C31088249%2C95345788%2C95345963%2C95345967&oid=2&pvsid=3623168876653648&tmod=650966878&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=8&uci=a!8&btvi=3&fsb=1&dtd=674
Frame ID: C214342808748C8C9573671B16C6C285
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3377996120013427&output=html&h=280&slotname=1911234464&adk=3852761787&adf=1078150400&pi=t.ma~as.1911234464&w=336&abgtt=6&fwrn=4&fwrnh=100&lmt=1730340931&rafmt=1&format=336x280&url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730340930775&bpp=1&bdt=6651&idt=722&shv=r20241028&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53762134c22380ca%3AT%3D1730340924%3ART%3D1730340924%3AS%3DALNI_MZ9O5PCF0ecnLSOfiWrCWvyDeGtlg&gpic=UID%3D00000f45fff7c593%3AT%3D1730340924%3ART%3D1730340924%3AS%3DALNI_MZd9odYAgvmYQYrAejd0XAROFnZrA&eo_id_str=ID%3D4ad20f9fd793bb28%3AT%3D1730340924%3ART%3D1730340924%3AS%3DAA-AfjaYqeOpUJk5KEZmZDmVAAng&prev_fmts=0x0%2C800x280%2C800x280%2C800x280&nras=1&correlator=327011485915&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31088482%2C95333412%2C95344188%2C31088249%2C95345788%2C95345963%2C95345967&oid=2&pvsid=3623168876653648&tmod=650966878&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=15&uci=a!f&fsb=1&dtd=726
Frame ID: D0193CEB6725F9B15B986D4890F79A82
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241028/r20190131/zrt_lookup_fy2021.html
Frame ID: 080171F1FFD94D1B8A1D3728C9164D9F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241028/r20190131/zrt_lookup_fy2021.html
Frame ID: AA36B5DB273CCBF7FDF2F10FBF2D2447
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241028/r20190131/zrt_lookup_fy2021.html
Frame ID: EAC74491B6B3606970DD80C07103D08C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241028/r20190131/zrt_lookup_fy2021.html
Frame ID: 200217EC7C3E6277B3CE9D182CEA973C
Requests: 1 HTTP requests in this frame

Frame: blob://https://onimama.com/5be4a911-55a7-426b-abd5-ed540aba5200
Frame ID: 472CA6DBE6723C588DC6FFB79ADE715D
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F8705903%2F10406528%2Fb4e14801-7514-4b7d-a589-9711113987cc.png&w=400&h=400&q=85&f=webp&rt=contain
Frame ID: A36E33D0457C1A1A27A06E681D12A4C2
Requests: 6 HTTP requests in this frame

Screenshot

Page Title

【理由7遞】ドラマ『買われた男』は぀たらない女性を矎化しすぎ・攟送しないでの声も | しんらばんしょうログ

Page URL History Show full URLs

  1. http://onimama.com/kawaretaotoko HTTP 307
    https://onimama.com/kawaretaotoko HTTP 301
    https://onimama.com/kawaretaotoko/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

357
Requests

94 %
HTTPS

23 %
IPv6

57
Domains

101
Subdomains

91
IPs

9
Countries

8621 kB
Transfer

12761 kB
Size

189
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://onimama.com/kawaretaotoko HTTP 307
    https://onimama.com/kawaretaotoko HTTP 301
    https://onimama.com/kawaretaotoko/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62
  • https://lexicon.33across.com/v1/envelope?pid=0015a00002vNEdMAAW&gdpr=0&src=pbjs&ver=9.16.0&coppa=0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0015a00002vNEdMAAW&gdpr=0&src=pbjs&ver=9.16.0&coppa=0&b=1&tp=OhhyIQWCDSstoeizcKTho9mCkp2Dkh2c9zvYMbjkYt4%3D
Request Chain 63
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fonimama.com%2F&domain=onimama.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=k09pdnxTRitSZXRwWXV6L3d4blJTNE5EMWR4dDhJVk5zOGgxWkhJVTRvV0VMaUpCamhESGdCQXNHYVlJbzk4SnlLQmgzWkxDa015MnBFRDl6bmk5c21oRCtCME9SVTFOaDNQaGJNY0xDa2N0MXhZWktHWmFxcktBMTVWOXhBV0dtbGhjVlpWc09HcTlWbXpTVUp4WFUwZURSS3VLdzRFL1BIYnhxcTJOeklWaVVoenZkcjgrdWlIUXE3aGw4SXRRVTBYOGIxN0lITTNDNy8rV0s1OVdPUm1qay95a1VMU0NXL0JrRFVmaXVCR2pLZGZJT2NubWRpa3pLM2hOZExzUDU4Rm1lZHpQUEZuekJYYnpLQnRlSmhXd3Z3Zz09fA&cppv=2
Request Chain 96
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=260898&cb=75921440793&r=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&uid=2687716d6452479&tid=ac036ef8-ae54-4968-b9cd-a0e87cad1fc8&uc=26328&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=1x1%2C728x90%2C970x90%2C1000x90%2C1000x30%2C990x90%2C950x90%2C300x250 HTTP 302
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=260898&cb=75921440793&r=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&uid=2687716d6452479&tid=ac036ef8-ae54-4968-b9cd-a0e87cad1fc8&uc=26328&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=1x1%2C728x90%2C970x90%2C1000x90%2C1000x30%2C990x90%2C950x90%2C300x250
Request Chain 105
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=260905&cb=85216329196&r=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&uid=46b050d699bd6ba&tid=d2b60217-a5c7-454f-a977-be607756a89d&uc=26322&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=728x90%2C320x50%2C300x50%2C320x100%2C300x100 HTTP 302
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=260905&cb=85216329196&r=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&uid=46b050d699bd6ba&tid=d2b60217-a5c7-454f-a977-be607756a89d&uc=26322&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=728x90%2C320x50%2C300x50%2C320x100%2C300x100
Request Chain 140
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Request Chain 212
  • https://pixel.rubiconproject.com/token?pid=34010&customParamenters HTTP 302
  • https://s.cpx.to/sync?dsp=rubicon&dsp_uid=M2WOB7IS-1R-KJEK&customParamenters=
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm HTTP 302
  • https://s.cpx.to/sync?dsp_uid=CAESEEJupsvTxyBFOqqlVNZhInQ&dsp=dbm&google_cver=1
Request Chain 214
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D12763%26url%3Dhttps%253A%252F%252Fonimama.com%252Fkawaretaotoko%252F%26hn_ver%3D81%26fid%3D100fdf2d-f4a0-451e-a1cd-9f3d9a6b7c26%26dsp%3DTTD%26dsp_uid%3Dbd2fdc33-61ce-4566-b346-f9999547567c HTTP 302
  • https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=8961297924541505529&pid=12763&url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&hn_ver=81&fid=100fdf2d-f4a0-451e-a1cd-9f3d9a6b7c26&dsp=TTD&dsp_uid=bd2fdc33-61ce-4566-b346-f9999547567c
Request Chain 216
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Request Chain 218
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Request Chain 219
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Request Chain 222
  • https://id5-sync.com/i/102/8.gif?o=api&id5id=ID5*1NO0n0QLG2fGtTmRp4C2lSSMtWTncyR8pKXvxjsfCj3T8mG3Oe4-IXnaQ4CPWukp&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-050doO2fnCJTvWpDZjJuwGoxnwOVoIdAQ2s93_mOxg&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/102/7/2.gif?puid=6231135869332924298&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/2/6/3.gif?puid=8961297924541505529&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-050doO2fnCJTvWpDZjJuwGoxnwOVoIdAQ2s93_mOxg&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F5%2F4.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/102/5/4.gif?puid=6231135869332924298&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/4/5.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/2/4/5.gif?puid=8961297924541505529&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=bd2fdc33-61ce-4566-b346-f9999547567c&ttl=%%TTL%% HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AAEPBk7ORdEAABTcdHZgig&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F1%2F8.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F1%2F8.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/102/123/1/8.gif?puid=192e05b41bb-3b650000010e44c8&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F0%2F9.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipapac.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F0%2F9.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
Request Chain 234
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26it%3Dadg-pb-clt%26uid%3D%24UID HTTP 302
  • https://u.4dex.io/setuid?bidder=appnexus&it=adg-pb-clt&uid=8961297924541505529
Request Chain 235
  • https://id5-sync.com/i/102/8.gif?o=api&id5id=ID5*0ClYjkDx93bCT9WAo3pahCB2WXXjichtoF8D1z_l5izT8na_T96OcVHXPfyQ3qGn&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-050doO2fnCJTvWpDZjJuwGoxnwOVoIdAQ2s93_mOxg&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/102/7/2.gif?puid=6231135869332924298&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/2/6/3.gif?puid=8961297924541505529&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=bd2fdc33-61ce-4566-b346-f9999547567c&ttl=%%TTL%%
Request Chain 244
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js HTTP 301
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Request Chain 245
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js HTTP 301
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Request Chain 249
  • https://ap.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26it%3Dadg-pb-clt%26uid%3D%24UID HTTP 302
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26it%3Dadg-pb-clt%26uid%3D%24UID
Request Chain 250
  • https://creativecdn.com/cm-notify?pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://creativecdn.com/cm-notify?pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1 HTTP 302
  • https://u.4dex.io/setuid?bidder=rtbhouse&uid=VAeYdGzIdBcd3rJZwHWBif5PVKWcqDwbD8FBqQpNvOs&pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1
Request Chain 251
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=bd2fdc33-61ce-4566-b346-f9999547567c
Request Chain 259
  • https://y.one.impact-ad.jp/push_sync HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tvu5f2p&ttd_tpi=1 HTTP 302
  • https://y.one.impact-ad.jp/cs?d=247&uid=bd2fdc33-61ce-4566-b346-f9999547567c&tg=2&et=30&r=no&ttl=1732932929 HTTP 302
  • https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Request Chain 260
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZyLoQgABzjaXKwAR
Request Chain 264
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 265
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=VAeYdGzIdBcd3rJZwHWBif5PVKWcqDwbD8FBqQpNvOs&pi=gumgum
Request Chain 266
  • https://b1h.zemanta.com/usersync/prebid HTTP 302
  • https://b1h.zemanta.com/usersync/prebid?s=2
Request Chain 267
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26it%3Dadg-pb-clt%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&zcc=1&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26it%3Dadg-pb-clt%26uid%3D%5BRX_UUID%5D&cb=1730340929535 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&id=RX-e34878cb-07bb-4f35-9fec-84238d3ffa16-004&rndcb=1268951013 HTTP 302
  • https://sync.1rx.io/usersync/turn/4576193204235437985?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e34878cb-07bb-4f35-9fec-84238d3ffa16-004?redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26it%3Dadg-pb-clt%26uid%3DRX-e34878cb-07bb-4f35-9fec-84238d3ffa16-004 HTTP 302
  • https://u.4dex.io/setuid?bidder=unruly&it=adg-pb-clt&uid=RX-e34878cb-07bb-4f35-9fec-84238d3ffa16-004
Request Chain 339
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/108/8/2.gif?puid=2edfe62b-9953-4baa-a2a5-3893370dbdc2&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F7%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipapac.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F7%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D

357 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
onimama.com/kawaretaotoko/
Redirect Chain
  • http://onimama.com/kawaretaotoko
  • https://onimama.com/kawaretaotoko
  • https://onimama.com/kawaretaotoko/
285 KB
41 KB
Document
General
Full URL
https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
e936bb6741278f3ce6a4b6750b328851362da8a450de19e6077913c0e7761407

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 31 Oct 2024 02:15:24 GMT
link
<https://onimama.com/wp-json/>; rel="https://api.w.org/", <https://onimama.com/wp-json/wp/v2/posts/6976>; rel="alternate"; title="JSON"; type="application/json", <https://onimama.com/?p=6976>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-pingback
https://onimama.com/xmlrpc.php

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 31 Oct 2024 02:15:23 GMT
location
https://onimama.com/kawaretaotoko/
server
nginx
x-pingback
https://onimama.com/xmlrpc.php
x-redirect-by
WordPress
gen.js
ads.themoneytizer.com/s/
4 KB
2 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/gen.js?type=6
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.17
Resource Hash
3dd4f53067dd0f0bd875bcf7acebfb72e908b5329da8f19ab48fbbe4aa10daa5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

server
cloudflare
cache-control
max-age=259200
content-encoding
br
cf-cache-status
HIT
age
76516
cf-ray
8db023180c47d77c-NRT
apigw-requestid
AcqFwji2DoEEMGg=
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.2.17
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 05:00:08 GMT
requestform.js
ads.themoneytizer.com/s/
7 KB
1 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=120176&formatId=6
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.17
Resource Hash
22fb0170fe5ab14fe1f31fa1d42ba1d1b57ca0d041115cd3cb25f1fc0a10a3bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

server
cloudflare
cache-control
max-age=259200
content-encoding
br
cf-cache-status
HIT
age
75404
cf-ray
8db023180c45d77c-NRT
apigw-requestid
AcqMAgGgDoEEMCQ=
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.2.17
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 05:00:47 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
105 KB
33 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.25.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s19-in-f2.1e100.net
Software
cafe /
Resource Hash
0122b9aabe1ad4b5e0cdbdb1a5a41b957fba19aa60a02da0c7d852cea164f860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
br
etag
95 / 20027 / m202410280101 / config-hash: 6857621507065475173
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 02:15:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33830
x-xss-protection
0
server
cafe
icomoon.woff
onimama.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/
16 KB
10 KB
Font
General
Full URL
https://onimama.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.woff?v=2.6.8
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
607b0828676eb8a38835dead7770d1c42e12ba7725dc29f7aa653d8a4b76b2bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://onimama.com
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
content-encoding
br
etag
W/"412c-60b7b0f7e50e8"
expires
Thu, 07 Nov 2024 02:15:24 GMT
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
application/font-woff
vary
Accept-Encoding
server
nginx
last-modified
Fri, 01 Dec 2023 23:23:49 GMT
fontawesome-webfont.woff2
onimama.com/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/
75 KB
76 KB
Font
General
Full URL
https://onimama.com/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://onimama.com
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
etag
"12d68-60b7b0f7c4d47"
expires
Thu, 07 Nov 2024 02:15:24 GMT
accept-ranges
bytes
content-length
77160
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
application/octet-stream
last-modified
Fri, 01 Dec 2023 23:23:48 GMT
server
nginx
style.min.css
onimama.com/wp-includes/css/dist/block-library/
110 KB
16 KB
Stylesheet
General
Full URL
https://onimama.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2&fver=20240911120541
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
content-encoding
br
etag
W/"1b72b-621ccc033fee1"
expires
Thu, 07 Nov 2024 02:15:24 GMT
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Wed, 11 Sep 2024 00:05:41 GMT
blocks.style.build.css
onimama.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/
184 B
368 B
Stylesheet
General
Full URL
https://onimama.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css?ver=2.0.85&fver=20240819120530
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
etag
"b8-62008201b1cf7"
expires
Thu, 07 Nov 2024 02:15:24 GMT
accept-ranges
bytes
content-length
184
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/css
last-modified
Mon, 19 Aug 2024 12:05:30 GMT
server
nginx
styles.css
onimama.com/wp-content/plugins/contact-form-7/includes/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://onimama.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.6&fver=20240201084704
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
content-encoding
br
etag
W/"b4e-6104e0a2807b5"
expires
Thu, 07 Nov 2024 02:15:24 GMT
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Thu, 01 Feb 2024 08:47:04 GMT
protect_style.css
onimama.com/wp-content/plugins/wp-copy-protect-with-color-design/css/
656 B
841 B
Stylesheet
General
Full URL
https://onimama.com/wp-content/plugins/wp-copy-protect-with-color-design/css/protect_style.css?ver=6.6.2&fver=20231201040012
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
a2034e582fe52049a0b5203e137c58ad3f5263cd2e89f776b13d2ad6024ec17d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
etag
"290-60b6ace1b9ddf"
expires
Thu, 07 Nov 2024 02:15:24 GMT
accept-ranges
bytes
content-length
656
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/css
last-modified
Fri, 01 Dec 2023 04:00:12 GMT
server
nginx
style.css
onimama.com/wp-content/plugins/yyi-rinker/css/
15 KB
3 KB
Stylesheet
General
Full URL
https://onimama.com/wp-content/plugins/yyi-rinker/css/style.css?v=1.10.2&ver=6.6.2&fver=20240127084548
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
7763cf61ef887eab9387b512247ceb8dcf43bf89125c3709ba5d3f33627a85a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
content-encoding
br
etag
W/"3de6-60fe9706935b7"
expires
Thu, 07 Nov 2024 02:15:24 GMT
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Sat, 27 Jan 2024 08:45:48 GMT
style.css
onimama.com/wp-content/themes/cocoon-master/
234 KB
44 KB
Stylesheet
General
Full URL
https://onimama.com/wp-content/themes/cocoon-master/style.css?ver=6.6.2&fver=20231201112348
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
b099838bfa8b8aafee81e9c2f0b264bbbda0b091332b943918b681370606e41f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
content-encoding
br
etag
W/"3a68e-60b7b0f7c1e66"
expires
Thu, 07 Nov 2024 02:15:24 GMT
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Fri, 01 Dec 2023 23:23:48 GMT
keyframes.css
onimama.com/wp-content/themes/cocoon-master/
291 B
476 B
Stylesheet
General
Full URL
https://onimama.com/wp-content/themes/cocoon-master/keyframes.css?ver=6.6.2&fver=20231201112348
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
fb1c74d589690a0a4ed9ecd0f0de1a26ce1f12745be44f6750a33de42676683f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
etag
"123-60b7b0f7a68e5"
expires
Thu, 07 Nov 2024 02:15:24 GMT
accept-ranges
bytes
content-length
291
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/css
last-modified
Fri, 01 Dec 2023 23:23:48 GMT
server
nginx
font-awesome.min.css
onimama.com/wp-content/themes/cocoon-master/webfonts/fontawesome/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://onimama.com/wp-content/themes/cocoon-master/webfonts/fontawesome/css/font-awesome.min.css?ver=6.6.2&fver=20231201112348
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
content-encoding
br
etag
W/"792a-60b7b0f7c3da7"
expires
Thu, 07 Nov 2024 02:15:24 GMT
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Fri, 01 Dec 2023 23:23:48 GMT
style.css
onimama.com/wp-content/themes/cocoon-master/webfonts/icomoon/
4 KB
1 KB
Stylesheet
General
Full URL
https://onimama.com/wp-content/themes/cocoon-master/webfonts/icomoon/style.css?v=2.6.8&ver=6.6.2&fver=20231201112349
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
f4c01e0c4cb199c2d76d1d59f6c4b9006c23583a49e4d04520158fc44a080d91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
content-encoding
br
etag
W/"e6f-60b7b0f7e50e8"
expires
Thu, 07 Nov 2024 02:15:24 GMT
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Fri, 01 Dec 2023 23:23:49 GMT
baguetteBox.min.css
onimama.com/wp-content/themes/cocoon-master/plugins/baguettebox/dist/
4 KB
1 KB
Stylesheet
General
Full URL
https://onimama.com/wp-content/themes/cocoon-master/plugins/baguettebox/dist/baguetteBox.min.css?ver=6.6.2&fver=20231201112348
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
70b31859862eb4792df8aa4daa383b355918490f84d956eb5ec12f3aa53b98bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
content-encoding
br
etag
W/"e19-60b7b0f7b0526"
expires
Thu, 07 Nov 2024 02:15:24 GMT
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Fri, 01 Dec 2023 23:23:48 GMT
style.css
onimama.com/wp-content/themes/cocoon-child-master/
1 KB
749 B
Stylesheet
General
Full URL
https://onimama.com/wp-content/themes/cocoon-child-master/style.css?ver=6.6.2&fver=20231205031403
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
1720b746613a61f6228b5f2ea09427522ed5623f26274f357b50f96ae58d02ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
content-encoding
br
etag
W/"466-60bc4af529841"
expires
Thu, 07 Nov 2024 02:15:24 GMT
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Tue, 05 Dec 2023 15:14:03 GMT
keyframes.css
onimama.com/wp-content/themes/cocoon-child-master/
130 B
314 B
Stylesheet
General
Full URL
https://onimama.com/wp-content/themes/cocoon-child-master/keyframes.css?ver=6.6.2&fver=20230831030246
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
etag
"82-6042f47498408"
expires
Thu, 07 Nov 2024 02:15:24 GMT
accept-ranges
bytes
content-length
130
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/css
last-modified
Thu, 31 Aug 2023 03:02:46 GMT
server
nginx
style.css
onimama.com/wp-content/plugins/pochipp/dist/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://onimama.com/wp-content/plugins/pochipp/dist/css/style.css?ver=1.12.3&fver=20240110055432
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
910540a2ea8acba0cad80fc9caaa13ca7e2ac62b988fca9864b7727d706c100c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
content-encoding
br
etag
W/"210d-60e9110a1e6e7"
expires
Thu, 07 Nov 2024 02:15:24 GMT
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Wed, 10 Jan 2024 05:54:32 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.1/
88 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js?ver=3.6.1
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80a::200a Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
gzip
age
582870
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Fri, 24 Oct 2025 08:20:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 08:20:54 GMT
last-modified
Thu, 08 Sep 2022 18:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
31100
x-xss-protection
0
server
sffe
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/
11 KB
4 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/jquery-migrate.min.js?ver=3.0.1
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5fb4701e-2c03"
age
452761
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8NRD6L0%2F5ZVe8NeiDkdDlKePs2uiNAz3ec50QbvKOlpEyL3lln%2BdkcpaE%2B%2B%2BfJ1m0%2BRwqIwcTXDsCVv6fMOUZISw4BdF0gTqr8qZ60Uy9JtVAR9a6ONoBoQoA8xRw6QncEqdsRt7"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 21 Oct 2025 02:15:24 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 18 Nov 2020 00:51:42 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8db02317fb4125f2-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
3718
server
cloudflare
xserverv3.js
webfonts.xserver.jp/js/
129 KB
47 KB
Script
General
Full URL
https://webfonts.xserver.jp/js/xserverv3.js?fadein=0&ver=2.0.5
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
webmail.xserver.jp
Software
nginx /
Resource Hash
dcfcb20b975fc2c0d0c597fdd7cdc22bc3d840d778914b35a57f1b78eaace340

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"647feab1-20391"
Connection
keep-alive
Date
Thu, 31 Oct 2024 02:15:24 GMT
Content-Type
application/javascript
Last-Modified
Wed, 07 Jun 2023 02:25:53 GMT
Server
nginx
Vary
Accept-Encoding
event-tracking.js
onimama.com/wp-content/plugins/yyi-rinker/js/
598 B
793 B
Script
General
Full URL
https://onimama.com/wp-content/plugins/yyi-rinker/js/event-tracking.js?v=1.10.2&fver=20240127084548
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
b22a6914bcfd51c615ea47a6ae43f2801fb7cefb1bd63cd7a425f1d1f6d7f0c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
etag
"256-60fe9706935b7"
expires
Thu, 07 Nov 2024 02:15:24 GMT
accept-ranges
bytes
content-length
598
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
application/javascript
last-modified
Sat, 27 Jan 2024 08:45:48 GMT
server
nginx
gen.js
ads.themoneytizer.com/s/
4 KB
2 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/gen.js?type=19
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.17
Resource Hash
3dd4f53067dd0f0bd875bcf7acebfb72e908b5329da8f19ab48fbbe4aa10daa5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

server
cloudflare
cache-control
max-age=259200
content-encoding
br
cf-cache-status
HIT
age
76516
cf-ray
8db023180c39d77c-NRT
apigw-requestid
AcqFvgCBjoEEMPA=
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.2.17
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 05:00:07 GMT
requestform.js
ads.themoneytizer.com/s/
7 KB
1 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=120176&formatId=19
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.17
Resource Hash
5082db90552fa24210f90e69f7c632f81c734c67a996621ec5c998be5df470b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

server
cloudflare
cache-control
max-age=259200
content-encoding
br
cf-cache-status
HIT
age
75404
cf-ray
8db023180c3fd77c-NRT
apigw-requestid
AcqMAhBUjoEEMhQ=
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.2.17
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 05:00:47 GMT
gen.js
ads.themoneytizer.com/s/
4 KB
2 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/gen.js?type=1
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.17
Resource Hash
3dd4f53067dd0f0bd875bcf7acebfb72e908b5329da8f19ab48fbbe4aa10daa5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

server
cloudflare
cache-control
max-age=259200
content-encoding
br
cf-cache-status
HIT
age
76516
cf-ray
8db023180c41d77c-NRT
apigw-requestid
AcqFviFvjoEEMwg=
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.2.17
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 05:00:08 GMT
requestform.js
ads.themoneytizer.com/s/
7 KB
1 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=120176&formatId=1
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.17
Resource Hash
b1e5beb16f17ba451bfbc0917e7cd4983c4bec3f4535f096e7abfebc3257bd09

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

server
cloudflare
cache-control
max-age=259200
content-encoding
br
cf-cache-status
HIT
age
75404
cf-ray
8db023180c42d77c-NRT
apigw-requestid
AcqMEgcxjoEEMIg=
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.2.17
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 05:00:48 GMT
ad.js
adjs.ust-ad.com/scripts/
6 KB
3 KB
Script
General
Full URL
https://adjs.ust-ad.com/scripts/ad.js?id=TkIWe8Z1
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.133.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-105.nrt57.r.cloudfront.net
Software
nginx /
Resource Hash
73b299cc86c29166a61e6d395f2bbbf6152ce89438e0c44a830b6cfa481f3321

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
gzip
via
1.1 01907e84d575a837511558aff20d73f2.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
my7kqxRIgWfu8WVHXhXjMwlN48RuN-1Zz1LwfhQV0RYvl6MckHTbpg==
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
application/javascript
vary
accept-encoding
server
nginx
x-amz-cf-pop
NRT57-C3
fam8-tagify.min.js
fam-8.net/ad/js/
2 KB
3 KB
Script
General
Full URL
https://fam-8.net/ad/js/fam8-tagify.min.js
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
/
Resource Hash
4bd55f89acdfd8dda416b2e6e81c302be408e8a03b9ff2f5b43f1262604cf395

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

ETag
W/"2306-1719451142000"
Connection
close
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Length
2306
Date
Thu, 31 Oct 2024 02:15:24 GMT
Last-Modified
Thu, 27 Jun 2024 01:19:02 GMT
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
zoe.min.js
j.zoe.zucks.net/
27 KB
27 KB
Script
General
Full URL
https://j.zoe.zucks.net/zoe.min.js
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-110-64.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6920412e0a9d40afac2038ac7cabbef8c8859e90c41edd93eb828915edb14217

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

etag
"1fff1ba9d4d4445707f1d7ebc9b62efd"
age
58886
via
1.1 36cf18acfba4fa4f3949b71621f2b1e8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
27143
x-amz-cf-id
PSIqUE4nDAWwTgxeW5RrYeBF29AxVsLp_QYkL7GQzMf7DS_1SY24ww==
date
Wed, 30 Oct 2024 09:53:59 GMT
content-type
application/javascript
last-modified
Tue, 21 Feb 2023 02:18:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P2
x-amz-server-side-encryption
AES256
lazysizes.min.js
onimama.com/wp-content/plugins/ewww-image-optimizer/includes/
15 KB
6 KB
Script
General
Full URL
https://onimama.com/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=730&fver=20240224023804
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
8875034ea813fa8a38f1e262928f4f2f74712e947efff24d07e49b0ec328ea4a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
content-encoding
br
etag
W/"3d9e-6121790e05f6a"
expires
Thu, 07 Nov 2024 02:15:24 GMT
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Sat, 24 Feb 2024 02:38:04 GMT
index.js
onimama.com/wp-content/plugins/contact-form-7/includes/swv/js/
11 KB
3 KB
Script
General
Full URL
https://onimama.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.6&fver=20240201084704
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
content-encoding
br
etag
W/"2b6d-6104e0a281755"
expires
Thu, 07 Nov 2024 02:15:24 GMT
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Thu, 01 Feb 2024 08:47:04 GMT
index.js
onimama.com/wp-content/plugins/contact-form-7/includes/js/
13 KB
4 KB
Script
General
Full URL
https://onimama.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.6&fver=20240201084704
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
content-encoding
br
etag
W/"337e-6104e0a2807b5"
expires
Thu, 07 Nov 2024 02:15:24 GMT
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Thu, 01 Feb 2024 08:47:04 GMT
baguetteBox.min.js
onimama.com/wp-content/themes/cocoon-master/plugins/baguettebox/dist/
9 KB
4 KB
Script
General
Full URL
https://onimama.com/wp-content/themes/cocoon-master/plugins/baguettebox/dist/baguetteBox.min.js?ver=6.6.2&fver=20231201112348
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
d14fb24c37234368d688c39915a6c76c65d542aab34b5ef8cda4534cc2affaa8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
content-encoding
br
etag
W/"256a-60b7b0f7b0526"
expires
Thu, 07 Nov 2024 02:15:24 GMT
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Fri, 01 Dec 2023 23:23:48 GMT
stickyfill.min.js
onimama.com/wp-content/themes/cocoon-master/plugins/stickyfill/dist/
6 KB
2 KB
Script
General
Full URL
https://onimama.com/wp-content/themes/cocoon-master/plugins/stickyfill/dist/stickyfill.min.js?ver=6.6.2&fver=20231201112348
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
ea6b03f54820c7ce3aa1378f599c83a4a07fad0d58667c98c586af1119a186d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
content-encoding
br
etag
W/"17fb-60b7b0f7b43a6"
expires
Thu, 07 Nov 2024 02:15:24 GMT
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Fri, 01 Dec 2023 23:23:48 GMT
comment-reply.min.js
onimama.com/wp-includes/js/
3 KB
2 KB
Script
General
Full URL
https://onimama.com/wp-includes/js/comment-reply.min.js?ver=6.6.2&fver=20230809120520
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
content-encoding
br
etag
W/"ba5-602723c369000"
expires
Thu, 07 Nov 2024 02:15:24 GMT
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Wed, 09 Aug 2023 00:05:20 GMT
javascript.js
onimama.com/wp-content/themes/cocoon-master/
8 KB
3 KB
Script
General
Full URL
https://onimama.com/wp-content/themes/cocoon-master/javascript.js?ver=6.6.2&fver=20231201112348
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
eeaac89cfeb579ae2e2f1dc78eefbfd26e68779a836ff6b63c60961e25bd407d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
content-encoding
br
etag
W/"1e2e-60b7b0f7a68e5"
expires
Thu, 07 Nov 2024 02:15:24 GMT
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Fri, 01 Dec 2023 23:23:48 GMT
javascript.js
onimama.com/wp-content/themes/cocoon-child-master/
298 B
493 B
Script
General
Full URL
https://onimama.com/wp-content/themes/cocoon-child-master/javascript.js?ver=6.6.2&fver=20230831030246
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
b0bb9969a7c75f2d24e8c08cacb1856ecc281c6759da8ab8c60b43605b8c3b5b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
etag
"12a-6042f47498408"
expires
Thu, 07 Nov 2024 02:15:24 GMT
accept-ranges
bytes
content-length
298
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
application/javascript
last-modified
Thu, 31 Aug 2023 03:02:46 GMT
server
nginx
ads.js
onimama.com/wp-content/plugins/quick-adsense-reloaded/assets/js/
1 KB
654 B
Script
General
Full URL
https://onimama.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.85&fver=20240819120530
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
a818db199bb22276b4aaedf593151e149279ad0c96192ce0647ed4cde7754a2e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
content-encoding
br
etag
W/"5b2-62008201afdb7"
expires
Thu, 07 Nov 2024 02:15:24 GMT
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Mon, 19 Aug 2024 12:05:30 GMT
adstir.js
js.ad-stir.com/js/
81 KB
23 KB
Script
General
Full URL
https://js.ad-stir.com/js/adstir.js
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-127.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3df30f08a6469ac5990dc5e274010b198b773c1e266f08f0547e43873959fd2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

vary
accept-encoding, Origin
cache-control
max-age=3600
content-encoding
gzip
etag
W/"729beb705d8e28cb8e186df6d73c2c22"
age
1480
via
1.1 d83ceae2f2ed0c829779c7f585d230f0.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
VFAXUeO16aBzoA9e6QiwFCLc2xZrtVgM3ocRWNKWycdRqRBX3HnXsw==
date
Thu, 31 Oct 2024 01:50:45 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 28 Aug 2024 10:47:01 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P4
x-amz-server-side-encryption
AES256
requestform3.js
ads.themoneytizer.com/s/
146 KB
20 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/requestform3.js?siteId=120176&formatId=6
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=120176&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.17
Resource Hash
2b3f9e27d4a533a291e1c8a4ada511114fcf771895d5b8c9868cce3c2ba2bf52

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

server
cloudflare
cache-control
max-age=259200
content-encoding
br
cf-cache-status
HIT
age
75403
cf-ray
8db023184d1cd77c-NRT
apigw-requestid
AcqMDgLqDoEEMvg=
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.2.17
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 05:00:47 GMT
lib_adagio.js
cdn.themoneytizer.fr/ads/
2 KB
1 KB
Script
General
Full URL
https://cdn.themoneytizer.fr/ads/lib_adagio.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=120176&formatId=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1a3214e6ad4fe4355c5b99490b2e66ed2331ae65f8d7bdb8a864552c4532dfb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
br
cf-cache-status
HIT
x-amz-version-id
qvYhA6q9SmHJElAJ4hWBgTd.Ag0_5M8x
etag
W/"f2ae4810b618b8843df5265f6320f1a4"
age
633019
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uCyE7T7zRRanaLqrDKuPz8oMLc7HE82d7o05I%2FTSKbWY%2FtIQB%2BD0DrIzuoSY9fM94Df7FK0U4FXUh278NdWzEBuI3CF6tVFF8cfs3cDSJGWwn16WHAb02VY4a2oWOA8q8Z7n%2Bp%2Bxrw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2903&sent=16&recv=12&lost=0&retrans=0&sent_bytes=5481&recv_bytes=4978&delivery_rate=6783&cwnd=12000&unsent_bytes=0&cid=17e5a3bfe960851b&ts=19&x=1", cfHdrFlush;dur=0
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
application/javascript
last-modified
Wed, 05 Jun 2024 18:28:25 GMT
vary
Accept-Encoding
x-amz-id-2
K5Y4oyyU0hfC6rsY5PHbLRRgVXOg+nGkWu8qvpzRKdpasv27xkcQTGAk2xsKN1hdLlBqm7kwO7g=
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
R1XF34RSZYNQD9G2
cf-ray
8db023188dbee388-NRT
server
cloudflare
x-amz-server-side-encryption
AES256
lib_fs_close.js
cdn.themoneytizer.fr/ads/
652 B
1 KB
Script
General
Full URL
https://cdn.themoneytizer.fr/ads/lib_fs_close.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=120176&formatId=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50e55a95e9db7e15e936fb087be3b7f51c680f4902d4a19c2a15467d29678cae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
br
cf-cache-status
HIT
x-amz-version-id
Nnvvv1jdDwZYuBcVZSRsjH6BurhA_E9P
etag
W/"51041511d28e6417ba394f775f87da93"
age
640539
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OPYRT9BqtUT%2Bu%2FK6toI31UQFRLPM2ZE8I4jRBI91C83ITRVUWA6aWATIFcv7APTi3oMUOkUWyUJraUyjYQBocABLgiykTWeJEEdtS%2FRf8rGsytf6xae8s%2BbuGParuKXqzRyWSnSG%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2903&sent=14&recv=12&lost=0&retrans=0&sent_bytes=4228&recv_bytes=4978&delivery_rate=6783&cwnd=12000&unsent_bytes=0&cid=17e5a3bfe960851b&ts=19&x=1", cfHdrFlush;dur=0
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
application/javascript
last-modified
Wed, 05 Jun 2024 18:28:22 GMT
vary
Accept-Encoding
x-amz-id-2
BEs4ywEq1ZKm/dAlF6G58vYTGQNFZ7auJq6n4Np8GIWZs4F/VftGvxwXOJoIdd0a5IMP57IhB3xBrQqj8ECtbw==
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
APYKHV16G937YWJE
cf-ray
8db023188dbfe388-NRT
server
cloudflare
x-amz-server-side-encryption
AES256
smart.js
ced.sascdn.com/tag/1097/
64 KB
22 KB
Script
General
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=120176&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.26.43.70 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-26-43-70.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3b1b96c0ea2f3b650976bc44041bfc1ffe97781d370ed93a6548d0cfbce925e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Cache-Control
public, max-age=7200
Content-Encoding
gzip
Connection
keep-alive
Expires
Thu, 31 Oct 2024 04:15:24 GMT
Content-Length
22577
Date
Thu, 31 Oct 2024 02:15:24 GMT
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding
sync
gum.criteo.com/
49 B
713 B
Script
General
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=120176&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=3600
content-encoding
gzip
server-processing-duration-in-ticks
324421
expires
60
date
Thu, 31 Oct 2024 02:15:23 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Kestrel
/
onetag-sys.com/usync/ Frame 8993
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=7b2ec27f127242e&cb=1730340924233
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=120176&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/
23 KB
10 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=120176&formatId=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800e:21:46d:7e81:55ff:4c12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
20133cc700841ec85f087ff9834a922b482b9135e98574a9afebade4c754558c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
private, max-age=604800
content-encoding
gzip
etag
"HP/dXILNCv8vRT01LqWQOg=="
expires
Thu, 07 Nov 2024 02:15:24 GMT
accept-ranges
bytes
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
application/javascript
vary
Accept-Encoding
px.js
p.cpx.to/p/12763/
5 KB
5 KB
Script
General
Full URL
https://p.cpx.to/p/12763/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=120176&formatId=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.209.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-209-132.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3e1c4b702b1de16021b82e9e1d65f7940a5ccbd98b621035021c56d87d975f92

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
public, max-age=7200
content-length
5201
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
application/javascript; charset=UTF-8
mailNotification.php
adtrack.adleadevent.com/
0
859 B
Script
General
Full URL
https://adtrack.adleadevent.com/mailNotification.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=120176&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.214.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-214-164.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-cache="set-cookie"
Content-Encoding
gzip
Pragma
no-cache
Connection
keep-alive
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin
*
Content-Length
20
Date
Thu, 31 Oct 2024 02:15:25 GMT
Content-Type
application/x-javascript
Last-Modified
Thu, 31 Oct 2024 02:15:25 GMT
Server
Apache
Vary
Accept-Encoding
prebid.js
tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/
401 KB
136 KB
Script
General
Full URL
https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=120176&formatId=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55737ae9c671e69553008d94ee32bf61552bce4d49054f14572235c6d515dd0d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"48d345744856034f18e1e0f5636d33a3"
age
770532
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bdOQUQPVdQtriUJ4r4Qblui9damhJ%2F7%2BbhaMrsC1dcpNMX%2B7EUjab2HpQHyOsa0HVRARrroYxoo9%2FG70IsF3hVPIT3pzxibXA34NAuBG1V0%2Bn7bDOWMSqWwSeUSKFFq5lDFZ3nepIYA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2582&sent=18&recv=14&lost=0&retrans=0&sent_bytes=6932&recv_bytes=5064&delivery_rate=586593&cwnd=12000&unsent_bytes=0&cid=17e5a3bfe960851b&ts=35&x=1", cfHdrFlush;dur=0
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
application/javascript
last-modified
Mon, 21 Oct 2024 22:14:22 GMT
vary
Accept-Encoding
x-amz-id-2
1zb/1Lq5NGFaGzNOPCpK2JX2F+2z5KAWSd1klXRoFwWo5KsID6N5wm34LLGsteIM+q0a7VhV6Paov5HvZjQ/Dg==
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
FZHFZ25NYD71Q8NZ
cf-ray
8db023188dc5e388-NRT
server
cloudflare
x-amz-server-side-encryption
AES256
access.php
onimama.com/wp-content/themes/cocoon-master/lib/analytics/
0
79 B
Image
General
Full URL
https://onimama.com/wp-content/themes/cocoon-master/lib/analytics/access.php?post_id=6976&post_type=post
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

accept-ranges
bytes
content-length
0
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/html; charset=UTF-8
server
nginx
ts
webfonts.xserver.jp/3/tsad/check/ja/
1 B
314 B
Fetch
General
Full URL
https://webfonts.xserver.jp/3/tsad/check/ja/ts?K18MUcZzRRA%3D&ttl=8640000
Requested by
Host: webfonts.xserver.jp
URL: https://webfonts.xserver.jp/js/xserverv3.js?fadein=0&ver=2.0.5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
webmail.xserver.jp
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Transfer-Encoding
chunked
X-Cache-Status
HIT
Cache-Control
public, s-maxage=8640000
ETag
"typesquare-use-cache"
Pragma
cache
Connection
keep-alive
Access-Control-Allow-Origin
*
Date
Thu, 31 Oct 2024 02:15:24 GMT
Content-Type
text/plain;;charset=UTF-8
Server
nginx
metric
metrics.biddertmz.com/
0
0
Fetch
General
Full URL
https://metrics.biddertmz.com/metric?s=120176&f=19&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=120176&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.22.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-22-168.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Connection
keep-alive
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Content-Length
0
Date
Thu, 31 Oct 2024 02:15:24 GMT
Content-Type
text/plain, text/plain
Server
nginx/1.12.2
Access-Control-Allow-Headers
Content-Type, Accept
requestform3.js
ads.themoneytizer.com/s/
146 KB
20 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/requestform3.js?siteId=120176&formatId=19
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=120176&formatId=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.17
Resource Hash
9a80358d2c791d626685a7ce1664b3317787304cfecbeeb4bb8e3f4bd326bbb9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

server
cloudflare
cache-control
max-age=259200
content-encoding
br
cf-cache-status
HIT
age
75403
cf-ray
8db023190ebfd77c-NRT
apigw-requestid
AcqMJhZ1joEEM-w=
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.2.17
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 05:00:48 GMT
truncated
/
206 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
323babff610bb7478f9418ec6484a134d4f9588fde5604879efb388141fd017a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
metric
metrics.biddertmz.com/
0
0
Fetch
General
Full URL
https://metrics.biddertmz.com/metric?s=120176&f=1&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=120176&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.22.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-22-168.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Connection
keep-alive
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Content-Length
0
Date
Thu, 31 Oct 2024 02:15:24 GMT
Content-Type
text/plain, text/plain
Server
nginx/1.12.2
Access-Control-Allow-Headers
Content-Type, Accept
requestform3.js
ads.themoneytizer.com/s/
146 KB
20 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/requestform3.js?siteId=120176&formatId=1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=120176&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.17
Resource Hash
e661450d4dbf8141abb57d45197b41021e1f0d84a28882baf78f138d89df5d44

