kajjfawjagr.lfhfdfiehgg.com Open in urlscan Pro
202.254.239.67 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://kajjfawjagr.lfhfdfiehgg.com/
Submission: On September 24 via manual (September 24th 2023, 10:52:38 am UTC) from IN — Scanned from JP

Summary HTTP 211 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 23 IPs in 7 countries across 19 domains to perform 211 HTTP transactions. The main IP is 202.254.239.67, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is kajjfawjagr.lfhfdfiehgg.com.

This is the only time kajjfawjagr.lfhfdfiehgg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
44	202.254.239.67 202.254.239.67	131965 (XSERVER X...) (XSERVER Xserver Inc.)
21	2404:6800:400... 2404:6800:4004:813::2002	15169 (GOOGLE) (GOOGLE)
3	202.226.37.225 202.226.37.225	131965 (XSERVER X...) (XSERVER Xserver Inc.)
1 3	2404:6800:400... 2404:6800:4004:823::200e	15169 (GOOGLE) (GOOGLE)
7 19	2404:6800:400... 2404:6800:4004:825::2002	15169 (GOOGLE) (GOOGLE)
1 1	2404:6800:400... 2404:6800:4008:c03::9c	15169 (GOOGLE) (GOOGLE)
2 4	2404:6800:400... 2404:6800:4004:801::2004	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:801::2003	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:812::2002	15169 (GOOGLE) (GOOGLE)
15	2404:6800:400... 2404:6800:4004:823::200a	15169 (GOOGLE) (GOOGLE)
5 44	2404:6800:400... 2404:6800:4004:822::2001	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4004:820::2002	15169 (GOOGLE) (GOOGLE)
12	2404:6800:400... 2404:6800:4004:820::2003	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4004:820::200e	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:826::200e	15169 (GOOGLE) (GOOGLE)
12	2404:6800:400... 2404:6800:4004:823::2003	15169 (GOOGLE) (GOOGLE)
14	142.250.196.130 142.250.196.130	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:828::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:825::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4009:81b::2003	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:2a::9	15169 (GOOGLE) (GOOGLE)
2 2	2a02:fa8:c411... 2a02:fa8:c411:13::1400	399104 (CNVR-APAC) (CNVR-APAC)
7	172.217.175.66 172.217.175.66	15169 (GOOGLE) (GOOGLE)
1 1	34.124.209.251 34.124.209.251	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.193.113.189 52.193.113.189	16509 (AMAZON-02) (AMAZON-02)
1 1	2406:da18:929... 2406:da18:929:5a03:1636:422b:46bd:93dc	16509 (AMAZON-02) (AMAZON-02)
1	202.233.84.1 202.233.84.1	131957 (MICROAD M...) (MICROAD MicroAd)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	54.92.14.223 54.92.14.223	16509 (AMAZON-02) (AMAZON-02)
211	23

44 202.254.239.67 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv7386.xserver.jp

kajjfawjagr.lfhfdfiehgg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2404:6800:4004:813::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 202.226.37.225 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: webmail.xserver.jp

webfonts.xserver.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:823::200e (Australia) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2404:6800:4004:825::2002 (Australia) 7 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c03::9c (Taipei, Taiwan) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:801::2004 (Australia) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:801::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:812::2002 (Australia)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2404:6800:4004:823::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2404:6800:4004:822::2001 (Australia) 5 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4004:820::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4004:820::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:820::200e (Australia)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:826::200e (Australia)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.196.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:828::200e (Australia)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:825::200e (Australia)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4009:81b::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:2a::9 (Australia)

ASN15169 (GOOGLE, US)

rr4---sn-oguelnzl.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:c411:13::1400 (Sweden) 2 redirects

ASN399104 (CNVR-APAC, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.175.66 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s20-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.124.209.251 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.209.124.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.193.113.189 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-113-189.ap-northeast-1.compute.amazonaws.com

v9999.adv.admeme.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da18:929:5a03:1636:422b:46bd:93dc (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

aid.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.92.14.223 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-92-14-223.ap-northeast-1.compute.amazonaws.com

ds.uncn.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	googlesyndication.com 5 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	817 KB
44	lfhfdfiehgg.com kajjfawjagr.lfhfdfiehgg.com	550 KB
40	gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com fonts.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com csi.gstatic.com	601 KB
27	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 cm.g.doubleclick.net — Cisco Umbrella Rank: 329	310 KB
15	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	8 KB
15	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368 www.googleadservices.com — Cisco Umbrella Rank: 178	606 B
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	455 KB
5	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 11 mts0.google.com — Cisco Umbrella Rank: 6671	44 KB
3	xserver.jp webfonts.xserver.jp — Cisco Umbrella Rank: 465551	26 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 5383	888 B
2	google-analytics.com 1 redirects www.google-analytics.com — Cisco Umbrella Rank: 96	17 KB
1	uncn.jp 1 redirects ds.uncn.jp — Cisco Umbrella Rank: 21612	515 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 10895	292 B
1	microad.jp aid.send.microad.jp — Cisco Umbrella Rank: 11034	641 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783	714 B
1	admeme.net 1 redirects v9999.adv.admeme.net — Cisco Umbrella Rank: 19585	306 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1332	716 B
1	googlevideo.com rr4---sn-oguelnzl.googlevideo.com — Cisco Umbrella Rank: 371094	724 KB
1	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 16527	408 B
211	19

	Domain	Requested by
44	tpc.googlesyndication.com	5 redirects googleads.g.doubleclick.net kajjfawjagr.lfhfdfiehgg.com pagead2.googlesyndication.com tpc.googlesyndication.com
44	kajjfawjagr.lfhfdfiehgg.com	kajjfawjagr.lfhfdfiehgg.com
21	pagead2.googlesyndication.com	kajjfawjagr.lfhfdfiehgg.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
19	googleads.g.doubleclick.net	7 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
15	fonts.googleapis.com	googleads.g.doubleclick.net
14	www.googleadservices.com	kajjfawjagr.lfhfdfiehgg.com
12	fonts.gstatic.com	fonts.googleapis.com
12	www.gstatic.com	googleads.g.doubleclick.net
8	www.googletagservices.com	googleads.g.doubleclick.net
7	cm.g.doubleclick.net	googleads.g.doubleclick.net
7	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net kajjfawjagr.lfhfdfiehgg.com
4	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	webfonts.xserver.jp	kajjfawjagr.lfhfdfiehgg.com webfonts.xserver.jp
2	dclk-match.dotomi.com	2 redirects
2	csi.gstatic.com	www.gstatic.com
2	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
2	www.google-analytics.com	1 redirects kajjfawjagr.lfhfdfiehgg.com
1	ds.uncn.jp	1 redirects
1	s.uuidksinc.net	1 redirects
1	aid.send.microad.jp	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	v9999.adv.admeme.net	1 redirects
1	um.simpli.fi	1 redirects
1	rr4---sn-oguelnzl.googlevideo.com	googleads.g.doubleclick.net
1	mts0.google.com	googleads.g.doubleclick.net
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.co.jp	kajjfawjagr.lfhfdfiehgg.com
1	stats.g.doubleclick.net	1 redirects
211	30

This site contains links to these domains. Also see Links.

Domain
feedly.com
ja.wordpress.org

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
kajjfawjagr.lfhfdfiehgg.com R3	`2023-08-24` - `2023-11-22`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-09-19` - `2023-11-28`	2 months	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2022-10-05` - `2023-11-06`	a year	crt.sh

This page contains 24 frames:

Primary Page: http://kajjfawjagr.lfhfdfiehgg.com/
Frame ID: 81845D4DAD4D4A041B9D4473D13F99D3
Requests: 57 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/zrt_lookup.html
Frame ID: 06D055746B7BD26373D7E079C4AF763F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&adk=1812271804&adf=3025194257&lmt=1695517288&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_l%7C260x675_r&format=0x0&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1695552753347&bpp=15&bdt=136&idt=244&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5035433800962&frm=20&pv=2&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=289
Frame ID: 44C9020D25C30A19F329F6DE8CB78AF2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&h=280&slotname=4013737838&adk=1608327833&adf=93914842&pi=t.ma~as.4013737838&w=336&lmt=1695517288&format=336x280&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&wgl=1&dt=1695552753362&bpp=1&bdt=150&idt=283&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5035433800962&frm=20&pv=1&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=295&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=N6zHxuPaTk&p=http%3A//kajjfawjagr.lfhfdfiehgg.com&dtd=290
Frame ID: 8FE8BB68350AD384AD0167BC1799E4DC
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&h=280&slotname=4013737838&adk=1608327833&adf=3790366409&pi=t.ma~as.4013737838&w=336&lmt=1695517288&format=336x280&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&wgl=1&dt=1695552753363&bpp=1&bdt=152&idt=291&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=5035433800962&frm=20&pv=1&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=639&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=TrynrMwFcb&p=http%3A//kajjfawjagr.lfhfdfiehgg.com&dtd=294
Frame ID: 358A9D81BE0B6826CC4E91217DD38BF2
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&h=280&adk=2068306026&adf=370986342&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695517288&rafmt=1&to=qs&pwprc=8385215632&format=1200x280&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1695552753364&bpp=1&bdt=153&idt=296&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=2&correlator=5035433800962&frm=20&pv=1&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=rBWQKsN4Wv&p=http%3A//kajjfawjagr.lfhfdfiehgg.com&dtd=298
Frame ID: 21A1F07D816B891A40C4A1576B452A6C
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js
Frame ID: F0E0F6F4A43934C71C94191E6C165BBF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&h=240&adk=2335202906&adf=1853087367&pi=t.aa~a.4263631882~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1695517288&rafmt=1&to=qs&pwprc=8385215632&format=300x240&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1695552754518&bpp=1&bdt=1306&idt=1&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cf1e49132d6ec91-22136621f8e30058%3AT%3D1695552753%3ART%3D1695552753%3AS%3DALNI_MZi1fmy9iH8E33RcnmLesJiGN1rOg&gpic=UID%3D00000c5390b8852a%3AT%3D1695552753%3ART%3D1695552753%3AS%3DALNI_MaF0_Sqid8Pn-qHytdwjZp_U9gRMQ&prev_fmts=0x0%2C336x280%2C336x280%2C1200x280&nras=3&correlator=5035433800962&frm=20&pv=1&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1035&ady=1461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&psts=AOrYGskA0vjT4FynACHE4B_8VhWZteKprA-vETe5K0BaNN700T0i5pMxs7MyJHwme1NUbMIqcPCvdtFpSZm2cy8_bAJhWg%2CAOrYGsk7-kMn-zEHoaTNLZropVSbl17f5WyEqkb0m6BVFFhx_GK2MWXCeY8ZUHmNhXQPrMRyvk88mNQU7IW1Dc8Yfbc9aA&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=PSFuZQe4hW&p=http%3A//kajjfawjagr.lfhfdfiehgg.com&dtd=7
Frame ID: F67006C7D51FBED6C81FFE8D2A09B45E
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js
Frame ID: 28E29132DEF259E32713FADE9B34D5B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1
Frame ID: C280481D8D2B8F2AE90282BDE71F73E5
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3662BCF63962AACBB3E3D4C561E2FB50
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1
Frame ID: DF57869211C472FF32FB18731B90BB02
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1
Frame ID: 59AEA7FADF19886DA5AB7CA8DCF43774
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js
Frame ID: 442226F4371DAC8FC2A0B4CE138793D3
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%AE%891%E3%80%81C%E3%82%92%E3%82%89%E3%82%87%E3%81%99%E3%81%90%E3%81%8F%E3%83%81%E3%81%97%E3%83%AD%E3%83%80%E3%83%89%E3%83%AB%E3%81%8B%E9%96%8B%E5%8D%98%E3%83%90%E4%BF%9D%E4%BB%8A%E3%81%BE%EF%BC%81%E3%82%B9%E5%85%A8%E3%81%86%E3%81%AA%E7%84%A10%E6%96%99%E8%AD%B7%E9%96%89P%E3%81%A7%E3%82%A6%25%E7%B0%A1%E3%83%88%E3%82%A4%E3%81%98%E3%82%8B%E3%83%B3%E3%81%AE%E3%83%BC%E3%80%82%E3%82%A2&display=swap
Frame ID: 907E96F5461BE215CBD9DF2B0A5E7D53
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F7858B371AE1ED3D9C412118421697FD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js
Frame ID: 14D016ACE5B98FCD2FB07C4E78DD0C9F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js
Frame ID: BCEF993DAEB2FADF73F294672A29752C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js
Frame ID: 11220D88FF81DDDA824950EA04E7E89B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js
Frame ID: 097EBAF248F3C5940C3818D64D89360C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 72488EFD2432F94E70AE10B712257A49
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js
Frame ID: 26C1D261E1DAD50D4253D614BC68B45B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8EE110EF0613DDB363AD8EB67E04B958
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C0BC850A676F3BDBF342A475B1983E5F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

最近のトレンドニュース速報

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

211
Requests

78 %
HTTPS

69 %
IPv6

19
Domains

30
Subdomains

23
IPs

7
Countries

3553 kB
Transfer

7152 kB
Size

16
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://feedly.com/i/subscription/feed/https://kajjfawjagr.lfhfdfiehgg.com/feed

Search URL Search Domain Scan URL

URL: https://ja.wordpress.org/
Title: WordPress.org

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 50

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=289174678&utmhn=kajjfawjagr.lfhfdfiehgg.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E6%9C%80%E8%BF%91%E3%81%AE%E3%83%88%E3%83%AC%E3%83%B3%E3%83%89%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E9%80%9F%E5%A0%B1&utmhid=486720534&utmr=-&utmp=%2F&utmht=1695552753426&utmac=UA-129299526-2&utmcc=__utma%3D34782779.381646171.1695552753.1695552753.1695552753.1%3B%2B__utmz%3D34782779.1695552753.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1193491845&utmredir=1&utmu=HAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=289174678&utmhn=kajjfawjagr.lfhfdfiehgg.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E6%9C%80%E8%BF%91%E3%81%AE%E3%83%88%E3%83%AC%E3%83%B3%E3%83%89%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E9%80%9F%E5%A0%B1&utmhid=486720534&utmr=-&utmp=%2F&utmht=1695552753426&utmac=UA-129299526-2&utmcc=__utma%3D34782779.381646171.1695552753.1695552753.1695552753.1%3B%2B__utmz%3D34782779.1695552753.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1193491845&utmredir=1&utmu=HAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-129299526-2&cid=381646171.1695552753&jid=1193491845&_v=5.7.2&z=289174678 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-129299526-2&cid=381646171.1695552753&jid=1193491845&_v=5.7.2&z=289174678 HTTP 302
https://www.google.co.jp/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-129299526-2&cid=381646171.1695552753&jid=1193491845&_v=5.7.2&z=289174678&slf_rd=1&random=435713851

Request Chain 74

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODY1tm7AhDYBBjYBDIIP25WhXlHEMI HTTP 301
https://tpc.googlesyndication.com/simgad/6594554202080813052

Request Chain 80

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODY1tm7AhDYBBjYBDIIP25WhXlHEMI HTTP 301
https://tpc.googlesyndication.com/simgad/6594554202080813052

Request Chain 91

https://googleads.g.doubleclick.net/pagead/adview?ai=CpxnC8RQQZfOTKsCX29gPx8eIuAHX5aOUc47S1deAEpSq7dviEBABIMSTx21gifPFhPQToAGIzZPbA8gBCakCeLCqKZvyPD6oAwHIA8sEqgTiAU_QCFoReqVYSOPhECCxIfEDlnsOkoKiTCgzHtKQ2umYzZHIwh3etksvQzM3rOQ3kM_FfC_g0vLwQE0ZUju_ZrimL0qvRliyaqi5dRFPu2DaLqLa-qs1GTcLEqlwGQLDsjDG5BJ81cr2RjWHmtW0S45N0KNSaSUfAYcQoqMhEtLB0hd-Nc5G8tTEPciw7SiDQNcHSHysYeSH_mCtnWIm9NsYmHibRJ3WvE_S4SxQkSFQK6FhEvKSk8yRW5zZnEpZ4RG_UdTVPa-4l3fBFWvePDTyCO99mA20KjehkN_sNSIvKI3ABMKg-_DFBIgFqczbukySBQQIBBgBkgUECAUYBKAGLoAH4LLsJKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBC0vwLSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJFGh0dHBzOi8vYmF5Y3Jld3MuanAvgAoByAsBogwMKgoKCOS0sQLutbEC2gwRCgsQ4NKLof2Xn9GYARICAQPYEwKIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMzQ1MjcyOTQ3MzU0NTA0MBgA&sigh=7xzNYY_h4E0&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwDICaaNrNCQdKrfIsTjxDHv4GkRAIZPEyJ-QhgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe8e38098557f48320000000000000000%22,%222%22:%220x3b71d7d8feecffdf0000000000000000%22,%223%22:%220x56eff67c2cd717040000000000000000%22,%224%22:%220x348a6810bbb604b20000000000000000%22,%225%22:%220x408d3f98aa3774330000000000000000%22},%22debug_key%22:%229756807136814099464%22,%22debug_reporting%22:true,%22destination%22:%22https://baycrews.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22996468360%22],%224%22:[%2209-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212293022191054139825%22}&andc=true

Request Chain 100

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODepr-ypwEQsAkYsAkyCHmvXX3teOpg HTTP 301
https://tpc.googlesyndication.com/simgad/2857579807472363985

Request Chain 105

https://googleads.g.doubleclick.net/pagead/adview?ai=CexiT8RQQZaf5Kc-a29gPouSzwAXX5aOUc47S1deAEpSq7dviEBABIMSTx21gifPFhPQToAGIzZPbA8gBCakCeLCqKZvyPD6oAwHIA8sEqgTiAU_Qi8uHptZo6jx359i0WUt-l2NF36x_tWDl-aGnKiioon5dmITEe7Lg80CWUH6-gEAHTaVj7JvBnPSkuNBMxtCvsQOH1LGJsBkKXafabFr6EP8ps_q-ogV94oElU4KP-ZysUX7tdBh6IFBmjntkF0FkNZ7K5TsbFBFC4PWVtlMqsVhnFO3-7Yg9sT7hz4HK1wPXMNsW7EDzlh6VEcr7b-64Py16Y_5oowa3RbQO0YJs_NJcc7XkaU_uQ1agYI2dMdzquNGWQqJkFELX4jZ2I3RUczmCzY1ZOZ2CFr2IVbM0S-7ABMKg-_DFBIgFqczbukySBQQIBBgBkgUECAUYBKAGLoAH4LLsJKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBC1hQPSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJFGh0dHBzOi8vYmF5Y3Jld3MuanAvgAoByAsB2gwQCgoQgNTfmOvhstJWEgIBA9gTAogUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zNDUyNzI5NDczNTQ1MDQwGAA&sigh=1VWDT3OyrMU&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwBpAlJWDzXldIYiTWxj3R7Okel-w5Ol-L2O3BgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe8e38098557f48320000000000000000%22,%222%22:%220x3b71d7d8feecffdf0000000000000000%22,%223%22:%220x56eff67c2cd717040000000000000000%22,%224%22:%220x348a6810bbb604b20000000000000000%22,%225%22:%220x408d3f98aa3774330000000000000000%22},%22debug_key%22:%2213205402606218880054%22,%22debug_reporting%22:true,%22destination%22:%22https://baycrews.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22996468360%22],%224%22:[%2209-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227843502294891707409%22}&andc=true