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

server
cloudflare
cache-control
max-age=259200
content-encoding
br
cf-cache-status
HIT
age
75403
cf-ray
8db023190ec1d77c-NRT
apigw-requestid
AcqMIgc6DoEEMEg=
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.2.17
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 05:00:48 GMT
truncated
/
124 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09b81861706da5d0e92329c795eeaba437b0d47d03c1b51c7941cbfe8f2cb0c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
96 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b7085a839d9f8e29c0143495fa34b7c2908b7f6b7d648649d24a08d51a4f6bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
ad.js
adjs.ust-ad.com/scripts/
6 KB
3 KB
Script
General
Full URL
https://adjs.ust-ad.com/scripts/ad.js?id=TkIWe8Z1
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.133.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-105.nrt57.r.cloudfront.net
Software
nginx /
Resource Hash
73b299cc86c29166a61e6d395f2bbbf6152ce89438e0c44a830b6cfa481f3321

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
gzip
via
1.1 01907e84d575a837511558aff20d73f2.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
Mw0xuWveDY0HFtvbo_04PT05HbvjefF5BHP2k9jE8hpZVJ_vbIPelQ==
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
application/javascript
vary
accept-encoding
server
nginx
x-amz-cf-pop
NRT57-C3
topics.js
ced-ns.sascdn.com/diff/js/modules/
10 KB
4 KB
Script
General
Full URL
https://ced-ns.sascdn.com/diff/js/modules/topics.js
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b4a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
af005746e99b6b5e3721759fc55588fddcb000a054990ad799ea309adffa5a04

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Cache-Control
max-age=86400
Content-Encoding
gzip
ETag
"b5228c416b8e80db61b64afe15dbdd77:1727944397.510969"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3341
Date
Thu, 31 Oct 2024 02:15:24 GMT
Content-Type
application/x-javascript
Last-Modified
Thu, 03 Oct 2024 08:30:16 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/
483 KB
150 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.25.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s19-in-f2.1e100.net
Software
cafe /
Resource Hash
346c66e4f479f4a17ed1401f493c41c4c36b694580749098da5224e7707ed994
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
br
etag
2396380646379452942
age
57679
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 10:14:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 30 Oct 2024 10:14:05 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
153075
x-xss-protection
0
server
cafe
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fonimama.com%2F&domain=onimama.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://onimama.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://onimama.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 31 Oct 2024 02:15:23 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
211105
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0015a00002vNEdMAAW&gdpr=0&src=pbjs&ver=9.16.0&coppa=0
  • https://lexicon.33across.com/v1/envelope?pid=0015a00002vNEdMAAW&gdpr=0&src=pbjs&ver=9.16.0&coppa=0&b=1&tp=OhhyIQWCDSstoeizcKTho9mCkp2Dkh2c9zvYMbjkYt4%3D
42 B
138 B
Fetch
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00002vNEdMAAW&gdpr=0&src=pbjs&ver=9.16.0&coppa=0&b=1&tp=OhhyIQWCDSstoeizcKTho9mCkp2Dkh2c9zvYMbjkYt4%3D
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://onimama.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Thu, 31 Oct 2024 02:15:22 GMT
content-type
application/json
vary
origin

Redirect headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
location
https://lexicon.33across.com/v1/envelope?pid=0015a00002vNEdMAAW&gdpr=0&src=pbjs&ver=9.16.0&coppa=0&b=1&tp=OhhyIQWCDSstoeizcKTho9mCkp2Dkh2c9zvYMbjkYt4%3D
access-control-allow-credentials
true
referrer-policy
unsafe-url
via
1.1 google
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://onimama.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 31 Oct 2024 02:15:22 GMT
vary
origin
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fonimama.com%2F&domain=onimama.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=k09pdnxTRitSZXRwWXV6L3d4blJTNE5EMWR4dDhJVk5zOGgxWkhJVTRvV0VMaUpCamhESGdCQXNHYVlJbzk4SnlLQmgzWkxDa015MnBFRDl6bmk5c21oRCtCME9SVTFOaDNQaGJNY0xDa2N0MXhZWktHWmFxcktBMTVWOX...
367 B
930 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=k09pdnxTRitSZXRwWXV6L3d4blJTNE5EMWR4dDhJVk5zOGgxWkhJVTRvV0VMaUpCamhESGdCQXNHYVlJbzk4SnlLQmgzWkxDa015MnBFRDl6bmk5c21oRCtCME9SVTFOaDNQaGJNY0xDa2N0MXhZWktHWmFxcktBMTVWOXhBV0dtbGhjVlpWc09HcTlWbXpTVUp4WFUwZURSS3VLdzRFL1BIYnhxcTJOeklWaVVoenZkcjgrdWlIUXE3aGw4SXRRVTBYOGIxN0lITTNDNy8rV0s1OVdPUm1qay95a1VMU0NXL0JrRFVmaXVCR2pLZGZJT2NubWRpa3pLM2hOZExzUDU4Rm1lZHpQUEZuekJYYnpLQnRlSmhXd3Z3Zz09fA&cppv=2
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
ba0acb859d0f7f0a0eac1d6e718a7ea3dae1e140ea0408d7602f3c98197b5329
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
458010
expires
0
access-control-allow-origin
null
date
Thu, 31 Oct 2024 02:15:23 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
location
https://mug.criteo.com/sid?cpp=k09pdnxTRitSZXRwWXV6L3d4blJTNE5EMWR4dDhJVk5zOGgxWkhJVTRvV0VMaUpCamhESGdCQXNHYVlJbzk4SnlLQmgzWkxDa015MnBFRDl6bmk5c21oRCtCME9SVTFOaDNQaGJNY0xDa2N0MXhZWktHWmFxcktBMTVWOXhBV0dtbGhjVlpWc09HcTlWbXpTVUp4WFUwZURSS3VLdzRFL1BIYnhxcTJOeklWaVVoenZkcjgrdWlIUXE3aGw4SXRRVTBYOGIxN0lITTNDNy8rV0s1OVdPUm1qay95a1VMU0NXL0JrRFVmaXVCR2pLZGZJT2NubWRpa3pLM2hOZExzUDU4Rm1lZHpQUEZuekJYYnpLQnRlSmhXd3Z3Zz09fA&cppv=2
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
359587
expires
0
access-control-allow-origin
https://onimama.com
content-length
0
date
Thu, 31 Oct 2024 02:15:23 GMT
server
Kestrel
prebid
id5-sync.com/api/config/
193 B
659 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
f76a38d24efdb56a2e2aae1d3c3e6395126aafca398a7432099d040404d05000
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://onimama.com
p3p
CP="CAO PSA OUR"
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
id
id.crwdcntrl.net/
152 B
899 B
Fetch
General
Full URL
https://id.crwdcntrl.net/id?c=17553
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.7.13 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-7-13.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
499c5d61f0dfc5d48cd65ac7b1b65e3619a17e2d356b7b928c1aad8cd3d823d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://onimama.com
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
152
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
application/json;charset=utf-8
x-server
10.42.2.208
server
Jetty(9.4.38.v20210224)
adagio.js
script.4dex.io/a/latest/
61 KB
19 KB
Script
General
Full URL
https://script.4dex.io/a/latest/adagio.js
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c06f0ff3bff18094a91fb345b425c2d6cbac9fb8ea56f6db2e879cd49fa36510

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Content-Encoding
br
CF-Cache-Status
HIT
ETag
W/"3bd20e5fbdd6d804d194856ed36c4ccb"
Age
360177
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sy8UTzifvEhTJm7SVwnqr68wk5FMHWXm8cJR6i6qCzoMGE93F9nJ178mk8SATvDw3FDNkq3Uzw%2BiyrREt6D1cG%2B65FGYy8fa5tThSjgXqRhYwfjQ8Hj6uGazCXcB9U4948Y0057%2BsN%2F9z%2FSC"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=1694&sent=5&recv=9&lost=0&retrans=0&sent_bytes=3488&recv_bytes=2313&delivery_rate=1595895&cwnd=252&unsent_bytes=0&cid=e7ca56875c2bb82f&ts=160&x=0"
Date
Thu, 31 Oct 2024 02:15:24 GMT
Content-Type
application/javascript
Last-Modified
Wed, 28 Aug 2024 15:06:29 GMT
Vary
Accept-Encoding
Transfer-Encoding
chunked
Cache-Control
public, max-age=1800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8db0231af8cd2645-NRT
Server
cloudflare
sky-5534319_1280.jpg
onimama.com/wp-content/uploads/2023/12/
131 KB
132 KB
Image
General
Full URL
https://onimama.com/wp-content/uploads/2023/12/sky-5534319_1280.jpg
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
57520b14c4ae936473942bc6efac281478dec85c779703107b10e2d4611f8018

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
etag
"20dbb-60be7953f0669"
expires
Thu, 07 Nov 2024 02:15:24 GMT
accept-ranges
bytes
content-length
134587
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
image/jpeg
last-modified
Thu, 07 Dec 2023 08:52:09 GMT
server
nginx
adn
ad.ust-ad.com/ads/
74 B
426 B
XHR
General
Full URL
https://ad.ust-ad.com/ads/adn
Requested by
Host: adjs.ust-ad.com
URL: https://adjs.ust-ad.com/scripts/ad.js?id=TkIWe8Z1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.168.15.149 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-168-15-149.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
587b6ed71e6c89ebc21623fafda59f0c5e95829e8f69823fea50b799781ad635

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://onimama.com
content-length
74
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI COR"
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
application/json
server
nginx
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=k09pdnxTRitSZXRwWXV6L3d4blJTNE5EMWR4dDhJVk5zOGgxWkhJVTRvV0VMaUpCamhESGdCQXNHYVlJbzk4SnlLQmgzWkxDa015MnBFRDl6bmk5c21oRCtCME9SVTFOaDNQaGJNY0xDa2N0MXhZWktHWmFxcktBMTVWOXhBV0dtbGhjVlpWc09HcTlWbXpTVUp4WFUwZURSS3VLdzRFL1BIYnhxcTJOeklWaVVoenZkcjgrdWlIUXE3aGw4SXRRVTBYOGIxN0lITTNDNy8rV0s1OVdPUm1qay95a1VMU0NXL0JrRFVmaXVCR2pLZGZJT2NubWRpa3pLM2hOZExzUDU4Rm1lZHpQUEZuekJYYnpLQnRlSmhXd3Z3Zz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 31 Oct 2024 02:15:24 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
187402
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
s
kvt.sddan.com/api/v1/public/p/29567/d/50/
904 B
718 B
Fetch
General
Full URL
https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&allowed_post_content=true&url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.83.160.162 , France, ASN12876 (Online SAS, FR),
Reverse DNS
online-prod.ipsfailover.com
Software
nginx/1.20.2 /
Resource Hash
a791f97d9f7aab959f5f6a9fd097bd4039b7c998bed18054be3e0455dfada921
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Cache-Control
private, max-age=60
Content-Encoding
gzip
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Origin
https://onimama.com
Date
Thu, 31 Oct 2024 02:15:25 GMT
Content-Type
application/json; charset=utf-8
Server
nginx/1.20.2
Access-Control-Allow-Headers
content-type
topics_frame.html
ced-ns.sascdn.com/diff/js/assets/ Frame 1EBA
0
0
Document
General
Full URL
https://ced-ns.sascdn.com/diff/js/assets/topics_frame.html
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/js/modules/topics.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b4f Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400
Connection
keep-alive
Content-Encoding
gzip
Content-Length
154
Content-Type
text/html
Date
Thu, 31 Oct 2024 02:15:24 GMT
ETag
"f0d2e72b7a1131e32549d3713c834900:1715760824.259072"
Last-Modified
Wed, 15 May 2024 08:11:55 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
id5-api.js
cdn.id5-sync.com/api/1.0/
98 KB
29 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a7c35a58c1ad79d4fc96dad3bf9ef24b49d9d439ad3fb9b454cdcfe7c445724
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"f24286e1b73c01841e789906d50ce23f"
age
4
expires
Thu, 31 Oct 2024 03:15:24 GMT
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 02 Oct 2024 12:26:13 GMT
vary
Accept-Encoding
x-amz-id-2
sm/UZYONVZMVHFEjds6PZaWEDpUGjT4et7MFQro6nbukKjz43IQ9zkUv9ZTwNYsIposDVRtcBCU=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
x-amz-request-id
GYV9JKBC5QW44CFS
cf-ray
8db0231b1fb32638-NRT
server
cloudflare
x-amz-server-side-encryption
AES256
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 40B9
0
0
Document
General
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.25.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s19-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
486
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29488
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Oct 2024 02:07:18 GMT
expires
Thu, 31 Oct 2024 02:57:18 GMT
last-modified
Mon, 28 Oct 2024 19:44:21 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adn
ad.ust-ad.com/ads/ Frame
0
0
Preflight
General
Full URL
https://ad.ust-ad.com/ads/adn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.168.15.149 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-168-15-149.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://onimama.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, Accept, x-openrtb-version
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://onimama.com
cache-control
no-cache
content-length
0
date
Thu, 31 Oct 2024 02:15:24 GMT
server
nginx
ads
securepubads.g.doubleclick.net/gampad/
63 KB
15 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3623168876653648&correlator=2273401098319502&eid=31088370%2C31088535%2C31088123%2C31087830%2C83320950%2C31088251&output=ldjh&gdfp_req=1&vrg=202410280101&ptt=17&impl=fifs&iu_parts=9176203%3A23052771004%2C1850604%2C1850605%2C1850606%2C1850607&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=320x50%7C320x120%7C320x100%2C300x300%7C320x180%7C336x280%7C240x400%7C250x250%7C300x250%7C300x600%7C200x200%7C300x280%2C728x90%2C300x250%7C336x280&ifi=1&didk=2484300913~22897285~1955510018~1220333025&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1730340924627&lmt=1730340924&adxs=-9%2C202%2C-9%2C202&adys=-9%2C15392%2C-9%2C15392&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C1%7C-1%7C2&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&vis=1&psz=0x-1%7C800x97%7C0x-1%7C800x97&msz=0x-1%7C800x0%7C0x-1%7C800x0&fws=2%2C0%2C2%2C0&ohw=0%2C0%2C0%2C0&td=1&egid=22285&tan=f8824d5d-3af8-412f-8632-6dfe5f67af8d%2Cf8824d5d-3af8-412f-8632-6dfe5f67af8e%2Cf8824d5d-3af8-412f-8632-6dfe5f67af8f%2Cf8824d5d-3af8-412f-8632-6dfe5f67af90&tdf=2&topics=9&tps=9&htps=10&a3p=EjQKCnB1YmNpZC5vcmcSJDliOTMzMTBhLWQ3YzctNDIzMC04N2U1LWYzMDNlZTA0ZTQxM1gB&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1730340924125&idt=450&adks=3340413314%2C1127988752%2C2982957917%2C2076319390&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.25.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s19-in-f2.1e100.net
Software
cafe /
Resource Hash
f019d5e097762f1c6b52260f1bb9e9bc6a2593ed1305dcf259884b6d457abab3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
br
google-lineitem-id
-2,-2,6596694368,6595961413
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2,-2,-2,-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2,-2,138465530334,138465702785
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://onimama.com
content-length
15329
x-xss-protection
0
server
cafe
container.html
9dea7713ca7699124c2e97dc40dc0af3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E23B
0
0
Document
General
Full URL
https://9dea7713ca7699124c2e97dc40dc0af3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80c::2001 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Oct 2024 02:15:24 GMT
expires
Thu, 31 Oct 2024 02:15:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/
1 KB
1 KB
Script
General
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2066:ca00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
gzip
etag
W/"1f431dc94c1f033d6666f0fe637e2d7b"
age
1763
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
AJx9iSHXWsHe1jcMICVZLKyo5s4acPFH7IaaypNdvxG-SxS3E0BCGw==
date
Thu, 31 Oct 2024 01:46:02 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 13 Oct 2022 22:35:53 GMT
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
via
1.1 d1e4d8ebe5533d5332b1c564eaf9661c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
NRT12-C5
server
AmazonS3
x-amz-server-side-encryption
AES256
s
kvt.sddan.com/api/v1/public/p/29567/d/50/
904 B
718 B
Fetch
General
Full URL
https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&allowed_post_content=true&url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.83.160.162 , France, ASN12876 (Online SAS, FR),
Reverse DNS
online-prod.ipsfailover.com
Software
nginx/1.20.2 /
Resource Hash
a791f97d9f7aab959f5f6a9fd097bd4039b7c998bed18054be3e0455dfada921
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Cache-Control
private, max-age=60
Content-Encoding
gzip
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Origin
https://onimama.com
Date
Thu, 31 Oct 2024 02:15:25 GMT
Content-Type
application/json; charset=utf-8
Server
nginx/1.20.2
Access-Control-Allow-Headers
content-type
s
kvt.sddan.com/api/v1/public/p/29567/d/50/
904 B
718 B
Fetch
General
Full URL
https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&allowed_post_content=true&url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.83.160.162 , France, ASN12876 (Online SAS, FR),
Reverse DNS
online-prod.ipsfailover.com
Software
nginx/1.20.2 /
Resource Hash
a791f97d9f7aab959f5f6a9fd097bd4039b7c998bed18054be3e0455dfada921
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Cache-Control
private, max-age=60
Content-Encoding
gzip
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Origin
https://onimama.com
Date
Thu, 31 Oct 2024 02:15:25 GMT
Content-Type
application/json; charset=utf-8
Server
nginx/1.20.2
Access-Control-Allow-Headers
content-type
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202410280101/
63 KB
23 KB
Other
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202410280101/gpt
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.25.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s19-in-f2.1e100.net
Software
cafe /
Resource Hash
a89b340fd956bb565172d2212ed4a4ac7f420d52c5b054d6a8dbf4c58acafbb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
5403237130505911491
age
36858
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 16:01:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 30 Oct 2024 16:01:06 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23629
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202410280101"
script.js
cadmus.script.ac/dahhc4ozyvjm6/
3 B
239 B
Script
General
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
etag
W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
age
0
cf-ray
8db0231b6ad3d748-NRT
content-length
3
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
pixel;r=1689830730;labels=Categories.artsandentertainment%2CMots%20Cl%C3%A9s.%E3%83%89%E3%83%A9%E3%83%9E;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F;ns=0;ce=1;qjs=1;qv=f...
pixel.quantserve.com/
35 B
579 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=1689830730;labels=Categories.artsandentertainment%2CMots%20Cl%C3%A9s.%E3%83%89%E3%83%A9%E3%83%9E;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F;ns=0;ce=1;qjs=1;qv=fd657345-20240925114642;ref=;d=onimama.com;dst=0;et=1730340924694;tzo=-540;ogl=type.article%2Cdescription.2024%E5%B9%B44%E6%9C%8817%E6%97%A5%E3%82%88%E3%82%8A%E3%82%B9%E3%82%BF%E3%83%BC%E3%83%88%E3%81%97%E3%81%9F%E3%80%81%20%E7%80%AC%E6%88%B8%E5%88%A9%E6%A8%B9%E3%81%95%E3%82%93%E4%B8%BB%E6%BC%94%E3%81%AE%E3%80%8E%E8%B2%B7%E3%82%8F%E3%82%8C%E3%81%9F%E7%94%B7%E3%80%8F%EF%BC%88%E3%83%86%E3%83%AC%E3%83%93%E5%A4%A7%E9%98%AA%E7%B3%BB%EF%BC%89%E3%80%82%20%E3%81%97%E3%81%8B%E3%81%97%E3%80%81%E6%94%BE%E9%80%81%E7%B5%82%E4%BA%86%E5%BE%8C%E3%81%AE%E8%A6%96%E8%81%B4%E8%80%85%E3%81%8B%E3%82%89%E3%81%AE%E6%84%9F%E6%83%B3%E3%81%A7%20%E3%80%8C%E3%81%A4%E3%81%BE%E3%82%89%E3%81%AA%E3%81%84%E3%80%8D%E3%80%8C%E9%9D%A2%E7%99%BD%E3%81%8F%E3%81%AA%E3%81%84%E3%80%8D%2Ctitle.%E3%80%90%E7%90%86%E7%94%B17%E9%81%B8%E3%80%91%E3%83%89%E3%83%A9%E3%83%9E%E3%80%8E%E8%B2%B7%E3%82%8F%E3%82%8C%E3%81%9F%E7%94%B7%E3%80%8F%E3%81%AF%E3%81%A4%E3%81%BE%E3%82%89%E3%81%AA%E3%81%84%EF%BC%9F%E5%A5%B3%E6%80%A7%E3%82%92%E7%BE%8E%E5%8C%96%E3%81%97%E3%81%99%E3%81%8E%E3%83%BB%E6%94%BE%E9%80%81%E3%81%97%E3%81%AA%E3%81%84%E3%81%A7%EF%BC%81%E3%81%AE%E5%A3%B0%E3%82%82%EF%BC%9F%2Curl.https%3A%2F%2Fonimama%252Ecom%2Fkawaretaotoko%2F%2Cimage.https%3A%2F%2Fonimama%252Ecom%2Fwp-content%2Fuploads%2F2024%2F04%2F5-1-8%252Ejpg%2Csite_name.%E3%81%97%E3%82%93%E3%82%89%E3%81%B0%E3%82%93%E3%81%97%E3%82%87%E3%81%86%E3%83%AD%E3%82%B0%2Clocale.ja_JP%2Clocale.ja_JP%2Ctype.article%2Cimage.https%3A%2F%2Fonimama%252Ecom%2Fwp-content%2Fuploads%2F2024%2F04%2F5-1-8%252Ejpg%2Ctitle.%E3%80%90%E7%90%86%E7%94%B17%E9%81%B8%E3%80%91%E3%83%89%E3%83%A9%E3%83%9E%E3%80%8E%E8%B2%B7%E3%82%8F%E3%82%8C%E3%81%9F%E7%94%B7%E3%80%8F%E3%81%AF%E3%81%A4%E3%81%BE%E3%82%89%E3%81%AA%E3%81%84%EF%BC%9F%E5%A5%B3%E6%80%A7%E3%82%92%E7%BE%8E%E5%8C%96%E3%81%97%E3%81%99%E3%81%8E%E3%83%BB%E6%94%BE%E9%80%81%E3%81%97%E3%81%AA%E3%81%84%E3%81%A7%EF%BC%81%E3%81%AE%E5%A3%B0%E3%82%82%EF%BC%9F%20%7C%20%E3%81%97%E3%82%93%E3%82%89%E3%81%B0%E3%82%93%E3%81%97%E3%82%87%E3%81%86%E3%83%AD%E3%82%B0%2Cdescription.2024%E5%B9%B44%E6%9C%8817%E6%97%A5%E3%82%88%E3%82%8A%E3%82%B9%E3%82%BF%E3%83%BC%E3%83%88%E3%81%97%E3%81%9F%E3%80%81%20%E7%80%AC%E6%88%B8%E5%88%A9%E6%A8%B9%E3%81%95%E3%82%93%E4%B8%BB%E6%BC%94%E3%81%AE%E3%80%8E%E8%B2%B7%E3%82%8F%E3%82%8C%E3%81%9F%E7%94%B7%E3%80%8F%EF%BC%88%E3%83%86%E3%83%AC%E3%83%93%E5%A4%A7%E9%98%AA%E7%B3%BB%EF%BC%89%E3%80%82%20%C2%A0%20%E3%81%97%E3%81%8B%E3%81%97%E3%80%81%E6%94%BE%E9%80%81%E7%B5%82%E4%BA%86%E5%BE%8C%E3%81%AE%E8%A6%96%E8%81%B4%E8%80%85%E3%81%8B%E3%82%89%E3%81%AE%E6%84%9F%E6%83%B3%E3%81%A7%20%E3%80%8C%E3%81%A4%E3%81%BE%E3%82%89%E3%81%AA%E3%81%84%E3%80%8D%E3%80%8C%E9%9D%A2%E7%99%BD%E3%81%8F%E3%81%AA%2Curl.https%3A%2F%2Fonimama%252Ecom%2Fkawaretaotoko%2F%2Csite_name.%E3%81%97%E3%82%93%E3%82%89%E3%81%B0%E3%82%93%E3%81%97%E3%82%87%E3%81%86%E3%83%AD%E3%82%B0;ses=121b2796-1ab1-4f0a-a5e7-2095369711d5;uht=2;fpan=1;fpa=P0-1803568479-1730340924649;pbc=;cm=undefined;gdpr=0;mdl=
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800e:21:46d:7e81:55ff:4c12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=86400
cache-control
private, no-cache, no-store, proxy-revalidate
pragma
no-cache
expires
Fri, 04 Aug 1978 12:00:00 GMT
content-length
35
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date
Thu, 31 Oct 2024 02:15:24 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["D2RYaoL+GO24b5FPpTCccQ=="],"pcode":["p-6Fv0cGNfc_bw8"]},{"label":["APL4x+EUkKUwUzGPWmh7qg=="],"pcode":["p-6Fv0cGNfc_bw8"]}],"trigger_data":"1"}]}
content-type
image/gif
latest-version
fam-8.net/ad/p/
41 B
493 B
XHR
General
Full URL
https://fam-8.net/ad/p/latest-version
Requested by
Host: fam-8.net
URL: https://fam-8.net/ad/js/fam8-tagify.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
/
Resource Hash
001fca0c70a55362c8ae8e33ac675fe8e5054439537b10ae75de374cd5a68f07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Connection
close
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://onimama.com
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Content-Length
41
Date
Thu, 31 Oct 2024 02:15:25 GMT
Content-Type
text/html
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
pjs-1.0.3.min.js
fam-8.net/ad/js/
15 KB
15 KB
Script
General
Full URL
https://fam-8.net/ad/js/pjs-1.0.3.min.js
Requested by
Host: fam-8.net
URL: https://fam-8.net/ad/js/fam8-tagify.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
/
Resource Hash
3486e75cbcec83fac64b744262840c0cf45746e11e15b158b652bc451c849ab7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://onimama.com/kawaretaotoko/

Response headers

ETag
W/"14916-1719451142000"
Connection
close
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Length
14916
Date
Thu, 31 Oct 2024 02:15:25 GMT
Last-Modified
Thu, 27 Jun 2024 01:19:02 GMT
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
imp
g2.gumgum.com/hbid/
3 KB
2 KB
Fetch
General
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.16.0&lt=1730340925334&to=-540&aun=26328&pubcid=9b93310a-d7c7-4230-87e5-f303ee04e413&gpid=%2F120176%2Fonimama.com%2Fdesktop%2F26328&t=pnoqxxyv&pi=2&schain=1.0%2C1!themoneytizer.com%2C112110%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&tpl=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.16.0%22%7D&ogu=null&ns=10240&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F130.0.0.0%20Safari%2F537.36&dnt=0&lang=ja
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.242.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-242-98.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e2e2e997062af8728b39273bd1d3d35f14efc70e3bd01d308bc5d9a391f4842b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://onimama.com
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
application/json;charset=UTF-8
server
nginx
c
prebid.a-mo.net/a/
1000 B
1 KB
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
9cc46974c75e8f1e293ad10d279014a17d36596a8de61d3882fb53165cfa144c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
x-envoy-upstream-service-time
112
access-control-allow-credentials
true
access-control-allow-origin
https://onimama.com
content-length
494
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
application/json; charset=utf-8
vary
origin, accept-encoding
server
envoy
prebid-request
onetag-sys.com/
15 B
408 B
Fetch
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://onimama.com
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length
41
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
prebid
mp.4dex.io/
1 KB
1019 B
Fetch
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72772d38bba30f695a10017c0490e6a09b2eda4006b84ab31bdc02fa0fe5754c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

x-version
3.0.0-gcp-tyo
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
x-err
Shapings: no adunits with size and seat and mapping
access-control-allow-credentials
true
via
1.1 google
cf-ray
8db0231fb8b5afa6-NRT
expires
0
access-control-allow-origin
https://onimama.com
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
server
cloudflare
prebid
ib.adnxs.com/ut/v3/
144 B
1 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.249 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1028.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
b7547ea2d14239a5163fb3e3ea13564bbda15ffebb5350708332ecfe10b85f32
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.198; 146.70.201.198; 1028.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://onimama.com
an-x-request-uuid
e1b30f4e-6412-44aa-985b-66c7d93957d6
content-length
144
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 31 Oct 2024 02:15:25 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
auction
bid.sparteo.com/
70 B
171 B
Fetch
General
Full URL
https://bid.sparteo.com/auction
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8441af84846837f7657879120f91e1975882737ce928383c37853ed8c0488885

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8db0231ffa18d4d0-NRT
access-control-allow-origin
https://onimama.com
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
cloudflare
openrtb
adx3.adform.com/adx/
0
0

fastlane.json
fastlane.rubiconproject.com/a/api/
4 KB
2 KB
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39528&zone_id=1124612&size_id=15&alt_size_ids=2%2C55%2C58%2C221&p_pos=atf&rp_schain=1.0,1!themoneytizer.com,112110,1,,,&eid_pubcid.org=9b93310a-d7c7-4230-87e5-f303ee04e413%5E1&rf=https%3A%2F%2Fonimama.com&kw=120176&tg_i.domain=onimama.com&tg_i.page=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&tg_i.name=onimama.com&tg_i.pagetype=article&tg_i.category=artsandentertainment&tg_i.siteid=120176&tg_i.placement=6&tg_i.divId=sas_26328&tg_i.pbadslot=sas_iframe_fixed_26328&tk_flint=pbjs_lite_v9.16.0&x_source.tid=3c07abb1-337e-4888-9041-dfd2b826bc67&l_pb_bid_id=18d8ed91b751355&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&x_imp.ext.tid=ac036ef8-ae54-4968-b9cd-a0e87cad1fc8&rp_maxbids=1&p_gpid=%2F120176%2Fonimama.com%2Fdesktop%2F26328&m_ch_mobile=%3F0&slots=1&rand=0.07204847774060585
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
d39293ff45a7a96ac97831eae65cfaebbede96654d30611c8f33b7c98633f607

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://onimama.com
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.6
moneybid.js
ads.themoneytizer.com/bidder1/
213 B
240 B
Fetch
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=120176&adid=6&formatid=26328&size=desktop
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.17
Resource Hash
f726950d59b401eb5428d09e0db746e16235d45a351934c5ab6ce7a010ffd401

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

server
cloudflare
cache-control
max-age=259200
content-encoding
br
cf-cache-status
HIT
age
75403
cf-ray
8db0232089966856-NRT
apigw-requestid
Acsz_iShjoEEPEg=
access-control-allow-origin
*
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.2.17
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 05:18:42 GMT
prebidjs
rtb.openx.net/openrtbb/
53 B
222 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3c72c117e9b6d84ecbc87f822ca0ed24c3f3de62509b3e4f0bfe17c6762b4fa8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
gzip
x-forwarded-for
146.70.201.198
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://onimama.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
text/plain
vary
Origin
auction
tlx.3lift.com/header/
19 B
819 B
Fetch
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=9.16.0&referrer=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&tmax=3000
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.151.166.244 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-166-244.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://onimama.com
x-auction-status
29
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
h_bid
y.one.impact-ad.jp/ul_cb/
Redirect Chain
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=260898&cb=75921440793&r=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&uid=2687716d6452479&tid=ac036ef8-ae54-4968-b9cd-a0e87cad1fc8&uc=26328&tmax=3000&t=i&lan...
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=260898&cb=75921440793&r=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&uid=2687716d6452479&tid=ac036ef8-ae54-4968-b9cd-a0e87cad1fc8&uc=26328&tmax=3000&t...
133 B
367 B
Fetch
General
Full URL
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=260898&cb=75921440793&r=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&uid=2687716d6452479&tid=ac036ef8-ae54-4968-b9cd-a0e87cad1fc8&uc=26328&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=1x1%2C728x90%2C970x90%2C1000x90%2C1000x30%2C990x90%2C950x90%2C300x250
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Server
35.213.17.49 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
49.17.213.35.bc.googleusercontent.com
Software
/
Resource Hash
4000749e5884ba6dcb85585eb7d40c2d46c90bc001e63d7e449325e8f4e80f6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://onimama.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
application/json; charset=utf-8

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=260898&cb=75921440793&r=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&uid=2687716d6452479&tid=ac036ef8-ae54-4968-b9cd-a0e87cad1fc8&uc=26328&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=1x1%2C728x90%2C970x90%2C1000x90%2C1000x30%2C990x90%2C950x90%2C300x250
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://onimama.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 31 Oct 2024 02:15:25 GMT
/
bid.missena.io/
9 B
260 B
Fetch
General
Full URL
https://bid.missena.io/?t=PA-71364648
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.168.247.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-168-247-123.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

Access-Control-Allow-Origin
https://onimama.com
Content-Length
9
Date
Thu, 31 Oct 2024 02:15:25 GMT
Content-Type
text/plain; charset=utf-8
Vary
Origin
Connection
keep-alive
Access-Control-Allow-Credentials
true
prebid-request
onetag-sys.com/
15 B
407 B
Fetch
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://onimama.com
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length
41
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
prebidjs
rtb.openx.net/openrtbb/
2 KB
2 KB
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
b1c2981af38c7f93ccdba068862a9d682c46fb6e359b6420f667aa69b7efdd6a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
gzip
x-forwarded-for
146.70.201.198
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://onimama.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1393
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/plain
vary
Origin
auction
tlx.3lift.com/header/
19 B
1 KB
Fetch
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=9.16.0&referrer=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&tmax=3000
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.151.166.244 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-166-244.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://onimama.com
x-auction-status
29
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
moneybid.js
ads.themoneytizer.com/bidder1/
1 KB
565 B
Fetch
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=120176&adid=1&formatid=26322&size=desktop
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.17
Resource Hash
33f5d4d8b144c4d7328303938a32f7ad9da04f49047fa92f00585f55b165db1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

server
cloudflare
cache-control
max-age=259200
content-encoding
br
cf-cache-status
HIT
age
75403
cf-ray
8db02320899c6856-NRT
apigw-requestid
Acsz_h6rjoEEPWw=
access-control-allow-origin
*
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.2.17
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 05:18:42 GMT
auction
bid.sparteo.com/
70 B
148 B
Fetch
General
Full URL
https://bid.sparteo.com/auction
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee034059f4cda82e4c78b1b550271ec9f586060f8319d460c503f99278d9f0ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8db023206aa5d4d0-NRT
access-control-allow-origin
https://onimama.com
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
cloudflare
c
prebid.a-mo.net/a/
1000 B
1 KB
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
9cc8885fcd69f9f28dc2505883c962793067d17674302514dc7de737c128e14a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
x-envoy-upstream-service-time
136
access-control-allow-credentials
true
access-control-allow-origin
https://onimama.com
content-length
496
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
application/json; charset=utf-8
vary
origin, accept-encoding
server
envoy
openrtb
adx3.adform.com/adx/
0
0

h_bid
y.one.impact-ad.jp/ul_cb/
Redirect Chain
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=260905&cb=85216329196&r=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&uid=46b050d699bd6ba&tid=d2b60217-a5c7-454f-a977-be607756a89d&uc=26322&tmax=3000&t=i&lan...
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=260905&cb=85216329196&r=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&uid=46b050d699bd6ba&tid=d2b60217-a5c7-454f-a977-be607756a89d&uc=26322&tmax=3000&t...
119 B
355 B
Fetch
General
Full URL
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=260905&cb=85216329196&r=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&uid=46b050d699bd6ba&tid=d2b60217-a5c7-454f-a977-be607756a89d&uc=26322&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=728x90%2C320x50%2C300x50%2C320x100%2C300x100
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Server
35.213.17.49 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
49.17.213.35.bc.googleusercontent.com
Software
/
Resource Hash
db7f7149e18d33880586e1b565a886f788136f63d87f955923c9580801065723

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://onimama.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
application/json; charset=utf-8

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=260905&cb=85216329196&r=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&uid=46b050d699bd6ba&tid=d2b60217-a5c7-454f-a977-be607756a89d&uc=26322&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=728x90%2C320x50%2C300x50%2C320x100%2C300x100
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://onimama.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 31 Oct 2024 02:15:25 GMT
prebid
ib.adnxs.com/ut/v3/
145 B
1 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.249 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1028.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
542c7a215b4a326e87865fd7f3093579b9c0482de07d6a172ef209b3fd9e44e1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.198; 146.70.201.198; 1028.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://onimama.com
an-x-request-uuid
1f1cf268-8335-4e4c-9b5c-42ce8e5e4fa3
content-length
145
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 31 Oct 2024 02:15:25 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
prebid
mp.4dex.io/
1 KB
1 KB
Fetch
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72772d38bba30f695a10017c0490e6a09b2eda4006b84ab31bdc02fa0fe5754c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

x-version
3.0.0-gcp-tyo
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
x-err
Shapings: no adunits with size and seat and mapping
access-control-allow-credentials
true
via
1.1 google
cf-ray
8db02320697eafa6-NRT
expires
0
access-control-allow-origin
https://onimama.com
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
server
cloudflare
fastlane.json
fastlane.rubiconproject.com/a/api/
492 B
855 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39528&zone_id=1078210&size_id=2&alt_size_ids=19%2C43%2C44%2C117&p_pos=atf&rp_schain=1.0,1!themoneytizer.com,112110,1,,,&eid_pubcid.org=9b93310a-d7c7-4230-87e5-f303ee04e413%5E1&rf=https%3A%2F%2Fonimama.com&kw=120176&tg_i.domain=onimama.com&tg_i.page=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&tg_i.name=onimama.com&tg_i.pagetype=article&tg_i.category=artsandentertainment&tg_i.siteid=120176&tg_i.placement=1&tg_i.divId=sas_26322&tg_i.pbadslot=sas_26322&tk_flint=pbjs_lite_v9.16.0&x_source.tid=2eb111e0-4782-41d9-8084-741680da1e09&l_pb_bid_id=52febb8450f21d5&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&x_imp.ext.tid=d2b60217-a5c7-454f-a977-be607756a89d&rp_maxbids=1&p_gpid=%2F120176%2Fonimama.com%2Fdesktop%2F26322&m_ch_mobile=%3F0&slots=1&rand=0.3518650437806434
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
6cea588ebef9ca48332ccdae6987becde3d065f7bb831f02a5e58503b27e5791

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://onimama.com
content-length
492
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.6
/
b1h.zemanta.com/api/bidder/prebid/bid/
0
190 B
Fetch
General
Full URL
https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.31.142.127 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-origin
https://onimama.com
access-control-allow-credentials
true
auction
tlx.3lift.com/header/
19 B
1 KB
Fetch
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=9.16.0&referrer=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&tmax=3000
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.151.166.244 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-166-244.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://onimama.com
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
h_bid
y.one.impact-ad.jp/
119 B
199 B
Fetch
General
Full URL
https://y.one.impact-ad.jp/h_bid?v=hb1&p=260901&cb=20243085944&r=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&uid=587204da93d2b7d&tid=712c0440-5393-415c-90cf-3526cc54e8bc&uc=26711&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250%2C300x168
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.213.17.49 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
49.17.213.35.bc.googleusercontent.com
Software
/
Resource Hash
6ca5b7f8704c13ad63c7eb3c0ae75463b0a4609ba775ff82d90c284d8aa85b78

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://onimama.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
application/json; charset=utf-8
fastlane.json
fastlane.rubiconproject.com/a/api/
464 B
977 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39528&zone_id=1078294&size_id=15&p_pos=atf&rp_schain=1.0,1!themoneytizer.com,112110,1,,,&eid_pubcid.org=9b93310a-d7c7-4230-87e5-f303ee04e413%5E1&rf=https%3A%2F%2Fonimama.com&kw=120176&tg_i.domain=onimama.com&tg_i.page=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&tg_i.name=onimama.com&tg_i.pagetype=article&tg_i.category=artsandentertainment&tg_i.siteid=120176&tg_i.placement=19&tg_i.divId=sas_26711&tg_i.pbadslot=sas_26711&tk_flint=pbjs_lite_v9.16.0&x_source.tid=3442995b-a660-4109-acaf-1a70d8e678a5&l_pb_bid_id=605d31a695a4f2b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&x_imp.ext.tid=712c0440-5393-415c-90cf-3526cc54e8bc&rp_maxbids=1&p_gpid=%2F120176%2Fonimama.com%2Fdesktop%2F26711&m_ch_mobile=%3F0&slots=1&rand=0.471165067827056
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
72c7ed0b521691e11365e0dfc0e4b5a131d9b99e47f8cd515e56aa85d00bf5dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://onimama.com
content-length
464
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.6
/
b1h.zemanta.com/api/bidder/prebid/bid/
0
190 B
Fetch
General
Full URL
https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.31.142.127 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-origin
https://onimama.com
access-control-allow-credentials
true
prebid
mp.4dex.io/
1 KB
1017 B
Fetch
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dfb9ca4381d56a16944852b23aa2a1e126e422e8488b807486d2d3b68fb78db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

x-version
3.0.0-gcp-tyo
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
x-err
Shapings: no adunits with size and seat and mapping
access-control-allow-credentials
true
via
1.1 google
cf-ray
8db023206980afa6-NRT
expires
0
access-control-allow-origin
https://onimama.com
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
server
cloudflare
prebid
ib.adnxs.com/ut/v3/
145 B
1 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.249 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1028.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
dad4d3819e86f94a72c8be9f8f645511e1237dbe8c1d76539b364c4bf17ee435
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.198; 146.70.201.198; 1028.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://onimama.com
an-x-request-uuid
2a724c29-9702-455e-b49b-1bb86d92c360
content-length
145
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 31 Oct 2024 02:15:25 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
prebidjs
rtb.openx.net/openrtbb/
53 B
382 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
8d5e6b166d9eb51f6958302cbb12170fe3a6d6ace8b2a62896be615fc27289a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
gzip
x-forwarded-for
146.70.201.198
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://onimama.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/plain
vary
Origin
c
prebid.a-mo.net/a/
1000 B
1 KB
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
2a0c60fa5459f417c8d7ddc3450ff1a246e5c7e6fbb3bf597f1302cece8ff2b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
x-envoy-upstream-service-time
145
access-control-allow-credentials
true
access-control-allow-origin
https://onimama.com
content-length
494
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
application/json; charset=utf-8
vary
origin, accept-encoding
server
envoy
openrtb
adx3.adform.com/adx/
0
0

prebid-request
onetag-sys.com/
15 B
407 B
Fetch
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://onimama.com
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length
41
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
auction
bid.sparteo.com/
70 B
280 B
Fetch
General
Full URL
https://bid.sparteo.com/auction
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9238816246ce186103f4e4f2ad9ea0f05529a5ef25bf19aa15776aed01a86016