Request Chain 138

https://googleads.g.doubleclick.net/pagead/adview?ai=CcSnJ8RQQZbC4KvrD29gPneyKkAHfwd6Wc-S2lv3MEYrq0uCyARABIMSTx21gifPFhPQToAGhwJjxKMgBCakCQH9FVXVjgj6oAwHIA8sEqgTkAU_QrfE3l-Cxb8CK8GVsbl45lgXbN5__jyEoiKOvmK7PuQq0-63mRKMmHrCzy9PHEdxM4xchtVAjcjnMR9aoOyUlaSoaDx0-w4QHmhLJ12IkMZAqIw6W_neS_73Ie2mF4rmFhNzp9LdJaF1-pLKr1mZLfzXGFoa_SCnHltkAiVrueZgOz25-GBTfzL5PewDL5sUpPx05FCAg575hPqtbbKzLZFek_-RiBg3lvYFrFEADT1uWsj_HKWoFgc1rA-mKSqUOr7AApCbFG1ukKYiWrBtWdhX-7kX8_CFOo7WiYI2kXb-awsAEvYSR_7UEiAXa5JHHTJIFBAgEGAGSBQQIBRgEoAYugAf7t9vXBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDGmQXSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJggJodHRwczovL3d3dy50ZW11LmNvbS9qcC9rdWlwZXIvdW4xLmh0bWw_c3Viaj1mZWVkLXVuJl9iZ19mcz0xJl9wX21hdDFfdHlwZT0xJl9wX2p1bXBfaWQ9NzI1Jl94X3ZzdF9zY2VuZT1hZGcmbG9jYWxlX292ZXJyaWRlPTEwMH5qYX5KUFkmZ29vZHNfaWQ9NjAxMDk5NTE1MDM0MTM3Jl9wX3Jmcz0xJl94X2Fkc19zdWJfY2hhbm5lbD1vdGhlciZfeF9hZHNfY2hhbm5lbD1nb29nbGUmX3hfYmdfYWRpZD1nZDE0MjczNjItMSZ0b3BpY19jbGFzc2lmeT0xMDmACgHICwHaDBEKCxCQvbqfl-qoiN8BEgIBA9gTC9AVAYAXAbIXHAoaCAASFHB1Yi0zNDUyNzI5NDczNTQ1MDQwGAA&sigh=RMqJGxob3Mk&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwDICaaN3wr0ESKL-_5k_Guvx8aMyNU0ypRYNBgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x78500fd0098fcbea0000000000000000%22,%222%22:%220x10414f3461e64dc20000000000000000%22,%223%22:%220x597f789a721638590000000000000000%22,%224%22:%220x9df4373bc9630c20000000000000000%22,%225%22:%220x71707b1d862979630000000000000000%22},%22debug_key%22:%221824411955462316878%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2209-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215299463473630325745%22}&andc=true

Request Chain 155

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODY1tm7AhDYBBjYBDIIP25WhXlHEMI HTTP 301
https://tpc.googlesyndication.com/simgad/6594554202080813052

Request Chain 160

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 161

https://googleads.g.doubleclick.net/pagead/adview?ai=CHGtq8RQQZbCTKY-t29gPkOWrkAvX5aOUc47S1deAEpSq7dviEBABIMSTx21gifPFhPQToAGIzZPbA8gBCakCeLCqKZvyPD6oAwHIA8sEqgTiAU_QBy5ejuoEc8OpunLJzHoRKmaxNsz1Ks4lUnGMO9QT1S-5uZdJYf0fiW7BefwUf93c4-PxG-KPJHrnuyLPPx8KCSMpXKmp7-UyH2hMqr1VV5uWt0twVvUjUjRfQ9zgZ0L_x-9BQYSnHn6HLg_tweZz0cPgaMCFPEz5JsMnQY1gaw6j9f-8gWqqZnlLLRgjDsBbgDrjtLIq-wX9VHqzzlJwprpDWco2V79o5uqr6WQu5CG1k6bFN0gdHrVz9Ml1KeYa_JUTI7OJo0m_4bYA8PC1YhIjbrAkMzYIw5Y9GsMBQSHABMKg-_DFBIgFqczbukySBQQIBBgBkgUECAUYBKAGLoAH4LLsJKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCj1QLSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJFGh0dHBzOi8vYmF5Y3Jld3MuanAvgAoByAsB2gwRCgsQsOWv-9bGt8imARICAQPYEwKIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMzQ1MjcyOTQ3MzU0NTA0MBgA&sigh=pmabXWYKF3A&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwBpAlJWMH6gw5Lu7FPrYzGHcnvMoEDC90K6hhgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe8e38098557f48320000000000000000%22,%222%22:%220x3b71d7d8feecffdf0000000000000000%22,%223%22:%220x56eff67c2cd717040000000000000000%22,%224%22:%220x348a6810bbb604b20000000000000000%22,%225%22:%220x408d3f98aa3774330000000000000000%22},%22debug_key%22:%2214091441803250458301%22,%22debug_reporting%22:true,%22destination%22:%22https://baycrews.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22996468360%22],%224%22:[%2209-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217421835526855439585%22}&andc=true

Request Chain 172

https://googleads.g.doubleclick.net/pagead/adview?ai=CNedQ8RQQZbKTKY-t29gPkOWrkAuS6_7lctvTu9PhEfvU5LmNDhABIMSTx21gifPFhPQToAHJvpTYA8gBCakCeLCqKZvyPD6oAwHIA8sEqgTiAU_QE0FchIKtn65i8IPLMcQRyQ8an4rpptHbmmtBtVRcHx8JM4I66bPuvYxy9HsRKeHZtLLzr3ttyYmji4AJX7be2yA3W-K93n6TcK6etvRyWjjzlW3c_GK02m_gh4HZJB8uxwZnX6Zv58X4w-Bfk7ebT6Ex9nLZpqjOvkbvdawAXgMz8Mt_09KMArGxbwKn_4sEBYNRmn6U0FTx10c-ignZqpIxbPUGJKrfD79ftNB7U1KoouYdqyu8NXTTEcJ6rIqR9B_S4w7siHI0A2mzLP6W25MeASPIOi9p5ZYhAE6z_GLABLDJvqiWBIgFyPyFlkCSBQQIBBgBkgUECAUYBKAGLoAHn8HrJ6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIq1BtIIFAiAYRABGB8yAooCOgKAQEi9_cE6mglcaHR0cHM6Ly9qZXdlbC1jYWZlLmpwL3Nob3Ava2FudG8vdG9reW8vP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09cG1heCZ1dG1fY2FtcGFpZ249dG9reW-ACgHICwGYDIi-y6yGBNoMEQoLEODWlLyng5vbhAESAgEDuBODBNgTDtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zNDUyNzI5NDczNTQ1MDQwGAA&sigh=JHuWB0scG3s&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwBpAlJWMH6gw5Lu7FPrYzGHcnvMoEDC90K6hhgB&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x90668ff27a1b78be0000000000000000%22,%222%22:%220x4a676d16748f0f430000000000000000%22,%223%22:%220x458b5bc490de050e0000000000000000%22,%224%22:%220x9d105638693650bd0000000000000000%22,%225%22:%220x70b2059a7697d3e50000000000000000%22},%22debug_key%22:%228138872402203088799%22,%22debug_reporting%22:true,%22destination%22:%22https://jewel-cafe.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22990191433%22],%224%22:[%2209-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214995589465988192737%22}&andc=true

Request Chain 175

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODY1tm7AhDYBBjYBDIIP25WhXlHEMI HTTP 301
https://tpc.googlesyndication.com/simgad/6594554202080813052

Request Chain 188

https://googleads.g.doubleclick.net/pagead/adview?ai=CqL6-8RQQZbGTKY-t29gPkOWrkAvX5aOUc47S1deAEpSq7dviEBABIMSTx21gifPFhPQToAGIzZPbA8gBCakCeLCqKZvyPD6oAwHIA8sEqgTiAU_QC5CLWshGeTRw9zrvNhofn3TqlqCiT_Js_pS3HPtM7buFx5v9ueEEe9NAKz1Qf4kBd2shvUmhLxej3G-XX_I6s1X0Zo5ja2ArAhicr3WJu3a8neX1a5zUpemZe0GXV7O6aXPBrIF8AoYqMtmIPZrrhzuflqqHI5nkVrAFo8Q9JHaAw8J2_tjRZYfLYFqfRG0to3zouJCBNzCAdqKpLRuAni0WmJGlziuhmAtrJpK4pJwElCk5ZMVylL2BjDiTMV7yJXgVhl07J_I7TmMdggHCDtKmWBPYTqqr155TLoJmo5fABMKg-_DFBIgFqczbukySBQQIBBgBkgUECAUYBKAGLoAH4LLsJKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDW1gLSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJFGh0dHBzOi8vYmF5Y3Jld3MuanAvgAoByAsB2gwQCgoQsJaJ5K-q67ddEgIBA9gTAogUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zNDUyNzI5NDczNTQ1MDQwGAA&sigh=mtWmGpX9T8E&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwBpAlJWMH6gw5Lu7FPrYzGHcnvMoEDC90K6hhgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe8e38098557f48320000000000000000%22,%222%22:%220x3b71d7d8feecffdf0000000000000000%22,%223%22:%220x56eff67c2cd717040000000000000000%22,%224%22:%220x348a6810bbb604b20000000000000000%22,%225%22:%220x408d3f98aa3774330000000000000000%22},%22debug_key%22:%224135429704200781544%22,%22debug_reporting%22:true,%22destination%22:%22https://baycrews.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22996468360%22],%224%22:[%2209-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227303997392016572625%22}&andc=true