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8db023206aa6d4d0-NRT
access-control-allow-origin
https://onimama.com
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
cloudflare
moneybid.js
ads.themoneytizer.com/bidder1/
1 KB
725 B
Fetch
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=120176&adid=19&formatid=26711&size=desktop
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.17
Resource Hash
0004a5710f8fddb807458bb1a9f05625c71eecd7f9f127cfb50a0cd9565e2390

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

server
cloudflare
cache-control
max-age=259200
content-encoding
br
cf-cache-status
HIT
age
75403
cf-ray
8db0232089986856-NRT
apigw-requestid
Acsz_iYjDoEEJVA=
access-control-allow-origin
*
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.2.17
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 05:18:42 GMT
bounce
id5-sync.com/
30 B
229 B
Fetch
General
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://onimama.com
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
text/plain;charset=utf-8
vary
Origin
access-control-allow-credentials
true
v1
lb.eu-1-id5-sync.com/lb/
45 B
283 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
cac70714cf268f9dac658d895f3a9b4652067f938448cbb0b6b690fd95912659
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://onimama.com
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
getuidj
ib.adnxs.com/
11 B
699 B
Fetch
General
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12763/px.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.249 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1028.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.198; 146.70.201.198; 1028.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://onimama.com
an-x-request-uuid
e95a7fc6-67a5-4a3b-bb00-2f412f6493c5
content-length
11
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 31 Oct 2024 02:15:25 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
rid
match.adsrvr.org/track/
109 B
564 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=0fkciot&fmt=json
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12763/px.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
751b395834e2aad5f3df5fcbaf5a7953569a8a350fa0b296700bd3ef232182bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Sat, 30 Nov 2024 02:15:25 GMT
access-control-allow-origin
https://onimama.com
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
container.html
9dea7713ca7699124c2e97dc40dc0af3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A9BB
0
0
Document
General
Full URL
https://9dea7713ca7699124c2e97dc40dc0af3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80c::2001 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Oct 2024 02:15:24 GMT
expires
Thu, 31 Oct 2024 02:15:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v1
lb.eu-1-id5-sync.com/lb/
45 B
282 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
76978dba240d9ea9d916cae54f34030653dbc382a1cd71d03d5a8753f66877d0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://onimama.com
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
js
fam-8.net/ad/p/
8 KB
9 KB
XHR
General
Full URL
https://fam-8.net/ad/p/js?_site=13307&_loc=75893&_mstype=3&_jsasync=1&_ref=&_nocache=1730340925471133521
Requested by
Host: fam-8.net
URL: https://fam-8.net/ad/js/pjs-1.0.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
/
Resource Hash
54576b1adc3fab747d5bdc34ab218471a8ec380008837cf2e0e657ed3b2bb9f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Connection
close
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://onimama.com
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Content-Length
8136
Date
Thu, 31 Oct 2024 02:15:25 GMT
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
fam8-tagify.min.js
fam-8.net/ad/js/
2 KB
0
Script
General
Full URL
https://fam-8.net/ad/js/fam8-tagify.min.js
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
/
Resource Hash
4bd55f89acdfd8dda416b2e6e81c302be408e8a03b9ff2f5b43f1262604cf395

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

ETag
W/"2306-1719451142000"
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Length
2306
Date
Thu, 31 Oct 2024 02:15:24 GMT
Last-Modified
Thu, 27 Jun 2024 01:19:02 GMT
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
js
fam-8.net/ad/p/
5 KB
6 KB
XHR
General
Full URL
https://fam-8.net/ad/p/js?_site=13307&_loc=75894&_mstype=3&_jsasync=1&_ref=&_nocache=1730340925543953951
Requested by
Host: fam-8.net
URL: https://fam-8.net/ad/js/pjs-1.0.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
/
Resource Hash
69b6e904903bc181bcb7957ee6e56b3996923bb133851eb7460923949b4336a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Connection
close
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://onimama.com
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Content-Length
5308
Date
Thu, 31 Oct 2024 02:15:25 GMT
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
truncated
/
92 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0a8f345113ba0c77a0dac67f0cd84ba383395c5864e5c777ad0add66ee670c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
zoe.min.js
j.zoe.zucks.net/
27 KB
0
Script
General
Full URL
https://j.zoe.zucks.net/zoe.min.js
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-110-64.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6920412e0a9d40afac2038ac7cabbef8c8859e90c41edd93eb828915edb14217

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

etag
"1fff1ba9d4d4445707f1d7ebc9b62efd"
age
58886
via
1.1 36cf18acfba4fa4f3949b71621f2b1e8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
27143
x-amz-cf-id
PSIqUE4nDAWwTgxeW5RrYeBF29AxVsLp_QYkL7GQzMf7DS_1SY24ww==
date
Wed, 30 Oct 2024 09:53:59 GMT
content-type
application/javascript
last-modified
Tue, 21 Feb 2023 02:18:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P2
x-amz-server-side-encryption
AES256
js
fam-8.net/ad/p/
5 KB
6 KB
XHR
General
Full URL
https://fam-8.net/ad/p/js?_site=13307&_loc=75894&_mstype=3&_jsasync=1&_ref=&_nocache=1730340925545224524
Requested by
Host: fam-8.net
URL: https://fam-8.net/ad/js/pjs-1.0.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
/
Resource Hash
595557e03c1a83a7b5839acb39e2cd22fac7d6d0f4de8661315ff11188c13725

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Connection
close
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://onimama.com
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Content-Length
5245
Date
Thu, 31 Oct 2024 02:15:25 GMT
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
gen.js
ads.themoneytizer.com/s/
4 KB
0
Script
General
Full URL
https://ads.themoneytizer.com/s/gen.js?type=19
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.17
Resource Hash
3dd4f53067dd0f0bd875bcf7acebfb72e908b5329da8f19ab48fbbe4aa10daa5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

server
cloudflare
cache-control
max-age=259200
content-encoding
br
cf-cache-status
HIT
age
76516
cf-ray
8db023180c39d77c-NRT
apigw-requestid
AcqFvgCBjoEEMPA=
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.2.17
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 05:00:07 GMT
requestform.js
ads.themoneytizer.com/s/
7 KB
0
Script
General
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=120176&formatId=19
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.17
Resource Hash
5082db90552fa24210f90e69f7c632f81c734c67a996621ec5c998be5df470b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

server
cloudflare
cache-control
max-age=259200
content-encoding
br
cf-cache-status
HIT
age
75404
cf-ray
8db023180c3fd77c-NRT
apigw-requestid
AcqMAhBUjoEEMhQ=
date
Thu, 31 Oct 2024 02:15:24 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.2.17
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 05:00:47 GMT
tpcs.html
js.ad-stir.com/js/ Frame BCDE
0
0
Document
General
Full URL
https://js.ad-stir.com/js/tpcs.html
Requested by
Host: js.ad-stir.com
URL: https://js.ad-stir.com/js/adstir.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-106.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1477
alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
content-length
439
content-type
text/html; charset=utf-8
date
Thu, 31 Oct 2024 01:50:49 GMT
etag
"d9659b59585af0de6083d1ad29234cef"
last-modified
Wed, 28 Aug 2024 10:46:52 GMT
server
AmazonS3
vary
accept-encoding Origin
via
1.1 50d80cbc4f2c3fd4b5c67fa188a4e928.cloudfront.net (CloudFront)
x-amz-cf-id
MBXSjBVnITHNVY3gMmhDUbVX--yUDC401aRcYHbRB_RUgWilfSpd7A==
x-amz-cf-pop
NRT57-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
im-uid.js
dmp.im-apps.net/sdk/
7 KB
3 KB
Script
General
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: js.ad-stir.com
URL: https://js.ad-stir.com/js/adstir.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:17::b81a:2b3a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2370c76adee9e3d88e1cca87b883cd4d2021f415af93383aa74f3a987d9ea097

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

x-amz-replication-status
COMPLETED
cache-control
max-age=3778
content-encoding
gzip
etag
"70118b0a96525df32eafb73f86a6e9e0"
x-amz-version-id
zYC_T_XstxeTM2QyEp8xmj8_1xMGWQhy
expires
Thu, 31 Oct 2024 03:18:23 GMT
accept-ranges
bytes
content-length
2713
p3p
CP="NOI PSD OTR"
date
Thu, 31 Oct 2024 02:15:25 GMT
last-modified
Wed, 18 Sep 2024 04:20:38 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
wad
ad.ad-stir.com/
0
0
Script
General
Full URL
https://ad.ad-stir.com/wad?app_id=MEDIA-e455d1f3&ad_spot_no=4&locale=ja&ut=1730340925691&topframe=1&origin=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&floating=1&pos=1&secure=1&sw=1600&sh=1200&dpr=1&novideo=1&topurl=1&adstir_media_uid=f147d924-6814-4b1c-8ed8-7f5019a5947b&adstir_optout=1&c_vp=1&media_fq_count=1&callback=AdstirCB1236925866A7619428511
Requested by
Host: js.ad-stir.com
URL: https://js.ad-stir.com/js/adstir.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.73.194.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-73-194-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-store
content-length
0
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
application/json;charset=UTF-8
/
onetag-sys.com/usync/ Frame 89C0
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame C1A6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.101.65 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-101-65.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Thu, 31 Oct 2024 02:15:25 GMT
etag
"2052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 31 Oct 2024 02:15:25 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 8378
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
s
kvt.sddan.com/api/v1/public/p/29567/d/50/
904 B
718 B
Fetch
General
Full URL
https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&allowed_post_content=true&url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.83.160.162 , France, ASN12876 (Online SAS, FR),
Reverse DNS
online-prod.ipsfailover.com
Software
nginx/1.20.2 /
Resource Hash
a791f97d9f7aab959f5f6a9fd097bd4039b7c998bed18054be3e0455dfada921
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Cache-Control
private, max-age=60
Content-Encoding
gzip
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Origin
https://onimama.com
Date
Thu, 31 Oct 2024 02:15:25 GMT
Content-Type
application/json; charset=utf-8
Server
nginx/1.20.2
Access-Control-Allow-Headers
content-type
29285_360x360_001.jpg
img.fam-8.net/pic/6108/
38 KB
38 KB
Image
General
Full URL
https://img.fam-8.net/pic/6108/29285_360x360_001.jpg
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.210.188.66 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
Apache /
Resource Hash
f12d9fc8d31294bb7843da9369407d6566382f77664592880fdb5fccd712e0bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

ETag
"1650104-9728-621d236b5d940"
Connection
close
Accept-Ranges
bytes
Content-Length
38696
Date
Thu, 31 Oct 2024 02:25:40 GMT
Last-Modified
Wed, 11 Sep 2024 06:36:45 GMT
Content-Type
image/jpeg
Server
Apache
29338_360x360_188.jpg
img.fam-8.net/pic/124/
47 KB
47 KB
Image
General
Full URL
https://img.fam-8.net/pic/124/29338_360x360_188.jpg
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.210.188.66 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
Apache /
Resource Hash
155a6841bcf94d87e4af2f92bac6a6378458d3d94ee7a0435238942318d6fb31

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

ETag
"1616ba4-baa5-623a192640840"
Connection
close
Accept-Ranges
bytes
Content-Length
47781
Date
Thu, 31 Oct 2024 02:25:40 GMT
Last-Modified
Fri, 04 Oct 2024 07:25:13 GMT
Content-Type
image/jpeg
Server
Apache
29356_360x360_195.jpg
img.fam-8.net/pic/124/
58 KB
58 KB
Image
General
Full URL
https://img.fam-8.net/pic/124/29356_360x360_195.jpg
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.210.188.66 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
Apache /
Resource Hash
717e66625084d3be6180f2c68919cb205e14262a07dd566e5dd571f8627b69b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

ETag
"1616baf-e6b2-62583cad27e80"
Connection
close
Accept-Ranges
bytes
Content-Length
59058
Date
Thu, 31 Oct 2024 02:25:40 GMT
Last-Modified
Mon, 28 Oct 2024 06:43:54 GMT
Content-Type
image/jpeg
Server
Apache
27246_360x360_082_002.gif
img.fam-8.net/pic/124/
936 KB
936 KB
Image
General
Full URL
https://img.fam-8.net/pic/124/27246_360x360_082_002.gif
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.210.188.66 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
Apache /
Resource Hash
3ae039506c1b27baa290a15e9c0f2f553bf313509c1e5a12b3c8e03dd1918099

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

ETag
"1616780-ea041-5fab2bcab0300"
Connection
close
Accept-Ranges
bytes
Content-Length
958529
Date
Thu, 31 Oct 2024 02:25:40 GMT
Last-Modified
Tue, 02 May 2023 09:41:00 GMT
Content-Type
image/gif
Server
Apache
27252_360x360_081.gif
img.fam-8.net/pic/124/
971 KB
971 KB
Image
General
Full URL
https://img.fam-8.net/pic/124/27252_360x360_081.gif
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.210.188.66 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
Apache /
Resource Hash
bbe41e3dba276f788082f8b4f29ccdb7114c0b8052626895a0f8a89fd9a1c359

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

ETag
"1616781-f2a8d-5fb4e724998c0"
Connection
close
Accept-Ranges
bytes
Content-Length
993933
Date
Thu, 31 Oct 2024 02:25:40 GMT
Last-Modified
Wed, 10 May 2023 03:27:07 GMT
Content-Type
image/gif
Server
Apache
27209_360x360_001.jpg
img.fam-8.net/pic/124/
60 KB
60 KB
Image
General
Full URL
https://img.fam-8.net/pic/124/27209_360x360_001.jpg
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.210.188.66 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
Apache /
Resource Hash
67f11ffe9e7abc3e9372c799cfba47a41989e0ac676cf69b1ae8033ea37655d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

ETag
"161676e-eea0-5f9d4d98f8d80"
Connection
close
Accept-Ranges
bytes
Content-Length
61088
Date
Thu, 31 Oct 2024 02:25:40 GMT
Last-Modified
Fri, 21 Apr 2023 08:57:42 GMT
Content-Type
image/jpeg
Server
Apache
25370_360x360_047.gif
img.fam-8.net/pic/124/
95 KB
95 KB
Image
General
Full URL
https://img.fam-8.net/pic/124/25370_360x360_047.gif
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.210.188.66 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
Apache /
Resource Hash
3fccf54934aa925e289be8329bde62acd9ba2c02278e94577e0965c7fd70af28

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

ETag
"1616593-17b8d-5e4ee4fa33a40"
Connection
close
Accept-Ranges
bytes
Content-Length
97165
Date
Thu, 31 Oct 2024 02:25:40 GMT
Last-Modified
Fri, 29 Jul 2022 09:31:13 GMT
Content-Type
image/gif
Server
Apache
29291_360x360_164.gif
img.fam-8.net/pic/124/
931 KB
932 KB
Image
General
Full URL
https://img.fam-8.net/pic/124/29291_360x360_164.gif
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.210.188.66 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
Apache /
Resource Hash
dd7d7535c370470d68fd8896c74b38384e560d1f11695b93573e81a5c54297be

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

ETag
"1616b84-e8de3-62249c0fc9680"
Connection
close
Accept-Ranges
bytes
Content-Length
953827
Date
Thu, 31 Oct 2024 02:25:40 GMT
Last-Modified
Tue, 17 Sep 2024 05:13:46 GMT
Content-Type
image/gif
Server
Apache
29353_360x360_192.jpg
img.fam-8.net/pic/124/
76 KB
77 KB
Image
General
Full URL
https://img.fam-8.net/pic/124/29353_360x360_192.jpg
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.210.188.66 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
Apache /
Resource Hash
2bb3a990f9cb0cbff2d61dd8cf5c614bf92586a015dba746ef671dae38a25325

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

ETag
"1616bac-13192-62583cad27e80"
Connection
close
Accept-Ranges
bytes
Content-Length
78226
Date
Thu, 31 Oct 2024 02:25:40 GMT
Last-Modified
Mon, 28 Oct 2024 06:43:54 GMT
Content-Type
image/jpeg
Server
Apache
29287_360x360_003.jpg
img.fam-8.net/pic/6108/
39 KB
39 KB
Image
General
Full URL
https://img.fam-8.net/pic/6108/29287_360x360_003.jpg
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.210.188.66 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
Apache /
Resource Hash
c9bffebd29d79877ca47b74342cb9c50dc780e94db5fbc652eb6c7bedd511f8d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

ETag
"1650106-9c20-621d236b5d940"
Connection
close
Accept-Ranges
bytes
Content-Length
39968
Date
Thu, 31 Oct 2024 02:25:40 GMT
Last-Modified
Wed, 11 Sep 2024 06:36:45 GMT
Content-Type
image/jpeg
Server
Apache
27216_360x360_008.jpg
img.fam-8.net/pic/124/
52 KB
53 KB
Image
General
Full URL
https://img.fam-8.net/pic/124/27216_360x360_008.jpg
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.210.188.66 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
Apache /
Resource Hash
ef64d1fe979b944560b948249028594b051373d4d902dd433b8a34c6b9e9f33a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

ETag
"1616775-d127-5f9d4d98f8d80"
Connection
close
Accept-Ranges
bytes
Content-Length
53543
Date
Thu, 31 Oct 2024 02:25:41 GMT
Last-Modified
Fri, 21 Apr 2023 08:57:42 GMT
Content-Type
image/jpeg
Server
Apache
fire.js
s.cpx.to/
58 B
242 B
Fetch
General
Full URL
https://s.cpx.to/fire.js?pid=12763&url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&hn_ver=81&fid=100fdf2d-f4a0-451e-a1cd-9f3d9a6b7c26&dsp=TTD&dsp_uid=bd2fdc33-61ce-4566-b346-f9999547567c
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12763/px.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.158.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-158-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
825251521b9d0ce3b3be8ba781dd01984c3dbaa67c2c10d86a378c2d327c3f5f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://onimama.com/kawaretaotoko/

Response headers

expires
Thu, 31 Oct 2024 02:15:26 GMT
access-control-allow-origin
https://onimama.com
content-length
58
p3p
CP="NOI DEV ADM"
date
Thu, 31 Oct 2024 02:15:26 GMT
vary
Origin
access-control-allow-credentials
true
b
ll.zucks.net/zoe/
0
0
Fetch
General
Full URL
https://ll.zucks.net/zoe/b?frameId=_6ad39d3de6&loc=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&ref=&uuid=c8a5d5f5-9921-477e-9abe-4b22011b023c&sid=9b05173c-d9da-4da0-a0a7-4009377e4ed0&__cb=tViUQF1dvLkkWYJj&meta=%7B%22description%22%3A%222024%E5%B9%B44%E6%9C%8817%E6%97%A5%E3%82%88%E3%82%8A%E3%82%B9%E3%82%BF%E3%83%BC%E3%83%88%E3%81%97%E3%81%9F%E3%80%81%20%E7%80%AC%E6%88%B8%E5%88%A9%E6%A8%B9%E3%81%95%E3%82%93%E4%B8%BB%E6%BC%94%E3%81%AE%E3%80%8E%E8%B2%B7%E3%82%8F%E3%82%8C%E3%81%9F%E7%94%B7%E3%80%8F%EF%BC%88%E3%83%86%E3%83%AC%E3%83%93%E5%A4%A7%E9%98%AA%E7%B3%BB%EF%BC%89%E3%80%82%20%E3%81%97%E3%81%8B%E3%81%97%E3%80%81%E6%94%BE%E9%80%81%E7%B5%82%E4%BA%86%E5%BE%8C%E3%81%AE%E8%A6%96%E8%81%B4%E8%80%85%E3%81%8B%E3%82%89%E3%81%AE%E6%84%9F%E6%83%B3%E3%81%A7%20%E3%80%8C%E3%81%A4%E3%81%BE%E3%82%89%E3%81%AA%E3%81%84%E3%80%8D%E3%80%8C%E9%9D%A2%E7%99%BD%E3%81%8F%E3%81%AA%E3%81%84%E3%80%8D%E3%81%A8%E3%81%84%E3%81%A3%E3%81%9F%E5%A3%B0%E3%82%82%E3%81%82%E3%81%A3%E3%81%9F%E3%82%88%E3%81%86%E3%81%A7%E3%81%99%E3%80%82%20%E4%BB%8A%E5%9B%9E%E3%81%AF%E3%80%8E%E8%B2%B7%E3%82%8F%E3%82%8C%E3%81%9F%E7%94%B7%E3%80%8F%E3%81%8C%20%E3%81%A4%E3%81%BE%E3%82%89%E3%81%AA%E3%81%84%E3%81%A8%E8%A8%80%E3%82%8F%E3%82%8C%E3%82%8B%E7%90%86%E7%94%B1%E3%81%AB%22%2C%22url%22%3A%22https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F%22%2C%22images%22%3A%5B%22https%3A%2F%2Fonimama.com%2Fwp-content%2Fuploads%2F2024%2F04%2F5-1-8.jpg%22%2C%22https%3A%2F%2Fonimama.com%2Fwp-content%2Fuploads%2F2024%2F04%2F5-1-8.jpg%22%2C%22https%3A%2F%2Fonimama.com%2Fwp-content%2Fuploads%2F2024%2F04%2F5-1-8.jpg%22%2C%22https%3A%2F%2Fonimama.com%2Fwp-content%2Fuploads%2F2024%2F04%2F5-1-8.jpg%22%5D%2C%22keywords%22%3A%5B%22%E3%83%89%E3%83%A9%E3%83%9E%22%5D%2C%22title%22%3A%22%E3%80%90%E7%90%86%E7%94%B17%E9%81%B8%E3%80%91%E3%83%89%E3%83%A9%E3%83%9E%E3%80%8E%E8%B2%B7%E3%82%8F%E3%82%8C%E3%81%9F%E7%94%B7%E3%80%8F%E3%81%AF%E3%81%A4%E3%81%BE%E3%82%89%E3%81%AA%E3%81%84%EF%BC%9F%E5%A5%B3%E6%80%A7%E3%82%92%E7%BE%8E%E5%8C%96%E3%81%97%E3%81%99%E3%81%8E%E3%83%BB%E6%94%BE%E9%80%81%E3%81%97%E3%81%AA%E3%81%84%E3%81%A7%EF%BC%81%E3%81%AE%E5%A3%B0%E3%82%82%EF%BC%9F%22%2C%22section%22%3A%22%E3%83%89%E3%83%A9%E3%83%9E%22%2C%22tags%22%3A%5B%5D%2C%22type%22%3A%22article%22%7D
Requested by
Host: j.zoe.zucks.net
URL: https://j.zoe.zucks.net/zoe.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.127.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-127-118.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://onimama.com
Date
Thu, 31 Oct 2024 02:15:25 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
b
ll.zucks.net/zoe/
0
0
Fetch
General
Full URL
https://ll.zucks.net/zoe/b?frameId=_15a59a0211&loc=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&ref=&uuid=c8a5d5f5-9921-477e-9abe-4b22011b023c&sid=9b05173c-d9da-4da0-a0a7-4009377e4ed0&__cb=XSMZO8ZMirVnkIkg&meta=%7B%22description%22%3A%222024%E5%B9%B44%E6%9C%8817%E6%97%A5%E3%82%88%E3%82%8A%E3%82%B9%E3%82%BF%E3%83%BC%E3%83%88%E3%81%97%E3%81%9F%E3%80%81%20%E7%80%AC%E6%88%B8%E5%88%A9%E6%A8%B9%E3%81%95%E3%82%93%E4%B8%BB%E6%BC%94%E3%81%AE%E3%80%8E%E8%B2%B7%E3%82%8F%E3%82%8C%E3%81%9F%E7%94%B7%E3%80%8F%EF%BC%88%E3%83%86%E3%83%AC%E3%83%93%E5%A4%A7%E9%98%AA%E7%B3%BB%EF%BC%89%E3%80%82%20%E3%81%97%E3%81%8B%E3%81%97%E3%80%81%E6%94%BE%E9%80%81%E7%B5%82%E4%BA%86%E5%BE%8C%E3%81%AE%E8%A6%96%E8%81%B4%E8%80%85%E3%81%8B%E3%82%89%E3%81%AE%E6%84%9F%E6%83%B3%E3%81%A7%20%E3%80%8C%E3%81%A4%E3%81%BE%E3%82%89%E3%81%AA%E3%81%84%E3%80%8D%E3%80%8C%E9%9D%A2%E7%99%BD%E3%81%8F%E3%81%AA%E3%81%84%E3%80%8D%E3%81%A8%E3%81%84%E3%81%A3%E3%81%9F%E5%A3%B0%E3%82%82%E3%81%82%E3%81%A3%E3%81%9F%E3%82%88%E3%81%86%E3%81%A7%E3%81%99%E3%80%82%20%E4%BB%8A%E5%9B%9E%E3%81%AF%E3%80%8E%E8%B2%B7%E3%82%8F%E3%82%8C%E3%81%9F%E7%94%B7%E3%80%8F%E3%81%8C%20%E3%81%A4%E3%81%BE%E3%82%89%E3%81%AA%E3%81%84%E3%81%A8%E8%A8%80%E3%82%8F%E3%82%8C%E3%82%8B%E7%90%86%E7%94%B1%E3%81%AB%22%2C%22url%22%3A%22https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F%22%2C%22images%22%3A%5B%22https%3A%2F%2Fonimama.com%2Fwp-content%2Fuploads%2F2024%2F04%2F5-1-8.jpg%22%2C%22https%3A%2F%2Fonimama.com%2Fwp-content%2Fuploads%2F2024%2F04%2F5-1-8.jpg%22%2C%22https%3A%2F%2Fonimama.com%2Fwp-content%2Fuploads%2F2024%2F04%2F5-1-8.jpg%22%2C%22https%3A%2F%2Fonimama.com%2Fwp-content%2Fuploads%2F2024%2F04%2F5-1-8.jpg%22%5D%2C%22keywords%22%3A%5B%22%E3%83%89%E3%83%A9%E3%83%9E%22%5D%2C%22title%22%3A%22%E3%80%90%E7%90%86%E7%94%B17%E9%81%B8%E3%80%91%E3%83%89%E3%83%A9%E3%83%9E%E3%80%8E%E8%B2%B7%E3%82%8F%E3%82%8C%E3%81%9F%E7%94%B7%E3%80%8F%E3%81%AF%E3%81%A4%E3%81%BE%E3%82%89%E3%81%AA%E3%81%84%EF%BC%9F%E5%A5%B3%E6%80%A7%E3%82%92%E7%BE%8E%E5%8C%96%E3%81%97%E3%81%99%E3%81%8E%E3%83%BB%E6%94%BE%E9%80%81%E3%81%97%E3%81%AA%E3%81%84%E3%81%A7%EF%BC%81%E3%81%AE%E5%A3%B0%E3%82%82%EF%BC%9F%22%2C%22section%22%3A%22%E3%83%89%E3%83%A9%E3%83%9E%22%2C%22tags%22%3A%5B%5D%2C%22type%22%3A%22article%22%7D
Requested by
Host: j.zoe.zucks.net
URL: https://j.zoe.zucks.net/zoe.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.127.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-127-118.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://onimama.com
Date
Thu, 31 Oct 2024 02:15:25 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
api
sh.zucks.net/opt/zoe/
23 KB
6 KB
Fetch
General
Full URL
https://sh.zucks.net/opt/zoe/api?frameid=_6ad39d3de6&url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&loc=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&ref=&uuid=c8a5d5f5-9921-477e-9abe-4b22011b023c&sid=61c09818-235b-46d7-8ece-24a33b83d589&__cb=1ZOS3wPbCYRbtgXY&sw=1600&sh=1200&touch=0&chm=&chpv=
Requested by
Host: j.zoe.zucks.net
URL: https://j.zoe.zucks.net/zoe.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.249.60.50 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-249-60-50.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
878def919b75171c25b4b8900b124defd3dfd539c9ba01ed6a4602ee1413f2a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

transfer-encoding
chunked
Cache-Control
no-cache, must-revalidate, no-cache="set-cookie"
Content-Encoding
gzip
pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
X-Content-Type-Options
nosniff
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin
https://onimama.com
P3P
CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
Date
Thu, 31 Oct 2024 02:15:25 GMT
Content-Type
application/json;charset=UTF-8
Last-Modified
Thu, 31 Oct 2024 02:15:26 GMT
vary
accept-encoding
api
sh.zucks.net/opt/zoe/
12 KB
4 KB
Fetch
General
Full URL
https://sh.zucks.net/opt/zoe/api?frameid=_15a59a0211&url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&loc=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&ref=&uuid=c8a5d5f5-9921-477e-9abe-4b22011b023c&sid=61c09818-235b-46d7-8ece-24a33b83d589&__cb=lvOYd2d9N8vh8PF1&sw=1600&sh=1200&touch=0&chm=&chpv=
Requested by
Host: j.zoe.zucks.net
URL: https://j.zoe.zucks.net/zoe.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.249.60.50 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-249-60-50.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
4453b085fe2a7c3c75c5c297a735524f6f3265db501943c32a8dbd3451b0842e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Cache-Control
no-cache, must-revalidate, no-cache="set-cookie"
Content-Encoding
gzip
pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
X-Content-Type-Options
nosniff
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin
https://onimama.com
P3P
CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
Content-Length
3346
Date
Thu, 31 Oct 2024 02:15:25 GMT
Content-Type
application/json;charset=UTF-8
Last-Modified
Thu, 31 Oct 2024 02:15:26 GMT
vary
accept-encoding
pba.gif
c.4dex.io/
43 B
97 B
Fetch
General
Full URL
https://c.4dex.io/pba.gif?org_id=1015&site=120176-onimama-com&v=1&pbjsv=9.16.0&pv_id=4706d02a-b1fa-454f-b80b-27a2d0679d68&auct_id=c13b9e67-ea2a-4763-b466-08d19421d0e6&adu_code=26328&url_dmn=onimama.com&mts=ban&ban_szs=1000x30%2C1000x90%2C1x1%2C300x250%2C728x250%2C728x90%2C950x90%2C970x90%2C990x90&bdrs=adagio%2Cadform%2Camx%2Cgingerad%2Cgumgum%2Cmissena%2Cmoneytizer%2Conetag%2Copenx%2Crubicon%2Csparteo%2Ctriplelift%2Cyieldone&pgtyp=article&plcmt=6&s_id=3567e5c4-0809-4d72-b12b-22040ef46aee&s_new=true&bdrs_src=client%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient&bdrs_code=adagio%2Cadf%2Camx%2Cappnexus%2Cgumgum%2Cmissena%2Cmoneytizer%2Conetag%2Copenx%2Crubicon%2Csparteo%2Ctriplelift%2Cyieldone&adg_mts=ban
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
expires
-1
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
pba.gif
c.4dex.io/
43 B
97 B
Fetch
General
Full URL
https://c.4dex.io/pba.gif?org_id=1015&site=120176-onimama-com&v=1&pbjsv=9.16.0&pv_id=4706d02a-b1fa-454f-b80b-27a2d0679d68&auct_id=0795ff76-64bb-433a-adc3-7e65e8f4fb10&adu_code=26322&url_dmn=onimama.com&mts=ban&ban_szs=300x100%2C300x50%2C320x100%2C320x50%2C728x90&bdrs=adagio%2Cadform%2Camx%2Cgingerad%2Cmoneytizer%2Conetag%2Copenx%2Coutbrain%2Crubicon%2Csparteo%2Ctriplelift%2Cyieldone&pgtyp=article&plcmt=1&s_id=3567e5c4-0809-4d72-b12b-22040ef46aee&s_new=true&bdrs_src=client%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient&bdrs_code=adagio%2Cadf%2Camx%2Cappnexus%2Cmoneytizer%2Conetag%2Copenx%2Coutbrain%2Crubicon%2Csparteo%2Ctriplelift%2Cyieldone&adg_mts=ban
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
expires
-1
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
pba.gif
c.4dex.io/
43 B
316 B
Fetch
General
Full URL
https://c.4dex.io/pba.gif?org_id=1015&site=120176-onimama-com&v=1&pbjsv=9.16.0&pv_id=4706d02a-b1fa-454f-b80b-27a2d0679d68&auct_id=907ceb99-5d78-4dce-bcdc-61fc17967616&adu_code=26711&url_dmn=onimama.com&mts=ban&ban_szs=300x168%2C300x250&bdrs=adagio%2Cadform%2Camx%2Cgingerad%2Cmoneytizer%2Conetag%2Copenx%2Coutbrain%2Crubicon%2Csparteo%2Ctriplelift%2Cyieldone&pgtyp=article&plcmt=19&s_id=3567e5c4-0809-4d72-b12b-22040ef46aee&s_new=true&bdrs_src=client%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient&bdrs_code=adagio%2Cadf%2Camx%2Cappnexus%2Cmoneytizer%2Conetag%2Copenx%2Coutbrain%2Crubicon%2Csparteo%2Ctriplelift%2Cyieldone&adg_mts=ban
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
expires
-1
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
get
audiencedata.im-apps.net/imuid/
28 B
189 B
XHR
General
Full URL
https://audiencedata.im-apps.net/imuid/get?cid=1007220&vid=01JBG5PCDF1635B1XC87R8ZTVZ
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e207:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
5f27dd7badc7ff500f4b15907ebe54f3e2af6df41a5b8f99a87b35157d8af43a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

via
1.1 google
access-control-allow-origin
https://onimama.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
application/json
access-control-allow-credentials
true
moneybid.js
ads.themoneytizer.com/bidder1/
1 KB
0
Fetch
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=120176&adid=19&formatid=26711&size=desktop
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.17
Resource Hash
0004a5710f8fddb807458bb1a9f05625c71eecd7f9f127cfb50a0cd9565e2390

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

server
cloudflare
cache-control
max-age=259200
content-encoding
br
cf-cache-status
HIT
age
75403
cf-ray
8db0232089986856-NRT
apigw-requestid
Acsz_iYjDoEEJVA=
access-control-allow-origin
*
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.2.17
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 05:18:42 GMT
prebid
mp.4dex.io/
1 KB
1 KB
Fetch
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
700671f315a9d7d19edc1ac3cf9e4c9f9fbc008e8de52e888942467c6071c29e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

x-version
3.0.0-gcp-tyo
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
x-err
Shapings: no adunits with size and seat and mapping
access-control-allow-credentials
true
via
1.1 google
cf-ray
8db023243d8fafa6-NRT
expires
0
access-control-allow-origin
https://onimama.com
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
server
cloudflare
h_bid
y.one.impact-ad.jp/
119 B
357 B
Fetch
General
Full URL
https://y.one.impact-ad.jp/h_bid?v=hb1&p=260901&cb=68362634167&r=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&uid=89d1ffd35789049&tid=3fa0a7c9-65bd-477c-8657-9b6adf610e70&uc=26711&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250%2C300x168
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.213.17.49 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
49.17.213.35.bc.googleusercontent.com
Software
/
Resource Hash
911e10390a78464d949c3d6d9a14c47ab7ccacf9bd9773d046e0022fbee4caec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://onimama.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
application/json; charset=utf-8
openrtb
adx3.adform.com/adx/
0
0

prebid
ib.adnxs.com/ut/v3/
145 B
1 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.249 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1028.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
eda53c6c11398cb00143e817aeea192647ed88bdee66f07e8166d6cc8ce62a9b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.198; 146.70.201.198; 1028.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://onimama.com
an-x-request-uuid
39fd2728-9838-4920-812c-5a005526a07a
content-length
145
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 31 Oct 2024 02:15:26 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
prebidjs
rtb.openx.net/openrtbb/
2 KB
1 KB
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e65542ccde9bdc53597913b3cbfa4f868674a727d55bd2956e5ba96f4169860e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
gzip
x-forwarded-for
146.70.201.198
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://onimama.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1375
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
text/plain
vary
Origin
c
prebid.a-mo.net/a/
1000 B
671 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
71d0b58e2c5d4f32500978f2b085a2b1e21767243a489d4adfe98f3be34ce41a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
x-envoy-upstream-service-time
177
access-control-allow-credentials
true
access-control-allow-origin
https://onimama.com
content-length
496
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
application/json; charset=utf-8
vary
origin, accept-encoding
server
envoy
fastlane.json
fastlane.rubiconproject.com/a/api/
464 B
498 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39528&zone_id=1078294&size_id=15&p_pos=atf&rp_schain=1.0,1!themoneytizer.com,112110,1,,,&eid_criteo.com=ZKu3FF9LZTRCZWdFWTBwJTJGeVhKRzRtJTJCR3JUTkZWRWMlMkZwWVk2NzY4Vm56VlJLNGlkaHlZZ1FLVU8xJTJCaHYxRG1BY0M2TCUyQjFON0I0bm10S3c2WG1mbHklMkIlMkZuZm1nJTNEJTNE%5E1&eid_crwdcntrl.net=d0afcb9157db90231a0962e60658185ca02ce95d41e640de5022b40cc3b794bc%5E1&eid_pubcid.org=9b93310a-d7c7-4230-87e5-f303ee04e413%5E1&rf=https%3A%2F%2Fonimama.com&kw=120176&tg_i.domain=onimama.com&tg_i.page=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&tg_i.name=onimama.com&tg_i.pagetype=article&tg_i.category=artsandentertainment&tg_i.siteid=120176&tg_i.placement=19&tg_i.divId=sas_26711&tg_i.pbadslot=sas_26711&tk_flint=pbjs_lite_v9.16.0&x_source.tid=87f28075-b341-43bf-84f3-c7def79b12f4&l_pb_bid_id=99e175d087d4751&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&x_imp.ext.tid=3fa0a7c9-65bd-477c-8657-9b6adf610e70&rp_maxbids=1&p_gpid=%2F120176%2Fonimama.com%2Fdesktop%2F26711&m_ch_mobile=%3F0&slots=1&rand=0.3675479164683826
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
4cc014c24c8a3360c3af976f6822aedaeae96ab8eefa54c08a6d28a93c9e994b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://onimama.com
content-length
464
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.6
auction
bid.sparteo.com/
70 B
148 B
Fetch
General
Full URL
https://bid.sparteo.com/auction
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea1552961e4cabd76f52eed74c053e0173b2fbf99daa1f4a73b1d490cf324958

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8db023243e16d4d0-NRT
access-control-allow-origin
https://onimama.com
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
cloudflare
auction
tlx.3lift.com/header/
19 B
1 KB
Fetch
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=9.16.0&referrer=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&tmax=3000
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.151.166.244 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-166-244.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://onimama.com
x-auction-status
29
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
prebid-request
onetag-sys.com/
15 B
407 B
Fetch
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://onimama.com
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length
41
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
/
b1h.zemanta.com/api/bidder/prebid/bid/
0
190 B
Fetch
General
Full URL
https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.31.142.127 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-origin
https://onimama.com
access-control-allow-credentials
true
i
ll.zucks.net/zoe/a/
0
0
Fetch
General
Full URL
https://ll.zucks.net/zoe/a/i?p=eYnNBCJAi4OGDmsijs2dJ-Z43sGXix5VD4La_5wq99Bcvn8kEunHp2ypOvwcNK0gGC3vmQ39wDK1t0sitBjcCMGSWF7rpZ8tJvrnfNhPq5xQ1wQiz9WoWcMTu3eCfb_tYSOpj1t8mvcCCRwFN3LyrL0p3nspLHz_HZ-GzxDjomNNMuZLlmY2x9hNDgRbHkvLnK4Xl5gqcIVP3PNHS5RGZWNoPVcAXPb84qltspSbUBupJbR-hd3THV8r7UM&v=ko9uTlufYiXpMc-eoyJ25g
Requested by
Host: j.zoe.zucks.net
URL: https://j.zoe.zucks.net/zoe.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.127.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-127-118.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://onimama.com
Date
Thu, 31 Oct 2024 02:15:26 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
/
k.zucks.net/i/
2 B
740 B
Fetch
General
Full URL
https://k.zucks.net/i/?k=ZGOK&p=tmxLhaXb_Z28KcR3AKu45db-eoOzwZtKoFt0ZCvlyaM_STH5HO9HnLIKZNvWi-fGzi8EzjWyvLKZmz5Z8tSImNb8FlpJjNvdexuk8Cq_2bGD8snl2XkXgTKG4l6fWr_4y12jHdNZyvsdLtePjylXpz-WSbAvVaVJKiXPLpq4XyRvUR1XzzK5dj9KE_R0UP0QIPGzvDwRIH4rPPKa6LEoZUvn655WI_sPV7D0vxxyY_ToY--GTluynf48AwYMUsem5SXo-xjOAKEhRon5Y8eCiKrUgRuP9ZYKwvSAVPPGVp0r3F1-dzDrLZ_CTLB8tkI1C2F87IPioQkoe-TPdEJciHRmy8i7YjuzJvKiPSPtL3egd5TaClURFLjyhnIeYP66TkrVMLQaN4ajnczcQ8tquntir3xRHYCPzmJsoZUgIXSqssZ_rexeuosnKKZ1OC-4MHuaaTBrtSktvzsRCZhSIaxkP5kUHkPDi1NulS9EuUSVN6mvx6pSbBR2PFlJghS_ygjTyO0jNZ47vPDnLvBwGejF625c6qm1_SPhFUqTJEMVLStPw_J-BQHMXDt5oR7PNH-LZEIqTPsX6hby8UE2iMslXswnpXb-&v=gK4WP8c_qLI
Requested by
Host: j.zoe.zucks.net
URL: https://j.zoe.zucks.net/zoe.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.79.122.42 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-79-122-42.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Cache-Control
no-cache, must-revalidate
pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
X-Content-Type-Options
nosniff
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin
https://onimama.com
P3P
CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
Content-Length
2
Date
Thu, 31 Oct 2024 02:15:26 GMT
Content-Type
application/json
Last-Modified
Thu, 31 Oct 2024 02:15:26 GMT
Server
nginx
Access-Control-Allow-Headers
Content-Type
/
k.zucks.net/i/
2 B
740 B
Fetch
General
Full URL
https://k.zucks.net/i/?k=ZGOK&p=GzxntenPWfYodGV4hyYWVKs7vDjZikPwb1JYxuxMLTT5ncjue-NEpxUBjmjrJQyxGB4sWwWNVj4Auk5Ns6Ir6wikri7kO6UX5tko4-6WYJM4uDGikXGyEsHjKiayXvcOUFAxWaSdLQCDnEb08aABFLX99IiZQCmNcx4EVyZLF1jMIic5aNdO4As73kVqXwjj-y_z1VIs1dCkXKaJNJz98fR76oopHz8XcfcpS_HnfJJcilMpDR5dDiO2M2S9dkBshLR3r21yuEJymEQJGuu46qK4MEiu-qnxbzTa2baY3B9_defZY3Vu5r92pdug50pL7cGwzWzobsNHZaBTtySIeeKohDA6DmfiYujAcbO5PrWHfO0BWTRWc2Dwch3aAjJcUsoq6CU_czE2_cKqb04l3kZB9x86iAwyhjyIL-5SRos54PZD9QqBS9xpngwKNHGuaxZpiXdFevFezdl8TZRiumw9n7XMLW3z6F-u7PGygQHEuWvwmHRbURQ867t3eHIUBE40cG_h2w6VFqteIExQU2vC-y5f8bAkdp4CCZPc4wayrjS2YZbaVoQVVHEPxk4ra835KQ5Vd8WW-npzeFeUD0wH__yzY0gpj-J3NIBcLZxjcnumkY9cOSy1aasro1F5qb6UqXcEDfd93BiQTl-6UlFZmgA3lMW8Y2Qk71bi-DZPUXLEW7kje_KvRA0YOf7YKcAny2SxND9fZCi36xq-Mg&v=6dUHzh7Aihk
Requested by
Host: j.zoe.zucks.net
URL: https://j.zoe.zucks.net/zoe.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.79.122.42 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-79-122-42.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Cache-Control
no-cache, must-revalidate
pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
X-Content-Type-Options
nosniff
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin
https://onimama.com
P3P
CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
Content-Length
2
Date
Thu, 31 Oct 2024 02:15:26 GMT
Content-Type
application/json
Last-Modified
Thu, 31 Oct 2024 02:15:26 GMT
Server
nginx
Access-Control-Allow-Headers
Content-Type
i
ll.zucks.net/zoe/a/
0
0
Fetch
General
Full URL
https://ll.zucks.net/zoe/a/i?p=QqPuLqoyqKlJY451qbKJeHJI1dX8sqcAahlknhZSbDXrb0pJ96zQlzWvl_wAKL74SZ0XiwbGdzk0TzVhc2YDaiHdff1MdzvzV_FxGKO67f5asxLzlkSh502r5-jgTvxw9eQPS5hxg09KtPJaUdxyXOMZHb_FAi5k2DZHLWPdpHbFob_4nMWHn0qz2kI3EMhHBqdajuHUHi_r00k4P_lj7QnDc3TsUVX4Uxte6s--tMhxtO9neLxOdJCUeg-BsRsigsth34kJNg&v=0NAE44vbN0vG1naBj3W-1Q
Requested by
Host: j.zoe.zucks.net
URL: https://j.zoe.zucks.net/zoe.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.127.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-127-118.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://onimama.com
Date
Thu, 31 Oct 2024 02:15:26 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
i
ll.zucks.net/zoe/a/
0
0
Fetch
General
Full URL
https://ll.zucks.net/zoe/a/i?p=GvDwqdkrgbpHiwf6quDqOO-nEERHAGPMAPrEZsATiNUIKu4LO2vkK6MrsJl7Sfy3GMqQdkH-l2-qyviKUnTRJMWGk1wdwr6iSGys7dfHbJbQWokUHwl5ret0r7uxAt3gOTyikB_pUAoNGtFmK_INMXD6JNna-z8PKoYHxBI7hcvOLYoxtLtRTUw7HK2ctTBHl17JmrBCROKy3MVWiWuXEpYJJENiJhKeF2Yg2aY9H-JsAUw&v=rSzF5k_dxeZPDGcs6-gf7Q
Requested by
Host: j.zoe.zucks.net
URL: https://j.zoe.zucks.net/zoe.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.127.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-127-118.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://onimama.com
Date
Thu, 31 Oct 2024 02:15:26 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
i
ll.zucks.net/zoe/a/
0
0
Fetch
General
Full URL
https://ll.zucks.net/zoe/a/i?p=HPy49A5aWKWd-h1Ise_n02cHTcY3KKACzHdIhXcXTm6FlTlctJRYyRDcP5ku9nD-LL3bCMx-_QV1AxkwmH1tp3v8cn4gbO4SB4duM3f5i72zaiPsTldoqaDkuBwkraVFz9tnC0_UiU3qiQK5WUKT_QVcSM8m3KYlufUCFv6gXXi3kZiXvb4Z9Xp3ZBIKbzvDW5ITDrv7BDd1FY1HN8RayJ3Jx3i7Jr3dORemUavzw_Q1vjs&v=KQakyflNqGhqK3JhIpD4Yw
Requested by
Host: j.zoe.zucks.net
URL: https://j.zoe.zucks.net/zoe.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.127.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-127-118.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://onimama.com
Date
Thu, 31 Oct 2024 02:15:26 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
i
ll.zucks.net/zoe/w/
0
0
Fetch
General
Full URL
https://ll.zucks.net/zoe/w/i?p=ebBlb-m2PNw1RSsI_5HdPDTesPJu-4G8omU3jjNYqNK-bMpzc2_RXCzJ-Af3tAp0PZG8vHhURfwlG5msVjCRucG0URQAtYWQIqGRPOX2dE2Kyt7YxXRGZrBecn_o4YQkCLiuyOxv-ke8K1RJv4X2zfYgJfEjYYwMTE7YyAybyOChe-wrjx2IBg&v=TDBfAW_S_siwgubCxL1wdg
Requested by
Host: j.zoe.zucks.net
URL: https://j.zoe.zucks.net/zoe.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.127.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-127-118.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://onimama.com
Date
Thu, 31 Oct 2024 02:15:26 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
title-3-1.jpg
onimama.com/wp-content/uploads/2024/05/
126 KB
126 KB
Image
General
Full URL
https://onimama.com/wp-content/uploads/2024/05/title-3-1.jpg
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
b2ead8622e2c04ce569ef4b2a13f089eef06e8ce1fac03d13a777e7757fd6af1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
etag
"1f7bd-61845294bde6c"
expires
Thu, 07 Nov 2024 02:15:26 GMT
accept-ranges
bytes
content-length
128957
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
image/jpeg
last-modified
Sun, 12 May 2024 17:33:04 GMT
server
nginx
164042_phpMKhWIz.jpeg
static.zucks.net.zimg.jp/image/2024/03/08/c/
16 KB
16 KB
Image
General
Full URL
https://static.zucks.net.zimg.jp/image/2024/03/08/c/164042_phpMKhWIz.jpeg
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.207.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-207-107.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50ed415da16229e8ff0fcf7d3a4d1d2c0c62ec1e18628e440d495da36a2c4722

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/

Response headers

vary
Accept-Encoding
etag
"7c678c7f25121f756a686e21ab58ccdc"
age
24275
via
1.1 213f5eab5bb830fb58f97a237a696e12.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
15942
x-amz-cf-id
nq7jwEd2yQaximR86UydJ0dt-33gtKxN8mzdlaCCy-6luYyDJrq8oA==
date
Wed, 30 Oct 2024 19:30:52 GMT
content-type
image/jpeg
last-modified
Fri, 08 Mar 2024 07:41:22 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P3
x-amz-server-side-encryption
AES256
133656_phpRJoIQG.jpeg
static.zucks.net.zimg.jp/image/2022/05/20/c/
33 KB
33 KB
Image
General
Full URL
https://static.zucks.net.zimg.jp/image/2022/05/20/c/133656_phpRJoIQG.jpeg
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.207.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-207-107.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6dd938509f70859400ceaa559154b4b484daba3d2c2d528ee7dc8376e8b04d30

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/

Response headers

etag
"df2113846d73e89e2b6c0c1ac85d1f4c"
age
24004
via
1.1 213f5eab5bb830fb58f97a237a696e12.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
33612
x-amz-cf-id
Ic60r8FDV46kvvQLq1xjKss2-wmrRI6Hxxq6D0boXa3YKYGZVhiRfA==
date
Wed, 30 Oct 2024 19:35:23 GMT
content-type
image/jpeg
last-modified
Fri, 20 May 2022 04:37:28 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P3
vary
Accept-Encoding
title-3.jpg
onimama.com/wp-content/uploads/2024/04/
123 KB
123 KB
Image
General
Full URL
https://onimama.com/wp-content/uploads/2024/04/title-3.jpg
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
9f7f29e8a9e9f930c8fb9bb4709f57808367aadbfb4b990796c2984f1228c479

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
etag
"1eaeb-61567e144f285"
expires
Thu, 07 Nov 2024 02:15:26 GMT
accept-ranges
bytes
content-length
125675
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
image/jpeg
last-modified
Sat, 06 Apr 2024 06:42:45 GMT
server
nginx
%E6%97%A5%E6%9B%9C%E5%8A%87%E5%A0%B4VIVANT-19.png
onimama.com/wp-content/uploads/2023/09/
971 KB
973 KB
Image
General
Full URL
https://onimama.com/wp-content/uploads/2023/09/%E6%97%A5%E6%9B%9C%E5%8A%87%E5%A0%B4VIVANT-19.png
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
b23da22326b4b1fabaaa080d3846cd46ec1c3efd5e0a196a5109cadd5cfe34aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
etag
"f2d13-6069dbd3b0f82"
expires
Thu, 07 Nov 2024 02:15:26 GMT
accept-ranges
bytes
content-length
994579
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
image/png
last-modified
Sun, 01 Oct 2023 01:40:14 GMT
server
nginx
title-2-1.png
onimama.com/wp-content/uploads/2024/01/
895 KB
896 KB
Image
General
Full URL
https://onimama.com/wp-content/uploads/2024/01/title-2-1.png
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.104.88 Hyakuninchō, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14687.xserver.jp
Software
nginx /
Resource Hash
b3ce9c7f8298559208ee83274ee6dd97a0ec7cdb667ba8bc158859607b987366

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
max-age=604800
etag
"dfac1-60e9495ddbc0d"
expires
Thu, 07 Nov 2024 02:15:26 GMT
accept-ranges
bytes
content-length
916161
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
image/png
last-modified
Wed, 10 Jan 2024 10:06:32 GMT
server
nginx
zucks.png
j.zoe.zucks.net/
2 KB
2 KB
Image
General
Full URL
https://j.zoe.zucks.net/zucks.png
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-110-64.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbfc27e8f0ff9fffb6cc71c902120ef139e47e97ad501b03b5e9e1beed006833

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/

Response headers

etag
"789d1a63dc645fe33ee36dc65fb0b72f"
age
23853
via
1.1 36cf18acfba4fa4f3949b71621f2b1e8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
1555
x-amz-cf-id
XEWq9XkZ2VZ8KYoEq3M2BXNSNnYyA_L5ntQ5-yWQLWpJjNFLk629QA==
date
Wed, 30 Oct 2024 19:37:54 GMT
content-type
image/png
last-modified
Thu, 28 Jun 2018 02:39:49 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P2
/
k.zucks.net/i/
2 B
740 B
Fetch
General
Full URL
https://k.zucks.net/i/?k=ZGOK&p=9h9E_X3n4OYMj3GFoAdEpZvw2NvYca4hdEF_VLWOCkLnizXx7pw-3G9yqTFmc4napdl8vRPdBowmJ-ctJWTSMI2Wp9uUHQIKwuH2bArJ5HPoLGqqyBuq3NqtFtbjKF9qYjLoxi_JtuG-NepxW0zm0HrirL87_E09PuASvRt1eZNcnIf6282pBLhoCVz6qhjJUcYJedyHoaP1x5EDepKQJevWRvjTjTbns8HDUy58I8B2yN5RB4I2z48bwm3o292F-IZdcZ0QXG7cJ2YXv4QNvV_eH_SrT8ToVmSw7VenvAurwI6hceIf9gUpt_uiKKTdkUj2czLlavF9vBd9Njbz6H7H5YHR7NJSG_mYUk_L0beeXL80A9Q7Ygg_Y9JT54mAE9kyD9umhgcMtpZ-w-n5ixKk4sGUE-fDN_RKtNx4Vf3n7Nx_ydX6OMc9XNMhgHnMzydRQPXH682Sjauq7xokyNEpyFw4u7ka-FigKH8MTVHzEwMEP3vF-fSRw9nwGMgLzyoKaZPFqMiSbUvYs5nO4P3zf0JvXoEk07FAUpR1n8UViYFHoz5hZaZ6FD4Ad74TfTnhzbmm2mpLt-WvghX8TjeeicRrv5gf&v=y1dnebopXp0
Requested by
Host: j.zoe.zucks.net
URL: https://j.zoe.zucks.net/zoe.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.79.122.42 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-79-122-42.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Cache-Control
no-cache, must-revalidate
pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
X-Content-Type-Options
nosniff
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin
https://onimama.com
P3P
CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
Content-Length
2
Date
Thu, 31 Oct 2024 02:15:26 GMT
Content-Type
application/json
Last-Modified
Thu, 31 Oct 2024 02:15:26 GMT
Server
nginx
Access-Control-Allow-Headers
Content-Type
/
k.zucks.net/i/
2 B
740 B
Fetch
General
Full URL
https://k.zucks.net/i/?k=ZGOK&p=tvkFRvfIAQHC1mdx8cJSf611hbmQBeKnMDjb5z3kVRZx6nf2cXHobzA-Au6gkhihok5bo0tQgsAg_-wQ4EV--PPeTwSTkPbXkaKPZFBgeMjB39ezsZ49L1j2iTkhYA1bYcBmqSpTuFSeQWAHsdD_tfB3bw0_hkJu6jdwVx0Dmw5xBy5wQR-ifE3OkM3HFW0qBUIxvso4mR2yEpptYkc1QhW9SzNplM8JTMg4d3ORXNr_2l0gft3aSAciA7kgePiSDOuQX8zOqoQtx85J3ZiSNML4oF_lXQiggLzq9qqah2BrD-RJkKv4BdDtMYW2GbDumhzhrWHGs67M3Q4FZKdIB4XdCtKGmsPkIc4DbOXBEqGbXPEUws7s4pYKBYgVxghCawgJ0yIcebr2EIb3HzRZlRd5jjljGTramJIJWU2zdCS2PQ0PK8EG9E1yIEiJobYO7aioWLvi0Su_4dn5pJwNRVJ1b-t_e65tNlJENmMwsXT3AWRKtkQ6__8d3lwmBn7WLEiB4TAnDJvc9ZNidN9D9oBHRDxRyn2EV329okmSpBVtiArRRyTN8bDOo5nWxyOeXyII90lcUUhDiWo-fl6BHj6ozVZO8VDPprer_nu-1Q1LlBYxAsGTCRWYvX6J-qL8TD0vZHPC7y4oe4VQ2sYThRxHrLgUqOmATZMoDEoUauOEgc2y32GJhhss_EUNEWBUxApz8UXKx4Q&v=eHOevznHxew
Requested by
Host: j.zoe.zucks.net
URL: https://j.zoe.zucks.net/zoe.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.79.122.42 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-79-122-42.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Cache-Control
no-cache, must-revalidate
pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
X-Content-Type-Options
nosniff
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin
https://onimama.com
P3P
CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
Content-Length
2
Date
Thu, 31 Oct 2024 02:15:26 GMT
Content-Type
application/json
Last-Modified
Thu, 31 Oct 2024 02:15:26 GMT
Server
nginx
Access-Control-Allow-Headers
Content-Type
i
ll.zucks.net/zoe/w/
0
0
Fetch
General
Full URL
https://ll.zucks.net/zoe/w/i?p=ZYNQA9ZgBYetzfqBSJdF-oqwvVncfW74TzKwSkmGikbYc0nGbroWykdYx9YI5RlM47lv8WEUkWxvTrCvc8JMELCXNuZRWq4GlSrFvTzGWzYoQ08yHYptneLDA5cZLwsOCFnJpTl1Ob6KRARHZ-MoTKb9vejt711JVLiEnlDHk4RL67sMbKpYhw&v=sEXmzOOjNnZlY_OPtAQdug
Requested by
Host: j.zoe.zucks.net
URL: https://j.zoe.zucks.net/zoe.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.127.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-127-118.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://onimama.com
Date
Thu, 31 Oct 2024 02:15:26 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
095440_phpdOZJ8K.jpeg
static.zucks.net.zimg.jp/image/2022/02/08/c/
13 KB
13 KB
Image
General
Full URL
https://static.zucks.net.zimg.jp/image/2022/02/08/c/095440_phpdOZJ8K.jpeg
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.207.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-207-107.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c0c19c55f742120cb0f5f797c9d669d8f826cfa3498deb1af07fc299284d903

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/

Response headers

etag
"ed97d6cb00ce249616965dd3fd9deb32"
age
24349
via
1.1 213f5eab5bb830fb58f97a237a696e12.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
13177
x-amz-cf-id
OjhwZPMRA3yA9cvG_ijZ0CVt-PmpXyyayjZ6RJapQrsQpidH5ABtbA==
date
Wed, 30 Oct 2024 19:29:38 GMT
content-type
image/jpeg
last-modified
Tue, 08 Feb 2022 00:55:07 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P3
vary
Accept-Encoding
193225_phpvx1zWM.jpeg
static.zucks.net.zimg.jp/image/2021/11/01/c/
20 KB
20 KB
Image
General
Full URL
https://static.zucks.net.zimg.jp/image/2021/11/01/c/193225_phpvx1zWM.jpeg
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.207.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-207-107.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb82a350f165c195095046a9334f8c1633ee6d6eafbee7e69cfa056f7596eb1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/

Response headers

etag
"e4711b4e66ec8aeecdb58df189d9b0c4"
age
38073
via
1.1 213f5eab5bb830fb58f97a237a696e12.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
20589
x-amz-cf-id
asMumozfQBq4cYI5S62BbuaVvva6ReWT_QZf_9vKt_1r1ODz5kX0IQ==
date
Wed, 30 Oct 2024 15:40:54 GMT
content-type
image/jpeg
last-modified
Mon, 01 Nov 2021 10:33:13 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P3
vary
Accept-Encoding
lib_footer_slidein.js
cdn.themoneytizer.fr/ads/
19 KB
3 KB
Script
General
Full URL
https://cdn.themoneytizer.fr/ads/lib_footer_slidein.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=120176&formatId=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b216f42df8fb00ed962787b4eacd13ca6fd9ac09e6a18277c1b531e564bac77d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
br
cf-cache-status
HIT
x-amz-version-id
TeRrFR3T3LmE52WWeNzSQbkfDiinIxEm
etag
W/"250f46a8c85008ea1d930a96ae92b8b8"
age
640745
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6gMCOTEQ5g%2FEBJ3zMpsH1%2B%2FKQyyKTJGRU8O08fIwIL%2B0dHEt2Gjoj2aNne1h46THcEPg98VgByi7yV2MV3Wi1u7pRAHkdRDTptPaF7%2B18criY%2BHn0WV56%2FZKrVBVsCRQ7N1oQ6AWqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1815&sent=139&recv=63&lost=0&retrans=0&sent_bytes=149445&recv_bytes=7455&delivery_rate=28891163&cwnd=72000&unsent_bytes=0&cid=17e5a3bfe960851b&ts=1923&x=1", cfHdrFlush;dur=0
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
application/javascript
last-modified
Tue, 16 Jul 2024 15:30:50 GMT
vary
Accept-Encoding
x-amz-id-2
CXLN34J7mLdKcg3GQutIeIkxu7ahiJho7ZroC7B7QVP3cwvZ+H2fL+wiakmzxKCyCD2/8cBe9qQ=
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
D3PS0XEQWV6B2QEV
cf-ray
8db023246829e388-NRT
server
cloudflare
x-amz-server-side-encryption
AES256
/
asia.adform.net/adfscript/ Frame 4A24
1 KB
1 KB
Script
General
Full URL
https://asia.adform.net/adfscript/?bn=75278735;rtbwp=AAABkuBbMMVh7YvYkPglFsIvaX86GGeHggcw3w-FMmBVXQHzJs-7475qANUueZoI1qkro6U0;rtbdata=312cwcTv8VKExX84FwHCRysgP-0Epz_MbBCywza91ZACoVcUYzic21bchIwNHLIEWIwDrCDaBJ5vjsFU3MuM-GUxNgY4nbbjJnlnvo9EU9jdGEWCccP9e0hSprhvtcvEaJ1ZpzPcgMjH0J8eL6aBaiPw7iiNDWhFJQ_jc6XxZa0gW426Ex3JRZYIRrp1F568mZ-QrBlMXl-stYvxI7T29GaCmSpvMqzj0urOu3zTIfkpTB3AA_3k0X9dCwJEuX80yCNzzNzpCaVOcUwtBcUNtLu_umNZVn4v0gAwE4bFIK9zLY-fF7B5VY3uKUpEzrQe0
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
31772c4b2a620db6dc9ca911bb9fa6d0b2c0ad0fb81dad78dd8902530863b172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, must-revalidate, no-transform
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires
-1
access-control-allow-origin
*
content-length
944
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
prebidjs
ox-rtb-asia-east1.openx.net/win/ Frame 4A24
43 B
291 B
Image
General
Full URL
https://ox-rtb-asia-east1.openx.net/win/prebidjs?p=FIRST&t=2DAABBgABAAECAAIBAAsAAgAAAbUcGApyQXdrYkFPWEVyHBbz4-29kOCjpkEWkcm0q77v9_z5AQAcFq3U5cHhhN2JPBaN68nAr4OdsIYBABb6oJfyDBUETBUEGBlBTFdBWVNfRkVFU19WSUFfTUxfTk9OX09CGAdjb250cm9sAAAsHBUCABwVAgAcFQgAjBwVCAAcFQIAGAwxLjI5OTE1Njg0NzIAABwm0tHJlgQVBDa6vMmWBBau_OaDBCUCFQKmMhYmFjIWFBYQFhQWEBZmFjIWMgAcHCwWmpW67LKAjcSiARbRuKu3reTvo6sBAAAWms6dgAQWprmxgAQWyvaZlQQWwvaZlQQVGBwUZBSABQAVBCZmFmYWZhE1DiZmNAIALCwWie7Vqe7g482lARbp7Ii82K3arJ0BABb6oJfyDAYoms6dgAQWprmxgAQWwvaZlQQWyvaZlQQYCDc1Mjc4NzM1FtqToZMEFmYlBBY0GAQ2OTA1FQKhKAVPWC1HQgx6FGgUhAUAFggYA3J0YgDcGwGIHk1MX0ZFRV9PUFRJTUlaRVJfSU5TVEFOQ0VfVFlQRQVvdGhlcgCsOAxiaXRjYXNpbm8uaW8AAAA&ph=52a09451-a89b-4b5b-b34c-48d3f1095aaa
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.92.238 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
238.92.120.34.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
private, max-age=0, no-cache, must-revalidate
pragma
no-cache
x-forwarded-for
146.70.201.198
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
image/gif
vary
Origin
sync
ssbsync.smartadserver.com/api/ Frame B559
0
0
Document
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.106.50.36 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache,no-store
content-length
780
content-type
text/html
date
Thu, 31 Oct 2024 02:15:26 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
imp-delivery
sin.creativecdn.com/ Frame 51FB
0
0
Document
General
Full URL
https://sin.creativecdn.com/imp-delivery?tk=iYF4RYGbCg4J4v0wguyM6Q3d4Zis4YTQ_H1td7ypVahq5eDm4wye4VladWrLQzqR69MkHLPs7yBax-uDCOTkPF2_r8gReGfsfNWJoDgeyb-ggDn8NW4VoEk6i-ZuK9DDvbXks-PV1Ojj0nRc6Bn7y0uM-lqxtm97pTVgmDGLDfcaMmMzaTHHSp8EkzKJ7Q7R16GfG2yZMcYEIHy7lhUCp6z8nDAW0AadTBaLGzu5yQZ8OwZwDuNY7ToGIgAJRtxMdTxO2KWYjqlebemzb-OuV3nD08x-Xg1u1TkneXBJ2jAeYft18nOXNKoOyc4KsKuVMC05sefn6xt2mkZepEhmNjnd2tzmRRZjqR8nLEMc4oOr85if3ukSNW5pzFFyGhWTakyDhyeua_xknLntUuQf_JWczd-IHaY6Eib5zpubo6U&curl=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv3%2Frs%2Fsin1%2F0%2Ff2993e3e-0fe5-47fa-9652-cbbce75d60d5%2F0%2FHoTF-WSF1jKJIwZ7I1QKlYmLNZQ%2F%3Furl%3Dhttps%253A%252F%252Fsin.creativecdn.com%252Fclicks%253Fid%253D20241031_pCaTLjqF2XHuzJokH95c%2526%257BEXTRA_CLICK_PARAMS%257D&tdc=sin
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-encoding
gzip
content-length
3386
content-type
text/html;charset=utf-8
date
Thu, 31 Oct 2024 02:15:26 GMT Thu, 31 Oct 2024 02:15:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
vary
Origin
usync.html
eus.rubiconproject.com/ Frame 71F1
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&geo=au&co=jp
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.101.65 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-101-65.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Thu, 31 Oct 2024 02:15:26 GMT
etag
"2052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
win-notify
sin.creativecdn.com/ Frame 1D77
42 B
261 B
Image
General
Full URL
https://sin.creativecdn.com/win-notify?tk=iYF4RYGbCg4J4v0wguyM6Q3d4Zis4YTQ_H1td7ypVahq5eDm4wye4VladWrLQzqR69MkHLPs7yBax-uDCOTkPF2_r8gReGfsfNWJoDgeyb-ggDn8NW4VoEk6i-ZuK9DDvbXks-PV1Ojj0nRc6Bn7y0uM-lqxtm97pTVgmDGLDfcaMmMzaTHHSp8EkzKJ7Q7R16GfG2yZMcYEIHy7lhUCp6z8nDAW0AadTBaLGzu5yQZ8OwZwDuNY7ToGIgAJRtxMdTxO2KWYjqlebemzb-OuV3nD08x-Xg1u1TkneXBJ2jAeYft18nOXNKoOyc4KsKuVMC05sefn6xt2mkZepEhmNjnd2tzmRRZjqR8nLEMc4oOr85if3ukSNW5pzFFyGhWTakyDhyeua_xknLntUuQf_JWczd-IHaY6Eib5zpubo6U&wp=F6FADAA6036D6C82&tdc=sin&auction=8c23431d199714d28f30705b94da635925f5b2da_15
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
42
date
Thu, 31 Oct 2024 02:15:26 GMT, Thu, 31 Oct 2024 02:15:26 GMT
pragma
no-cache
content-type
image/gif
vary
Accept-Encoding
f2993e3e-0fe5-47fa-9652-cbbce75d60d5
beacon-sin1.rubiconproject.com/beacon/d/ Frame 1D77
43 B
227 B
Image
General
Full URL
https://beacon-sin1.rubiconproject.com/beacon/d/f2993e3e-0fe5-47fa-9652-cbbce75d60d5?oo=0&accountId=11740&siteId=39528&zoneId=1124612&sizeId=15&e=6A1E40E384DA563B49BD028A1D6FE84E33664ACB4737DE1FEB5538EB4540B4117161D267002817A74D01C8B913DD832E4B4AFCB584A85D0EDF0316706B9868E03099C61C1C49CB4529E909C348EF23634C229D1A6FE971264524EE5AAD46CE7D8C0332CC5D3FD04CE4520A014ACDFC9279E511EA5555AACC1ACDEF539EF9135403225E6CE22981414AFEAADF67E47B5614E1CF13EF6C13C1B8F0C373E77241121B82BE22F1B4D22CA96744A27BE76447F3A6C9F6E8853029FDCBD80DD624315425751A6F51DFC79E
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.67 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
x-content-type-options
nosniff
expires
01 Jan 1970 10:00:00 GMT
content-length
43
x-xss-protection
1; mode=block
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
image/avif
x-frame-options
DENY
v3
id5-sync.com/gm/
700 B
1 KB
XHR
General
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e872b2b1e66712a387f60abc3503652982da7eb1c776ddc9da08fbae19c7e308
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://onimama.com
p3p
CP="CAO PSA OUR"
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
application/json
vary
Origin
pba.gif
c.4dex.io/
43 B
97 B
Fetch
General
Full URL
https://c.4dex.io/pba.gif?org_id=1015&site=120176-onimama-com&v=1&pbjsv=9.16.0&pv_id=4706d02a-b1fa-454f-b80b-27a2d0679d68&auct_id=59cace44-2eef-4745-af66-9af18409c8d9&adu_code=26711&url_dmn=onimama.com&mts=ban&ban_szs=300x168%2C300x250&bdrs=adagio%2Cadform%2Camx%2Cgingerad%2Cmoneytizer%2Conetag%2Copenx%2Coutbrain%2Crubicon%2Csparteo%2Ctriplelift%2Cyieldone&pgtyp=article&plcmt=19&s_id=3567e5c4-0809-4d72-b12b-22040ef46aee&s_new=true&bdrs_src=client%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient&bdrs_code=adagio%2Cadf%2Camx%2Cappnexus%2Cmoneytizer%2Conetag%2Copenx%2Coutbrain%2Crubicon%2Csparteo%2Ctriplelift%2Cyieldone&adg_mts=ban
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
expires
-1
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
pba.gif
c.4dex.io/
43 B
97 B
Fetch
General
Full URL
https://c.4dex.io/pba.gif?org_id=1015&site=120176-onimama-com&v=2&pbjsv=9.16.0&pv_id=4706d02a-b1fa-454f-b80b-27a2d0679d68&auct_id=907ceb99-5d78-4dce-bcdc-61fc17967616&adu_code=26711&url_dmn=onimama.com&mts=ban&ban_szs=300x168%2C300x250&bdrs=adagio%2Cadform%2Camx%2Cgingerad%2Cmoneytizer%2Conetag%2Copenx%2Coutbrain%2Crubicon%2Csparteo%2Ctriplelift%2Cyieldone&pgtyp=article&plcmt=19&s_id=3567e5c4-0809-4d72-b12b-22040ef46aee&s_new=true&bdrs_src=client%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient&bdrs_code=adagio%2Cadf%2Camx%2Cappnexus%2Cmoneytizer%2Conetag%2Copenx%2Coutbrain%2Crubicon%2Csparteo%2Ctriplelift%2Cyieldone&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C1%2C0%2C0%2C0%2C0%2C0%2C0%2C0&bdrs_cpm=%2C%2C%2C%2C0%2C%2C%2C%2C%2C%2C%2C&dom_i=1912&bdrs_timeout=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
expires
-1
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
pba.gif
c.4dex.io/
43 B
97 B
Fetch
General
Full URL
https://c.4dex.io/pba.gif?org_id=1015&site=120176-onimama-com&v=2&pbjsv=9.16.0&pv_id=4706d02a-b1fa-454f-b80b-27a2d0679d68&auct_id=c13b9e67-ea2a-4763-b466-08d19421d0e6&adu_code=26328&url_dmn=onimama.com&mts=ban&ban_szs=1000x30%2C1000x90%2C1x1%2C300x250%2C728x250%2C728x90%2C950x90%2C970x90%2C990x90&bdrs=adagio%2Cadform%2Camx%2Cgingerad%2Cgumgum%2Cmissena%2Cmoneytizer%2Conetag%2Copenx%2Crubicon%2Csparteo%2Ctriplelift%2Cyieldone&pgtyp=article&plcmt=6&s_id=3567e5c4-0809-4d72-b12b-22040ef46aee&s_new=true&bdrs_src=client%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient&bdrs_code=adagio%2Cadf%2Camx%2Cappnexus%2Cgumgum%2Cmissena%2Cmoneytizer%2Conetag%2Copenx%2Crubicon%2Csparteo%2Ctriplelift%2Cyieldone&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2C1%2C0%2C0%2C0&bdrs_cpm=%2C%2C%2C%2C%2C%2C0%2C%2C%2C0.04%2C%2C%2C&dom_i=1912&bdrs_timeout=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
expires
-1
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
pba.gif
c.4dex.io/
43 B
97 B
Fetch
General
Full URL
https://c.4dex.io/pba.gif?org_id=1015&site=120176-onimama-com&v=2&pbjsv=9.16.0&pv_id=4706d02a-b1fa-454f-b80b-27a2d0679d68&auct_id=0795ff76-64bb-433a-adc3-7e65e8f4fb10&adu_code=26322&url_dmn=onimama.com&mts=ban&ban_szs=300x100%2C300x50%2C320x100%2C320x50%2C728x90&bdrs=adagio%2Cadform%2Camx%2Cgingerad%2Cmoneytizer%2Conetag%2Copenx%2Coutbrain%2Crubicon%2Csparteo%2Ctriplelift%2Cyieldone&pgtyp=article&plcmt=1&s_id=3567e5c4-0809-4d72-b12b-22040ef46aee&s_new=true&bdrs_src=client%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient&bdrs_code=adagio%2Cadf%2Camx%2Cappnexus%2Cmoneytizer%2Conetag%2Copenx%2Coutbrain%2Crubicon%2Csparteo%2Ctriplelift%2Cyieldone&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C1%2C0%2C1%2C0%2C0%2C0%2C0%2C0&bdrs_cpm=%2C%2C%2C%2C0%2C%2C0.025%2C%2C%2C%2C%2C&dom_i=1912&bdrs_timeout=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
expires
-1
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
pba.gif
c.4dex.io/
43 B
97 B
Fetch
General
Full URL
https://c.4dex.io/pba.gif?org_id=1015&site=120176-onimama-com&v=3&pbjsv=9.16.0&pv_id=4706d02a-b1fa-454f-b80b-27a2d0679d68&auct_id=0795ff76-64bb-433a-adc3-7e65e8f4fb10&adu_code=26322&url_dmn=onimama.com&mts=ban&ban_szs=300x100%2C300x50%2C320x100%2C320x50%2C728x90&bdrs=adagio%2Cadform%2Camx%2Cgingerad%2Cmoneytizer%2Conetag%2Copenx%2Coutbrain%2Crubicon%2Csparteo%2Ctriplelift%2Cyieldone&pgtyp=article&plcmt=1&s_id=3567e5c4-0809-4d72-b12b-22040ef46aee&s_new=true&bdrs_src=client%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient&bdrs_code=adagio%2Cadf%2Camx%2Cappnexus%2Cmoneytizer%2Conetag%2Copenx%2Coutbrain%2Crubicon%2Csparteo%2Ctriplelift%2Cyieldone&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C1%2C0%2C1%2C0%2C0%2C0%2C0%2C0&bdrs_cpm=%2C%2C%2C%2C0%2C%2C0.025%2C%2C%2C%2C%2C&dom_i=1912&bdrs_timeout=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&win_bdr=openx&win_mt=ban&win_ban_sz=320x50&win_net_cpm=0.025&win_og_cpm=0.025
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
expires
-1
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
pba.gif
c.4dex.io/
43 B
97 B
Fetch
General
Full URL
https://c.4dex.io/pba.gif?org_id=1015&site=120176-onimama-com&v=3&pbjsv=9.16.0&pv_id=4706d02a-b1fa-454f-b80b-27a2d0679d68&auct_id=c13b9e67-ea2a-4763-b466-08d19421d0e6&adu_code=26328&url_dmn=onimama.com&mts=ban&ban_szs=1000x30%2C1000x90%2C1x1%2C300x250%2C728x250%2C728x90%2C950x90%2C970x90%2C990x90&bdrs=adagio%2Cadform%2Camx%2Cgingerad%2Cgumgum%2Cmissena%2Cmoneytizer%2Conetag%2Copenx%2Crubicon%2Csparteo%2Ctriplelift%2Cyieldone&pgtyp=article&plcmt=6&s_id=3567e5c4-0809-4d72-b12b-22040ef46aee&s_new=true&bdrs_src=client%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient&bdrs_code=adagio%2Cadf%2Camx%2Cappnexus%2Cgumgum%2Cmissena%2Cmoneytizer%2Conetag%2Copenx%2Crubicon%2Csparteo%2Ctriplelift%2Cyieldone&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2C1%2C0%2C0%2C0&bdrs_cpm=%2C%2C%2C%2C%2C%2C0%2C%2C%2C0.04%2C%2C%2C&dom_i=1912&bdrs_timeout=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&win_bdr=rubicon&win_mt=ban&win_ban_sz=300x250&win_net_cpm=0.04&win_og_cpm=0.04
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
expires
-1
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
/
asia.adform.net/adfscript/ Frame C0CA
1 KB
1 KB
Script
General
Full URL
https://asia.adform.net/adfscript/?bn=75278727;rtbwp=AAABkuBbMwVuQNHl6YUngI_8H0nxCCF-3yNYuA-M8H87chMBLk8ynllpdnd3L3UIx1Rq08h0;rtbdata=z9rJJ25zbetjDTF67DSwK2e3daM5cMFZt61CjJRBTjGK0xHR9u8IOsUjmzS29jZ389LY67BXmLVvjsFU3MuM-GUxNgY4nbbjJnlnvo9EU9jdGEWCccP9e0hSprhvtcvEaJ1ZpzPcgMib5VfnPT5qVSPw7iiNDWhFJQ_jc6XxZa0gW426Ex3JRZYIRrp1F568lp8Z6Ho15z3g_heVN7Tx_wm6kYQ7CZ3f0urOu3zTIfkpTB3AA_3k0X9dCwJEuX80yCNzzNzpCaVOcUwtBcUNtLu_umNZVn4vBgb23Mqw_XG7GP2ZQDbbH-Xeqp5fSA1K0
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
10b80fc636701c67099c7bbd592ba271602aaccdbffea079a6611a0058344f4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, must-revalidate, no-transform
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires
-1
access-control-allow-origin
*
content-length
945
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
prebidjs
ox-rtb-asia-east1.openx.net/win/ Frame C0CA
43 B
97 B
Image
General
Full URL
https://ox-rtb-asia-east1.openx.net/win/prebidjs?p=FIRST&t=2DAABBgABAAECAAIBAAsAAgAAAZMcGApDQmlCNXoxdk92HBbwsOrs9qyrvdMBFoWCi6feq7OI2QEAHBa98cXY9pLep7oBFtWjh_We5uWLwwEAFvygl_IMFQR5DAAsHBUCABwVAgAcFQgAjBwVCAAcFQIAGAwxLjI5OTE1Njg0NzIAABwm1tHJlgQVBDa6vMmWBBau_OaDBCUCFQKmKBYeFigWFBYQFhQWEBZQFigWKAAcHCwWmpW67LKAjcSiARbRuKu3reTvo6sBAAAWms6dgAQWprmxgAQW4PaZlQQWwvaZlQQVGBwU9AMU2AQAFQQmUBZQFlARNQ4mUDQCACwsFs6hmrmN_4DRgAEWl8Gr3auKlO_3AQAW_KCX8gwGKJrOnYAEFqa5sYAEFsL2mZUEFuD2mZUEGAg3NTI3ODcyNxbak6GTBBZQJQQWKBgENjkwNRUCoSgFT1gtR0IMehT2AxTaBAAWCBgDcnRiANwbAYgeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyAKw4DGJpdGNhc2luby5pbwAAAA&ph=52a09451-a89b-4b5b-b34c-48d3f1095aaa
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.92.238 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
238.92.120.34.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
private, max-age=0, no-cache, must-revalidate
pragma
no-cache
x-forwarded-for
146.70.201.198
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 31 Oct 2024 02:15:25 GMT
content-type
image/gif
vary
Origin
bootstrap.js
s2.adform.net/mink/633/s2.adform.net/ Frame 4A24
38 KB
17 KB
Script
General
Full URL
https://s2.adform.net/mink/633/s2.adform.net/bootstrap.js
Requested by
Host: asia.adform.net
URL: https://asia.adform.net/adfscript/?bn=75278735;rtbwp=AAABkuBbMMVh7YvYkPglFsIvaX86GGeHggcw3w-FMmBVXQHzJs-7475qANUueZoI1qkro6U0;rtbdata=312cwcTv8VKExX84FwHCRysgP-0Epz_MbBCywza91ZACoVcUYzic21bchIwNHLIEWIwDrCDaBJ5vjsFU3MuM-GUxNgY4nbbjJnlnvo9EU9jdGEWCccP9e0hSprhvtcvEaJ1ZpzPcgMjH0J8eL6aBaiPw7iiNDWhFJQ_jc6XxZa0gW426Ex3JRZYIRrp1F568mZ-QrBlMXl-stYvxI7T29GaCmSpvMqzj0urOu3zTIfkpTB3AA_3k0X9dCwJEuX80yCNzzNzpCaVOcUwtBcUNtLu_umNZVn4v0gAwE4bFIK9zLY-fF7B5VY3uKUpEzrQe0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d26940c6e6130331d639a9d95aefbfddd22a0e33bbacb7b5e9e0e606c83d1dfd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

x-cache-status
HIT, MISS, STALE
cache-control
public, max-age=100000
content-encoding
gzip
expires
Sat, 12 Oct 2024 14:04:04 GMT
access-control-allow-origin
*
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
text/javascript
vary
Accept-Encoding
server
nginx
last-modified
Tue, 08 Oct 2024 13:10:29 GMT
sync
s.cpx.to/
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=34010&customParamenters
  • https://s.cpx.to/sync?dsp=rubicon&dsp_uid=M2WOB7IS-1R-KJEK&customParamenters=
0
200 B
Image
General
Full URL
https://s.cpx.to/sync?dsp=rubicon&dsp_uid=M2WOB7IS-1R-KJEK&customParamenters=
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Server
34.249.158.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-158-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

date
Thu, 31 Oct 2024 02:15:27 GMT
expires
Thu, 31 Oct 2024 02:15:27 GMT
p3p
CP="NOI DEV ADM"