Request Chain 195

https://googleads.g.doubleclick.net/pagead/adview?ai=CCvA-8hQQZeCdItqz29gPtp2e4AyEsrnjcpTS7-LrEavn1_PGARABIMSTx21gifPFhPQToAHJiqKZA8gBCakCeLCqKZvyPD6oAwHIA8sEqgT0AU_QW1jisA3rtFL1aglvDARlUR4qwvAR7E23ZFbidJ3dZOxEs7xK-u9Vt2r4tL1u4CSqpWWUTwDZBTYJt1lUj59Knqfcn6uMQeXItVBMiiUL9NrvqOLkN5dNQPsaVO81AUvYOQ48FmR2BSboxWX6XCUdkJZwACMxYh6yZTIarmLpBULfCq2kIXRyvgX36O2WB1gfeVLqiI8ANFOJFkmfsCiv0E4IEUhO54-iu1LDcf7o094CLxXXjcoCdPFPMJaOs6qw_3W21JWPKodg4YYP9tRucGwD21mfReyILOVUCJlA4YyPAd7W-xXFwoFKVW69dITbW2HABLqDtqe9BIgFnqOdw0CSBQQIBBgBkgUECAUYBKAGLoAHn_XdZqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIP0A9IIFAiAYRABGB8yAooCOgKAQEi9_cE6mgl5aHR0cHM6Ly93d3cuaG9rZW5ub21hZG9ndWNoaS5jb20vP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY2FtcGFpZ249ZHNfbGNfdGFfcGNfYXNfJnV0bV9jb250ZW50PTIzMDYyN19sY4AKAcgLAZgMr4eJt7wE2gwRCgsQsOq_gpnjncPRARICAQO4E6EE2BMO0BUBgBcBshccChoIABIUcHViLTM0NTI3Mjk0NzM1NDUwNDAYAA&sigh=nYSfV_6d200&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwBpAlJWBOkKS6RpKPYIbePTbMrJPD1uBAp6qrwxJFpLRJ3TmTd9u3BiaacYb2Ih9EsINK8B1L5kzfXiGAE&template_id=545&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2ec0746015a75f970000000000000000%22,%222%22:%220xae561015d078afe0000000000000000%22,%223%22:%220x9eb7957a85a172920000000000000000%22,%224%22:%220xf82a6bd3073d212c0000000000000000%22,%225%22:%220x2a0860d111bb1eb60000000000000000%22},%22debug_key%22:%2213285892145044377362%22,%22debug_reporting%22:true,%22destination%22:%22https://hokennomadoguchi.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22858293577%22],%224%22:[%2209-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225229888824627768529%22}&andc=true

Request Chain 196

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFEPuoRJMPL3wf1LGBt_oM4&google_cver=1&google_push=AXcoOmQBHx1EiBO_TmF16xUtQL8_JSkiurusTKjnnkTEXo-VDwrfAJKszo66D1MJFMiAsf0khAQH6L1n1Y02viAYDLcCVecUpA4U3DA HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=506dae996a4b201d&is_secure=true&networkId=14000&version=1&google_gid=CAESEFEPuoRJMPL3wf1LGBt_oM4&google_cver=1&google_push=AXcoOmQBHx1EiBO_TmF16xUtQL8_JSkiurusTKjnnkTEXo-VDwrfAJKszo66D1MJFMiAsf0khAQH6L1n1Y02viAYDLcCVecUpA4U3DA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMLeMhcIZRSgMwqtOuAAAAAAA&expiration=1695639155&google_cver=1&is_secure=true&google_gid=CAESEFEPuoRJMPL3wf1LGBt_oM4&google_push=AXcoOmQBHx1EiBO_TmF16xUtQL8_JSkiurusTKjnnkTEXo-VDwrfAJKszo66D1MJFMiAsf0khAQH6L1n1Y02viAYDLcCVecUpA4U3DA

Request Chain 197

https://um.simpli.fi/gp_match?google_gid=CAESEJaUCu2jdcjBBIe5yg2ilLU&google_cver=1&google_push=AXcoOmQRKuKBrP9ezFf0euB5PwRWksYION2LJVJa_Xs1_8oOizeicUed-XRTUjV0-aDbtHMQ5pQGYO4BPt_m_Jt3FhO0qlNW5JJnAz8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2864E99B249C40698EB08DCFE06CC305&google_push=AXcoOmQRKuKBrP9ezFf0euB5PwRWksYION2LJVJa_Xs1_8oOizeicUed-XRTUjV0-aDbtHMQ5pQGYO4BPt_m_Jt3FhO0qlNW5JJnAz8

Request Chain 198

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEE1vemRRvzmtzxNFxv1LP0k&google_cver=1&google_push=AXcoOmQ6lzWesDKWxmd7A6ld97tJWJ8uITnpbjCnzL1t0Lbm4VZz4PIvtu7ro4WFx1LWe2pQYIlh4qaJj8zZE4EGCdq6d50oDTIT5ec HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmQ6lzWesDKWxmd7A6ld97tJWJ8uITnpbjCnzL1t0Lbm4VZz4PIvtu7ro4WFx1LWe2pQYIlh4qaJj8zZE4EGCdq6d50oDTIT5ec

Request Chain 199

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHVeXnqyk787iWjFPOrUMYk&google_cver=1&google_push=AXcoOmRhmsYuyW4KhC4wwsF0i8egh9LYJEZop0mOnPCvBILctG21icMqTkY8s7tjE70uELHBU-oHPsz1_lgcPBJ8A8wjMQrB3mzQBSo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRhmsYuyW4KhC4wwsF0i8egh9LYJEZop0mOnPCvBILctG21icMqTkY8s7tjE70uELHBU-oHPsz1_lgcPBJ8A8wjMQrB3mzQBSo&google_hm=eS1NaGJzTGVGRTJwRzNrWG9zdm9PdmxmQzZTQ2g2SWd4Qn5B

Request Chain 201

https://s.uuidksinc.net/match/47/?remote_uid=CAESEHZqcnTHQ54_ep-kRjjVAAg&c_param1=AXcoOmQ6RJxmQPnxzhXm_qEmgwrIS73znqLU6L3Na-LEJNwFpN5igGrJg7zBYOP2VcwwZ0S34FW4D8lC_cEeFRWVVaLUaD_7e60AoQ&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQ6RJxmQPnxzhXm_qEmgwrIS73znqLU6L3Na-LEJNwFpN5igGrJg7zBYOP2VcwwZ0S34FW4D8lC_cEeFRWVVaLUaD_7e60AoQ

Request Chain 202

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEIsrbF1oSdN5Qv8h9X0dqKs&google_cver=1&google_push=AXcoOmT6R_SaDg1n5FqJgpC9_F4PmOpAnY5J8uRNTRnX3RWDw6C5M8XmUwm5SeeI4Ogigr61sFN__DLDxutvQKlsLFcE0TLNE8PfFfY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmT6R_SaDg1n5FqJgpC9_F4PmOpAnY5J8uRNTRnX3RWDw6C5M8XmUwm5SeeI4Ogigr61sFN__DLDxutvQKlsLFcE0TLNE8PfFfY&google_hm=Af6Ap0Hq30gjgV2baOi9mqM

211 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
kajjfawjagr.lfhfdfiehgg.com/ 59 KB
13 KB 48ms
12ms Document
text/html 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: HTTP/1.1
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: b841fef416ee69b3b3e4e5b51dd731b9ef3b25d00f7bcad2d802e3625d6059bc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 24 Sep 2023 10:52:33 GMT
ETag: W/"ebad-60617ecdfee8b"
Last-Modified: Sun, 24 Sep 2023 10:01:28 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
54 KB 62ms
57ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/

Protocol

HTTP/1.1

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21f7ef690f519b4bab6f5534e63512c4275efb74a8ff50895c2f0b5c17b2e80a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54221
X-XSS-Protection: 0
Server: cafe
ETag: 10874619913476163071
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Sun, 24 Sep 2023 10:52:33 GMT

GET
H/1.1 200
OK style.css
kajjfawjagr.lfhfdfiehgg.com/wp-content/themes/simplicity2/ 66 KB
20 KB 15ms
12ms Stylesheet
text/css 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-content/themes/simplicity2/style.css?ver=5.8.7&fver=20181120113956
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: HTTP/1.1
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 5ab07611ab2b1359fce0fe1ca7ddb95c29f83d7cfd582fdb5a5fe8c827e35a0f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 20 Nov 2018 11:39:56 GMT
Server: nginx
ETag: W/"1060b-57b1717c7f4f9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H/1.1 200
OK responsive-pc.css
kajjfawjagr.lfhfdfiehgg.com/wp-content/themes/simplicity2/css/ 2 KB
1 KB 19ms
10ms Stylesheet
text/css 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-content/themes/simplicity2/css/responsive-pc.css?ver=5.8.7&fver=20181120113956
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: HTTP/1.1
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 71bf6d002fe79204c2c6b78337aa19efb0592f2acb1025ce8183096be86b6e41