Redirect headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
Location
https://s.cpx.to/sync?dsp=rubicon&dsp_uid=M2WOB7IS-1R-KJEK&customParamenters=
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Pragma
no-cache
content-length
0
sync
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm
  • https://s.cpx.to/sync?dsp_uid=CAESEEJupsvTxyBFOqqlVNZhInQ&dsp=dbm&google_cver=1
0
207 B
Image
General
Full URL
https://s.cpx.to/sync?dsp_uid=CAESEEJupsvTxyBFOqqlVNZhInQ&dsp=dbm&google_cver=1
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Server
34.249.158.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-158-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

date
Thu, 31 Oct 2024 02:15:26 GMT
expires
Thu, 31 Oct 2024 02:15:26 GMT
p3p
CP="NOI DEV ADM"

Redirect headers

cache-control
no-cache, must-revalidate
location
https://s.cpx.to/sync?dsp_uid=CAESEEJupsvTxyBFOqqlVNZhInQ&dsp=dbm&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
284
date
Thu, 31 Oct 2024 02:15:26 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
fire.js
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D12763%26url%3Dhttps%253A%252F%252Fonimama.com%252Fkawaretaotoko%252F%26hn_ver%3D81%26fi...
  • https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=8961297924541505529&pid=12763&url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&hn_ver=81&fid=100fdf2d-f4a0-451e-a1cd-9f3d9a6b7c26&dsp=TTD&dsp_uid=bd2f...
48 B
48 B
Image
General
Full URL
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=8961297924541505529&pid=12763&url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&hn_ver=81&fid=100fdf2d-f4a0-451e-a1cd-9f3d9a6b7c26&dsp=TTD&dsp_uid=bd2fdc33-61ce-4566-b346-f9999547567c
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Server
34.249.158.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-158-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

expires
Thu, 31 Oct 2024 02:15:26 GMT
p3p
CP="NOI DEV ADM"
content-length
48
date
Thu, 31 Oct 2024 02:15:26 GMT

Redirect headers

cache-control
no-store, no-cache, private
location
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=8961297924541505529&pid=12763&url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&hn_ver=81&fid=100fdf2d-f4a0-451e-a1cd-9f3d9a6b7c26&dsp=TTD&dsp_uid=bd2fdc33-61ce-4566-b346-f9999547567c
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.198; 146.70.201.198; 1028.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
35d837c5-1a74-45bb-8b9e-08ba9c93b1c6
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 31 Oct 2024 02:15:26 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
UCookieSetPug
image2.pubmatic.com/AdServer/
0
225 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding
gzip
date
Wed, 30 Oct 2024 06:32:02 GMT
content-type
text/html; charset=utf-8
server
nginx
usync.html
eus.rubiconproject.com/ Frame D058
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.101.65 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-101-65.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Thu, 31 Oct 2024 02:15:25 GMT
etag
"2052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 31 Oct 2024 02:15:25 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
server
AkamaiGHost
bootstrap.js
s2.adform.net/mink/633/s2.adform.net/ Frame C0CA
38 KB
0
Script
General
Full URL
https://s2.adform.net/mink/633/s2.adform.net/bootstrap.js
Requested by
Host: asia.adform.net
URL: https://asia.adform.net/adfscript/?bn=75278727;rtbwp=AAABkuBbMwVuQNHl6YUngI_8H0nxCCF-3yNYuA-M8H87chMBLk8ynllpdnd3L3UIx1Rq08h0;rtbdata=z9rJJ25zbetjDTF67DSwK2e3daM5cMFZt61CjJRBTjGK0xHR9u8IOsUjmzS29jZ389LY67BXmLVvjsFU3MuM-GUxNgY4nbbjJnlnvo9EU9jdGEWCccP9e0hSprhvtcvEaJ1ZpzPcgMib5VfnPT5qVSPw7iiNDWhFJQ_jc6XxZa0gW426Ex3JRZYIRrp1F568lp8Z6Ho15z3g_heVN7Tx_wm6kYQ7CZ3f0urOu3zTIfkpTB3AA_3k0X9dCwJEuX80yCNzzNzpCaVOcUwtBcUNtLu_umNZVn4vBgb23Mqw_XG7GP2ZQDbbH-Xeqp5fSA1K0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d26940c6e6130331d639a9d95aefbfddd22a0e33bbacb7b5e9e0e606c83d1dfd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

x-cache-status
HIT, MISS, STALE
cache-control
public, max-age=100000
content-encoding
gzip
expires
Sat, 12 Oct 2024 14:04:04 GMT
access-control-allow-origin
*
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
text/javascript
vary
Accept-Encoding
server
nginx
last-modified
Tue, 08 Oct 2024 13:10:29 GMT
be96b820e5daac93
ads.us.e-planning.net/uspd/1/ Frame AF3A
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
0
0
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.120.110.136 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control
max-age=0, no-cache
content-length
141
content-type
text/html
date
Thu, 31 Oct 2024 02:15:27 GMT
expires
Thu, 31 Oct 2024 02:15:27 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
SIN-726

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Thu, 31 Oct 2024 02:15:26 GMT
location
/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
SIN-726
usync.html
eus.rubiconproject.com/ Frame D6B1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.101.65 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-101-65.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Thu, 31 Oct 2024 02:15:25 GMT
etag
"2052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 31 Oct 2024 02:15:25 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
server
AkamaiGHost
pba.gif
c.4dex.io/
43 B
61 B
Fetch
General
Full URL
https://c.4dex.io/pba.gif?org_id=1015&site=120176-onimama-com&v=2&pbjsv=9.16.0&pv_id=4706d02a-b1fa-454f-b80b-27a2d0679d68&auct_id=59cace44-2eef-4745-af66-9af18409c8d9&adu_code=26711&url_dmn=onimama.com&mts=ban&ban_szs=300x168%2C300x250&bdrs=adagio%2Cadform%2Camx%2Cgingerad%2Cmoneytizer%2Conetag%2Copenx%2Coutbrain%2Crubicon%2Csparteo%2Ctriplelift%2Cyieldone&pgtyp=article&plcmt=19&s_id=3567e5c4-0809-4d72-b12b-22040ef46aee&s_new=true&bdrs_src=client%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient&bdrs_code=adagio%2Cadf%2Camx%2Cappnexus%2Cmoneytizer%2Conetag%2Copenx%2Coutbrain%2Crubicon%2Csparteo%2Ctriplelift%2Cyieldone&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C1%2C0%2C1%2C0%2C0%2C0%2C0%2C0&bdrs_cpm=%2C%2C%2C%2C0%2C%2C0.02%2C%2C%2C%2C%2C&dom_i=1912&bdrs_timeout=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
expires
-1
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
pba.gif
c.4dex.io/
43 B
61 B
Fetch
General
Full URL
https://c.4dex.io/pba.gif?org_id=1015&site=120176-onimama-com&v=3&pbjsv=9.16.0&pv_id=4706d02a-b1fa-454f-b80b-27a2d0679d68&auct_id=59cace44-2eef-4745-af66-9af18409c8d9&adu_code=26711&url_dmn=onimama.com&mts=ban&ban_szs=300x168%2C300x250&bdrs=adagio%2Cadform%2Camx%2Cgingerad%2Cmoneytizer%2Conetag%2Copenx%2Coutbrain%2Crubicon%2Csparteo%2Ctriplelift%2Cyieldone&pgtyp=article&plcmt=19&s_id=3567e5c4-0809-4d72-b12b-22040ef46aee&s_new=true&bdrs_src=client%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient&bdrs_code=adagio%2Cadf%2Camx%2Cappnexus%2Cmoneytizer%2Conetag%2Copenx%2Coutbrain%2Crubicon%2Csparteo%2Ctriplelift%2Cyieldone&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C1%2C0%2C1%2C0%2C0%2C0%2C0%2C0&bdrs_cpm=%2C%2C%2C%2C0%2C%2C0.02%2C%2C%2C%2C%2C&dom_i=1912&bdrs_timeout=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&win_bdr=openx&win_mt=ban&win_ban_sz=300x250&win_net_cpm=0.02&win_og_cpm=0.02
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
expires
-1
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
get
uipapac.semasio.net/id5/1/
Redirect Chain
  • https://id5-sync.com/i/102/8.gif?o=api&id5id=ID5*1NO0n0QLG2fGtTmRp4C2lSSMtWTncyR8pKXvxjsfCj3T8mG3Oe4-IXnaQ4CPWukp&gdpr_consent=undefined&gdpr=false
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-050doO2fnCJTvWpDZjJuwGoxnwOVoIdAQ2s93_mOxg&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_...
  • https://id5-sync.com/c/102/102/7/2.gif?puid=6231135869332924298&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/2/6/3.gif?puid=8961297924541505529&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-050doO2fnCJTvWpDZjJuwGoxnwOVoIdAQ2s93_mOxg&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F5%2F4.gif%3Fpuid%3DSMART_...
  • https://id5-sync.com/c/102/102/5/4.gif?puid=6231135869332924298&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/4/5.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/2/4/5.gif?puid=8961297924541505529&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=bd2fdc33-61ce-4566-b346-f9999547567c&ttl=%%TTL%%
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AAEPBk7ORdEAABTcdHZgig&id5AccountNum=155&numCascadesAllowed=9
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F1%2F8.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F1%2F8.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/102/123/1/8.gif?puid=192e05b41bb-3b650000010e44c8&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F0%2F9.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipapac.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F0%2F9.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
0
0

bounce
id5-sync.com/
30 B
229 B
Fetch
General
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://onimama.com
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
text/plain;charset=utf-8
vary
Origin
access-control-allow-credentials
true
v1
lb.eu-1-id5-sync.com/lb/
45 B
282 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
7eb1f4a8c35b16934be212757315390d6e2c9e03e9fefe33ed2ca7c5a6509187
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://onimama.com
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
12.json
id5-sync.com/g/v2/
632 B
1 KB
Fetch
General
Full URL
https://id5-sync.com/g/v2/12.json
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
ca8749c92cf0011549d003cb242ad5e1528edf11a9675b62c8112ab882d8d284
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://onimama.com
p3p
CP="CAO PSA OUR"
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
application/json
vary
Origin
/
asia.adform.net/adfserve/ Frame 4A24
5 KB
3 KB
Script
General
Full URL
https://asia.adform.net/adfserve/?CC=1&bn=75278735;rtbwp=AAABkuBbMMVh7YvYkPglFsIvaX86GGeHggcw3w-FMmBVXQHzJs-7475qANUueZoI1qkro6U0;rtbdata=312cwcTv8VKExX84FwHCRysgP-0Epz_MbBCywza91ZACoVcUYzic21bchIwNHLIEWIwDrCDaBJ5vjsFU3MuM-GUxNgY4nbbjJnlnvo9EU9jdGEWCccP9e0hSprhvtcvEaJ1ZpzPcgMjH0J8eL6aBaiPw7iiNDWhFJQ_jc6XxZa0gW426Ex3JRZYIRrp1F568mZ-QrBlMXl-stYvxI7T29GaCmSpvMqzj0urOu3zTIfkpTB3AA_3k0X9dCwJEuX80yCNzzNzpCaVOcUwtBcUNtLu_umNZVn4v0gAwE4bFIK9zLY-fF7B5VY3uKUpEzrQe0;json=1;js=1;adfxid=1x;6565;set=ja-JP|ja-JP|1600X1200||300|50|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/mink/633/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
55f5c85003feff32a8dbab8a89df4f6cca18a1419d5b23e9410393a3c71137c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, must-revalidate, no-transform
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires
-1
access-control-allow-origin
*
content-length
2864
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
/
asia.adform.net/adfserve/ Frame C0CA
5 KB
3 KB
Script
General
Full URL
https://asia.adform.net/adfserve/?bn=75278727;rtbwp=AAABkuBbMwVuQNHl6YUngI_8H0nxCCF-3yNYuA-M8H87chMBLk8ynllpdnd3L3UIx1Rq08h0;rtbdata=z9rJJ25zbetjDTF67DSwK2e3daM5cMFZt61CjJRBTjGK0xHR9u8IOsUjmzS29jZ389LY67BXmLVvjsFU3MuM-GUxNgY4nbbjJnlnvo9EU9jdGEWCccP9e0hSprhvtcvEaJ1ZpzPcgMib5VfnPT5qVSPw7iiNDWhFJQ_jc6XxZa0gW426Ex3JRZYIRrp1F568lp8Z6Ho15z3g_heVN7Tx_wm6kYQ7CZ3f0urOu3zTIfkpTB3AA_3k0X9dCwJEuX80yCNzzNzpCaVOcUwtBcUNtLu_umNZVn4vBgb23Mqw_XG7GP2ZQDbbH-Xeqp5fSA1K0;json=1;js=1;adfxid=2x;1481;set=ja-JP|ja-JP|1600X1200||300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/mink/633/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1764a2dca8eb5a4527fb3f7610ff2e1a9cd54884cdf39b7bb0180b74efb0bc44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, must-revalidate, no-transform
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires
-1
access-control-allow-origin
*
content-length
2871
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
v3
id5-sync.com/gm/
1 KB
2 KB
XHR
General
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
04d5e3385dc82e35b5cfb716e32cf510c4a8c019d5f93cfb26149c521dffc3b7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://onimama.com
p3p
CP="CAO PSA OUR"
date
Thu, 31 Oct 2024 02:15:27 GMT
content-type
application/json
vary
Origin
pd
eu-u.openx.net/w/1.0/ Frame BE0D
0
0
Document
General
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=52a09451-a89b-4b5b-b34c-48d3f1095aaa
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Thu, 31 Oct 2024 02:15:26 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pd
eu-u.openx.net/w/1.0/ Frame 45D7
0
0
Document
General
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=52a09451-a89b-4b5b-b34c-48d3f1095aaa
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Thu, 31 Oct 2024 02:15:27 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
Standard
s2.adform.net/mink/633/s2.adform.net/load/v/0.0.251/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/ Frame 4A24
97 KB
41 KB
Script
General
Full URL
https://s2.adform.net/mink/633/s2.adform.net/load/v/0.0.251/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/mink/633/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7a81ca21d663d6de213c68af9feb61bf26e232948322fcbb048d3c1447214b37

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

x-cache-status
MISS, MISS, STALE
cache-control
public, max-age=100000
content-encoding
gzip
expires
Sat, 12 Oct 2024 14:04:05 GMT
access-control-allow-origin
*
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
text/javascript
vary
Accept-Encoding
server
nginx
last-modified
Tue, 08 Oct 2024 13:10:29 GMT
Standard
s2.adform.net/mink/633/s2.adform.net/load/v/0.0.251/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/ Frame C0CA
97 KB
0
Script
General
Full URL
https://s2.adform.net/mink/633/s2.adform.net/load/v/0.0.251/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/mink/633/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7a81ca21d663d6de213c68af9feb61bf26e232948322fcbb048d3c1447214b37

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

x-cache-status
MISS, MISS, STALE
cache-control
public, max-age=100000
content-encoding
gzip
expires
Sat, 12 Oct 2024 14:04:05 GMT
access-control-allow-origin
*
date
Thu, 31 Oct 2024 02:15:26 GMT
content-type
text/javascript
vary
Accept-Encoding
server
nginx
last-modified
Tue, 08 Oct 2024 13:10:29 GMT
vi
ll.zucks.net/zoe/w/
0
0
Fetch
General
Full URL
https://ll.zucks.net/zoe/w/vi?p=ZYNQA9ZgBYetzfqBSJdF-oqwvVncfW74TzKwSkmGikbYc0nGbroWykdYx9YI5RlM47lv8WEUkWxvTrCvc8JMELCXNuZRWq4GlSrFvTzGWzYoQ08yHYptneLDA5cZLwsOCFnJpTl1Ob6KRARHZ-MoTKb9vejt711JVLiEnlDHk4RL67sMbKpYhw&v=sEXmzOOjNnZlY_OPtAQdug
Requested by
Host: j.zoe.zucks.net
URL: https://j.zoe.zucks.net/zoe.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.127.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-127-118.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://onimama.com
Date
Thu, 31 Oct 2024 02:15:27 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
setuid
u.4dex.io/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26it%3Dadg-pb-clt%26uid%3D%24UID
  • https://u.4dex.io/setuid?bidder=appnexus&it=adg-pb-clt&uid=8961297924541505529
0
1 KB
Image
General
Full URL
https://u.4dex.io/setuid?bidder=appnexus&it=adg-pb-clt&uid=8961297924541505529
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

via
1.1 google
expires
0
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
date
Thu, 31 Oct 2024 02:15:27 GMT
vary
Origin, Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, private
location
https://u.4dex.io/setuid?bidder=appnexus&it=adg-pb-clt&uid=8961297924541505529
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.198; 146.70.201.198; 1028.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
de2b5fa8-dc27-45cf-974c-1921927dc57b
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 31 Oct 2024 02:15:27 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
264.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/i/102/8.gif?o=api&id5id=ID5*0ClYjkDx93bCT9WAo3pahCB2WXXjichtoF8D1z_l5izT8na_T96OcVHXPfyQ3qGn&gdpr_consent=undefined&gdpr=false
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-050doO2fnCJTvWpDZjJuwGoxnwOVoIdAQ2s93_mOxg&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_...
  • https://id5-sync.com/c/102/102/7/2.gif?puid=6231135869332924298&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/2/6/3.gif?puid=8961297924541505529&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=bd2fdc33-61ce-4566-b346-f9999547567c&ttl=%%TTL%%
43 B
43 B
Image
General
Full URL
https://id5-sync.com/k/264.gif?puid=bd2fdc33-61ce-4566-b346-f9999547567c&ttl=%%TTL%%
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 31 Oct 2024 02:15:28 GMT
content-type
text/html;charset=utf-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding

Redirect headers

location
https://id5-sync.com/k/264.gif?puid=bd2fdc33-61ce-4566-b346-f9999547567c&ttl=%%TTL%%
content-length
199
date
Thu, 31 Oct 2024 02:15:28 GMT
server
Kestrel
/
asia.adform.net/csimpr/ Frame 4A24
35 B
580 B
Ping
General
Full URL
https://asia.adform.net/csimpr/?bn=75278735&csi=ppwSWIq0X_CGCJpKDqGCbVju7dxFO1E3Sy_Qc0JUIKm7x0MhjkMczq585kw45lL5HNwtTEYKbdqVYZ0sqVWKNmo7vjq07Ji1lsr_2jjCDubwrR6s23RjgH-fXOhOmYwdAZ0B5CsCJybYQb7w6TjmHXr0MBEjeUt3faY2y6xWefhTflR7UrMy29KxWRUZ29Fp0
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/mink/633/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
expires
-1
access-control-allow-origin
https://onimama.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date
Thu, 31 Oct 2024 02:15:27 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
en.png
s2.adform.net/banners/scripts/assets/images/OBA/ Frame 4A24
4 KB
4 KB
Image
General
Full URL
https://s2.adform.net/banners/scripts/assets/images/OBA/en.png
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
835b8e7fce8c7030ab18fe28277589c21b062b5b6e6301939cb1e62b1af3f151

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

x-cache-status
HIT, BYPASS, HIT
cache-control
public, max-age=604800
etag
"03731761a34663b5a065acaa2cf51394"
x-amz-request-id
tx0000060cfa3673ca49c51-0066c34c16-3299ff77-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
4235
date
Thu, 31 Oct 2024 02:15:27 GMT
x-rgw-object-type
Normal
content-type
image/png
last-modified
Wed, 25 May 2022 11:48:05 GMT
server
nginx
oba.png
s2.adform.net/banners/scripts/assets/images/OBA/ Frame 4A24
3 KB
3 KB
Image
General
Full URL
https://s2.adform.net/banners/scripts/assets/images/OBA/oba.png
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/

Response headers

x-cache-status
HIT, BYPASS, HIT
cache-control
public, max-age=604800
etag
"794c84d30e213ec6a144d64215f07551"
x-amz-request-id
tx00000bd675d27a48f3508-0066a801ec-32972e8a-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
3262
date
Thu, 31 Oct 2024 02:15:27 GMT
x-rgw-object-type
Normal
content-type
image/png
last-modified
Wed, 25 May 2022 11:49:23 GMT
server
nginx
en.png
s2.adform.net/banners/scripts/assets/images/OBA/ Frame C0CA
4 KB
0
Image
General
Full URL
https://s2.adform.net/banners/scripts/assets/images/OBA/en.png
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/mink/633/s2.adform.net/load/v/0.0.251/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
835b8e7fce8c7030ab18fe28277589c21b062b5b6e6301939cb1e62b1af3f151

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

x-cache-status
HIT, BYPASS, HIT
cache-control
public, max-age=604800
etag
"03731761a34663b5a065acaa2cf51394"
x-amz-request-id
tx0000060cfa3673ca49c51-0066c34c16-3299ff77-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
4235
date
Thu, 31 Oct 2024 02:15:27 GMT
x-rgw-object-type
Normal
content-type
image/png
last-modified
Wed, 25 May 2022 11:48:05 GMT
server
nginx
/
asia.adform.net/csimpr/ Frame C0CA
35 B
580 B
Ping
General
Full URL
https://asia.adform.net/csimpr/?bn=75278727&csi=B_NAAwXZyUbifNB6cfsOay60564g5luG1_ucGtFAcvK7x0MhjkMczq585kw45lL5HNwtTEYKbdqVYZ0sqVWKNmo7vjq07Ji1lsr_2jjCDubwrR6s23RjgOxk-CjyAFk1gLQiEFF32bnYQb7w6TjmHVVnZpWrJGhSmmntdqibC-etI1Va2Vz7xtKxWRUZ29Fp0
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/mink/633/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
expires
-1
access-control-allow-origin
https://onimama.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date
Thu, 31 Oct 2024 02:15:27 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
15495770.js
s2.adform.net/Banners/Elements/Files/2052655/15495770/ Frame 402A
3 KB
2 KB
Script
General
Full URL
https://s2.adform.net/Banners/Elements/Files/2052655/15495770/15495770.js?ADFassetID=15495770&bv=257
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e00b0435b511fa254a7f4c9f93735514a3ce7234c2bea04fad646b2c37b15bc9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

x-cache-status
MISS, HIT, STALE
access-control-expose-headers
Content-Range,Content-Length
cache-control
public, max-age=604800
content-encoding
gzip
etag
W/"175baf48134e5995fa99a375b2c5fbcf"
x-amz-request-id
tx000000b0510e5471c5e25-0066a8d688-32973457-default
access-control-allow-origin
*
date
Thu, 31 Oct 2024 02:15:27 GMT
x-rgw-object-type
Normal
content-type
application/x-javascript
vary
Accept-Encoding
server
nginx
last-modified
Tue, 30 Jul 2024 09:27:34 GMT
oba.png
s2.adform.net/banners/scripts/assets/images/OBA/ Frame C0CA
3 KB
0
Image
General
Full URL
https://s2.adform.net/banners/scripts/assets/images/OBA/oba.png
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/

Response headers

x-cache-status
HIT, BYPASS, HIT
cache-control
public, max-age=604800
etag
"794c84d30e213ec6a144d64215f07551"
x-amz-request-id
tx00000bd675d27a48f3508-0066a801ec-32972e8a-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
3262
date
Thu, 31 Oct 2024 02:15:27 GMT
x-rgw-object-type
Normal
content-type
image/png
last-modified
Wed, 25 May 2022 11:49:23 GMT
server
nginx
15861425.js
s2.adform.net/Banners/Elements/Files/2052655/15861425/ Frame 09BF
3 KB
2 KB
Script
General
Full URL
https://s2.adform.net/Banners/Elements/Files/2052655/15861425/15861425.js?ADFassetID=15861425&bv=257
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fd2dcda134c7b22087fd4f65bb23055bfbe6a0eed7fc38dbb103c102d7a82b8c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

x-cache-status
MISS, HIT, STALE
access-control-expose-headers
Content-Range,Content-Length
cache-control
public, max-age=604800
content-encoding
gzip
etag
W/"1226df55ac9db0639a26ad54629e62cb"
x-amz-request-id
tx00000d73b06216b365771-0066e178f7-3298f2ff-default
access-control-allow-origin
*
date
Thu, 31 Oct 2024 02:15:27 GMT
x-rgw-object-type
Normal
content-type
application/x-javascript
vary
Accept-Encoding
server
nginx
last-modified
Wed, 11 Sep 2024 06:30:11 GMT
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 402A
Redirect Chain
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
30 KB
14 KB
Script
General
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Server
37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
26cd88f80e32bf9cd9d41030edd478f71e9e41a88f06ce1467c3ea9b7d24ec83

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

x-cache-status
HIT
cache-control
public, max-age=604800
content-encoding
gzip
etag
W/"45f038e188b2a7f0feb9a75ead93215c"
x-amz-request-id
tx000001d88e3b1161605c1-0066c347ce-32993d2f-default
access-control-allow-origin
*
date
Thu, 31 Oct 2024 02:15:30 GMT
x-rgw-object-type
Normal
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Mon, 04 Mar 2024 08:01:06 GMT

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
location
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
date
Thu, 31 Oct 2024 02:15:28 GMT
content-type
text/html
server
nginx
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 09BF
Redirect Chain
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
30 KB
0
Script
General
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Server
37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
26cd88f80e32bf9cd9d41030edd478f71e9e41a88f06ce1467c3ea9b7d24ec83

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

x-cache-status
HIT
cache-control
public, max-age=604800
content-encoding
gzip
etag
W/"45f038e188b2a7f0feb9a75ead93215c"
x-amz-request-id
tx000001d88e3b1161605c1-0066c347ce-32993d2f-default
access-control-allow-origin
*
date
Thu, 31 Oct 2024 02:15:30 GMT
x-rgw-object-type
Normal
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Mon, 04 Mar 2024 08:01:06 GMT

Redirect headers

location
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
date
Thu, 31 Oct 2024 02:15:28 GMT
content-type
text/html
server
nginx
be96b820e5daac93
ads.us.e-planning.net/uspd/1/ Frame D48C
0
0
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.120.110.136 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control
max-age=0, no-cache
content-length
141
content-type
text/html
date
Thu, 31 Oct 2024 02:15:27 GMT
expires
Thu, 31 Oct 2024 02:15:27 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
SIN-726
/
onetag-sys.com/usync/ Frame E3A6
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
be96b820e5daac93
ads.us.e-planning.net/uspd/1/ Frame 5D47
0
0
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.120.110.136 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control
max-age=0, no-cache
content-length
141
content-type
text/html
date
Thu, 31 Oct 2024 02:15:27 GMT
expires
Thu, 31 Oct 2024 02:15:27 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
SIN-726
/
ce.lijit.com/beacon/prebid-server/ Frame 5183
Redirect Chain
  • https://ap.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26it%3Dadg-pb-clt%26uid%3D%24UID
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26it%3Dadg-pb-clt%26uid%3D%24UID
0
0
Document
General
Full URL
https://ce.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26it%3Dadg-pb-clt%26uid%3D%24UID
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.240.32.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-32-106.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-encoding
gzip
content-length
806
content-type
text/html
date
Thu, 31 Oct 2024 02:15:28 GMT
expires
Fri, 20 Mar 2009 00:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
vary
Accept-Encoding

Redirect headers

content-length
110
content-type
text/html
date
Thu, 31 Oct 2024 02:15:28 GMT
location
https://ce.lijit.com:443/beacon/prebid-server/?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26it%3Dadg-pb-clt%26uid%3D%24UID
server
awselb/2.0
setuid
u.4dex.io/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=
  • https://creativecdn.com/cm-notify?pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1
  • https://u.4dex.io/setuid?bidder=rtbhouse&uid=VAeYdGzIdBcd3rJZwHWBif5PVKWcqDwbD8FBqQpNvOs&pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1
0
1 KB
Image
General
Full URL
https://u.4dex.io/setuid?bidder=rtbhouse&uid=VAeYdGzIdBcd3rJZwHWBif5PVKWcqDwbD8FBqQpNvOs&pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

via
1.1 google
expires
0
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
date
Thu, 31 Oct 2024 02:15:29 GMT
vary
Origin, Accept-Encoding

Redirect headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
location
https://u.4dex.io/setuid?bidder=rtbhouse&uid=VAeYdGzIdBcd3rJZwHWBif5PVKWcqDwbD8FBqQpNvOs&pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1
content-length
0
date
Thu, 31 Oct 2024 02:15:29 GMT, Thu, 31 Oct 2024 02:15:29 GMT
pragma
no-cache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 44CE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=bd2fdc33-61ce-4566-b346-f9999547567c
0
0
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=bd2fdc33-61ce-4566-b346-f9999547567c
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.141.48.81 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-48-81.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 31 Oct 2024 02:15:30 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Thu, 31 Oct 2024 02:15:29 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=bd2fdc33-61ce-4566-b346-f9999547567c
server
Kestrel
iframe.html
sync.sparteo.com/sync/ Frame 2844
0
0
Document
General
Full URL
https://sync.sparteo.com/sync/iframe.html?from=prebidjs
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, authorization, accept
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8db0233bfa04d504-NRT
content-encoding
gzip
content-type
text/html
date
Thu, 31 Oct 2024 02:15:30 GMT
last-modified
Fri, 25 Oct 2024 20:36:37 GMT
referrer-policy
no-referrer-when-downgrade
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 732F
0
0
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.27.185.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-27-185-91.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 31 Oct 2024 02:15:29 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 01 Nov 2024 02:15:31 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 0C79
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1730340925708
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
isyn
sync.a-mo.net/ Frame 9808
0
0
Document
General
Full URL
https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=Cu0BSgtvbmltYW1hLmNvbVILYWFzLTI5NzMwNzdaCHBiYTEuMy40agtvbmltYW1hLmNvbfoBBjkuMTYuMOgCAYgDvdCLuQaoAw_qAyRmNTM4M2Q1MS1mZWUyLTQ4YzItYmYzZi1mMmIyNGFkNmVlZDGiBCJodHRwczovL29uaW1hbWEuY29tL2thd2FyZXRhb3Rva28vqgQDRENIsgUDVVNE6gUHZGVza3RvcPoFA3NncMAGAMgGAaoHA3dlYsoHC29uaW1hbWEuY29t4AcBgggLb25pbWFtYS5jb22KCAZjaHJvbWWZCAAAAAAACAAA
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
654
content-type
text/html; charset=utf-8
date
Thu, 31 Oct 2024 02:15:29 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
usync.html
eus.rubiconproject.com/ Frame 87CA
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.101.65 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-101-65.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Thu, 31 Oct 2024 02:15:29 GMT
etag
"2052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
pd
moneytizer-d.openx.net/w/1.0/ Frame 6DDB
0
0
Document
General
Full URL
https://moneytizer-d.openx.net/w/1.0/pd
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Thu, 31 Oct 2024 02:15:28 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
iframe
sync.missena.io/ Frame E5AD
0
0
Document
General
Full URL
https://sync.missena.io/iframe
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.236.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-236-196.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html; charset=utf-8
Date
Thu, 31 Oct 2024 02:15:29 GMT
Expires
Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified
Thu, 31 Oct 2024 02:15:29 GMT
Pragma
no-cache
Transfer-Encoding
chunked
Vary
Accept-Encoding Origin
actualizar
penta.a.one.impact-ad.jp/psm/1.0/ Frame D5F9
Redirect Chain
  • https://y.one.impact-ad.jp/push_sync
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tvu5f2p&ttd_tpi=1
  • https://y.one.impact-ad.jp/cs?d=247&uid=bd2fdc33-61ce-4566-b346-f9999547567c&tg=2&et=30&r=no&ttl=1732932929
  • https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
0
0
Document
General
Full URL
https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.248.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
content-length
42
content-type
image/gif
date
Thu, 31 Oct 2024 02:15:29 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains;
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 31 Oct 2024 02:15:29 GMT
location
https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
via
1.1 google
URnmbSKM
sync-tm.everesttech.net/ct/upi/pid/ Frame 3BD5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZyLoQgABzjaXKwAR
0
0
Document
General
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZyLoQgABzjaXKwAR
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
3031
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 31 Oct 2024 02:15:30 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
14237
x-robots-tag
noindex
x-served-by
cache-nrt-rjtf7700045-NRT
x-timer
S1730340930.144250,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Thu, 31 Oct 2024 02:15:30 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZyLoQgABzjaXKwAR
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-robots-tag
noindex
x-served-by
cache-nrt-rjtf7700045-NRT
x-timer
S1730340930.975516,VS0,VE163
sync
eb2.3lift.com/ Frame 5FBF
0
0
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1096
content-type
text/html; charset=utf-8
date
Thu, 31 Oct 2024 02:15:30 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 5F08
0
0
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV84YjFkNmE1My0wMjA5LTRmMGYtODVhOC01NjhhZTY5ZjMyMWQ=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 31 Oct 2024 02:15:29 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 47F3
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.224.239 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-224-239.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=168303
content-encoding
gzip
content-length
5633
content-type
text/html
date
Thu, 31 Oct 2024 02:15:29 GMT
expires
Sat, 02 Nov 2024 01:00:32 GMT
last-modified
Mon, 26 Aug 2024 15:25:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A132
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.101.65 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-101-65.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Thu, 31 Oct 2024 02:15:29 GMT
etag
"2052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 31 Oct 2024 02:15:29 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usersync
usersync.gumgum.com/ Frame 8859
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=VAeYdGzIdBcd3rJZwHWBif5PVKWcqDwbD8FBqQpNvOs&pi=gumgum
0
0
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=VAeYdGzIdBcd3rJZwHWBif5PVKWcqDwbD8FBqQpNvOs&pi=gumgum
Requested by
Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.18/088d85770110f27154054fee4e63cb2c/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.141.48.81 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-48-81.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 31 Oct 2024 02:15:30 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 31 Oct 2024 02:15:30 GMT Thu, 31 Oct 2024 02:15:30 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=VAeYdGzIdBcd3rJZwHWBif5PVKWcqDwbD8FBqQpNvOs&pi=gumgum
pragma
no-cache
vary
Accept-Encoding
prebid
b1h.zemanta.com/usersync/
Redirect Chain
  • https://b1h.zemanta.com/usersync/prebid
  • https://b1h.zemanta.com/usersync/prebid?s=2
26 B
388 B
Image
General
Full URL
https://b1h.zemanta.com/usersync/prebid?s=2
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
HTTP/1.1
Server
50.31.142.127 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
p3p
CP="We do not support P3P header."
content-length
26
date
Thu, 31 Oct 2024 02:15:29 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
location
/usersync/prebid?s=2
pragma
no-cache
expires
Thu, 01 Dec 1994 16:00:00 GMT
content-length
43
p3p
CP="We do not support P3P header."
date
Thu, 31 Oct 2024 02:15:29 GMT
content-type
text/html; charset=utf-8
setuid
u.4dex.io/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26it%3Dadg-pb-clt%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&zcc=1&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26it%3Dadg-pb-clt%26uid%3D%5BRX_UUID%5D&cb=1730340929535
  • https://ad.turn.com/r/cs?pid=45&id=RX-e34878cb-07bb-4f35-9fec-84238d3ffa16-004&rndcb=1268951013
  • https://sync.1rx.io/usersync/turn/4576193204235437985?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-e34878cb-07bb-4f35-9fec-84238d3ffa16-004?redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26it%3Dadg-pb-clt%26uid%3DRX-e34878cb-07bb-4f35-9fe...
  • https://u.4dex.io/setuid?bidder=unruly&it=adg-pb-clt&uid=RX-e34878cb-07bb-4f35-9fec-84238d3ffa16-004
0
15 B
Image
General
Full URL
https://u.4dex.io/setuid?bidder=unruly&it=adg-pb-clt&uid=RX-e34878cb-07bb-4f35-9fec-84238d3ffa16-004
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

via
1.1 google
expires
0
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
date
Thu, 31 Oct 2024 02:15:30 GMT
vary
Origin, Accept-Encoding

Redirect headers

location
https://u.4dex.io/setuid?bidder=unruly&it=adg-pb-clt&uid=RX-e34878cb-07bb-4f35-9fec-84238d3ffa16-004
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date
Thu, 31 Oct 2024 02:15:30 GMT
etag
RXe34878cb07bb4f359fec84238d3ffa16004
content-type
text/html
close-retina.png
ced-ns.sascdn.com/diff/templates/images/
2 KB
2 KB
Image
General
Full URL
https://ced-ns.sascdn.com/diff/templates/images/close-retina.png
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b4a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/

Response headers

Cache-Control
max-age=86400
ETag
"dc45791e534223d16a4d14fa1a1a5f4e:1634717611.309945"
Connection
keep-alive
Accept-Ranges
bytes
Akamai-Loopback-Request
8096267
Content-Length
1802
Date
Thu, 31 Oct 2024 02:15:29 GMT
Content-Type
image/png
Last-Modified
Wed, 20 Oct 2021 08:07:22 GMT
Server
AkamaiNetStorage
66e138bfdec572261a12267a
c.bannerflow.net/a/ Frame 09BF
50 KB
18 KB
Script
General
Full URL
https://c.bannerflow.net/a/66e138bfdec572261a12267a?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2fonimama.com%2fkawaretaotoko%2f
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
373bc758248bcc2b05e558dcc554c2023f00c0ca4da8c26e7342646a3b39c39b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
public, s-maxage=10
content-encoding
br
cf-cache-status
MISS
cf-ray
8db0233f49fed4ae-NRT
date
Thu, 31 Oct 2024 02:15:30 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 02:15:30 GMT
vary
Accept-Encoding
server
cloudflare
66a8b1dda6a4305a1be08d2f
c.bannerflow.net/a/ Frame 402A
50 KB
18 KB
Script
General
Full URL
https://c.bannerflow.net/a/66a8b1dda6a4305a1be08d2f?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2fonimama.com%2fkawaretaotoko%2f
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f8dbca628c02f7d342755b7050af567d5307e0de1862e76d66b776f8ff03103

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
public, s-maxage=10
content-encoding
br
cf-cache-status
MISS
cf-ray
8db0233f4a02d4ae-NRT
date
Thu, 31 Oct 2024 02:15:30 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 02:15:30 GMT
vary
Accept-Encoding
server
cloudflare
trace
c.bannerflow.net/cdn-cgi/ Frame 09BF
314 B
450 B
XHR
General
Full URL
https://c.bannerflow.net/cdn-cgi/trace
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/66e138bfdec572261a12267a?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2fonimama.com%2fkawaretaotoko%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9385353596b99f3d1c42a7e97dbb5ee6adcff9f26dd8b51a714170ab86d8b05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache
content-encoding
gzip
x-content-type-options
nosniff
cf-ray
8db0233fec276855-NRT
expires
Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-origin
*
date
Thu, 31 Oct 2024 02:15:30 GMT
content-type
text/plain
server
cloudflare
x-frame-options
DENY
preload.jpg
c.bannerflow.net/accounts/coingaming/5ae2c4c00305cc1fd00e579b/published/9126764/10827407/ Frame 09BF
14 KB
14 KB
Image
General
Full URL
https://c.bannerflow.net/accounts/coingaming/5ae2c4c00305cc1fd00e579b/published/9126764/10827407/preload.jpg
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1de4613f33fed5a0792c34d060077bcc61c2b88e0556237d87edd2e3b874fef1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-md5
ck8rukMKaYdYinbPRSU6tg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
h2pri
etag
"0x8DCD22B1A3261FB"
x-ms-version
2011-08-18
cf-cache-status
HIT
age
633525
date
Thu, 31 Oct 2024 02:15:30 GMT
content-type
image/jpeg
last-modified
Wed, 11 Sep 2024 06:29:34 GMT
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-request-id
730ef243-d01e-004e-4177-25fb5b000000
cf-ray
8db0233feaabd4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
14025
x-ms-blob-type
BlockBlob
server
cloudflare
/
c.bannerflow.net/tr/v2/pixel/ Frame 09BF
0
92 B
Ping
General
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/66e138bfdec572261a12267a?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2fonimama.com%2fkawaretaotoko%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://onimama.com/kawaretaotoko/

Response headers

request-context
appId=cid-v1:84fd77ae-9350-4973-b2de-3f12410efa37
cf-ray
8db0233ffac0d4ae-NRT
content-length
0
cf-cache-status
DYNAMIC
date
Thu, 31 Oct 2024 02:15:30 GMT
server
cloudflare
js
www.googletagmanager.com/gtag/
337 KB
111 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FDDX0429DD
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
683a799284052e24ff29ef434c7b171d237d3d7c87d6cb65c76c26da7e7b20cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 31 Oct 2024 02:15:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 02:15:30 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
112618
x-xss-protection
0
server
Google Tag Manager
truncated
/
173 B
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6623913d94a381419a2fed34a9c7881ccd3a905ea7dfc42d537b09b4b4f4517

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/javascript
truncated
/
148 B
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b215074a57b1da5693402bdb7687d402ce642ed8ab39cdd542943c594af742bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
163 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3377996120013427
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s11-in-f2.1e100.net
Software
cafe /
Resource Hash
1d631a7cd7e0fd8c711ad3848931c4dbd5d3ea196a30b85e05a53cadb35702e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://onimama.com
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
br
etag
13891928977160755394
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 02:15:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 31 Oct 2024 02:15:30 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
54071
x-xss-protection
0
server
cafe
widgets.js
platform.twitter.com/
91 KB
27 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.108.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
gzip
etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
access-control-allow-methods
GET
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date
Thu, 31 Oct 2024 02:15:30 GMT
last-modified
Mon, 11 Dec 2023 17:20:28 GMT
vary
Accept-Encoding
x-served-by
cache-iad-kcgs7200137-IAD, cache-tyo11979-TYO
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1800
tw-cdn
FT
accept-ranges
bytes
access-control-allow-origin
*
content-length
27597
x-amz-server-side-encryption
AES256
widget.335f0bdde23ec226e5fc.js
c.bannerflow.net/scripts/ Frame 09BF
24 KB
9 KB
Script
General
Full URL
https://c.bannerflow.net/scripts/widget.335f0bdde23ec226e5fc.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/66e138bfdec572261a12267a?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2fonimama.com%2fkawaretaotoko%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
258f4fc1a33626bb2d7c8476720efe3af45fb09e1b29e1211e18a7d89011c625

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-md5
0eLt5oylYNppmKTb3KjP9w==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
etag
W/"0x8DCD16E711A8E4A"
x-ms-version
2011-08-18
cf-cache-status
HIT
age
277550
content-encoding
br
cf-polished
origSize=24780
date
Thu, 31 Oct 2024 02:15:30 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 07:59:05 GMT
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-request-id
7b2f737b-c01e-0052-4281-03a93b000000
cf-ray
8db023409b5ad4ae-NRT
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
data.000000FBB4D023.js
c.bannerflow.net/accounts/coingaming/5ae2c4c00305cc1fd00e579b/published/9126764/10827407/ Frame 09BF
263 KB
38 KB
Script
General
Full URL
https://c.bannerflow.net/accounts/coingaming/5ae2c4c00305cc1fd00e579b/published/9126764/10827407/data.000000FBB4D023.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/66e138bfdec572261a12267a?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2fonimama.com%2fkawaretaotoko%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38fe829b274b952c42d9fa22bca3e2aafe2cb1b85ee3e8eed1f02b8194dc78de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-md5
grIhU+qSdu3aruST/G425w==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
etag
W/"0x8DCD22B1B81AD26"
x-ms-version
2011-08-18
cf-cache-status
HIT
age
454976
content-encoding
br
cf-polished
origSize=268918
date
Thu, 31 Oct 2024 02:15:30 GMT
content-type
application/javascript
last-modified
Wed, 11 Sep 2024 06:29:36 GMT
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-request-id
597c768d-101e-0041-150e-248d37000000
cf-ray
8db023409b5cd4ae-NRT
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
animated-creative.2b3cfb7ae068a4661507.js
c.bannerflow.net/scripts/ Frame 09BF
164 KB
56 KB
Script
General
Full URL
https://c.bannerflow.net/scripts/animated-creative.2b3cfb7ae068a4661507.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/66e138bfdec572261a12267a?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2fonimama.com%2fkawaretaotoko%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4a9f32c0f91b265b8d6284869c6754dfa8b283ae26998ef9cc1532936483f66

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-md5
c9+GhgFWbi2zzHP60GY+yg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
etag
W/"0x8DCD16E712CC94E"
x-ms-version
2011-08-18
cf-cache-status
HIT
age
539491
content-encoding
br
cf-polished
origSize=167713
date
Thu, 31 Oct 2024 02:15:30 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 07:59:05 GMT
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-request-id
1f3bfe65-f01e-0059-0c7b-035250000000
cf-ray
8db023409b5dd4ae-NRT
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 0CB9
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fonimama.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.108.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105429
content-type
text/html; charset=utf-8
date
Thu, 31 Oct 2024 02:15:30 GMT
etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified
Mon, 11 Dec 2023 17:19:49 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kiad7000164-IAD, cache-tyo11921-TYO
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/
435 KB
145 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3377996120013427
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s11-in-f2.1e100.net
Software
cafe /
Resource Hash
b6889bd932db4da0bcff7c9fb6e916dc4002a25cb0f9685b5e411459cbce9be9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
br
etag
16650540760041382443
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 02:15:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 31 Oct 2024 02:15:30 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
148280
x-xss-protection
0
server
cafe
trace
c.bannerflow.net/cdn-cgi/ Frame 402A
315 B
328 B
XHR
General
Full URL
https://c.bannerflow.net/cdn-cgi/trace
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/66a8b1dda6a4305a1be08d2f?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2fonimama.com%2fkawaretaotoko%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f9acc018677f11b89ee674fd8adf17411ada194f801ce9e6860a5b2756e9201
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache
content-encoding
gzip
x-content-type-options
nosniff
cf-ray
8db02341ad516855-NRT
expires
Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-origin
*
date
Thu, 31 Oct 2024 02:15:30 GMT
content-type
text/plain
server
cloudflare
x-frame-options
DENY
preload.jpg
c.bannerflow.net/accounts/coingaming/5ae2c4c00305cc1fd00e579b/published/8705903/10406528/ Frame 402A
4 KB
4 KB
Image
General
Full URL
https://c.bannerflow.net/accounts/coingaming/5ae2c4c00305cc1fd00e579b/published/8705903/10406528/preload.jpg
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbae81fba09a916c0ac5a720a246b475d4d38da5188e58025e49d0bddb3ebf10

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-md5
9Ci3Tb+IAsHAXoKnftsUMg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
h2pri
etag
"0x8DCB079C9CB3332"
x-ms-version
2011-08-18
cf-cache-status
HIT
age
257933
date
Thu, 31 Oct 2024 02:15:30 GMT
content-type
image/jpeg
last-modified
Tue, 30 Jul 2024 09:27:10 GMT
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-request-id
574b269a-a01e-0054-58e2-289a84000000
cf-ray
8db02341ac9bd4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
4238
x-ms-blob-type
BlockBlob
server
cloudflare
truncated
/ Frame 09BF
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
aa8bcdae-bbe3-4d48-bb59-19b66cb7aeff
https://onimama.com/ Frame 0FF3
668 B
0
Script
General
Full URL
blob:https://onimama.com/aa8bcdae-bbe3-4d48-bb59-19b66cb7aeff
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.2b3cfb7ae068a4661507.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
Content-Length
668
/
c.bannerflow.net/tr/v2/pixel/ Frame 402A
0
33 B
Ping
General
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/66a8b1dda6a4305a1be08d2f?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2fonimama.com%2fkawaretaotoko%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://onimama.com/kawaretaotoko/

Response headers

request-context
appId=cid-v1:84fd77ae-9350-4973-b2de-3f12410efa37
cf-ray
8db02341ccb8d4ae-NRT
content-length
0
cf-cache-status
DYNAMIC
date
Thu, 31 Oct 2024 02:15:30 GMT
server
cloudflare
font
c.bannerflow.net/fs/api/v2/ Frame 09BF
2 KB
2 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffonts.bannerflow.net%2Ffontmanagerfonts%2F5ae2c30c0305cc1b9cd4655d%2F2be41467-62eb-4db7-81fa-923b00c1a856.woff&t=%E3%81%8F%E3%81%90%E3%81%99%E3%82%99%E3%82%B1%E3%82%B2%E3%83%83%E3%83%88%E4%BB%8A
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e01c713cc44b597d0a9c7de1ab61d131d33360e7a284e7fbb965f83aee0169e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://onimama.com
Referer
https://onimama.com/kawaretaotoko/

Response headers

server
cloudflare
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
cf-cache-status
HIT
age
440169
cf-ray
8db02341ed796855-NRT
expires
Sat, 25 Oct 2025 23:59:21 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
2060
date
Thu, 31 Oct 2024 02:15:30 GMT
content-type
font/woff
content-disposition
attachment; filename=2be41467-62eb-4db7-81fa-923b00c1a856-subset.woff
vary
Accept-Encoding
last-modified
Fri, 25 Oct 2024 23:59:21 GMT
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-FDDX0429DD&gtm=45je4as0v9164619937za200&_p=1730340930610&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101823848~101878899~101878944~101925629&cid=1040711136.1730340931&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1730340930&sct=1&seg=0&dl=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&dt=%E3%80%90%E7%90%86%E7%94%B17%E9%81%B8%E3%80%91%E3%83%89%E3%83%A9%E3%83%9E%E3%80%8E%E8%B2%B7%E3%82%8F%E3%82%8C%E3%81%9F%E7%94%B7%E3%80%8F%E3%81%AF%E3%81%A4%E3%81%BE%E3%82%89%E3%81%AA%E3%81%84%EF%BC%9F%E5%A5%B3%E6%80%A7%E3%82%92%E7%BE%8E%E5%8C%96%E3%81%97%E3%81%99%E3%81%8E%E3%83%BB%E6%94%BE%E9%80%81%E3%81%97%E3%81%AA%E3%81%84%E3%81%A7%EF%BC%81%E3%81%AE%E5%A3%B0%E3%82%82%EF%BC%9F%20%7C%20%E3%81%97%E3%82%93%E3%82%89%E3%81%B0%E3%82%93%E3%81%97%E3%82%87%E3%81%86%E3%83%AD%E3%82%B0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=7112
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FDDX0429DD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80a::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://onimama.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
551 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FDDX0429DD&cid=1040711136.1730340931&gtm=45je4as0v9164619937za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533421~101823848~101878899~101878944~101925629
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FDDX0429DD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c07::9b Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://onimama.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 2885
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-FDDX0429DD&gacid=1040711136.1730340931&gtm=45je4as0v9164619937za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533421~101823848~101878899~101878944~101925629&z=1713543355
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FDDX0429DD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:805::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 31 Oct 2024 02:15:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.co.jp/ads/
42 B
63 B
Image
General
Full URL
https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FDDX0429DD&cid=1040711136.1730340931&gtm=45je4as0v9164619937za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533421~101823848~101878899~101878944~101925629&tag_exp=101533421~101823848~101878899~101878944~101925629&z=93206765
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 31 Oct 2024 02:15:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
tweet.d7aeb21a88e025d2ea5f5431a103f586.js
platform.twitter.com/js/
8 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/tweet.d7aeb21a88e025d2ea5f5431a103f586.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.108.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b69773dcbb510737999108690126d5326d529d8aa853492f94464fc0826adb59

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
gzip
etag
"1836187c57e3f0873abebe6985a39f5a+gzip"
access-control-allow-methods
GET
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date
Thu, 31 Oct 2024 02:15:30 GMT
last-modified
Mon, 11 Dec 2023 17:19:47 GMT
vary
Accept-Encoding
x-served-by
cache-iad-kcgs7200124-IAD, cache-tyo11979-TYO
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000
tw-cdn
FT
accept-ranges
bytes
access-control-allow-origin
*
content-length
2725
x-amz-server-side-encryption
AES256
optimize
c.bannerflow.net/io/api/image/ Frame 289F
610 B
720 B
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F9126764%2F10827407%2F6b5bedc8-e965-4e6b-a4d4-2a3527e8fa1c.jpg&w=300&h=250&q=85&f=webp&rt=contain
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63f5f4ac531da931ca0c67ada2c31347a6636ba430ade997e2311036e5487dea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
692647
api-supported-versions
2.0
cf-ray
8db023432df4d4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
610
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
image/webp
last-modified
Wed, 23 Oct 2024 01:51:24 GMT
vary
Accept-Encoding
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame 289F
7 KB
7 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F9126764%2F10827407%2F0d0d02c2-8509-4508-8820-6282f5f5611a.png&w=185&h=296&q=85&f=webp&rt=contain
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e554d48a2e547c549c54592f05ff9589121a0a250899d2bb0581cd977ab830e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
695500
api-supported-versions
2.0
cf-ray
8db023432df6d4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
6896
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
image/webp
last-modified
Wed, 23 Oct 2024 01:03:51 GMT
vary
Accept-Encoding
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame 289F
11 KB
11 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F9126764%2F10827407%2F77f87255-bc57-460d-a6cd-aa99ff44b2f1.png&w=226&h=245&q=85&f=webp&rt=contain
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f3562a1130f7495a0ce8ce0baaee46af69a376f779e65affb4018987d6df1c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
363956
api-supported-versions
2.0
cf-ray
8db023433df8d4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
11084
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
image/webp
last-modified
Wed, 11 Sep 2024 11:07:23 GMT
vary
Accept-Encoding
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame 289F
5 KB
5 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F9126764%2F10827407%2F5e17cd3d-cf45-442d-9a54-d61258cdc7f3.png&w=166&h=125&q=85&f=webp&rt=contain
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5d3782d2147e11bc1faf2d1531c0e0efde2b2521b6a3b34b37fb684430ce8f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
619145
api-supported-versions
2.0
cf-ray
8db023433dfad4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
4662
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
image/webp
last-modified
Wed, 23 Oct 2024 22:16:26 GMT
vary
Accept-Encoding
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame 289F
1 KB
2 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F9126764%2F10827407%2F6f12472c-be22-45e2-b49a-ec3627188f8e.png&w=68&h=66&q=85&f=webp&rt=contain
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b19f8d696de3da04b723c93a34803c38ad5bb3abc27fd7b605cae31d91fdb107

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
363835
api-supported-versions
2.0
cf-ray
8db023433dfbd4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1532
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
image/webp
last-modified
Sat, 05 Oct 2024 14:34:27 GMT
vary
Accept-Encoding
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame 289F
750 B
851 B
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F9126764%2F10827407%2F701e2643-2026-4b37-9d12-231fe1f1cee0.png&w=40&h=41&q=85&f=webp&rt=contain
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcd2497ac04be85d289d4287308229f5480ec6c0cad7554ad18fba47cd9c70af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
616590
api-supported-versions
2.0
cf-ray
8db023433dfcd4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
750
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
image/webp
last-modified
Wed, 23 Oct 2024 22:59:01 GMT
vary
Accept-Encoding
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame 289F
800 B
867 B
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F9126764%2F10827407%2F6f12472c-be22-45e2-b49a-ec3627188f8e.png&w=34&h=38&q=85&f=webp&rt=contain
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dec1025e87c9948a9df67b099a393e8c03971f2d6e36c987cc69a44db6f18cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
706173
api-supported-versions
2.0
cf-ray
8db023433dfdd4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
800
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
image/webp
last-modified
Wed, 11 Sep 2024 11:07:23 GMT
vary
Accept-Encoding
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame 289F
892 B
985 B
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F9126764%2F10827407%2F6f12472c-be22-45e2-b49a-ec3627188f8e.png&w=40&h=41&q=85&f=webp&rt=contain
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f57debe4d80f4c913344c824de6368fa1e7fa284283eae8b65d5b69458f61eca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
446723
api-supported-versions
2.0
cf-ray
8db023433dfed4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
892
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
image/webp
last-modified
Fri, 25 Oct 2024 22:10:08 GMT
vary
Accept-Encoding
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame 289F
670 B
761 B
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F9126764%2F10827407%2F701e2643-2026-4b37-9d12-231fe1f1cee0.png&w=35&h=38&q=85&f=webp&rt=contain
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7998c2afdf9696b269b6c6919e6820e0782178f54684e018c421e64a6557175

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
607158
api-supported-versions
2.0
cf-ray
8db023433dffd4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
670
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
image/webp
last-modified
Wed, 16 Oct 2024 22:34:16 GMT
vary
Accept-Encoding
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame 289F
20 KB
20 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F9126764%2F10827407%2Ff92d9f6f-864b-4426-b126-bd11a1d8e79b.png&w=356&h=447&q=85&f=webp&rt=contain
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34dc23a31825b0046e12eba4fdfbe087a465ec13522642ad864e30608a177293

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
523242
api-supported-versions
2.0
cf-ray
8db023433e00d4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
19968
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
image/webp
last-modified
Fri, 25 Oct 2024 00:54:49 GMT
vary
Accept-Encoding
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame 289F
770 B
861 B
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F9126764%2F10827407%2F701e2643-2026-4b37-9d12-231fe1f1cee0.png&w=41&h=41&q=85&f=webp&rt=contain
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
041e2e5b607e8eaec478e205539f520f19272a7eabcb364a01851a1598e81c59

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
625906
api-supported-versions
2.0
cf-ray
8db023433e01d4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
770
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
image/webp
last-modified
Wed, 23 Oct 2024 20:23:45 GMT
vary
Accept-Encoding
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame 289F
814 B
905 B
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F9126764%2F10827407%2F6f12472c-be22-45e2-b49a-ec3627188f8e.png&w=35&h=38&q=85&f=webp&rt=contain
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7c1cd60adfe2a42e1c23789ea570b2dd49a5b601586067b303d30f81a57b2c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
710034
api-supported-versions
2.0
cf-ray
8db023433e03d4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
814
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
image/webp
last-modified
Tue, 22 Oct 2024 18:33:45 GMT
vary
Accept-Encoding
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame 289F
6 KB
7 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F9126764%2F10827407%2F99d2ff20-26b6-410e-ac28-c6e5b6fcf8cc.png&w=156&h=230&q=85&f=webp&rt=contain
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a93e146f45fe4c06a993badf01a858aaf0142a0f17bb938330d79f797266d515

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
4288088
api-supported-versions
2.0
cf-ray
8db023433e04d4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
6602
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
image/webp
last-modified
Wed, 11 Sep 2024 11:07:23 GMT
vary
Accept-Encoding
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame 289F
10 KB
10 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F9126764%2F10827407%2Fcca93c30-f708-4d54-93d6-81e505176d7d.png&w=226&h=212&q=85&f=webp&rt=contain
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10742a4bcbd174e1c82d0f8105b9a1fdeb567920ba645eef4f579be2aa73e106

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
692529
api-supported-versions
2.0
cf-ray
8db023433e06d4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
10148
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
image/webp
last-modified
Wed, 23 Oct 2024 01:53:22 GMT
vary
Accept-Encoding
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame 289F
2 KB
2 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F9126764%2F10827407%2Ffc81ea18-1a16-4e7a-8d34-0904074944a8.png&w=150&h=48&q=85&f=webp&rt=contain
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5afcb4edb0dd3dd010ae44ebb8ce769b49e5595e58e372cc15cbb050ad819d73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
363834
api-supported-versions
2.0
cf-ray
8db023433e08d4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
2058
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
image/webp
last-modified
Sat, 26 Oct 2024 21:11:37 GMT
vary
Accept-Encoding
server
cloudflare
995a8f930d924c778c584a8fc101a3ea.png
c.bannerflow.net/accounts/design-store/57d7b22dbd8d3e134cf20f9a/images/ Frame 81A8
1 KB
1 KB
Image
General
Full URL
https://c.bannerflow.net/accounts/design-store/57d7b22dbd8d3e134cf20f9a/images/995a8f930d924c778c584a8fc101a3ea.png
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
944d0653cabb6543b4035c991f74a3d94db23bac4b05f44e7bf42ab32835a386

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
sBg/GuNpWi7mr15cMmphoQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
x-ms-lease-status
unlocked
etag
"0x8D811041715F955"
age
914
cf-cache-status
HIT
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
image/png
last-modified
Mon, 15 Jun 2020 08:14:13 GMT
vary
Accept-Encoding
x-ms-request-id
75decb20-801e-0031-1c4e-2634c0000000
cf-ray
8db023437e46d4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1126
x-ms-blob-type
BlockBlob
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame AD0E
1 KB
1 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F9126764%2F10827407%2Fa3e721d0-4eea-4468-8547-31050c8d2e54.png&w=60&h=60&q=85&f=webp&rt=contain
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff228c256da7200309d2915a93b565376a6a47c47924806e59b2b7615b86f808

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
369341
api-supported-versions
2.0
cf-ray
8db023438e56d4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1110
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
image/webp
last-modified
Sat, 26 Oct 2024 19:39:50 GMT
vary
Accept-Encoding
server
cloudflare
font
c.bannerflow.net/fs/api/v2/ Frame 09BF
2 KB
3 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffonts.bannerflow.net%2Ffontmanagerfonts%2F5ae2c30c0305cc1b9cd4655d%2F5f4558a4-d1f3-4538-b8b0-725454b3e260.woff%3Fr%3D98ff1757-0ad2-4892-8282-eb3261210e94fontfamily&t=%20%E3%81%86%E3%81%8A%E3%82%82%E3%82%89%E3%82%92%E3%82%99%E3%82%B9%E3%83%8A%E3%83%9B%E3%83%9C%E3%83%BC%E5%85%A5%E9%87%91
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e73279dc4ac162678a2520abcc77e5cefad54b3b72acbc3eb89291c6a63fb8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://onimama.com
Referer
https://onimama.com/kawaretaotoko/

Response headers

server
cloudflare
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
cf-cache-status
HIT
age
440258
cf-ray
8db023439e856855-NRT
expires
Sat, 25 Oct 2025 23:57:53 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
2432
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
font/woff
content-disposition
attachment; filename=5f4558a4-d1f3-4538-b8b0-725454b3e260-subset.woff?r=98ff1757-0ad2-4892-8282-eb3261210e94fontfamily
vary
Accept-Encoding
last-modified
Fri, 25 Oct 2024 23:57:53 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 09BF
4 KB
4 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffonts.bannerflow.net%2Ffontmanagerfonts%2F5ae2c30c0305cc1b9cd4655d%2F5f4558a4-d1f3-4538-b8b0-725454b3e260.woff%3Fr%3D8f9387ff-1fc6-486d-8542-7618742e9e4cfontFamily&t=%250123456789
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f870c3539ccf0ebad270858943bd27fe53e06f9ce8761858701841ec9f53090a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://onimama.com
Referer
https://onimama.com/kawaretaotoko/

Response headers

server
cloudflare
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
cf-cache-status
HIT
age
637973
cf-ray
8db02343ae996855-NRT
expires
Thu, 23 Oct 2025 17:02:38 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
4132
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
font/woff
content-disposition
attachment; filename=5f4558a4-d1f3-4538-b8b0-725454b3e260-subset.woff?r=8f9387ff-1fc6-486d-8542-7618742e9e4cfontFamily
vary
Accept-Encoding
last-modified
Wed, 23 Oct 2024 17:02:38 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 09BF
2 KB
3 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffonts.bannerflow.net%2Ffontmanagerfonts%2F5ae2c30c0305cc1b9cd4655d%2F5f4558a4-d1f3-4538-b8b0-725454b3e260.woff%3Fr%3Db1896ef6-b994-484f-9e5d-02bcc1e18b4dfontfamily&t=%20%E3%81%86%E3%81%8A%E3%82%82%E3%82%89%E3%82%92%E3%82%99%E3%82%B9%E3%83%8A%E3%83%9B%E3%83%9C%E3%83%BC%E5%85%A5%E9%87%91
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e41cdf9c015ec169e0d461f8edc80cb47af9c69e2e50bbe5abea187672d91a82

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://onimama.com
Referer
https://onimama.com/kawaretaotoko/

Response headers

server
cloudflare
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
cf-cache-status
HIT
age
452893
cf-ray
8db02343ae9d6855-NRT
expires
Sat, 25 Oct 2025 20:27:18 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
2432
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
font/woff
content-disposition
attachment; filename=5f4558a4-d1f3-4538-b8b0-725454b3e260-subset.woff?r=b1896ef6-b994-484f-9e5d-02bcc1e18b4dfontfamily
vary
Accept-Encoding
last-modified
Fri, 25 Oct 2024 20:27:18 GMT
optimize
c.bannerflow.net/io/api/image/ Frame BD04
1 KB
0
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F9126764%2F10827407%2Fa3e721d0-4eea-4468-8547-31050c8d2e54.png&w=60&h=60&q=85&f=webp&rt=contain
Requested by
Host:
URL: widget-022414b4-b1b8-44fa-86e3-c769fef5bbf4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff228c256da7200309d2915a93b565376a6a47c47924806e59b2b7615b86f808

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
369341
api-supported-versions
2.0
cf-ray
8db023438e56d4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1110
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
image/webp
last-modified
Sat, 26 Oct 2024 19:39:50 GMT
vary
Accept-Encoding
server
cloudflare
font
c.bannerflow.net/fs/api/v2/ Frame 09BF
2 KB
3 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffonts.bannerflow.net%2Ffontmanagerfonts%2F5ae2c30c0305cc1b9cd4655d%2F5f4558a4-d1f3-4538-b8b0-725454b3e260.woff%3Fr%3D5d5c4f60-e9a0-4f9d-b4d1-fe6de37c169dfontfamily&t=%C2%A5
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cd49fbcdf17e7404e509a4b8dafbbffcaeab9c9efae71016c69d5c247b741cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://onimama.com
Referer
https://onimama.com/kawaretaotoko/

Response headers

server
cloudflare
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
cf-cache-status
HIT
age
453998
cf-ray
8db02343eec86855-NRT
expires
Sat, 20 Sep 2025 02:05:24 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
2556
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
font/woff
content-disposition
attachment; filename=5f4558a4-d1f3-4538-b8b0-725454b3e260-subset.woff?r=5d5c4f60-e9a0-4f9d-b4d1-fe6de37c169dfontfamily
vary
Accept-Encoding
last-modified
Fri, 20 Sep 2024 02:05:24 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 09BF
4 KB
4 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffonts.bannerflow.net%2Ffontmanagerfonts%2F5ae2c30c0305cc1b9cd4655d%2F5f4558a4-d1f3-4538-b8b0-725454b3e260.woff%3Fr%3Dfff5c0d4-cdf1-4f2f-baf7-6830c1424088fontFamily&t=0123456789
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59c701f4990d05f9af99959ec4af35dc3f034d64e7d773a941b64f006dcdc109

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://onimama.com
Referer
https://onimama.com/kawaretaotoko/

Response headers

server
cloudflare
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
cf-cache-status
HIT
age
608011
cf-ray
8db02343fecd6855-NRT
expires
Fri, 24 Oct 2025 01:22:00 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
3980
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
font/woff
content-disposition
attachment; filename=5f4558a4-d1f3-4538-b8b0-725454b3e260-subset.woff?r=fff5c0d4-cdf1-4f2f-baf7-6830c1424088fontFamily
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 01:22:00 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 09BF
2 KB
3 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffonts.bannerflow.net%2Ffontmanagerfonts%2F5ae2c30c0305cc1b9cd4655d%2F5f4558a4-d1f3-4538-b8b0-725454b3e260.woff%3Fr%3D123e1e63-515d-48ad-b1cf-9ac9410ffe95fontfamily&t=%E5%A4%A7%E6%9C%80
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee949d83dbcd4726cb95f984f14aa26c5ac408ef9dcc003a1f8bbd88132955ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://onimama.com
Referer
https://onimama.com/kawaretaotoko/

Response headers

server
cloudflare
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
cf-cache-status
HIT
age
544716
cf-ray
8db023442f096855-NRT
expires
Fri, 24 Oct 2025 18:56:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
2432
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
font/woff
content-disposition
attachment; filename=5f4558a4-d1f3-4538-b8b0-725454b3e260-subset.woff?r=123e1e63-515d-48ad-b1cf-9ac9410ffe95fontfamily
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 18:56:55 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241028/r20190131/ Frame F0FE
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241028/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
27616
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Oct 2024 18:35:15 GMT
etag
13108003645644964576
expires
Wed, 13 Nov 2024 18:35:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DF8B
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3377996120013427&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730340931&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730340930757&bpp=7&bdt=6632&idt=484&shv=r20241028&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53762134c22380ca%3AT%3D1730340924%3ART%3D1730340924%3AS%3DALNI_MZ9O5PCF0ecnLSOfiWrCWvyDeGtlg&gpic=UID%3D00000f45fff7c593%3AT%3D1730340924%3ART%3D1730340924%3AS%3DALNI_MZd9odYAgvmYQYrAejd0XAROFnZrA&eo_id_str=ID%3D4ad20f9fd793bb28%3AT%3D1730340924%3ART%3D1730340924%3AS%3DAA-AfjaYqeOpUJk5KEZmZDmVAAng&nras=1&correlator=327011485915&frm=20&pv=2&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31088482%2C95333412%2C95344188%2C31088249%2C95345788%2C95345963%2C95345967&oid=2&pvsid=3623168876653648&tmod=650966878&uas=0&nvt=1&fsapi=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=5&uci=a!5&fsb=1&dtd=511
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onimama.com/kawaretaotoko/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
57857
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 31 Oct 2024 02:15:32 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Tweet.html
platform.twitter.com/embed/ Frame 8D73
0
0
Document
General
Full URL
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1780726875880563193&lang=ja&origin=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&sessionId=550d0d1e066fb00253e8a2238c5abba144c5efb3&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.108.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://onimama.com/kawaretaotoko/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=1800
content-encoding
gzip
content-length
213
content-type
text/html; charset=utf-8
date
Thu, 31 Oct 2024 02:15:31 GMT
etag
"0d60462b44e0e0c34f053fa13e86675d+gzip"
last-modified
Thu, 05 Sep 2024 16:06:30 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kcgs7200058-IAD, cache-tyo11921-TYO
ads
googleads.g.doubleclick.net/pagead/ Frame 3D1D
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3377996120013427&output=html&h=280&slotname=4624193569&adk=1432757465&adf=1627254144&pi=t.ma~as.4624193569&w=800&abgtt=6&fwrn=4&fwrnh=100&lmt=1730340931&rafmt=1&format=800x280&url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730340930764&bpp=3&bdt=6639&idt=536&shv=r20241028&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53762134c22380ca%3AT%3D1730340924%3ART%3D1730340924%3AS%3DALNI_MZ9O5PCF0ecnLSOfiWrCWvyDeGtlg&gpic=UID%3D00000f45fff7c593%3AT%3D1730340924%3ART%3D1730340924%3AS%3DALNI_MZd9odYAgvmYQYrAejd0XAROFnZrA&eo_id_str=ID%3D4ad20f9fd793bb28%3AT%3D1730340924%3ART%3D1730340924%3AS%3DAA-AfjaYqeOpUJk5KEZmZDmVAAng&prev_fmts=0x0&nras=1&correlator=327011485915&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=1374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31088482%2C95333412%2C95344188%2C31088249%2C95345788%2C95345963%2C95345967&oid=2&pvsid=3623168876653648&tmod=650966878&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=6&uci=a!6&btvi=1&fsb=1&dtd=551
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onimama.com/kawaretaotoko/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
206
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 31 Oct 2024 02:15:31 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F985
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3377996120013427&output=html&h=280&slotname=3612680018&adk=3966371379&adf=2609138781&pi=t.ma~as.3612680018&w=800&abgtt=6&fwrn=4&fwrnh=100&lmt=1730340931&rafmt=1&format=800x280&url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730340930767&bpp=1&bdt=6643&idt=620&shv=r20241028&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53762134c22380ca%3AT%3D1730340924%3ART%3D1730340924%3AS%3DALNI_MZ9O5PCF0ecnLSOfiWrCWvyDeGtlg&gpic=UID%3D00000f45fff7c593%3AT%3D1730340924%3ART%3D1730340924%3AS%3DALNI_MZd9odYAgvmYQYrAejd0XAROFnZrA&eo_id_str=ID%3D4ad20f9fd793bb28%3AT%3D1730340924%3ART%3D1730340924%3AS%3DAA-AfjaYqeOpUJk5KEZmZDmVAAng&prev_fmts=0x0%2C800x280&nras=1&correlator=327011485915&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=4400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31088482%2C95333412%2C95344188%2C31088249%2C95345788%2C95345963%2C95345967&oid=2&pvsid=3623168876653648&tmod=650966878&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=7&uci=a!7&btvi=2&fsb=1&dtd=626
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onimama.com/kawaretaotoko/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
207
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 31 Oct 2024 02:15:32 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C214
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3377996120013427&output=html&h=280&slotname=3612680018&adk=3966371379&adf=786153766&pi=t.ma~as.3612680018&w=800&abgtt=6&fwrn=4&fwrnh=100&lmt=1730340931&rafmt=1&format=800x280&url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730340930768&bpp=1&bdt=6644&idt=668&shv=r20241028&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53762134c22380ca%3AT%3D1730340924%3ART%3D1730340924%3AS%3DALNI_MZ9O5PCF0ecnLSOfiWrCWvyDeGtlg&gpic=UID%3D00000f45fff7c593%3AT%3D1730340924%3ART%3D1730340924%3AS%3DALNI_MZd9odYAgvmYQYrAejd0XAROFnZrA&eo_id_str=ID%3D4ad20f9fd793bb28%3AT%3D1730340924%3ART%3D1730340924%3AS%3DAA-AfjaYqeOpUJk5KEZmZDmVAAng&prev_fmts=0x0%2C800x280%2C800x280&nras=1&correlator=327011485915&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=6217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31088482%2C95333412%2C95344188%2C31088249%2C95345788%2C95345963%2C95345967&oid=2&pvsid=3623168876653648&tmod=650966878&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=8&uci=a!8&btvi=3&fsb=1&dtd=674
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onimama.com/kawaretaotoko/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
207
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 31 Oct 2024 02:15:32 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D019
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3377996120013427&output=html&h=280&slotname=1911234464&adk=3852761787&adf=1078150400&pi=t.ma~as.1911234464&w=336&abgtt=6&fwrn=4&fwrnh=100&lmt=1730340931&rafmt=1&format=336x280&url=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730340930775&bpp=1&bdt=6651&idt=722&shv=r20241028&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53762134c22380ca%3AT%3D1730340924%3ART%3D1730340924%3AS%3DALNI_MZ9O5PCF0ecnLSOfiWrCWvyDeGtlg&gpic=UID%3D00000f45fff7c593%3AT%3D1730340924%3ART%3D1730340924%3AS%3DALNI_MZd9odYAgvmYQYrAejd0XAROFnZrA&eo_id_str=ID%3D4ad20f9fd793bb28%3AT%3D1730340924%3ART%3D1730340924%3AS%3DAA-AfjaYqeOpUJk5KEZmZDmVAAng&prev_fmts=0x0%2C800x280%2C800x280%2C800x280&nras=1&correlator=327011485915&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31088482%2C95333412%2C95344188%2C31088249%2C95345788%2C95345963%2C95345967&oid=2&pvsid=3623168876653648&tmod=650966878&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=15&uci=a!f&fsb=1&dtd=726
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onimama.com/kawaretaotoko/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
15189
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 31 Oct 2024 02:15:31 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
asia.adform.net/Serving/Event/ Frame C0CA
35 B
589 B
Ping
General
Full URL
https://asia.adform.net/Serving/Event/?bn=75278727&event=178&time=5&baid=65659584&name=Viewable%20impressions&imprid=461399482725257172&eData=B_NAAwXZyUYMDyDs914Un6XzGuhtjd89nIOTsFSvLeDENwpnNsw-M-t138BV0-bLsY5LLv_mNgyk1HyXudsWnSsRELcgwYclQwt-ps5KKU_YOpzKA6VQIAXrCYovQLH1DvRC4NKvhJgYT63PrBc492zfxCTb-iAz_84MGwCDotoK9seMBBG6rw2&rtbdata=z9rJJ25zbetjDTF67DSwK2e3daM5cMFZt61CjJRBTjGK0xHR9u8IOsUjmzS29jZ389LY67BXmLVvjsFU3MuM-GUxNgY4nbbjJnlnvo9EU9jdGEWCccP9e0hSprhvtcvEaJ1ZpzPcgMib5VfnPT5qVSPw7iiNDWhFJQ_jc6XxZa0gW426Ex3JRZYIRrp1F568lp8Z6Ho15z3g_heVN7Tx_wm6kYQ7CZ3f0urOu3zTIfkpTB3AA_3k0X9dCwJEuX80yCNzzNzpCaVOcUwtBcUNtLu_umNZVn4vBgb23Mqw_XG7GP2ZQDbbH-Xeqp5fSA1K0&rtbwp=AAABkuBbMwVuQNHl6YUngI_8H0nxCCF-3yNYuA-M8H87chMBLk8ynllpdnd3L3UIx1Rq08h0&rnd=786583503
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/mink/633/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
expires
-1
access-control-allow-origin
https://onimama.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
/
asia.adform.net/serving/unload/ Frame C0CA
35 B
589 B
Ping
General
Full URL
https://asia.adform.net/serving/unload/?version=15&unload=@@75278727,461399482725257172,100|1096|0|0|0|0|0|0|0||43|0|||||1|0|0|2P-Sw9QMU_5NMHfYnzWbURLKEQYrV_Ht3v23vRo2TUu4KjLFkDYQy6I0yhM64le6Et6Iu4F4y_Mg3T1vlQS4noSy3BmqlauNgm1kFi1sQRaNuWWmMPv3sFAMoECAvm-G-jE71ih3pfNVMwku9is5CBFJv3Zl1J6RxaMB7E3Is5U1|||11|0|0|0|
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/mink/633/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
expires
-1
access-control-allow-origin
https://onimama.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date
Thu, 31 Oct 2024 02:15:31 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/
178 KB
60 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s11-in-f2.1e100.net
Software
cafe /
Resource Hash
19c9454611f088b1073db447e5e1b0d2378a9dcaa88c5a53b2252f36a5532114
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
br
etag
6962969373105662567
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 02:15:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 31 Oct 2024 02:15:32 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
61008
x-xss-protection
0
server
cafe
ca-pub-3377996120013427
fundingchoicesmessages.google.com/i/
195 KB
64 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-3377996120013427?href=https%3A%2F%2Fonimama.com%2Fkawaretaotoko&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:813::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a15d462f358f26596cf337de4d7a069718d75573b052781ff648ffc4830ea90
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7lK2aAgrw9InAuHboaDNMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 02:15:32 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw0pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4jlzo3skmMGPNuuuMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGBkaWegYG8QUGAHaXP9w"
content-security-policy
script-src 'report-sample' 'nonce-7lK2aAgrw9InAuHboaDNMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=44759876%2C44759927%2C31088482%2C95333412%2C95344188%2C31088249%2C95345788%2C95345963%2C95345967&hl=ja&pvc=3623168876653648
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 31 Oct 2024 02:15:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ping
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s11-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://onimama.com/kawaretaotoko/

Response headers

/
asia.adform.net/serving/unload/ Frame C0CA
35 B
580 B
Ping
General
Full URL
https://asia.adform.net/serving/unload/?version=15&unload=@@75278735,896178993226920953,0|0|0|0|0|0|0|0|0||0|0|||||1|0|0|VyXQzZc4KYJNMHfYnzWbURLKEQYrV_Ht3v23vRo2TUu4KjLFkDYQy6I0yhM64le6Et6Iu4F4y_Mg3T1vlQS4noSy3BmqlauNG2wso3Mt02uNuWWmMPv3sAl2aXQqn8IQ46tZimJT83xVMwku9is5CLoRYq3Y0u9VxaMB7E3Is5U1|||11|0|0|0|@@75278727,461399482725257172,100|1890|0|0|0|0|0|0|0||74|0|||||1|0|0|2P-Sw9QMU_5NMHfYnzWbURLKEQYrV_Ht3v23vRo2TUu4KjLFkDYQy6I0yhM64le6Et6Iu4F4y_Mg3T1vlQS4noSy3BmqlauNgm1kFi1sQRaNuWWmMPv3sFAMoECAvm-G-jE71ih3pfNVMwku9is5CBFJv3Zl1J6RxaMB7E3Is5U1|||01|0|0|0|
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/mink/633/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://onimama.com/kawaretaotoko/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
expires
-1
access-control-allow-origin
https://onimama.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date
Thu, 31 Oct 2024 02:15:32 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
AGSKWxW-bOU0nzQMT70Ch9mowOZZQS3NBAgu80a43Sxi2v1xTP8w1GnrSNMt1DjiXnFKcnv9-ywtRcGxK_YlZXw0ZdgxDgCbpy94tAH6m617CBt-sv___n4mffqaY-o95-TV8M_IDig7gA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW-bOU0nzQMT70Ch9mowOZZQS3NBAgu80a43Sxi2v1xTP8w1GnrSNMt1DjiXnFKcnv9-ywtRcGxK_YlZXw0ZdgxDgCbpy94tAH6m617CBt-sv___n4mffqaY-o95-TV8M_IDig7gA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.RJNTNGn6snI.es5.O/am=DgY/d=1/rs=AJlcJMx77Kl1F7luInLY6PFOA1wMqxbbmQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LAOSYfrGwP07lJO4xaMVhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 02:15:32 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0ZBicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uE4cqF7J5vAi2X3jzEpuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDAyNLPQPz-AIDAFAGKT0"
content-security-policy
script-src 'report-sample' 'nonce-LAOSYfrGwP07lJO4xaMVhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://onimama.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWYxl3Ac4sk6-JacZwbBDWvTfDre9QkVNQanXUzZ-IZiMUNmqCODqJg7BD1c-CAshIvMHGwE85LbCfo7J0weTneOLq3F9P9aTD9040MABC-pc_jK6eyotvopFBN5CMlc2t6bwf1bQ==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWYxl3Ac4sk6-JacZwbBDWvTfDre9QkVNQanXUzZ-IZiMUNmqCODqJg7BD1c-CAshIvMHGwE85LbCfo7J0weTneOLq3F9P9aTD9040MABC-pc_jK6eyotvopFBN5CMlc2t6bwf1bQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwMzQwOTMyLDYzMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9vbmltYW1hLmNvbS9rYXdhcmV0YW90b2tvLyIsbnVsbCxbWzgsIlJKTlROR242c25JIl0sWzksImphIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4ODI0N10sNCwzXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.RJNTNGn6snI.es5.O/am=DgY/d=1/rs=AJlcJMx77Kl1F7luInLY6PFOA1wMqxbbmQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:813::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2c9fc6b7819cc5fd89885effaf01518ca24213ff6703bdc578b5eef447bf4f25
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kCjgPm_HaVSyrCl6rxYpug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 02:15:32 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw0ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4jlzo3skmcGPbokNMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGBkaWegYG8QUGAH_OQAg"
content-security-policy
script-src 'report-sample' 'nonce-kCjgPm_HaVSyrCl6rxYpug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241028/r20190131/ Frame 0801
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241028/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onimama.com/kawaretaotoko/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
27616
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Oct 2024 18:35:15 GMT
etag
13108003645644964576
expires
Wed, 13 Nov 2024 18:35:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241028/r20190131/ Frame AA36
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241028/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onimama.com/kawaretaotoko/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
27616
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Oct 2024 18:35:15 GMT
etag
13108003645644964576
expires
Wed, 13 Nov 2024 18:35:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241028/r20190131/ Frame EAC7
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241028/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onimama.com/kawaretaotoko/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
27616
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Oct 2024 18:35:15 GMT
etag
13108003645644964576
expires
Wed, 13 Nov 2024 18:35:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241028/r20190131/ Frame 2002
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241028/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onimama.com/kawaretaotoko/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
27616
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Oct 2024 18:35:15 GMT
etag
13108003645644964576
expires
Wed, 13 Nov 2024 18:35:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
get
uipapac.semasio.net/id5/1/
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_cons...
  • https://id5-sync.com/c/12/108/8/2.gif?puid=2edfe62b-9953-4baa-a2a5-3893370dbdc2&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F7%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipapac.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F7%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
0
0