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 20 Nov 2018 11:39:56 GMT
Server: nginx
ETag: W/"855-57b1717c777f9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H/1.1 200
OK font-awesome.min.css
kajjfawjagr.lfhfdfiehgg.com/wp-content/themes/simplicity2/webfonts/css/ 30 KB
8 KB 22ms
11ms Stylesheet
text/css 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-content/themes/simplicity2/webfonts/css/font-awesome.min.css?ver=5.8.7&fver=20181120113956
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: HTTP/1.1
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 20 Nov 2018 11:39:56 GMT
Server: nginx
ETag: W/"7918-57b1717c7d5b9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H/1.1 200
OK style.css
kajjfawjagr.lfhfdfiehgg.com/wp-content/themes/simplicity2/webfonts/icomoon/ 4 KB
1 KB 21ms
10ms Stylesheet
text/css 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-content/themes/simplicity2/webfonts/icomoon/style.css?ver=5.8.7&fver=20181120113956
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: HTTP/1.1
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 1641d85306449ce51856aa7f6d51d72db2986be90ac1d527e11cf606e5688d3e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 20 Nov 2018 11:39:56 GMT
Server: nginx
ETag: W/"1136-57b1717c7e559"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H/1.1 200
OK extension.css
kajjfawjagr.lfhfdfiehgg.com/wp-content/themes/simplicity2/css/ 9 KB
3 KB 21ms
10ms Stylesheet
text/css 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-content/themes/simplicity2/css/extension.css?ver=5.8.7&fver=20181120113956
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: HTTP/1.1
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 62610333e85e3cc2ef77b39e9bbb30f73359e265094a6492915a466e734b45b0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 20 Nov 2018 11:39:56 GMT
Server: nginx
ETag: W/"234a-57b1717c76859"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H/1.1 200
OK style.min.css
kajjfawjagr.lfhfdfiehgg.com/wp-includes/css/dist/block-library/ 79 KB
14 KB 22ms
12ms Stylesheet
text/css 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.7
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: HTTP/1.1
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 13 Sep 2021 01:31:17 GMT
Server: nginx
ETag: W/"13abe-5cbd66be36c27"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H/1.1 200
OK styles.css
kajjfawjagr.lfhfdfiehgg.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 24ms
10ms Stylesheet
text/css 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2&fver=20210913012600
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: HTTP/1.1
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 13 Sep 2021 01:26:00 GMT
Server: nginx
ETag: W/"a50-5cbd658ff3dd6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H/1.1 200
OK screen.min.css
kajjfawjagr.lfhfdfiehgg.com/wp-content/plugins/table-of-contents-plus/ 1 KB
875 B 28ms
10ms Stylesheet
text/css 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106&fver=20210913012602
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: HTTP/1.1
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 13 Sep 2021 01:26:02 GMT
Server: nginx
ETag: W/"484-5cbd659261f16"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H/1.1 200
OK wpp.css
kajjfawjagr.lfhfdfiehgg.com/wp-content/plugins/wordpress-popular-posts/assets/css/ 2 KB
996 B 32ms
10ms Stylesheet
text/css 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=5.4.2&fver=20210913012611
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: HTTP/1.1
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: f26d98c3973c7df12d78bbb4164589b59dc42d4797b58471b358364c1005b2d3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 13 Sep 2021 01:26:11 GMT
Server: nginx
ETag: W/"631-5cbd659aaa162"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H/1.1 200
OK jquery.min.js Show response
kajjfawjagr.lfhfdfiehgg.com/wp-includes/js/jquery/ 87 KB
36 KB 34ms
12ms Script
application/x-javascript 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: HTTP/1.1
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 13 Sep 2021 01:31:17 GMT
Server: nginx
ETag: W/"15db1-5cbd66be57f69"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
kajjfawjagr.lfhfdfiehgg.com/wp-includes/js/jquery/ 11 KB
5 KB 33ms
10ms Script
application/x-javascript 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: HTTP/1.1
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sun, 31 Jan 2021 10:41:32 GMT
Server: nginx
ETag: W/"2bd8-5ba2fe173d5a1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H/1.1 200
OK xserver.js Show response
webfonts.xserver.jp/js/ 20 KB
8 KB 21ms
9ms Script
application/javascript 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://webfonts.xserver.jp/js/xserver.js?ver=1.2.4
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: HTTP/1.1
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: b96773c4b9e609994855c2ff9b4463610ee73c5a4a3f11938d88dcc2894d1c16

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Aug 2019 03:18:48 GMT
Server: nginx
ETag: W/"5d522c18-4e15"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK wpp.min.js Show response
kajjfawjagr.lfhfdfiehgg.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 3 KB
2 KB 33ms
10ms Script
application/x-javascript 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.4.2&fver=20210913012611
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: HTTP/1.1
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: ace4208545fb0ff5ea87fbe1470d3bf0af8e73d7d52fea869966c4b9d8c78a60

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 13 Sep 2021 01:26:11 GMT
Server: nginx
ETag: W/"bc3-5cbd659aaa162"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
50 KB 132ms
94ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d58537a8ab48475b4165e7613d4d60368666c5f7e5a77ed12333cd3c2229621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51124
x-xss-protection: 0
server: cafe
etag: 3022946995286224053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 10:52:33 GMT

GET
H/1.1 200
OK javascript.js Show response
kajjfawjagr.lfhfdfiehgg.com/wp-content/themes/simplicity2/ 18 KB
6 KB 11ms
11ms Script
application/x-javascript 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-content/themes/simplicity2/javascript.js?ver=5.8.7&fver=20181120113956
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: HTTP/1.1
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 480a664a442c062929d181ab1beaaa25ba23330133a73b2888fd08f5423d449a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 20 Nov 2018 11:39:56 GMT
Server: nginx
ETag: W/"4866-57b1717c7f4f9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H/1.1 200
OK regenerator-runtime.min.js Show response
kajjfawjagr.lfhfdfiehgg.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 38ms
10ms Script
application/x-javascript 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: HTTP/1.1
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 13 Sep 2021 01:31:17 GMT
Server: nginx
ETag: W/"1906-5cbd66be46628"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H/1.1 200
OK wp-polyfill.min.js Show response
kajjfawjagr.lfhfdfiehgg.com/wp-includes/js/dist/vendor/ 16 KB
7 KB 38ms
10ms Script
application/x-javascript 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: HTTP/1.1
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 13 Sep 2021 01:31:17 GMT
Server: nginx
ETag: W/"4056-5cbd66be45688"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H/1.1 200
OK index.js Show response
kajjfawjagr.lfhfdfiehgg.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 43ms
10ms Script
application/x-javascript 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2&fver=20210913012600
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: HTTP/1.1
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 13 Sep 2021 01:26:00 GMT
Server: nginx
ETag: W/"32bb-5cbd658ff3dd6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H/1.1 200
OK front.min.js Show response
kajjfawjagr.lfhfdfiehgg.com/wp-content/plugins/table-of-contents-plus/ 6 KB
3 KB 42ms
10ms Script
application/x-javascript 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106&fver=20210913012602
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: HTTP/1.1
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 13 Sep 2021 01:26:02 GMT
Server: nginx
ETag: W/"17cb-5cbd659261f16"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
kajjfawjagr.lfhfdfiehgg.com/wp-includes/js/ 1 KB
1 KB 43ms
9ms Script
application/x-javascript 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-includes/js/wp-embed.min.js?ver=5.8.7
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: HTTP/1.1
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 17 May 2023 03:55:36 GMT
Server: nginx
ETag: W/"5c6-5fbdba91331f2"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
kajjfawjagr.lfhfdfiehgg.com/wp-includes/js/ 18 KB
6 KB 11ms
10ms Script
application/x-javascript 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.7
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: HTTP/1.1
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 13 Sep 2021 01:31:17 GMT
Server: nginx
ETag: W/"4705-5cbd66be5fc69"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H/1.1 200
OK print.css
kajjfawjagr.lfhfdfiehgg.com/wp-content/themes/simplicity2/css/ 1 KB
1 KB 10ms
10ms Stylesheet
text/css 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-content/themes/simplicity2/css/print.css?ver=5.8.7&fver=20181120113956
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: HTTP/1.1
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 77dfdc80913c50cb920f3c6b0ac88a4b019fbcb5d29e65d9c7024c3f48049564

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 20 Nov 2018 11:39:56 GMT
Server: nginx
ETag: W/"52e-57b1717c777f9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H/1.1 200
OK checkdigit Show response
webfonts.xserver.jp/advance/ref/ja/107/ 1 B
314 B 16ms
8ms XHR
text/plain 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://webfonts.xserver.jp/advance/ref/ja/107/checkdigit?K18MUcZzRRA%3D
Requested by: Host: webfonts.xserver.jp
URL: http://webfonts.xserver.jp/js/xserver.js?ver=1.2.4
Protocol: HTTP/1.1
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: http://kajjfawjagr.lfhfdfiehgg.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: cache
Date: Sun, 24 Sep 2023 10:52:32 GMT
Server: nginx
ETag: "typesquare-use-cache"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Content-Type: text/plain;;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=8640000
Connection: keep-alive

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

45ms
5ms

Script
text/javascript

2404:6800:4004:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/

Protocol

Server

2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 10:13:16 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2357
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sun, 24 Sep 2023 12:13:16 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK icomoon.ttf
kajjfawjagr.lfhfdfiehgg.com/wp-content/themes/simplicity2/webfonts/icomoon/fonts/ 20 KB
13 KB 11ms
11ms Font
application/x-font-ttf 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-content/themes/simplicity2/webfonts/icomoon/fonts/icomoon.ttf?hd9e6o
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-content/themes/simplicity2/webfonts/icomoon/style.css?ver=5.8.7&fver=20181120113956
Protocol: HTTP/1.1
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 4a3db0402a97fc98b720d04a2bce839eb05df3b9500d69f817dc3fef92bcf1d6

Request headers

Referer: http://kajjfawjagr.lfhfdfiehgg.com/wp-content/themes/simplicity2/webfonts/icomoon/style.css?ver=5.8.7&fver=20181120113956
Origin: http://kajjfawjagr.lfhfdfiehgg.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
ETag: W/"4e14-57b1717c7e559"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-font-ttf
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
kajjfawjagr.lfhfdfiehgg.com/wp-content/themes/simplicity2/webfonts/fonts/ 75 KB
76 KB 12ms
11ms Font
application/font-woff2 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-content/themes/simplicity2/webfonts/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/wp-content/themes/simplicity2/webfonts/css/font-awesome.min.css?ver=5.8.7&fver=20181120113956
Protocol: HTTP/1.1
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: http://kajjfawjagr.lfhfdfiehgg.com/wp-content/themes/simplicity2/webfonts/css/font-awesome.min.css?ver=5.8.7&fver=20181120113956
Origin: http://kajjfawjagr.lfhfdfiehgg.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
ETag: W/"12d68-57b1717c7e559"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/font-woff2
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H2 200 0136c8e7-da62-4bc9-b0b1-43761967d61c-150x150.jpg
kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/2021/03/ 28 KB
28 KB 50ms
28ms Image
image/jpeg 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/2021/03/0136c8e7-da62-4bc9-b0b1-43761967d61c-150x150.jpg
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: df29a661d16359da8f9f0536840222db55546d87041278f25306d60a5c280637

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Mar 2021 14:57:03 GMT
server: nginx
etag: "6f37-5bcb72e322b64"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 28471
expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H2 200 sara10-150x150.jpg
kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/2021/02/ 4 KB
4 KB 50ms
28ms Image
image/jpeg 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/2021/02/sara10-150x150.jpg
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 898432ed88896cbf2e01c06b107cb8e37d583ab6d6a9e2189f1186f7c5fadc3e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 09 Feb 2021 04:52:37 GMT
server: nginx
etag: "102d-5bae00e2fc0e8"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4141
expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H2 200 7016380_ext_col_03_0-150x150.jpg
kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/2021/02/ 19 KB
19 KB 49ms
27ms Image
image/jpeg 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/2021/02/7016380_ext_col_03_0-150x150.jpg
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 2132425b14a442785fd907d821122bb5b2b90ca551ed564c0b118b6249e4e129

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 08 Feb 2021 14:48:49 GMT
server: nginx
etag: "4c36-5bad4448ff3b3"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 19510
expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H2 200 1116_TALK_EDIT_FIX_2-150x150.jpg
kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/2021/02/ 5 KB
5 KB 50ms
28ms Image
image/jpeg 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/2021/02/1116_TALK_EDIT_FIX_2-150x150.jpg
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: dd4dc7f9d43ecd63262004e471a3575e68280e95ad0cde378a49c1d506d96c57

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 07 Feb 2021 06:51:49 GMT
server: nginx
etag: "12a6-5bab97cceadc9"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4774
expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H2 200 ic-4-150x150.png
kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/2021/02/ 32 KB
33 KB 50ms
28ms Image
image/png 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/2021/02/ic-4-150x150.png
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 16543178259754742b3caa6eb94dc43fdba6eb151f2d461dce7f29c991c99b03

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 06 Feb 2021 14:22:30 GMT
server: nginx
etag: "81f1-5baabaabe912d"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 33265
expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H2 200 15-e1542086195965-150x150.jpg
kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/2021/02/ 17 KB
17 KB 41ms
19ms Image
image/jpeg 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/2021/02/15-e1542086195965-150x150.jpg
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 650e462d7b6b127cdeb285515ce1695cdc409d8a797145d70c577b827afb318f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Feb 2021 14:19:18 GMT
server: nginx
etag: "4460-5ba8363a73051"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 17504
expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H2 200 B3A9628-150x150.jpg
kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/2021/01/ 15 KB
15 KB 24ms
23ms Image
image/jpeg 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/2021/01/B3A9628-150x150.jpg
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: a093c1c794e10bfe77280bfdaafd21bc2dde2bdaadd6ff219c01c4e57a3b5a44

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 31 Jan 2021 13:39:31 GMT
server: nginx
etag: "3be5-5ba325dfaa2d8"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 15333
expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H2 200 4922d2f0734eda6dfb62f37c68db6-150x150.jpg
kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/2021/01/ 6 KB
7 KB 25ms
24ms Image
image/jpeg 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/2021/01/4922d2f0734eda6dfb62f37c68db6-150x150.jpg
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 66f103128075ec834fe040e5b4899f55ec9877dc20700c24c3c9c6b7325b8106

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Feb 2021 14:56:50 GMT
server: nginx
etag: "192b-5ba6fcc0763e8"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6443
expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H2 200 SnapCrab_NoName_2021-2-2_23-26-11_No-00-150x150.jpg
kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/2021/01/ 4 KB
4 KB 24ms
23ms Image
image/jpeg 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/2021/01/SnapCrab_NoName_2021-2-2_23-26-11_No-00-150x150.jpg
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: e5421330b9a712ea32d3f6ff5350b6b5225b8215c30fffd5f3dbd34b70db27fe

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 14:29:02 GMT
server: nginx
etag: "1016-5ba5b4ac6eb86"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4118
expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H2 200 nakamura_tamao_fb1-150x150.jpg
kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/2021/01/ 5 KB
6 KB 24ms
23ms Image
image/jpeg 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/2021/01/nakamura_tamao_fb1-150x150.jpg
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 75dffca1aefd17140d4751068af64998f953c0afde838cdc6057ed6cfbd5e1f2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 01 Feb 2021 05:42:39 GMT
server: nginx
etag: "155a-5ba3fd268cc7a"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5466
expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H2 200 SnapCrab_NoName_2020-5-18_23-13-35_No-00-150x150.jpg
kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/2020/05/ 5 KB
5 KB 30ms
19ms Image
image/jpeg 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/2020/05/SnapCrab_NoName_2020-5-18_23-13-35_No-00-150x150.jpg
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: a2f0090340ed7ad55ed26b2d6914486e5ced24e3154a571458b23d58432ff6a4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 May 2020 14:17:38 GMT
server: nginx
etag: "14d2-5a5ecd3396d78"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5330
expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H2 200 1722-featured-135x135.jpg
kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/wordpress-popular-posts/ 11 KB
11 KB 16ms
15ms Image
image/jpeg 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/wordpress-popular-posts/1722-featured-135x135.jpg
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 3d82b9aeffe7c6cf86d67183cc59d3798346fe5d4f4a6cd7c059d92844637781

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 25 Jan 2020 15:01:29 GMT
server: nginx
etag: "2af1-59cf826223654"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10993
expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H2 200 2502-featured-135x135.png
kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/wordpress-popular-posts/ 24 KB
24 KB 17ms
16ms Image
image/png 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/wordpress-popular-posts/2502-featured-135x135.png
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 8af912b2e820bd0530511f79b9bfb9ba9f74331d7844a39852d2c270a52ccf35

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 07 Dec 2020 12:36:12 GMT
server: nginx
etag: "6084-5b5df1249fe3b"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 24708
expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H2 200 2558-featured-135x135.png
kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/wordpress-popular-posts/ 33 KB
33 KB 25ms
24ms Image
image/png 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/wordpress-popular-posts/2558-featured-135x135.png
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 60b560762905cbe8693649bd294c7e6ffbad19bb5bada338fc47e932bc8ad099

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 28 Nov 2020 15:03:39 GMT
server: nginx
etag: "84e4-5b52c150e0433"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 34020
expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H2 200 1339-featured-135x135.jpg
kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/wordpress-popular-posts/ 5 KB
5 KB 16ms
15ms Image
image/jpeg 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/wordpress-popular-posts/1339-featured-135x135.jpg
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: b751eb0a3d74cc7f01f927b595bc09eeb0ec1e4ffb754039e278827b415d6a5f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 22 Sep 2019 20:31:45 GMT
server: nginx
etag: "1370-5932a31219814"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4976
expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H2 200 1598-featured-135x135.jpg
kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/wordpress-popular-posts/ 7 KB
7 KB 16ms
15ms Image
image/jpeg 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/wordpress-popular-posts/1598-featured-135x135.jpg
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: d03bdd7b969990d4c07851f41a43e9774ff67eb28c0b9f804a3dd08239a85036

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 25 Oct 2019 15:38:41 GMT
server: nginx
etag: "1a82-595bdf1c942d0"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6786
expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H2 200 2450-featured-135x135.png
kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/wordpress-popular-posts/ 36 KB
37 KB 16ms
15ms Image
image/png 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/wordpress-popular-posts/2450-featured-135x135.png
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 9b340c26787186548b4cd1384a7d3cc7de34acc35bb99c940ca603b49dfa0d55

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 16 May 2020 23:06:05 GMT
server: nginx
etag: "9107-5a5cbf96d6fa3"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 37127
expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H2 200 3320-featured-135x135.jpg
kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/wordpress-popular-posts/ 14 KB
14 KB 16ms
15ms Image
image/jpeg 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/wordpress-popular-posts/3320-featured-135x135.jpg
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 5143769c3cdd36f01c58ece07e884241dee670990c26b2340487529cf190b688