AGSKWxXAi23vLtZnwkCH0TNpUE_Xqb7XxuF8iEevVWX68KNp__09Tc-oJ4yMZsuPwxNh0FO6QNmX6I1OT91wTmgxuie-0oIikGq_pfBJw-H2mY9Hol30iJ7o5xGGlrk7TKllQctUnYdFig==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXAi23vLtZnwkCH0TNpUE_Xqb7XxuF8iEevVWX68KNp__09Tc-oJ4yMZsuPwxNh0FO6QNmX6I1OT91wTmgxuie-0oIikGq_pfBJw-H2mY9Hol30iJ7o5xGGlrk7TKllQctUnYdFig==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwMzQwOTMyLDkyMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImphIl0sImh0dHBzOi8vb25pbWFtYS5jb20va2F3YXJldGFvdG9rby8iLG51bGwsW1s4LCJSSk5UTkduNnNuSSJdLFs5LCJqYSJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODgyNDddLDQsM10iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.RJNTNGn6snI.es5.O/am=DgY/d=1/rs=AJlcJMx77Kl1F7luInLY6PFOA1wMqxbbmQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f14.1e100.net
Software
ESF /
Resource Hash
bf17f0e42e3fb6c92a0eea1ccd5ef3acdee0d42d300267b0ee0dc007fc8394a1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Bx2Ua8qtSHH6l_mLam3Akw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 02:15:32 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1JBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4jlzo3skmcODG_NPMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGBkaWegYG8QUGAIW-QB4"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Bx2Ua8qtSHH6l_mLam3Akw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-FDDX0429DD&gtm=45je4as0v9164619937za200&_p=1730340930610&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101823848~101878899~101878944~101925629&cid=1040711136.1730340931&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEI&sid=1730340930&sct=1&seg=0&dl=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&dt=%E3%80%90%E7%90%86%E7%94%B17%E9%81%B8%E3%80%91%E3%83%89%E3%83%A9%E3%83%9E%E3%80%8E%E8%B2%B7%E3%82%8F%E3%82%8C%E3%81%9F%E7%94%B7%E3%80%8F%E3%81%AF%E3%81%A4%E3%81%BE%E3%82%89%E3%81%AA%E3%81%84%EF%BC%9F%E5%A5%B3%E6%80%A7%E3%82%92%E7%BE%8E%E5%8C%96%E3%81%97%E3%81%99%E3%81%8E%E3%83%BB%E6%94%BE%E9%80%81%E3%81%97%E3%81%AA%E3%81%84%E3%81%A7%EF%BC%81%E3%81%AE%E5%A3%B0%E3%82%82%EF%BC%9F%20%7C%20%E3%81%97%E3%82%93%E3%82%89%E3%81%B0%E3%82%93%E3%81%97%E3%82%87%E3%81%86%E3%83%AD%E3%82%B0&_s=2&tfd=9200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FDDX0429DD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80a::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://onimama.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 02:15:33 GMT
content-type
text/plain
server
Golfe2
ads_bottom.
fundingchoicesmessages.google.com/f/AGSKWxVeXMt04jdTbkvS-5dsbG4hjD2PtMTX9yKPYxbZCLF-ZFDOysWLysqV8PT1Me-nlVYjo0Bt_33HvDw3N-VWnfaJ5xikmRQmw_xwiw3OSfPQOcGfmWEbClmhLSelv186wMmBkGv8Y_h4OhTmaHuDruN-dQi8F...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVeXMt04jdTbkvS-5dsbG4hjD2PtMTX9yKPYxbZCLF-ZFDOysWLysqV8PT1Me-nlVYjo0Bt_33HvDw3N-VWnfaJ5xikmRQmw_xwiw3OSfPQOcGfmWEbClmhLSelv186wMmBkGv8Y_h4OhTmaHuDruN-dQi8FL8ijV4F6vvT7INjQ8gwxhTk4THhM5Yf/_/adforge./retrad./content/ad_/ads_bottom.?file=ads&
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.RJNTNGn6snI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxmhuwJyQryRLgHDnDFvNvWba0B4Q/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f14.1e100.net
Software
ESF /
Resource Hash
ae2fe6d0a94a2d9634af3b2449df157da386cd0e6053559ad42c1f9c7f5cfc80
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-wJ5MuFBBEyS62Rl5IOQsvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 02:15:33 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0ZBiOHnrNtNFIJb4-pJJDYid0mewBgBx681zrJOBOOnfedYCIHbXusjqD8SGCpdY7YHYsegSqycQq_ZcYjUG4vvrLrE-B-IiiSusDUB8u-kK62MgZvh6hZUDiIV4OI5e6N7JJtCxdsEhJiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTQwMjSz0Dg_gCAwCZ3ETG"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-wJ5MuFBBEyS62Rl5IOQsvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
lidar.js
pagead2.googlesyndication.com/pagead/js/
254 KB
80 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.RJNTNGn6snI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxmhuwJyQryRLgHDnDFvNvWba0B4Q/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8627a0c849391fbebcaf3acb1fdf6f46e9a6a69ab6f48e81d8c7eaa998ca1594
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
br
etag
7179339195671774566
age
1514
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 02:50:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 31 Oct 2024 01:50:19 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
81851
x-xss-protection
0
server
cafe
AGSKWxW-bOU0nzQMT70Ch9mowOZZQS3NBAgu80a43Sxi2v1xTP8w1GnrSNMt1DjiXnFKcnv9-ywtRcGxK_YlZXw0ZdgxDgCbpy94tAH6m617CBt-sv___n4mffqaY-o95-TV8M_IDig7gA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW-bOU0nzQMT70Ch9mowOZZQS3NBAgu80a43Sxi2v1xTP8w1GnrSNMt1DjiXnFKcnv9-ywtRcGxK_YlZXw0ZdgxDgCbpy94tAH6m617CBt-sv___n4mffqaY-o95-TV8M_IDig7gA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.RJNTNGn6snI.es5.O/am=DgY/d=1/rs=AJlcJMx77Kl1F7luInLY6PFOA1wMqxbbmQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UKLtRPf8SHgDEMWQVoMpFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 02:15:33 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uE4eqF7J5vAjWXnDjMpuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDAyNLPQPz-AIDAEWGKRk"
content-security-policy
script-src 'report-sample' 'nonce-UKLtRPf8SHgDEMWQVoMpFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://onimama.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxW-bOU0nzQMT70Ch9mowOZZQS3NBAgu80a43Sxi2v1xTP8w1GnrSNMt1DjiXnFKcnv9-ywtRcGxK_YlZXw0ZdgxDgCbpy94tAH6m617CBt-sv___n4mffqaY-o95-TV8M_IDig7gA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW-bOU0nzQMT70Ch9mowOZZQS3NBAgu80a43Sxi2v1xTP8w1GnrSNMt1DjiXnFKcnv9-ywtRcGxK_YlZXw0ZdgxDgCbpy94tAH6m617CBt-sv___n4mffqaY-o95-TV8M_IDig7gA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.RJNTNGn6snI.es5.O/am=DgY/d=1/rs=AJlcJMx77Kl1F7luInLY6PFOA1wMqxbbmQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tPjPCFymMDOiDAKNk1agFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 02:15:33 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15BicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uE4eqF7J5vAgf6rl5iUXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmhgZGlnoF5fIEBAENPKQw"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tPjPCFymMDOiDAKNk1agFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://onimama.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxW-bOU0nzQMT70Ch9mowOZZQS3NBAgu80a43Sxi2v1xTP8w1GnrSNMt1DjiXnFKcnv9-ywtRcGxK_YlZXw0ZdgxDgCbpy94tAH6m617CBt-sv___n4mffqaY-o95-TV8M_IDig7gA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW-bOU0nzQMT70Ch9mowOZZQS3NBAgu80a43Sxi2v1xTP8w1GnrSNMt1DjiXnFKcnv9-ywtRcGxK_YlZXw0ZdgxDgCbpy94tAH6m617CBt-sv___n4mffqaY-o95-TV8M_IDig7gA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.RJNTNGn6snI.es5.O/am=DgY/d=1/rs=AJlcJMx77Kl1F7luInLY6PFOA1wMqxbbmQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0CVTkG2UI9hpDSQc4fjnQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 02:15:33 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uE4eqF7J5vAgY977zIpuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDAyNLPQPz-AIDAFajKVU"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0CVTkG2UI9hpDSQc4fjnQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://onimama.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxW-bOU0nzQMT70Ch9mowOZZQS3NBAgu80a43Sxi2v1xTP8w1GnrSNMt1DjiXnFKcnv9-ywtRcGxK_YlZXw0ZdgxDgCbpy94tAH6m617CBt-sv___n4mffqaY-o95-TV8M_IDig7gA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW-bOU0nzQMT70Ch9mowOZZQS3NBAgu80a43Sxi2v1xTP8w1GnrSNMt1DjiXnFKcnv9-ywtRcGxK_YlZXw0ZdgxDgCbpy94tAH6m617CBt-sv___n4mffqaY-o95-TV8M_IDig7gA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.RJNTNGn6snI.es5.O/am=DgY/d=1/rs=AJlcJMx77Kl1F7luInLY6PFOA1wMqxbbmQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LNyWoCNULbqKt-YSSxmClg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 02:15:33 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw15BicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uE4eqF7J5vAgqUn7zEpuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDAyNLPQPz-AIDADy_KPo"
content-security-policy
script-src 'report-sample' 'nonce-LNyWoCNULbqKt-YSSxmClg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://onimama.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUPjmwxQZ0xyuYaoaEdQ738LMk8-21cKIfUKKBLJtk4m4SnS3WMsUD7eTBKMWtuiLuu1UlR6VlGgW-upqSj-OmF7uXI4_oM6ao-qjaMQtDy9qqst2dL1OreJYN4LYV-GJXDEvSakg==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUPjmwxQZ0xyuYaoaEdQ738LMk8-21cKIfUKKBLJtk4m4SnS3WMsUD7eTBKMWtuiLuu1UlR6VlGgW-upqSj-OmF7uXI4_oM6ao-qjaMQtDy9qqst2dL1OreJYN4LYV-GJXDEvSakg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwMzQwOTMzLDcwNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiamEiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9vbmltYW1hLmNvbS9rYXdhcmV0YW90b2tvLyIsbnVsbCxbWzgsIlJKTlROR242c25JIl0sWzksImphIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4ODI0N10sNCwzXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.RJNTNGn6snI.es5.O/am=DgY/d=1/rs=AJlcJMx77Kl1F7luInLY6PFOA1wMqxbbmQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f14.1e100.net
Software
ESF /
Resource Hash
f2e2f7a8991f674abfd9caa5005c560978541da76df68b35757e84ca54c82f9e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-B0aJCSh1_rs2HvMNsbaKAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 02:15:33 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII1pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4jl7o3skm8OHM1kdMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGBkaWegYG8QUGAJpaQHk"
content-security-policy
script-src 'report-sample' 'nonce-B0aJCSh1_rs2HvMNsbaKAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxWJxKQppJCLNjGqjNcCjo6Kb2jEpTh4dfyMT1AzlLAedE6EAeTbmtNqWx5r5HMpNUBPLFrl5m3OYAxIFHUg1tYVog4nIufQx_o45X08wyL6Qbbt07KCYym-W6bO5ezmJQ8fB_5Zzg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWJxKQppJCLNjGqjNcCjo6Kb2jEpTh4dfyMT1AzlLAedE6EAeTbmtNqWx5r5HMpNUBPLFrl5m3OYAxIFHUg1tYVog4nIufQx_o45X08wyL6Qbbt07KCYym-W6bO5ezmJQ8fB_5Zzg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.RJNTNGn6snI.es5.O/am=DgY/d=1/rs=AJlcJMx77Kl1F7luInLY6PFOA1wMqxbbmQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LcC5YmTJgG15BNbAkBG1yg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 02:15:33 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0pBicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uE4eqF7J5vAjvM_G5iVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmhgZGlnoF5fIEBAEhCKRo"
content-security-policy
script-src 'report-sample' 'nonce-LcC5YmTJgG15BNbAkBG1yg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://onimama.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxW-bOU0nzQMT70Ch9mowOZZQS3NBAgu80a43Sxi2v1xTP8w1GnrSNMt1DjiXnFKcnv9-ywtRcGxK_YlZXw0ZdgxDgCbpy94tAH6m617CBt-sv___n4mffqaY-o95-TV8M_IDig7gA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW-bOU0nzQMT70Ch9mowOZZQS3NBAgu80a43Sxi2v1xTP8w1GnrSNMt1DjiXnFKcnv9-ywtRcGxK_YlZXw0ZdgxDgCbpy94tAH6m617CBt-sv___n4mffqaY-o95-TV8M_IDig7gA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.RJNTNGn6snI.es5.O/am=DgY/d=1/rs=AJlcJMx77Kl1F7luInLY6PFOA1wMqxbbmQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-793VXu4KNsJmmrYVYClbJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://onimama.com/kawaretaotoko/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 02:15:33 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15BicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uE4eqF7J5vAjZenm5iVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmhgZGlnoF5fIEBAEtIKSU"
content-security-policy
script-src 'report-sample' 'nonce-793VXu4KNsJmmrYVYClbJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://onimama.com
content-length
0
x-xss-protection
0
server
ESF
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-FDDX0429DD&gtm=45je4as0v9164619937za200&_p=1730340930610&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101533421~101823848~101878899~101878944~101925629&cid=1040711136.1730340931&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEI&sid=1730340930&sct=1&seg=0&dl=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&dt=%E3%80%90%E7%90%86%E7%94%B17%E9%81%B8%E3%80%91%E3%83%89%E3%83%A9%E3%83%9E%E3%80%8E%E8%B2%B7%E3%82%8F%E3%82%8C%E3%81%9F%E7%94%B7%E3%80%8F%E3%81%AF%E3%81%A4%E3%81%BE%E3%82%89%E3%81%AA%E3%81%84%EF%BC%9F%E5%A5%B3%E6%80%A7%E3%82%92%E7%BE%8E%E5%8C%96%E3%81%97%E3%81%99%E3%81%8E%E3%83%BB%E6%94%BE%E9%80%81%E3%81%97%E3%81%AA%E3%81%84%E3%81%A7%EF%BC%81%E3%81%AE%E5%A3%B0%E3%82%82%EF%BC%9F%20%7C%20%E3%81%97%E3%82%93%E3%82%89%E3%81%B0%E3%82%93%E3%81%97%E3%82%87%E3%81%86%E3%83%AD%E3%82%B0&_s=3&tfd=14201
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FDDX0429DD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://onimama.com/kawaretaotoko/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://onimama.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 02:15:38 GMT
content-type
text/plain
server
Golfe2
video.36952af81ece83d278c5.js
c.bannerflow.net/scripts/ Frame 402A
16 KB
6 KB
Script
General
Full URL
https://c.bannerflow.net/scripts/video.36952af81ece83d278c5.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/66a8b1dda6a4305a1be08d2f?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2fonimama.com%2fkawaretaotoko%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97828b309aa132f4ff5ff7b332b16d75bc2a248bdfaaef6f7c4e40eef9b00d1e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-md5
eKLimSA0GH+vk5pygrYhPA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
etag
W/"0x8DC99C19E728E9B"
x-ms-version
2011-08-18
cf-cache-status
HIT
age
629517
content-encoding
br
cf-polished
origSize=16179
date
Thu, 31 Oct 2024 02:15:39 GMT
content-type
application/javascript
last-modified
Mon, 01 Jul 2024 11:33:24 GMT
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-request-id
6343e615-901e-0070-5981-256c24000000
cf-ray
8db023750e6dd4ae-NRT
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
data.0000006B1B3412.js
c.bannerflow.net/accounts/coingaming/5ae2c4c00305cc1fd00e579b/published/8705903/10406528/ Frame 402A
8 KB
2 KB
Script
General
Full URL
https://c.bannerflow.net/accounts/coingaming/5ae2c4c00305cc1fd00e579b/published/8705903/10406528/data.0000006B1B3412.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/66a8b1dda6a4305a1be08d2f?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2fonimama.com%2fkawaretaotoko%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5687ca0ed75d7155b8c5ca5cc550e70b03567a906b0c39f45e56a9c073d9935a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-md5
uwefSwBcJWzo4t/NGrSd5w==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
etag
W/"0x8DCB079CC9D6E82"
x-ms-version
2011-08-18
cf-cache-status
HIT
age
639347
content-encoding
br
cf-polished
origSize=8023
date
Thu, 31 Oct 2024 02:15:39 GMT
content-type
application/javascript
last-modified
Tue, 30 Jul 2024 09:27:15 GMT
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-request-id
cb359e82-301e-0046-1d6a-25e154000000
cf-ray
8db023750e6fd4ae-NRT
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
animated-creative.64703f1949a2dd56e313.js
c.bannerflow.net/scripts/ Frame 402A
162 KB
55 KB
Script
General
Full URL
https://c.bannerflow.net/scripts/animated-creative.64703f1949a2dd56e313.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/66a8b1dda6a4305a1be08d2f?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2fonimama.com%2fkawaretaotoko%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dc25386c8f75e9a7d52b540fedc8662fe1df98814e443832e134204e79160ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://onimama.com/kawaretaotoko/

Response headers

content-md5
s8H5wfyREMdkAjc1ZP2qUw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
etag
W/"0x8DCAC84E132C287"
x-ms-version
2011-08-18
cf-cache-status
HIT
age
266565
content-encoding
br
cf-polished
origSize=166438
date
Thu, 31 Oct 2024 02:15:39 GMT
content-type
application/javascript
last-modified
Thu, 25 Jul 2024 08:36:29 GMT
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-request-id
9dbf4b4b-d01e-005e-4b76-253e33000000
cf-ray
8db023750e70d4ae-NRT
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
truncated
/ Frame 402A
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
5be4a911-55a7-426b-abd5-ed540aba5200
https://onimama.com/ Frame 472C
668 B
0
Script
General
Full URL
blob:https://onimama.com/5be4a911-55a7-426b-abd5-ed540aba5200
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.64703f1949a2dd56e313.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
Content-Length
668
font
c.bannerflow.net/fs/api/v2/ Frame 402A
1 KB
2 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffonts.bannerflow.net%2Ffontmanagerfonts%2F5ae2c30c0305cc1b9cd4655d%2Ffc222407-3a7e-4707-8ebf-6e9e933b546f.woff&t=%E3%81%8F%E3%81%90%E3%81%99%E3%82%99%E4%BB%8A%E5%88%A9%E5%8B%9D
Requested by
Host: onimama.com
URL: https://onimama.com/kawaretaotoko/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97a5b1f98a25b82adff0e7bfc0ed158b705edf89803d0a635597f9c3e530c071

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://onimama.com
Referer
https://onimama.com/kawaretaotoko/

Response headers

server
cloudflare
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
cf-cache-status
HIT
age
437410
cf-ray
8db023768bef6855-NRT
expires
Sun, 26 Oct 2025 00:45:29 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1380
date
Thu, 31 Oct 2024 02:15:39 GMT
content-type
font/woff
content-disposition
attachment; filename=fc222407-3a7e-4707-8ebf-6e9e933b546f-subset.woff
vary
Accept-Encoding
last-modified
Sat, 26 Oct 2024 00:45:29 GMT
optimize
c.bannerflow.net/io/api/image/ Frame A36E
4 KB
4 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F8705903%2F10406528%2Fb4e14801-7514-4b7d-a589-9711113987cc.png&w=400&h=400&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc8207d1166157dc0b0b2daf75ac4d33ffa9945a857bcbe45f61380dfd40466e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
168127
api-supported-versions
2.0
cf-ray
8db02376d87dd4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
4178
date
Thu, 31 Oct 2024 02:15:39 GMT
content-type
image/webp
last-modified
Mon, 28 Oct 2024 23:43:40 GMT
vary
Accept-Encoding
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame A36E
4 KB
4 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F8705903%2F10406528%2F50c05241-f4b2-4ed1-926a-0bcd95fd9086.png&w=116&h=148&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7302516a83035d82326a91aa5d913e077165e24c7c4b2f5d114a8bcafec37ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
6186131
api-supported-versions
2.0
cf-ray
8db02376d883d4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
3832
date
Thu, 31 Oct 2024 02:15:39 GMT
content-type
image/webp
last-modified
Tue, 20 Aug 2024 11:47:35 GMT
vary
Accept-Encoding
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame A36E
9 KB
9 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F8705903%2F10406528%2Fe79d434f-d9d4-4ba9-a23f-100078ca3499.png&w=387&h=217&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cae6b1059e55c2ebb27296fbc76eaa5cd16444b0aedc91018e099b9b018d05e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
619177
api-supported-versions
2.0
cf-ray
8db02376d885d4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
8894
date
Thu, 31 Oct 2024 02:15:39 GMT
content-type
image/webp
last-modified
Wed, 23 Oct 2024 22:16:02 GMT
vary
Accept-Encoding
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame A36E
5 KB
5 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F8705903%2F10406528%2Fed39546f-66c0-4977-8dcf-83471f33dc9e.png&w=118&h=129&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07133c6b1b9b03382e68031c5faa4a29f44e5b2052d31acbcbb71c43d4feb279

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
621410
api-supported-versions
2.0
cf-ray
8db02376d886d4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
5180
date
Thu, 31 Oct 2024 02:15:39 GMT
content-type
image/webp
last-modified
Wed, 23 Oct 2024 21:38:49 GMT
vary
Accept-Encoding
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame A36E
1 KB
1 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcoingaming%2F5ae2c4c00305cc1fd00e579b%2Fpublished%2F8705903%2F10406528%2Ffc22e0e5-66fe-4753-a9b4-8c2ac886beef.png&w=66&h=23&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e9a67941d76bd7d2405b7b8bcccb9e90477be40e35f3699d83c26122e92f62e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
283163
api-supported-versions
2.0
cf-ray
8db02376d888d4ae-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1342
date
Thu, 31 Oct 2024 02:15:39 GMT
content-type
image/webp
last-modified
Sun, 27 Oct 2024 19:36:16 GMT
vary
Accept-Encoding
server
cloudflare
41a0ae6f6d8c4f5281cbaa2654fcceef.mp4
c.bannerflow.net/accounts/coingaming/5ae2c4c00305cc1fd00e579b/published/8705903/10406528/ Frame A36E
992 KB
993 KB
Media
General
Full URL
https://c.bannerflow.net/accounts/coingaming/5ae2c4c00305cc1fd00e579b/published/8705903/10406528/41a0ae6f6d8c4f5281cbaa2654fcceef.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdddf1f178d114e77f0fee9130270ddc805a5311cb39aefb7491c28567719ada

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

content-md5
VKWxIuPNccpSK+OzDx/5dA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
x-ms-lease-status
unlocked
etag
"0x8DCB079CC11F7F0"
age
365994
cf-cache-status
HIT
date
Thu, 31 Oct 2024 02:15:39 GMT
content-type
video/mp4
last-modified
Tue, 30 Jul 2024 09:27:14 GMT
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
Content-Range
bytes 0-1015909/1015910
x-ms-request-id
ea99b32a-e01e-0008-047c-e2cfdc000000
cf-ray
8db02376f8b2d4ae-NRT
access-control-allow-origin
*
Content-Length
1015910
x-ms-blob-type
BlockBlob
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
adx3.adform.com
URL
https://adx3.adform.com/adx/openrtb
Domain
adx3.adform.com
URL
https://adx3.adform.com/adx/openrtb
Domain
adx3.adform.com
URL
https://adx3.adform.com/adx/openrtb
Domain
adx3.adform.com
URL
https://adx3.adform.com/adx/openrtb
Domain
uipapac.semasio.net
URL
https://uipapac.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F0%2F9.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
Domain
uipapac.semasio.net
URL
https://uipapac.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F7%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D

Verdicts & Comments Add Verdict or Comment

314 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| 43 object| 44 object| 45 object| 46 object| 47 object| 48 object| 49 object| 50 object| 51 object| 52 object| 53 function| confiantWrap number| themoneytizer_async object| eucountries object| sas function| whenFormatFctDefined function| whenDefined function| tmzrScriptErrorHandler function| tmzrCountExec number| random_cent_ab_test object| s object| x function| whatToLoad number| nugg_ab number| site_id object| googletag number| random_cent function| criteoCallback object| generic object| criteo_gum object| smart_csync object| pwidget_config object| iframe object| node object| tagsObject string| website number| random object| target object| notifyme object| headelement number| nugg object| tmzr object| d object| pbs object| format_size object| format_size_ix object| format_w_adform object| format_h_adform object| format_size_rubicon object| between_w object| between_h object| counter_refresh object| smart_prebid2 object| arr_width object| arr_height function| refreshVisibility26328 object| mydiv object| creatediv function| isEmpty function| waitForGetBatchKeyword function| GetMobileDesktop function| GetMobileDesktopId function| GetRichAudienceZone function| GetmnameAdform function| GetwAdform function| GethAdform function| GetsizeTriplelift function| Getsize function| GetsizeRubicon function| Timeout function| manipulateSmartAdunit function| refreshSlot function| refreshSlotFooter object| sublime string| sh object| _qevents object| params function| Adcall_26328 function| $ function| jQuery object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _tsPolyfill object| TypeSquareJS object| Ts string| image_save_msg string| no_menu_msg function| disableEnterKey function| wccp_free_iscontenteditable function| disable_copy function| disable_copy_ie function| reEnable function| disableSelection function| onlongtouch number| touchduration function| touchstart function| touchend function| wccp_pro_is_passive function| nocontext object| e object| pchppVars object| adsbygoogle boolean| sas_useTopicsAPIData function| SasIabApi object| sas_ads object| sas_unrenderedFormats function| sas_render function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sas_addCleanListener function| verbose function| canAccessTopWindow function| getWindow function| getBatchKeyword object| ggeac object| google_tag_data object| google_js_reporting_queue object| tmzrChunk object| _pbjsGlobals object| ADAGIO string| msna_ik object| placementBids boolean| closeButtonDelay object| apntag function| Adcall_26322 object| slowBidders object| adsArea26328 object| observers26328 function| refreshQueueManager26328 function| loopChecker26328 function| Adcall_26711 function| refreshVisibility26322 function| _Adcall_26322 object| adsArea26322 object| observers26322 function| refreshQueueManager26322 function| loopChecker26322 function| refreshVisibility26711 function| _Adcall_26711 object| adsArea26711 object| observers26711 function| refreshQueueManager26711 function| loopChecker26711 object| Utiq number| sas_renderMode object| google_reactive_ads_global_state object| google_tag_topics_state number| google_unique_id function| quantserve function| __qc object| ezt object| _ADAGIO object| __id5_finalization_registry object| ID5 function| _classCallCheck string| FAM8_TAG_URL number| HTTP_DEFAULT_PORT number| HTTPS_DEFAULT_PORT boolean| tmcredentials function| _possibleConstructorReturn function| _inherits function| fam8_js_async string| ADMAGE_JQUERY_URL object| Fam8Plugin function| fam8_js_sync function| fam8_js_ml_sync object| el object| lastBidder26328 object| gZgokZoeQueue object| gZgokZoeWidgetQueue object| lastBidder26322 object| lastBidder26711 object| pochippSaleData function| show_wpcp_message function| hide_message object| eio_lazy_vars object| lazySizesConfig object| lazySizes object| swv object| wpcf7 object| baguetteBox object| Stickyfill object| cocoon_localize_script_options object| addComment boolean| wpquads_adblocker_check boolean| wpquads_adblocker_check_2 function| triggerScriptLoader function| loadScripts function| __extends function| __assign function| NativeBase object| AdstirIvw function| MakeNativeElem function| AdstirSwipe function| MakeNativeBannerElem object| AdstirSchain function| AdstirNext object| IMUIDRequest function| AdstirCB1236925866A7619428511 object| adstir_sua object| gZgokZoePreviewQueue object| IMUID object| sparteoCrossfire object| targetingParams object| args string| css object| style function| setupFooterSlidein function| bringToFront function| setupSlideIn function| setupFooter function| qcResize function| setupExoticFS function| setupNative object| iframeDoc object| elList number| k object| Adform boolean| __adform_onload function| gtag object| dataLayer object| __twttrll object| twttr object| __twttr number| google_srt object| google_logging_queue object| google_ad_modifications object| google_persistent_state_async object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| googPageScrollPreventerInfo number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| google_image_requests object| googTempStyleOverrideInfo object| googNavStack object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NDA5MDBlNDYyMTZjMTA2MmxvYWRlcl9qcw== string| NDA5MDBlNDYyMTZjMTA2MmNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady number| __google_lidar_ function| __google_lidar_radf_ boolean| 470bda42-7ae7-4fab-bb27-ec4bd6d562a9