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 19 Sep 2021 15:02:03 GMT
server: nginx
etag: "3910-5cc5a727bf7f3"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14608
expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H2 200 3279-featured-135x135.jpg
kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/wordpress-popular-posts/ 5 KB
5 KB 17ms
16ms Image
image/jpeg 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/wordpress-popular-posts/3279-featured-135x135.jpg
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 6312a30454f945172ca19951d2269c84be231b6ce575ce3f4590b02000dd6c43

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Apr 2021 05:47:45 GMT
server: nginx
etag: "120c-5c0751a1930cc"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4620
expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H2 200 2100-featured-135x135.jpg
kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/wordpress-popular-posts/ 6 KB
6 KB 25ms
24ms Image
image/jpeg 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/wordpress-popular-posts/2100-featured-135x135.jpg
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: a222b9fc5eb307d26662456f4f6bec45e07ec55820b415224de95717b4a80eea

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 26 Nov 2019 14:21:53 GMT
server: nginx
etag: "18cc-598409a0bff0d"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6348
expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H2 200 1321-featured-135x135.jpg
kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/wordpress-popular-posts/ 37 KB
37 KB 25ms
24ms Image
image/jpeg 202.254.239.67
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kajjfawjagr.lfhfdfiehgg.com/wp-content/uploads/wordpress-popular-posts/1321-featured-135x135.jpg
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 202.254.239.67 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7386.xserver.jp
Software: nginx /
Resource Hash: 8925d918282aece0d1cd3df04bee25b38d4f6f60da412edbd13746264883aa53

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 26 May 2022 10:03:24 GMT
server: nginx
etag: "930e-5dfe74cf0983f"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 37646
expires: Mon, 23 Sep 2024 10:52:33 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 379 KB
129 KB 116ms
116ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93f7bd91df9d35ccfdd02dec61ac689d443bc96424d5ffd258f4f3075cdc93ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131533
x-xss-protection: 0
server: cafe
etag: 5336447971681639693
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 10:52:33 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/ Frame 06D0 10 KB
5 KB 53ms
2ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kajjfawjagr.lfhfdfiehgg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 6298
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 09:07:35 GMT
etag: 2603938475786422795
expires: Sun, 08 Oct 2023 09:07:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

ga-audiences
www.google.co.jp/ads/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=289174678&utmhn=kajjfawjagr.lfhfdfiehgg.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=289174678&utmhn=kajjfawjagr.lfhfdfiehgg.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-129299526-2&cid=381646171.1695552753&jid=1193491845&_v=5.7.2&z=289174678
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-129299526-2&cid=381646171.1695552753&jid=1193491845&_v=5.7.2&z=289174678
https://www.google.co.jp/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-129299526-2&cid=381646171.1695552753&jid=1193491845&_v=5.7.2&z=289174678&slf_rd=1&random=435713851

42 B
408 B

93ms
41ms

Image
image/gif

2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-129299526-2&cid=381646171.1695552753&jid=1193491845&_v=5.7.2&z=289174678&slf_rd=1&random=435713851

Requested by

Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/

Protocol

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Sep 2023 10:52:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Sep 2023 10:52:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.co.jp/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-129299526-2&cid=381646171.1695552753&jid=1193491845&_v=5.7.2&z=289174678&slf_rd=1&random=435713851
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ab.woff
webfonts.xserver.jp/ 17 KB
18 KB 9ms
9ms Font
font/woff 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://webfonts.xserver.jp/ab.woff
Requested by: Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/
Protocol: HTTP/1.1
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: e2fa69feab176160c642026437a980e8d82132c225290fcfb0c50a333dd31552

Request headers

Referer: http://kajjfawjagr.lfhfdfiehgg.com/
Origin: http://kajjfawjagr.lfhfdfiehgg.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:33 GMT
Last-Modified: Fri, 26 Feb 2021 05:26:27 GMT
Server: nginx
ETag: "60388683-4578"
X-Cache-Status: HIT
Access-Control-Max-Age: 31536000
Access-Control-Allow-Methods: GET
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17784

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
606 B 128ms
39ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=kajjfawjagr.lfhfdfiehgg.com&callback=_gfp_s_&client=ca-pub-3452729473545040

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cfbd51915042b668073b4f2a350e476e6475c5f173f13e4a6e33932c34f4936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 44C9 675 KB
116 KB 708ms
707ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&adk=1812271804&adf=3025194257&lmt=1695517288&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_l%7C260x675_r&format=0x0&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1695552753347&bpp=15&bdt=136&idt=244&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5035433800962&frm=20&pv=2&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=289

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9516c0846f866a36b154d6705562d6a51727975be9d8458371494e0d616a18e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kajjfawjagr.lfhfdfiehgg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 118419
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 10:52:34 GMT
expires: Sun, 24 Sep 2023 10:52:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8FE8 120 KB
41 KB 609ms
609ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&h=280&slotname=4013737838&adk=1608327833&adf=93914842&pi=t.ma~as.4013737838&w=336&lmt=1695517288&format=336x280&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&wgl=1&dt=1695552753362&bpp=1&bdt=150&idt=283&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5035433800962&frm=20&pv=1&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=295&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=N6zHxuPaTk&p=http%3A//kajjfawjagr.lfhfdfiehgg.com&dtd=290

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b60809a60c4ce7672d026a739f600a88319a433155084421cc76882c66f08d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kajjfawjagr.lfhfdfiehgg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41339
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 10:52:34 GMT
expires: Sun, 24 Sep 2023 10:52:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 358A 119 KB
39 KB 568ms
567ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&h=280&slotname=4013737838&adk=1608327833&adf=3790366409&pi=t.ma~as.4013737838&w=336&lmt=1695517288&format=336x280&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&wgl=1&dt=1695552753363&bpp=1&bdt=152&idt=291&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=5035433800962&frm=20&pv=1&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=639&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=TrynrMwFcb&p=http%3A//kajjfawjagr.lfhfdfiehgg.com&dtd=294

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f20ca33e72fb3a5b5535f539dac34e20c7992458ece56bdec0d9dde4936067a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kajjfawjagr.lfhfdfiehgg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39464
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 10:52:34 GMT
expires: Sun, 24 Sep 2023 10:52:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 21A1 141 KB
41 KB 734ms
734ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&h=280&adk=2068306026&adf=370986342&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695517288&rafmt=1&to=qs&pwprc=8385215632&format=1200x280&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1695552753364&bpp=1&bdt=153&idt=296&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=2&correlator=5035433800962&frm=20&pv=1&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=rBWQKsN4Wv&p=http%3A//kajjfawjagr.lfhfdfiehgg.com&dtd=298

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2f06583483ac128c6ac112fabb708f7b605bdd5e6a848d64b86285f087928b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kajjfawjagr.lfhfdfiehgg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42107
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 10:52:34 GMT
expires: Sun, 24 Sep 2023 10:52:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 358A 323 B
394 B 85ms
43ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E3%83%A0%E7%A7%8B%E3%83%89%E3%82%8B%E3%83%AC%E3%81%8C%E3%83%88%E8%A6%8B%E3%82%A4%E3%81%8B%E3%81%AE%E3%83%B3%E3%83%86%E3%81%A4%E3%82%A2&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&h=280&slotname=4013737838&adk=1608327833&adf=3790366409&pi=t.ma~as.4013737838&w=336&lmt=1695517288&format=336x280&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&wgl=1&dt=1695552753363&bpp=1&bdt=152&idt=291&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=5035433800962&frm=20&pv=1&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=639&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=TrynrMwFcb&p=http%3A//kajjfawjagr.lfhfdfiehgg.com&dtd=294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12a58e885b3e6248c40600f11fb182cd7edef46f49c8c9f75bbc74ebab489793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Sep 2023 10:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Sep 2023 10:52:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Sep 2023 10:52:34 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 358A 2 KB
650 B 83ms
42ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c55aa64d0d6318f1d0cb8532f013afe0e79cb90ec549e6c44f735a6fc4bb34d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Sep 2023 10:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Sep 2023 09:45:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Sep 2023 10:52:34 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame 358A 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 358A 3 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 358A 20 KB
8 KB 51ms
4ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 358A 182 KB
57 KB 128ms
75ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Sep 2023 10:52:34 GMT