189 Cookies

Domain/Path Name / Value
onimama.com/kawaretaotoko Name: quads_browser_width
Value: 1600
.3lift.com/sync Name: sync
Value: CgoIgAIQ2oPtgq4yCgoIoQEQ2oPtgq4yCgoI4gEQ2oPtgq4yCgoI5gEQ2oPtgq4yCgoIhwIQ2oPtgq4yCgkIOhDag-2CrjIKCQgbENqD7YKuMgoKCIwCENqD7YKuMgoKCKwCENqD7YKuMgoJCF8Q2oPtgq4y
.smartadserver.com/api Name: pid
Value: 4709713274605184864
.ust-ad.com/ Name: uid
Value: a13b1016-2239-4cfc-9081-6e1b29a3b1b0
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.onimama.com/ Name: sharedid
Value: 9b93310a-d7c7-4230-87e5-f303ee04e413
.onimama.com/ Name: sharedid_cst
Value: zix7LPQsHA%3D%3D
.33across.com/ Name: check
Value: true
.criteo.com/ Name: cto_bundle
Value: OfLK7F8xWGo2bDhQOWZvJTJGcllZM1Jhb0VZRTJCVlRaQ3J2ZHJjWjBGSEZlbW40Y0JqYjFLYnExSEozMk90WmdzVEpJdyUyQkpNclNvOFV5Z29UY2M3UXdLTUJOcXVnaFNPemJHT3gwNWFFaVozJTJGdWZYayUzRA
.onimama.com/ Name: cto_bundle
Value: G7Z4G19NMGhrVDhFaFo2JTJCTGRSaXgybFBGWHlZMVBzb1dVVVlkU3VVVFRuaFBmNWdEdjA2U3ZoZ2JWRzB2SGNoZFFUeFpEMzFVM3ZFQTJlR1hwUlpTYzBkYTdWeFAyeEpwZWpSMVowbyUyQmxTSWJkMEJ4bXhYQWJyOHB0bVB3NTB5dXJQZjg
.onimama.com/ Name: cto_bidid
Value: ZKu3FF9LZTRCZWdFWTBwJTJGeVhKRzRtJTJCR3JUTkZWRWMlMkZwWVk2NzY4Vm56VlJLNGlkaHlZZ1FLVU8xJTJCaHYxRG1BY0M2TCUyQjFON0I0bm10S3c2WG1mbHklMkIlMkZuZm1nJTNEJTNE
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: a3c529b2cf008d3ddd34b24c29c92aac
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4nGNQSDRONjWyTDJKTjMwsEgxTklJMTZJMjJJNrJMtjRKTExmAIJ0pRc2DAgAAGMYCw0%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4nGNgYGBIV3phwwAHABTiAa4%3D"
.onimama.com/ Name: panoramaId_expiry
Value: 1730945724678
.onimama.com/ Name: _cc_id
Value: a3c529b2cf008d3ddd34b24c29c92aac
.onimama.com/ Name: panoramaId
Value: d0afcb9157db90231a0962e60658185ca02ce95d41e640de5022b40cc3b794bc
.quantserve.com/ Name: mc
Value: 6722e83c-b45d5-8b1b7-93bd1
.onimama.com/ Name: __qca
Value: P0-1803568479-1730340924649
adtrack.adleadevent.com/ Name: AWSELBCORS
Value: 9FC54D150466C174912E5199B1F8E822A79961F45959205F48155F06FB9BD61C957639C62B5256CD101C7B5617B87EC222DB6810D5FA7F2601127727C3997A195B0D3022C0
.onimama.com/ Name: __gads
Value: ID=53762134c22380ca:T=1730340924:RT=1730340924:S=ALNI_MZ9O5PCF0ecnLSOfiWrCWvyDeGtlg
.onimama.com/ Name: __gpi
Value: UID=00000f45fff7c593:T=1730340924:RT=1730340924:S=ALNI_MZd9odYAgvmYQYrAejd0XAROFnZrA
.onimama.com/ Name: __eoi
Value: ID=4ad20f9fd793bb28:T=1730340924:RT=1730340924:S=AA-AfjaYqeOpUJk5KEZmZDmVAAng
.impact-ad.jp/ Name: c
Value: 1730340925
.impact-ad.jp/ Name: tuuid
Value: 6295e49f-2d6f-48a4-a738-e69ca4d59e11
.adsrvr.org/ Name: TDID
Value: bd2fdc33-61ce-4566-b346-f9999547567c
.fam-8.net/ Name: uid
Value: admx92e05b3083xbed
fam-8.net/ Name: _imps
Value: 75894%2C13307%2C0%2C75894%2C14413%2C156123%2C0%2C0%2C1530%2C1730340925%2C%2C%2C%2C0%2C%2C%2C0
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.3lift.com/ Name: receive-cookie-deprecation
Value: 1
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: vst
Value: a_8b1d6a53-0209-4f0f-85a8-568ae69f321d
onimama.com/ Name: _ZUCKSUUID
Value: c8a5d5f5-9921-477e-9abe-4b22011b023c
.3lift.com/ Name: tluid
Value: 4696554729738842207002
.a-mo.net/ Name: amuid2
Value: 9f978eca-1a75-499a-9599-ac6aa8978f22
.a-mo.net/ Name: pamuid2
Value: 9f978eca-1a75-499a-9599-ac6aa8978f22
.prebid.a-mo.net/ Name: psd_amuid2
Value: 9f978eca-1a75-499a-9599-ac6aa8978f22
.prebid.a-mo.net/ Name: sd_amuid2
Value: 9f978eca-1a75-499a-9599-ac6aa8978f22
.onimama.com/ Name: _im_vid
Value: 01JBG5PCDF1635B1XC87R8ZTVZ
.doubleclick.net/ Name: IDE
Value: AHWqTUmQ8Br5C-KNftLFdJDf-FimrumHw2ETfw4NhWmL6LpKlvLsOvPm2NeQ0fZGQ90
.adnxs.com/ Name: XANDR_PANID
Value: DA0ghvc2ykiDsQmBor1HZY11A_CLIVlkmcx85ZjQpON5r6nkGTtCAohx4Hsm9LuNbNAqTCdh1hJKlWKzrH5Tqo592mb_trLpkFOrnqVjG3U.
.adnxs.com/ Name: uuid2
Value: 8961297924541505529
sh.zucks.net/ Name: AWSELBCORS
Value: 41A171131E9B8C939F7087DC96908658B57851A864DB5A9CADE4CC17E511E458A79EB0DF513D3DA96CA147FD9413E530BD856ABCD32564CB25F7EFB16B3FA9DFA7BCAE72CE
.rubiconproject.com/ Name: khaos
Value: M2WOB7IS-1R-KJEK
.rubiconproject.com/ Name: khaos_p
Value: M2WOB7IS-1R-KJEK
.adnxs.com/ Name: icu
Value: ChkI1JuJARAKGAIgAigCML7Qi7kGOAJAAkgCEL7Qi7kGGAE.
.prebid.a-mo.net/ Name: __amc
Value: 2_1730340925_1730340926
.adform.net/ Name: C
Value: 1
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.adform.net/ Name: uid
Value: 3981267665862787339
.sharethrough.com/ Name: stx_user_id
Value: 57f7c5a8-d9f4-42d6-976e-ae8dcf617191
.linkedin.com/ Name: bcookie
Value: "v=2&7b936cf1-b6a9-4c13-8aa2-1a9bfe770b96"
.linkedin.com/ Name: lidc
Value: "b=OGST04:s=O:r=O:a=O:p=O:g=3343:u=1:x=1:i=1730340926:t=1730427326:v=2:sig=AQHQTKzmNdclR23WwApkwGxrW1vgjuM3"
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pid
Value: 6231135869332924298
.cpx.to/ Name: dsp_app_nexus
Value: 8961297924541505529#1730340926805
.cpx.to/ Name: dsp_TTD
Value: bd2fdc33-61ce-4566-b346-f9999547567c#1730340926805
.yahoo.com/ Name: A3
Value: d=AQABBD7oImcCEDPU0N5NNBnn_nDxtT1JzRYFEgEBAQE5JGcsZwAAAAAA_eMAAA&S=AQAAAnMh0MhVv0g8sO58SZEd6Lo
ads.us.e-planning.net/ Name: CT
Value: 1
.cpx.to/ Name: dsp_dbm
Value: CAESEEJupsvTxyBFOqqlVNZhInQ#1730340926846
.adform.net/ Name: TPC
Value: 1730340926953
.e-planning.net/ Name: E
Value: AEmNzbuaB23fqEzq
.primis.tech/ Name: csuuid
Value: 6722e83f11640
.amazon-adsystem.com/ Name: ad-id
Value: A37xlNDefUZjg56hOPvfAeI
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.cpx.to/ Name: dsp_rubicon
Value: M2WOB7IS-1R-KJEK#1730340927039
.smartadserver.com/ Name: csync
Value: 111:ID5-050doO2fnCJTvWpDZjJuwGoxnwOVoIdAQ2s93_mOxg|147:57f7c5a8-d9f4-42d6-976e-ae8dcf617191
.lijit.com/ Name: ljt_reader
Value: JlgnAQZHL1njsZMiSzqdPoVf
.intentiq.com/ Name: intentIQ
Value: mh9WPyBqgZ
.intentiq.com/ Name: IQver
Value: 1.9
.lijit.com/ Name: _ljtrtb_80
Value: M2WOB7IS-1R-KJEK
.ipredictive.com/ Name: cu
Value: e334cd3e-50bb-4c60-87ab-f2a55e61a501|1730340927696
.intentiq.com/ Name: intentIQCDate
Value: 1730340927717
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZVU2tBQzBk
.intentiq.com/ Name: IQPData
Value: 2454112710#1730340927716#0#1730340927716
.rqtrk.eu/ Name: browser_id
Value: 1:5f7c9784-bfb2-450b-96bc-51080af8d4b2
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjI0U7IyNDc2NDU1MDWy0FEysUTlW5qj8i2M0fimqHxDAyNUAXNDNAvQDDCHOMDA0sTUHGyhpaUFsopaAGnXIHo%3D
.bidr.io/ Name: bito
Value: AAEPBk7ORdEAABTcdHZgig
.bidr.io/ Name: bitoIsSecure
Value: ok
.lijit.com/ Name: _ljtrtb_85
Value: AAEPBk7ORdEAABTcdHZgig
.lijit.com/ Name: _ljtrtb_97
Value: OPTOUT
.sitescout.com/ Name: ssi
Value: 076d9acc-9f50-4fb6-8aed-b523a120f706#1730340928991
.quantserve.com/ Name: sp
Value: CgkIv4EDEgMQ5A0=
.sitescout.com/ Name: _ssuma
Value: eyI0OCI6MTczMDM0MDkyOTEwNCwiMzkiOjE3MzAzNDA5MjkxMDQsIjciOjE3MzAzNDA5MjkxMDR9
.lijit.com/ Name: _ljtrtb_76
Value: 90a0ee6a-61f6-4a85-9d8d-c7b1cc82f3da
.lijit.com/ Name: _ljtrtb_43
Value: J5v4cHSU-SE8zv53dZnnenOdqHU8lfkgdZ31uu_1
.zemanta.com/ Name: zuid
Value: Gmbd3WqimE3Udp_Jippe
.creativecdn.com/ Name: g
Value: omsMlRJxVZW28YaNX0Vs_1730340929215
.creativecdn.com/ Name: ts
Value: 1730340929
.impact-ad.jp/ Name: tuuid_lu
Value: 1730340929
y.one.impact-ad.jp/ Name: cmt
Value: !247=bd2fdc33-61ce-4566-b346-f9999547567c=2=502175729=0
.eyeota.net/ Name: mako_uid
Value: 192e05b41bb-3b650000010e44c8
.eyeota.net/ Name: SERVERID
Value: 17608~DM
.impact-ad.jp/ Name: psm
Value: 0
.contextweb.com/ Name: V
Value: KVc18cDCqWOK
.contextweb.com/ Name: VP
Value: part_KVc18cDCqWOK
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1uhx|7dW.0.1
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1uhx|7dW.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 331d16e64c930503
.turn.com/ Name: uid
Value: 4576193204235437985
.3lift.com/ Name: tluidp
Value: 4696554729738842207002
.missena.io/ Name: msna
Value: csheggg7nhsc73dr0fgg
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e34878cb-07bb-4f35-9fec-84238d3ffa16-004%22%7D
.lijit.com/ Name: _ljtrtb_49
Value: KVc18cDCqWOK
.linkedin.com/ Name: li_sugr
Value: beea50b2-6257-49fa-9f7c-3cc7a0cfde48
.bing.com/ Name: MUID
Value: 0E1DB7C957806B64205EA2E056FA6A18
.c.bing.com/ Name: MR
Value: 0
.missena.io/ Name: msnasmrtnw
Value: 1
.missena.io/ Name: msnasmrt
Value: 6231135869332924298
.lijit.com/ Name: _ljtrtb_83
Value: M2WOB7IS-1R-KJEK
.tapad.com/ Name: TapAd_TS
Value: 1730340930265
.tapad.com/ Name: TapAd_DID
Value: 2edfe62b-9953-4baa-a2a5-3893370dbdc2
.krushmedia.com/ Name: krm_usr
Value: a4df5017-06f8-5429-87c8-5f09e1990072
.krushmedia.com/ Name: krm_r
Value: 572
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.missena.io/ Name: msnatrlfnw
Value: 1
.missena.io/ Name: msnatrlf
Value: 4696554729738842207002
.a-mx.com/ Name: amdt_t
Value: p::1730340930388
.a-mx.com/ Name: amuid2
Value: 9f978eca-1a75-499a-9599-ac6aa8978f22
.lijit.com/ Name: ljtrtb
Value: eJx1jE0LgjAAhv%2FLzg2c%2B%2B42a2BKTPxI8BJrUwlD8KCHov%2Fe6t7xfZ6H9wWIBHuQXxwS7nhYWpODHRBRYOe4NQk%2FVRCVMM%2F0j%2BM%2FnAaulC6SiZvSa6WS2vm0G%2B9jsJIHa4raNHVY5PuR0Y24tGpgpcVzo9h389zPxi9pIx7DNPoOo3W9otBzFnoZ2ajvmYUMDQwSKyiUXnjo%2BA05J%2BIBewveHzyfNtg%3D
.lijit.com/ Name: _ljtrtb_102
Value: a4df5017-06f8-5429-87c8-5f09e1990072
.missena.io/ Name: msnaeplgnw
Value: 1
.missena.io/ Name: msnaeplg
Value: AEmNzbuaB23fqEzq
.rtb.mx/ Name: amdt_t
Value: p::1730340930418
.rtb.mx/ Name: amuid2
Value: 9f978eca-1a75-499a-9599-ac6aa8978f22
.rubiconproject.com/ Name: audit_p
Value: 1|cKoxoMsoPzUkrQBDkclQI7xMvdGW750CuSmqwWSKWwvULEzLSiMGrUl4Xx9BpD5UlN2fvYUo97XqFTrNE4+z9qDrxqInxg513OlDu/ORdD8=
.rubiconproject.com/ Name: audit
Value: 1|cKoxoMsoPzUkrQBDkclQI7xMvdGW750CuSmqwWSKWwvULEzLSiMGrUl4Xx9BpD5UlN2fvYUo97XqFTrNE4+z9qDrxqInxg513OlDu/ORdD8=
.missena.io/ Name: msnamgntnw
Value: 1
.missena.io/ Name: msnamgnt
Value: M2WOB7IS-1R-KJEK
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e34878cb-07bb-4f35-9fec-84238d3ffa16-004%22%7D
.lijit.com/ Name: _ljtrtb_16
Value: 076d9acc-9f50-4fb6-8aed-b523a120f706-6722e840-5553
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyJhcHBuZXh1cyI6IjIwMjQtMTAtMzFUMDI6MTU6MjYuMTU0NTYwOTIyWiIsImVwbGFubmluZyI6IjIwMjQtMTAtMzFUMDI6MTU6MjUuNTc0NzAyOTQ3WiIsIm9uZXRhZyI6IjIwMjQtMTAtMzFUMDI6MTU6MjUuNTc0NjUxNzU3WiIsInJ0YmhvdXNlIjoiMjAyNC0xMC0zMVQwMjoxNToyNS41NzQ3Mzc3OTdaIiwicnViaWNvbiI6IjIwMjQtMTAtMzFUMDI6MTU6MjUuNTc0NjY3OTA3WiIsInNtYXJ0IjoiMjAyNC0xMC0zMVQwMjoxNToyNi4xNTQ1MzAwOTJaIiwic292cm4iOiIyMDI0LTEwLTMxVDAyOjE1OjI2LjE1NDU2MTc0MloiLCJ1bnJ1bHkiOiIyMDI0LTEwLTMxVDAyOjE1OjI2LjE1NDU2MzY2MloifSwidWlkcyI6eyJhZGFnaW8iOnsidWlkIjoiZjc5MjhmNTgtNGM4YS00NDkwLThkOTItNmEzZGZkZTU5OTAzIiwiZXhwaXJlcyI6IjIwMjQtMTItMzBUMDI6MTU6MjUuNTcxOTk3NjM3WiJ9LCJhcHBuZXh1cyI6eyJ1aWQiOiI4OTYxMjk3OTI0NTQxNTA1NTI5IiwiZXhwaXJlcyI6IjIwMjQtMTItMzBUMDI6MTU6MjcuNDM4ODY2NDZaIn0sImVwbGFubmluZyI6eyJ1aWQiOiJBRW1OemJ1YUIyM2ZxRXpxIiwiZXhwaXJlcyI6IjIwMjQtMTItMzBUMDI6MTU6MjguMTc0Nzc4NzYxWiJ9LCJydGJob3VzZSI6eyJ1aWQiOiJWQWVZZEd6SWRCY2Qzckpad0hXQmlmNVBWS1djcUR3YkQ4RkJxUXBOdk9zIiwiZXhwaXJlcyI6IjIwMjQtMTItMzBUMDI6MTU6MjkuNjQ2ODE3OTI3WiJ9LCJydWJpY29uIjp7InVpZCI6Ik0yV09CN0lTLTFSLUtKRUsiLCJleHBpcmVzIjoiMjAyNC0xMi0zMFQwMjoxNToyNi42NTk5ODQ3MzhaIn0sInNvdnJuIjp7InVpZCI6IkpsZ25BUVpITDFuanNaTWlTenFkUG9WZiIsImV4cGlyZXMiOiIyMDI0LTEyLTMwVDAyOjE1OjI4LjgzODM2Nzc5NVoifSwidW5ydWx5Ijp7InVpZCI6IlJYLWUzNDg3OGNiLTA3YmItNGYzNS05ZmVjLTg0MjM4ZDNmZmExNi0wMDQiLCJleHBpcmVzIjoiMjAyNC0xMi0zMFQwMjoxNTozMC40NTMwOTIyODdaIn19LCJiZGF5IjoiMjAyNC0xMC0zMVQwMjoxNToyNS41NzE4NTcxOTdaIn0=
.360yield.com/ Name: tuuid
Value: 1c68ca8a-81ba-455e-be08-6862f15557cd
.360yield.com/ Name: tuuid_lu
Value: 1730340930
.smilewanted.com/ Name: sw_user_params_infos
Value: 8sdRREvsw7LjLys0YvGw88qeOUvUvCNyBgFm5MqEQkqGA14FN1xLQTnRZLb4g%2FYEO7SI%2BAI7xrNRayvkxl7zIQETzxb2ORoHNPFOLNmDEN6Mia0dNse%2BBrdIA0FOk2u6RaEUrB%2FY8dtwXX%2FBw11tOw%3D%3D
.dotomi.com/ Name: DotomiTest
Value: 42951c8315171f00
.missena.io/ Name: msnasmwtnw
Value: 1
.missena.io/ Name: msnasmwt
Value: 039ab9c654ac38362d7fd50734266a72
.missena.io/ Name: msnampdgnw
Value: 1
.missena.io/ Name: msnampdg
Value: 1c68ca8a-81ba-455e-be08-6862f15557cd
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-33901cce-88d8-529b-7ae3-94198c89874f.4JFzAt3UuAaW57SIvMX8LMJF7exUscqN07bXea6AzUg
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-33901cce-88d8-529b-7ae3-94198c89874f.4JFzAt3UuAaW57SIvMX8LMJF7exUscqN07bXea6AzUg
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AM5AczojYUpt645QZjImHT5JGycY.RQf71tO7%2BNDj5pbvwC07MZ4%2FP0NvppL9kxhLNM3TSKE
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AM5AczojYUpt645QZjImHT5JGycY.RQf71tO7%2BNDj5pbvwC07MZ4%2FP0NvppL9kxhLNM3TSKE
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAkQhEIB4XQ-0qXPBNdR8cwn7QUx-aHgor6OF8la7wr_EGcYBCDC0Iu5BjABOgRntaa9QgQpF7XL.KhKZB0lxcnexgDMVcVT9N9nSAVB2LTU0jinK6rpwjUo
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAkQhEIB4XQ-0qXPBNdR8cwn7QUx-aHgor6OF8la7wr_EGcYBCDC0Iu5BjABOgRntaa9QgQpF7XL.KhKZB0lxcnexgDMVcVT9N9nSAVB2LTU0jinK6rpwjUo
.richaudience.com/ Name: pdid
Value: 13469eb2-cd0b-4761-9cce-1zz1730340930
.onimama.com/ Name: _ga
Value: GA1.1.1040711136.1730340931
.missena.io/ Name: msnarichnw
Value: 1
.missena.io/ Name: msnarich
Value: 13469eb2-cd0b-4761-9cce-1zz1730340930
.send.microad.jp/ Name: TR
Value: f4ce914918df787e04e5288aec56898ecced0d48bb05d143
.bidswitch.net/ Name: tuuid
Value: 1f06061e-5b64-4197-96e9-367b1891fce6
.bidswitch.net/ Name: c
Value: 1730340932
.bidswitch.net/ Name: tuuid_lu
Value: 1730340932
.ladsp.com/ Name: cr
Value: 1
.bidswitch.net/ Name: google_push
Value: AXcoOmRlbry8k67vZvbPJQwtu0QuYXLNZOpmygWZtLV1U9akSVQ5ipYXMDeK457uvDtjeZ8eSYLg1JAoKoCd_fBo_L5Yr5SDQHQeiFM
.ladsp.com/ Name: smn_uid
Value: hizRXq4JNWBA6vQaa-pn6CDgdyq3Q8k
.ladsp.com/ Name: lum
Value: CPyT7YKuMhIFCAEQqAE
measurement-api.criteo.com/ Name: ar_debug
Value: 1
.blismedia.com/ Name: b
Value: 6722E8447052B99855B63B58BLIS
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22C4F4190A-0717-467C-05A7-DAAD3E92D093%22%7D
.id5-sync.com/ Name: id5
Value: 670af860-21a5-7538-9d80-4a70391e535d#1730340925086#6
.docomo.ne.jp/ Name: adxppthrd
Value: 9f883aa3-c567-4a47-8511-e09342d94ec9
.uncn.jp/ Name: t
Value: v_386153cc-e832-4214-8480-017ac865436c
.reemo-ad.jp/ Name: deviceIdentifier
Value: qtHgjrFFBqPHhFAenHhewnQkiQTZwVlF
.reemo-ad.jp/ Name: sync_gadx
Value: 1
.yahoo.co.jp/ Name: XA
Value: 84qjrihji5q25&sd=A&t=1730340933&u=1730340933&v=1
.yahoo.co.jp/ Name: XB
Value: 020d92e8-972e-11ef-8195-5d17f7ca25ef&v=6&u=1730340933&s=re
.teads.tv/ Name: tt_viewer
Value: 72298fe9-349e-47b7-a18c-0ffab5c52856
.id5-sync.com/ Name: 3pi
Value: 2#1730340928617#-1154523667#8961297924541505529|102#1730340928156#143081190|264#1730340928880#832844773#bd2fdc33-61ce-4566-b346-f9999547567c|155#1730340929175#-2089264551#AAEPBk7ORdEAABTcdHZgig|123#1730340930171#-857341113|108#1730340933146#-1335697623
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCOz_zqn91rw9EAUSFgoHc3Z4OXQ1MBILCOLfrMz91rw9EAUSFQoGZ29vZ2xlEgsIrNOM6_3WvD0QBRgBIAQoAjILCLTWr_mT17w9EAU4AVoHc3Z4OXQ1MGAC
.socdm.com/ Name: SOC
Value: ZyLoRcCo8YUAAJgNTz8AAAAA
.simpli.fi/ Name: suid
Value: 4DA2FBFFD9DB455DBADDC32AB03EF5ED
.onimama.com/ Name: _ga_FDDX0429DD
Value: GS1.1.1730340930.1.0.1730340933.57.0.0
.tribalfusion.com/ Name: ANON_ID
Value: asnoeUxZduBmRApTpqhIEPLETFcQtPxBagxv0P8Rt
.socdm.com/ Name: SOSYNC
Value: anNvbjp7ImdkbiI6MTczMDM0MDkzM30
.inmobi.com/ Name: idsp_c
Value: a96b51ec-327f-4b26-a67d-4bbc2c359491
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A5097905395961643458
.mediago.io/ Name: __mguid_
Value: 9e90f00b4dfd4f512le10h00m2wobdas
.onimama.com/ Name: FCNEC
Value: %5B%5B%22AKsRol8pb93qA8cUWWZ6-ALIqXAI1hRaeQoXC6ZHOZMG8VrhMO1W3eWXSD4I--0yGeVPc4_JW2USFzR5LpbX14oAbl2iysHgCnZ1NglJSwoRZFTF7_HiSl66OWsAji0iYjmS6NmJO-6Kx9IlTO13WxJEdIykUnyP4g%3D%3D%22%5D%5D
.yandex.ru/ Name: i
Value: aOd7p4/BtG4y0V9uQTAyvzLR81VZuD91io1ne30IjMvDaMyuIP+iZS80QO/OfN9fEJRJQ3WykdjUvc0Rn6OXNZxSBOk=
.yandex.ru/ Name: yandexuid
Value: 8645622971730340933
.yandex.ru/ Name: yashr
Value: 3119610051730340933
.yandex.ru/ Name: bh
Value: EkEiQ2hyb21pdW0iO3Y9IjEzMCIsICJHb29nbGUgQ2hyb21lIjt2PSIxMzAiLCAiTm90P0FfQnJhbmQiO3Y9Ijk5IioCPzA6ByJMaW51eCJgxdCLuQY=
.uuidksinc.net/ Name: jcsuuid
Value: ktnFtkkarhQ2OIBUqIzC

11 Console Messages

Source Level URL
Text
javascript warning URL: https://fam-8.net/ad/js/fam8-tagify.min.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://fam-8.net/ad/js/pjs-1.0.3.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://fam-8.net/ad/js/fam8-tagify.min.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://fam-8.net/ad/js/pjs-1.0.3.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://adx3.adform.com/adx/openrtb
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://adx3.adform.com/adx/openrtb
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://adx3.adform.com/adx/openrtb
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://bid.missena.io/?t=PA-71364648
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://js.ad-stir.com/js/adstir.js(Line 242)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ad.ad-stir.com/wad?app_id=MEDIA-e455d1f3&ad_spot_no=4&locale=ja&ut=1730340925691&topframe=1&origin=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&floating=1&pos=1&secure=1&sw=1600&sh=1200&dpr=1&novideo=1&topurl=1&adstir_media_uid=f147d924-6814-4b1c-8ed8-7f5019a5947b&adstir_optout=1&c_vp=1&media_fq_count=1&callback=AdstirCB1236925866A7619428511, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://js.ad-stir.com/js/adstir.js(Line 242)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ad.ad-stir.com/wad?app_id=MEDIA-e455d1f3&ad_spot_no=4&locale=ja&ut=1730340925691&topframe=1&origin=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&floating=1&pos=1&secure=1&sw=1600&sh=1200&dpr=1&novideo=1&topurl=1&adstir_media_uid=f147d924-6814-4b1c-8ed8-7f5019a5947b&adstir_optout=1&c_vp=1&media_fq_count=1&callback=AdstirCB1236925866A7619428511, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://ad.ad-stir.com/wad?app_id=MEDIA-e455d1f3&ad_spot_no=4&locale=ja&ut=1730340925691&topframe=1&origin=https%3A%2F%2Fonimama.com%2Fkawaretaotoko%2F&floating=1&pos=1&secure=1&sw=1600&sh=1200&dpr=1&novideo=1&topurl=1&adstir_media_uid=f147d924-6814-4b1c-8ed8-7f5019a5947b&adstir_optout=1&c_vp=1&media_fq_count=1&callback=AdstirCB1236925866A7619428511
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://adx3.adform.com/adx/openrtb
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://id5-sync.com/k/264.gif?puid=bd2fdc33-61ce-4566-b346-f9999547567c&ttl=%%TTL%%
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9dea7713ca7699124c2e97dc40dc0af3.safeframe.googlesyndication.com
acdn.adnxs.com
ad.ad-stir.com
ad.turn.com
ad.ust-ad.com
adjs.ust-ad.com
ads.pubmatic.com
ads.themoneytizer.com
ads.us.e-planning.net
adtrack.adleadevent.com
adx3.adform.com
ajax.googleapis.com
analytics.google.com
ap.lijit.com
asia.adform.net
audiencedata.im-apps.net
b1h.zemanta.com
beacon-sin1.rubiconproject.com
bid.missena.io
bid.sparteo.com
c.4dex.io
c.bannerflow.net
cadmus.script.ac
cdn.id5-sync.com
cdn.themoneytizer.fr
cdnjs.cloudflare.com
ce.lijit.com
ced-ns.sascdn.com
ced.sascdn.com
cm.g.doubleclick.net
creativecdn.com
dmp.im-apps.net
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fam-8.net
fastlane.rubiconproject.com
fundingchoicesmessages.google.com
g2.gumgum.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
img.fam-8.net
j.zoe.zucks.net
js.ad-stir.com
k.zucks.net
kvt.sddan.com
lb.eu-1-id5-sync.com
lexicon.33across.com
ll.zucks.net
match.adsrvr.org
metrics.biddertmz.com
moneytizer-d.openx.net
mp.4dex.io
mug.criteo.com
onetag-sys.com
onimama.com
ox-rtb-asia-east1.openx.net
p.cpx.to
pagead2.googlesyndication.com
penta.a.one.impact-ad.jp
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
prebid.a-mo.net
rtb-csync.smartadserver.com
rtb.openx.net
rules.quantcount.com
s.cpx.to
s1.adform.net
s2.adform.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
sh.zucks.net
sin.creativecdn.com
ssbsync.smartadserver.com
static.zucks.net.zimg.jp
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.a-mo.net
sync.missena.io
sync.sparteo.com
sync.targeting.unrulymedia.com
td.doubleclick.net
tlx.3lift.com
tmzr.themoneytizer.fr
track.adform.net
u.4dex.io
uipapac.semasio.net
usersync.gumgum.com
webfonts.xserver.jp
www.google.co.jp
www.googletagmanager.com
y.one.impact-ad.jp
adx3.adform.com
uipapac.semasio.net
103.132.192.30
103.43.91.249
104.17.25.14
107.178.248.96
13.115.236.196
13.229.7.13
131.153.206.100
131.153.206.103
141.95.98.64
141.95.98.65
142.250.206.195
142.250.206.206
142.250.207.46
142.250.207.98
142.250.76.130
151.101.108.157
151.101.66.49
162.43.104.88
172.217.25.162
172.67.174.127
18.141.48.81
18.65.207.107
18.65.216.106
18.65.216.127
182.161.74.11
184.26.43.70
184.27.185.91
185.184.8.90
185.84.60.20
185.84.60.57
2001:df2:a300:bbbb::135
202.210.188.66
202.226.37.225
202.231.228.162
207.65.34.80
212.83.160.162
23.106.127.56
23.106.50.36
23.215.255.183
23.32.224.239
23.35.101.65
2404:6800:4008:c07::9b
2404:6800:400a:805::2002
2404:6800:400a:80a::200a
2404:6800:400a:80a::200e
2404:6800:400a:80c::2001
2404:6800:400a:80e::2008
2404:6800:400a:813::200e
2406:2600:4::b
2600:140b:a00:17::b81a:2b3a
2600:140b:a00:8::b81a:2b4a
2600:140b:a00:8::b81a:2b4f
2600:1901:0:e207::
2600:9000:2066:ca00:6:44e3:f8c0:93a1
2606:4700:10::6816:3456
2606:4700:10::ac43:2bb2
2606:4700:20::681a:9a9
2606:4700:4400::6812:22b2
2606:4700::6811:6147
2606:4700::6812:1791
2606:4700::6812:1e50
2606:4700::6812:1f50
2620:116:800e:21:46d:7e81:55ff:4c12
3.164.110.64
34.120.92.238
34.149.40.38
34.248.22.168
34.249.158.60
35.213.17.49
35.227.252.103
35.241.34.106
35.244.159.8
35.244.193.51
35.71.131.137
35.71.178.8
35.73.194.241
35.79.122.42
37.157.2.250
37.157.6.254
44.225.202.104
44.240.32.106
50.31.142.127
51.79.152.81
51.79.154.9
52.223.40.198
52.74.242.98
54.151.166.244
54.168.15.149
54.168.247.123
54.171.214.164
54.178.127.118
54.249.60.50
54.72.209.132
64.120.110.136
69.173.158.64
69.173.158.65
69.173.158.67
74.118.186.107
99.84.133.105
0004a5710f8fddb807458bb1a9f05625c71eecd7f9f127cfb50a0cd9565e2390
001fca0c70a55362c8ae8e33ac675fe8e5054439537b10ae75de374cd5a68f07
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0122b9aabe1ad4b5e0cdbdb1a5a41b957fba19aa60a02da0c7d852cea164f860
041e2e5b607e8eaec478e205539f520f19272a7eabcb364a01851a1598e81c59
04d5e3385dc82e35b5cfb716e32cf510c4a8c019d5f93cfb26149c521dffc3b7
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
07133c6b1b9b03382e68031c5faa4a29f44e5b2052d31acbcbb71c43d4feb279
09b81861706da5d0e92329c795eeaba437b0d47d03c1b51c7941cbfe8f2cb0c9
0cd49fbcdf17e7404e509a4b8dafbbffcaeab9c9efae71016c69d5c247b741cc
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8
10742a4bcbd174e1c82d0f8105b9a1fdeb567920ba645eef4f579be2aa73e106
10b80fc636701c67099c7bbd592ba271602aaccdbffea079a6611a0058344f4b
155a6841bcf94d87e4af2f92bac6a6378458d3d94ee7a0435238942318d6fb31
1720b746613a61f6228b5f2ea09427522ed5623f26274f357b50f96ae58d02ce
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1764a2dca8eb5a4527fb3f7610ff2e1a9cd54884cdf39b7bb0180b74efb0bc44
19c9454611f088b1073db447e5e1b0d2378a9dcaa88c5a53b2252f36a5532114
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
1d631a7cd7e0fd8c711ad3848931c4dbd5d3ea196a30b85e05a53cadb35702e4
1de4613f33fed5a0792c34d060077bcc61c2b88e0556237d87edd2e3b874fef1
1dec1025e87c9948a9df67b099a393e8c03971f2d6e36c987cc69a44db6f18cd
1f3562a1130f7495a0ce8ce0baaee46af69a376f779e65affb4018987d6df1c7
1f8dbca628c02f7d342755b7050af567d5307e0de1862e76d66b776f8ff03103
20133cc700841ec85f087ff9834a922b482b9135e98574a9afebade4c754558c
22e73279dc4ac162678a2520abcc77e5cefad54b3b72acbc3eb89291c6a63fb8
22fb0170fe5ab14fe1f31fa1d42ba1d1b57ca0d041115cd3cb25f1fc0a10a3bd
2370c76adee9e3d88e1cca87b883cd4d2021f415af93383aa74f3a987d9ea097
258f4fc1a33626bb2d7c8476720efe3af45fb09e1b29e1211e18a7d89011c625
26cd88f80e32bf9cd9d41030edd478f71e9e41a88f06ce1467c3ea9b7d24ec83
2a0c60fa5459f417c8d7ddc3450ff1a246e5c7e6fbb3bf597f1302cece8ff2b3
2a7c35a58c1ad79d4fc96dad3bf9ef24b49d9d439ad3fb9b454cdcfe7c445724
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b3f9e27d4a533a291e1c8a4ada511114fcf771895d5b8c9868cce3c2ba2bf52
2b7085a839d9f8e29c0143495fa34b7c2908b7f6b7d648649d24a08d51a4f6bc
2bb3a990f9cb0cbff2d61dd8cf5c614bf92586a015dba746ef671dae38a25325
2c9fc6b7819cc5fd89885effaf01518ca24213ff6703bdc578b5eef447bf4f25
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
31772c4b2a620db6dc9ca911bb9fa6d0b2c0ad0fb81dad78dd8902530863b172
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
323babff610bb7478f9418ec6484a134d4f9588fde5604879efb388141fd017a
33f5d4d8b144c4d7328303938a32f7ad9da04f49047fa92f00585f55b165db1a
346c66e4f479f4a17ed1401f493c41c4c36b694580749098da5224e7707ed994
3486e75cbcec83fac64b744262840c0cf45746e11e15b158b652bc451c849ab7
34dc23a31825b0046e12eba4fdfbe087a465ec13522642ad864e30608a177293
36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5
373bc758248bcc2b05e558dcc554c2023f00c0ca4da8c26e7342646a3b39c39b
38fe829b274b952c42d9fa22bca3e2aafe2cb1b85ee3e8eed1f02b8194dc78de
3ae039506c1b27baa290a15e9c0f2f553bf313509c1e5a12b3c8e03dd1918099
3b1b96c0ea2f3b650976bc44041bfc1ffe97781d370ed93a6548d0cfbce925e0
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c0c19c55f742120cb0f5f797c9d669d8f826cfa3498deb1af07fc299284d903
3c72c117e9b6d84ecbc87f822ca0ed24c3f3de62509b3e4f0bfe17c6762b4fa8
3dd4f53067dd0f0bd875bcf7acebfb72e908b5329da8f19ab48fbbe4aa10daa5
3dfb9ca4381d56a16944852b23aa2a1e126e422e8488b807486d2d3b68fb78db
3e1c4b702b1de16021b82e9e1d65f7940a5ccbd98b621035021c56d87d975f92
3fccf54934aa925e289be8329bde62acd9ba2c02278e94577e0965c7fd70af28
4000749e5884ba6dcb85585eb7d40c2d46c90bc001e63d7e449325e8f4e80f6e
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4453b085fe2a7c3c75c5c297a735524f6f3265db501943c32a8dbd3451b0842e
499c5d61f0dfc5d48cd65ac7b1b65e3619a17e2d356b7b928c1aad8cd3d823d9
4bd55f89acdfd8dda416b2e6e81c302be408e8a03b9ff2f5b43f1262604cf395
4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14
4cae6b1059e55c2ebb27296fbc76eaa5cd16444b0aedc91018e099b9b018d05e
4cc014c24c8a3360c3af976f6822aedaeae96ab8eefa54c08a6d28a93c9e994b
4dc25386c8f75e9a7d52b540fedc8662fe1df98814e443832e134204e79160ac
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5082db90552fa24210f90e69f7c632f81c734c67a996621ec5c998be5df470b1
50e55a95e9db7e15e936fb087be3b7f51c680f4902d4a19c2a15467d29678cae
50ed415da16229e8ff0fcf7d3a4d1d2c0c62ec1e18628e440d495da36a2c4722
542c7a215b4a326e87865fd7f3093579b9c0482de07d6a172ef209b3fd9e44e1
54576b1adc3fab747d5bdc34ab218471a8ec380008837cf2e0e657ed3b2bb9f8
55737ae9c671e69553008d94ee32bf61552bce4d49054f14572235c6d515dd0d
55f5c85003feff32a8dbab8a89df4f6cca18a1419d5b23e9410393a3c71137c7
5687ca0ed75d7155b8c5ca5cc550e70b03567a906b0c39f45e56a9c073d9935a
57520b14c4ae936473942bc6efac281478dec85c779703107b10e2d4611f8018
587b6ed71e6c89ebc21623fafda59f0c5e95829e8f69823fea50b799781ad635
595557e03c1a83a7b5839acb39e2cd22fac7d6d0f4de8661315ff11188c13725
59c701f4990d05f9af99959ec4af35dc3f034d64e7d773a941b64f006dcdc109
5afcb4edb0dd3dd010ae44ebb8ce769b49e5595e58e372cc15cbb050ad819d73
5f27dd7badc7ff500f4b15907ebe54f3e2af6df41a5b8f99a87b35157d8af43a
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
607b0828676eb8a38835dead7770d1c42e12ba7725dc29f7aa653d8a4b76b2bf
63f5f4ac531da931ca0c67ada2c31347a6636ba430ade997e2311036e5487dea
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67f11ffe9e7abc3e9372c799cfba47a41989e0ac676cf69b1ae8033ea37655d9
683a799284052e24ff29ef434c7b171d237d3d7c87d6cb65c76c26da7e7b20cd
6920412e0a9d40afac2038ac7cabbef8c8859e90c41edd93eb828915edb14217
69b6e904903bc181bcb7957ee6e56b3996923bb133851eb7460923949b4336a0
6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df
6ca5b7f8704c13ad63c7eb3c0ae75463b0a4609ba775ff82d90c284d8aa85b78
6cea588ebef9ca48332ccdae6987becde3d065f7bb831f02a5e58503b27e5791
6dd938509f70859400ceaa559154b4b484daba3d2c2d528ee7dc8376e8b04d30
6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f
700671f315a9d7d19edc1ac3cf9e4c9f9fbc008e8de52e888942467c6071c29e
70b31859862eb4792df8aa4daa383b355918490f84d956eb5ec12f3aa53b98bd
717e66625084d3be6180f2c68919cb205e14262a07dd566e5dd571f8627b69b8
71d0b58e2c5d4f32500978f2b085a2b1e21767243a489d4adfe98f3be34ce41a
72772d38bba30f695a10017c0490e6a09b2eda4006b84ab31bdc02fa0fe5754c
72c7ed0b521691e11365e0dfc0e4b5a131d9b99e47f8cd515e56aa85d00bf5dd
73b299cc86c29166a61e6d395f2bbbf6152ce89438e0c44a830b6cfa481f3321
751b395834e2aad5f3df5fcbaf5a7953569a8a350fa0b296700bd3ef232182bd
76978dba240d9ea9d916cae54f34030653dbc382a1cd71d03d5a8753f66877d0
7763cf61ef887eab9387b512247ceb8dcf43bf89125c3709ba5d3f33627a85a2
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
7a81ca21d663d6de213c68af9feb61bf26e232948322fcbb048d3c1447214b37
7eb1f4a8c35b16934be212757315390d6e2c9e03e9fefe33ed2ca7c5a6509187
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
7f9acc018677f11b89ee674fd8adf17411ada194f801ce9e6860a5b2756e9201
825251521b9d0ce3b3be8ba781dd01984c3dbaa67c2c10d86a378c2d327c3f5f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835b8e7fce8c7030ab18fe28277589c21b062b5b6e6301939cb1e62b1af3f151
8441af84846837f7657879120f91e1975882737ce928383c37853ed8c0488885
8627a0c849391fbebcaf3acb1fdf6f46e9a6a69ab6f48e81d8c7eaa998ca1594
878def919b75171c25b4b8900b124defd3dfd539c9ba01ed6a4602ee1413f2a0
8875034ea813fa8a38f1e262928f4f2f74712e947efff24d07e49b0ec328ea4a
8d5e6b166d9eb51f6958302cbb12170fe3a6d6ace8b2a62896be615fc27289a9
910540a2ea8acba0cad80fc9caaa13ca7e2ac62b988fca9864b7727d706c100c
911e10390a78464d949c3d6d9a14c47ab7ccacf9bd9773d046e0022fbee4caec
9238816246ce186103f4e4f2ad9ea0f05529a5ef25bf19aa15776aed01a86016
944d0653cabb6543b4035c991f74a3d94db23bac4b05f44e7bf42ab32835a386
97828b309aa132f4ff5ff7b332b16d75bc2a248bdfaaef6f7c4e40eef9b00d1e
97a5b1f98a25b82adff0e7bfc0ed158b705edf89803d0a635597f9c3e530c071
9a15d462f358f26596cf337de4d7a069718d75573b052781ff648ffc4830ea90
9a80358d2c791d626685a7ce1664b3317787304cfecbeeb4bb8e3f4bd326bbb9
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
9cc46974c75e8f1e293ad10d279014a17d36596a8de61d3882fb53165cfa144c
9cc8885fcd69f9f28dc2505883c962793067d17674302514dc7de737c128e14a
9e9a67941d76bd7d2405b7b8bcccb9e90477be40e35f3699d83c26122e92f62e
9f7f29e8a9e9f930c8fb9bb4709f57808367aadbfb4b990796c2984f1228c479
a0a8f345113ba0c77a0dac67f0cd84ba383395c5864e5c777ad0add66ee670c3
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2034e582fe52049a0b5203e137c58ad3f5263cd2e89f776b13d2ad6024ec17d
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a4a9f32c0f91b265b8d6284869c6754dfa8b283ae26998ef9cc1532936483f66
a791f97d9f7aab959f5f6a9fd097bd4039b7c998bed18054be3e0455dfada921
a818db199bb22276b4aaedf593151e149279ad0c96192ce0647ed4cde7754a2e
a89b340fd956bb565172d2212ed4a4ac7f420d52c5b054d6a8dbf4c58acafbb7
a93e146f45fe4c06a993badf01a858aaf0142a0f17bb938330d79f797266d515
ae2fe6d0a94a2d9634af3b2449df157da386cd0e6053559ad42c1f9c7f5cfc80
af005746e99b6b5e3721759fc55588fddcb000a054990ad799ea309adffa5a04
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
b099838bfa8b8aafee81e9c2f0b264bbbda0b091332b943918b681370606e41f
b0bb9969a7c75f2d24e8c08cacb1856ecc281c6759da8ab8c60b43605b8c3b5b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19f8d696de3da04b723c93a34803c38ad5bb3abc27fd7b605cae31d91fdb107
b1c2981af38c7f93ccdba068862a9d682c46fb6e359b6420f667aa69b7efdd6a
b1e5beb16f17ba451bfbc0917e7cd4983c4bec3f4535f096e7abfebc3257bd09
b215074a57b1da5693402bdb7687d402ce642ed8ab39cdd542943c594af742bd
b216f42df8fb00ed962787b4eacd13ca6fd9ac09e6a18277c1b531e564bac77d
b22a6914bcfd51c615ea47a6ae43f2801fb7cefb1bd63cd7a425f1d1f6d7f0c0
b23da22326b4b1fabaaa080d3846cd46ec1c3efd5e0a196a5109cadd5cfe34aa
b2ead8622e2c04ce569ef4b2a13f089eef06e8ce1fac03d13a777e7757fd6af1
b3ce9c7f8298559208ee83274ee6dd97a0ec7cdb667ba8bc158859607b987366
b6889bd932db4da0bcff7c9fb6e916dc4002a25cb0f9685b5e411459cbce9be9
b69773dcbb510737999108690126d5326d529d8aa853492f94464fc0826adb59
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b7547ea2d14239a5163fb3e3ea13564bbda15ffebb5350708332ecfe10b85f32
ba0acb859d0f7f0a0eac1d6e718a7ea3dae1e140ea0408d7602f3c98197b5329
bbe41e3dba276f788082f8b4f29ccdb7114c0b8052626895a0f8a89fd9a1c359
bc8207d1166157dc0b0b2daf75ac4d33ffa9945a857bcbe45f61380dfd40466e
bcd2497ac04be85d289d4287308229f5480ec6c0cad7554ad18fba47cd9c70af
bf17f0e42e3fb6c92a0eea1ccd5ef3acdee0d42d300267b0ee0dc007fc8394a1
c06f0ff3bff18094a91fb345b425c2d6cbac9fb8ea56f6db2e879cd49fa36510
c3df30f08a6469ac5990dc5e274010b198b773c1e266f08f0547e43873959fd2
c9bffebd29d79877ca47b74342cb9c50dc780e94db5fbc652eb6c7bedd511f8d
ca8749c92cf0011549d003cb242ad5e1528edf11a9675b62c8112ab882d8d284
cac70714cf268f9dac658d895f3a9b4652067f938448cbb0b6b690fd95912659
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
cdddf1f178d114e77f0fee9130270ddc805a5311cb39aefb7491c28567719ada
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d14fb24c37234368d688c39915a6c76c65d542aab34b5ef8cda4534cc2affaa8
d26940c6e6130331d639a9d95aefbfddd22a0e33bbacb7b5e9e0e606c83d1dfd
d39293ff45a7a96ac97831eae65cfaebbede96654d30611c8f33b7c98633f607
d7302516a83035d82326a91aa5d913e077165e24c7c4b2f5d114a8bcafec37ff
dad4d3819e86f94a72c8be9f8f645511e1237dbe8c1d76539b364c4bf17ee435
db7f7149e18d33880586e1b565a886f788136f63d87f955923c9580801065723
dcfcb20b975fc2c0d0c597fdd7cdc22bc3d840d778914b35a57f1b78eaace340
dd7d7535c370470d68fd8896c74b38384e560d1f11695b93573e81a5c54297be
e00b0435b511fa254a7f4c9f93735514a3ce7234c2bea04fad646b2c37b15bc9
e01c713cc44b597d0a9c7de1ab61d131d33360e7a284e7fbb965f83aee0169e7
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e1a3214e6ad4fe4355c5b99490b2e66ed2331ae65f8d7bdb8a864552c4532dfb
e2e2e997062af8728b39273bd1d3d35f14efc70e3bd01d308bc5d9a391f4842b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41cdf9c015ec169e0d461f8edc80cb47af9c69e2e50bbe5abea187672d91a82
e554d48a2e547c549c54592f05ff9589121a0a250899d2bb0581cd977ab830e1
e5d3782d2147e11bc1faf2d1531c0e0efde2b2521b6a3b34b37fb684430ce8f6
e65542ccde9bdc53597913b3cbfa4f868674a727d55bd2956e5ba96f4169860e
e661450d4dbf8141abb57d45197b41021e1f0d84a28882baf78f138d89df5d44
e6623913d94a381419a2fed34a9c7881ccd3a905ea7dfc42d537b09b4b4f4517
e7998c2afdf9696b269b6c6919e6820e0782178f54684e018c421e64a6557175
e872b2b1e66712a387f60abc3503652982da7eb1c776ddc9da08fbae19c7e308
e936bb6741278f3ce6a4b6750b328851362da8a450de19e6077913c0e7761407
ea1552961e4cabd76f52eed74c053e0173b2fbf99daa1f4a73b1d490cf324958
ea6b03f54820c7ce3aa1378f599c83a4a07fad0d58667c98c586af1119a186d0
eb82a350f165c195095046a9334f8c1633ee6d6eafbee7e69cfa056f7596eb1a
eda53c6c11398cb00143e817aeea192647ed88bdee66f07e8166d6cc8ce62a9b
ee034059f4cda82e4c78b1b550271ec9f586060f8319d460c503f99278d9f0ba
ee949d83dbcd4726cb95f984f14aa26c5ac408ef9dcc003a1f8bbd88132955ab
eeaac89cfeb579ae2e2f1dc78eefbfd26e68779a836ff6b63c60961e25bd407d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef64d1fe979b944560b948249028594b051373d4d902dd433b8a34c6b9e9f33a
f019d5e097762f1c6b52260f1bb9e9bc6a2593ed1305dcf259884b6d457abab3
f12d9fc8d31294bb7843da9369407d6566382f77664592880fdb5fccd712e0bc
f2e2f7a8991f674abfd9caa5005c560978541da76df68b35757e84ca54c82f9e
f4c01e0c4cb199c2d76d1d59f6c4b9006c23583a49e4d04520158fc44a080d91
f57debe4d80f4c913344c824de6368fa1e7fa284283eae8b65d5b69458f61eca
f726950d59b401eb5428d09e0db746e16235d45a351934c5ab6ce7a010ffd401
f76a38d24efdb56a2e2aae1d3c3e6395126aafca398a7432099d040404d05000
f7c1cd60adfe2a42e1c23789ea570b2dd49a5b601586067b303d30f81a57b2c6
f870c3539ccf0ebad270858943bd27fe53e06f9ce8761858701841ec9f53090a
f9385353596b99f3d1c42a7e97dbb5ee6adcff9f26dd8b51a714170ab86d8b05
fb1c74d589690a0a4ed9ecd0f0de1a26ce1f12745be44f6750a33de42676683f
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
fbae81fba09a916c0ac5a720a246b475d4d38da5188e58025e49d0bddb3ebf10
fbfc27e8f0ff9fffb6cc71c902120ef139e47e97ad501b03b5e9e1beed006833
fd2dcda134c7b22087fd4f65bb23055bfbe6a0eed7fc38dbb103c102d7a82b8c
ff228c256da7200309d2915a93b565376a6a47c47924806e59b2b7615b86f808