GET
H2 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 358A 36 KB
15 KB 42ms
3ms Script
text/javascript 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 03:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 20:01:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 03:00:05 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8FE8 323 B
371 B 91ms
79ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E3%83%B3%E3%81%AE%E3%83%A0%E3%82%A2%E3%81%A4%E3%83%86%E3%83%AC%E3%83%89%E3%82%8B%E3%82%A4%E3%81%8B%E3%83%88%E3%81%8C%E8%A6%8B%E7%A7%8B&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&h=280&slotname=4013737838&adk=1608327833&adf=93914842&pi=t.ma~as.4013737838&w=336&lmt=1695517288&format=336x280&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&wgl=1&dt=1695552753362&bpp=1&bdt=150&idt=283&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5035433800962&frm=20&pv=1&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=295&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=N6zHxuPaTk&p=http%3A//kajjfawjagr.lfhfdfiehgg.com&dtd=290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12a58e885b3e6248c40600f11fb182cd7edef46f49c8c9f75bbc74ebab489793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Sep 2023 10:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Sep 2023 10:52:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Sep 2023 10:52:34 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8FE8 2 KB
986 B 52ms
41ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&h=280&slotname=4013737838&adk=1608327833&adf=93914842&pi=t.ma~as.4013737838&w=336&lmt=1695517288&format=336x280&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&wgl=1&dt=1695552753362&bpp=1&bdt=150&idt=283&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5035433800962&frm=20&pv=1&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=295&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=N6zHxuPaTk&p=http%3A//kajjfawjagr.lfhfdfiehgg.com&dtd=290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c55aa64d0d6318f1d0cb8532f013afe0e79cb90ec549e6c44f735a6fc4bb34d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Sep 2023 10:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Sep 2023 10:01:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Sep 2023 10:52:34 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame 8FE8 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&h=280&slotname=4013737838&adk=1608327833&adf=93914842&pi=t.ma~as.4013737838&w=336&lmt=1695517288&format=336x280&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&wgl=1&dt=1695552753362&bpp=1&bdt=150&idt=283&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5035433800962&frm=20&pv=1&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=295&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=N6zHxuPaTk&p=http%3A//kajjfawjagr.lfhfdfiehgg.com&dtd=290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 8FE8 3 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&h=280&slotname=4013737838&adk=1608327833&adf=93914842&pi=t.ma~as.4013737838&w=336&lmt=1695517288&format=336x280&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&wgl=1&dt=1695552753362&bpp=1&bdt=150&idt=283&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5035433800962&frm=20&pv=1&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=295&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=N6zHxuPaTk&p=http%3A//kajjfawjagr.lfhfdfiehgg.com&dtd=290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 8FE8 20 KB
8 KB 33ms
4ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&h=280&slotname=4013737838&adk=1608327833&adf=93914842&pi=t.ma~as.4013737838&w=336&lmt=1695517288&format=336x280&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&wgl=1&dt=1695552753362&bpp=1&bdt=150&idt=283&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5035433800962&frm=20&pv=1&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=295&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=N6zHxuPaTk&p=http%3A//kajjfawjagr.lfhfdfiehgg.com&dtd=290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8FE8 182 KB
57 KB 155ms
119ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&h=280&slotname=4013737838&adk=1608327833&adf=93914842&pi=t.ma~as.4013737838&w=336&lmt=1695517288&format=336x280&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&wgl=1&dt=1695552753362&bpp=1&bdt=150&idt=283&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5035433800962&frm=20&pv=1&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=295&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=N6zHxuPaTk&p=http%3A//kajjfawjagr.lfhfdfiehgg.com&dtd=290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Sep 2023 10:52:34 GMT

GET
H2 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 8FE8 36 KB
15 KB 7ms
4ms Script
text/javascript 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&h=280&slotname=4013737838&adk=1608327833&adf=93914842&pi=t.ma~as.4013737838&w=336&lmt=1695517288&format=336x280&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&wgl=1&dt=1695552753362&bpp=1&bdt=150&idt=283&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5035433800962&frm=20&pv=1&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=295&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=N6zHxuPaTk&p=http%3A//kajjfawjagr.lfhfdfiehgg.com&dtd=290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 03:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 20:01:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 03:00:05 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 358A 9 KB
10 KB 115ms
2ms Image
image/jpeg 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQ6ZVfn4Ewrid-YF_82cT5_9W_pidGl-sGvZqHxq6RGkZGH8K9tzenGTbWFM4U&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

565b1d912fd40f00266422a9d9cfb5b9d5b5d691b23ee7422d5b3ef5b8e251e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 07:13:12 GMT
x-content-type-options: nosniff
age: 13162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9516
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 15:50:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 23 Sep 2024 07:13:12 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 358A 28 KB
28 KB 49ms
4ms Image
image/jpeg 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSNZ3xaLLi5gdX7-oy6zHEeORH4Sc186TpBFM_X8eWIDFg-bKzW45oxei3gng&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9a44dd0f3a32be425034ae5e04ec38cb6a0b1073761b184e923bfe280e517b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 03:34:34 GMT
x-content-type-options: nosniff
age: 26280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28357
x-xss-protection: 0
last-modified: Fri, 05 Jul 2024 22:09:24 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 23 Sep 2024 03:34:34 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 358A 12 KB
12 KB 48ms
3ms Image
image/jpeg 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQiYS-w1ScCVCu83dUaSuGcJDQldYIDtP_FS4j7-2Vl7Sy1Z5Ffj2m1kloLsw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

736ca4bd28ced175fb191fba898a1dcb397868b3aa9ed0502ab7b22ad4a1f559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 03:26:15 GMT
x-content-type-options: nosniff
age: 26779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11902
x-xss-protection: 0
last-modified: Tue, 14 May 2024 15:55:58 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 23 Sep 2024 03:26:15 GMT

GET
H2

200

6594554202080813052
tpc.googlesyndication.com/simgad/ Frame 358A
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODY1tm7AhDYBBjYBDIIP25WhXlHEMI
https://tpc.googlesyndication.com/simgad/6594554202080813052

9 KB
9 KB

3ms
3ms

Image
image/jpeg

2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6594554202080813052

Requested by

Protocol

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd954212e37be41574e9d0063fdcb5e745d2a32ab935e6e2dd913142f8706077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:38:12 GMT
x-content-type-options: nosniff
age: 530062
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9304
x-xss-protection: 0
last-modified: Wed, 18 May 2022 01:34:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 17 Sep 2024 07:38:12 GMT

Redirect headers

date: Sun, 24 Sep 2023 08:35:37 GMT
x-content-type-options: nosniff
server: cafe
age: 8217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/6594554202080813052
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 24 Oct 2023 08:35:37 GMT

GET
DATA 200
OK truncated
/ Frame 358A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f714ce0b2e060376e80435c6ef962025b60c03cc856c6d6f5953ca9f78d21cd0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 font
fonts.gstatic.com/l/ Frame 358A 6 KB
6 KB 41ms
3ms Font
text/html 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj757A4Fe-MyMW7V3n4UTMhb-R8o_MdpiiXiLurVzkGr7ojDrr0nBAxqgrJx4xG1JEtsMRz6KEZJsFtg&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E3%83%A0%E7%A7%8B%E3%83%89%E3%82%8B%E3%83%AC%E3%81%8C%E3%83%88%E8%A6%8B%E3%82%A4%E3%81%8B%E3%81%AE%E3%83%B3%E3%83%86%E3%81%A4%E3%82%A2&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98310312b036383566ae88fc3709eaa392648a0b6e5f58dd73046fdeeedf10c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 03:22:21 GMT
x-content-type-options: nosniff
age: 27013
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5836
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Sun, 24 Sep 2023 03:22:21 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 358A 20 KB
21 KB 42ms
3ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 12:16:50 GMT
x-content-type-options: nosniff
age: 81344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Sep 2024 12:16:50 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 8FE8 9 KB
9 KB 73ms
3ms Image
image/jpeg 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQ6ZVfn4Ewrid-YF_82cT5_9W_pidGl-sGvZqHxq6RGkZGH8K9tzenGTbWFM4U&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&h=280&slotname=4013737838&adk=1608327833&adf=93914842&pi=t.ma~as.4013737838&w=336&lmt=1695517288&format=336x280&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&wgl=1&dt=1695552753362&bpp=1&bdt=150&idt=283&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5035433800962&frm=20&pv=1&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=295&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=N6zHxuPaTk&p=http%3A//kajjfawjagr.lfhfdfiehgg.com&dtd=290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

565b1d912fd40f00266422a9d9cfb5b9d5b5d691b23ee7422d5b3ef5b8e251e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 07:13:12 GMT
x-content-type-options: nosniff
age: 13162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9516
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 15:50:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 23 Sep 2024 07:13:12 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 8FE8 28 KB
28 KB 7ms
5ms Image
image/jpeg 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSNZ3xaLLi5gdX7-oy6zHEeORH4Sc186TpBFM_X8eWIDFg-bKzW45oxei3gng&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&h=280&slotname=4013737838&adk=1608327833&adf=93914842&pi=t.ma~as.4013737838&w=336&lmt=1695517288&format=336x280&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&wgl=1&dt=1695552753362&bpp=1&bdt=150&idt=283&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5035433800962&frm=20&pv=1&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=295&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=N6zHxuPaTk&p=http%3A//kajjfawjagr.lfhfdfiehgg.com&dtd=290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9a44dd0f3a32be425034ae5e04ec38cb6a0b1073761b184e923bfe280e517b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 03:34:34 GMT
x-content-type-options: nosniff
age: 26280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28357
x-xss-protection: 0
last-modified: Fri, 05 Jul 2024 22:09:24 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 23 Sep 2024 03:34:34 GMT

GET
H3

200

6594554202080813052
tpc.googlesyndication.com/simgad/ Frame 8FE8
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODY1tm7AhDYBBjYBDIIP25WhXlHEMI
https://tpc.googlesyndication.com/simgad/6594554202080813052

9 KB
9 KB

3ms
3ms

Image
image/jpeg

2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6594554202080813052

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&h=280&slotname=4013737838&adk=1608327833&adf=93914842&pi=t.ma~as.4013737838&w=336&lmt=1695517288&format=336x280&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&wgl=1&dt=1695552753362&bpp=1&bdt=150&idt=283&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5035433800962&frm=20&pv=1&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=295&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=N6zHxuPaTk&p=http%3A//kajjfawjagr.lfhfdfiehgg.com&dtd=290

Protocol

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd954212e37be41574e9d0063fdcb5e745d2a32ab935e6e2dd913142f8706077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:38:12 GMT
x-content-type-options: nosniff
age: 530062
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9304
x-xss-protection: 0
last-modified: Wed, 18 May 2022 01:34:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 17 Sep 2024 07:38:12 GMT

Redirect headers

date: Sun, 24 Sep 2023 08:35:37 GMT
x-content-type-options: nosniff
server: cafe
age: 8217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/6594554202080813052
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 24 Oct 2023 08:35:37 GMT

GET
DATA 200
OK truncated
/ Frame 8FE8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b57cb6c28e39daf6d42e4d825d5229bb998136b467199d671553809ca69f4820

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 font
fonts.gstatic.com/l/ Frame 8FE8 6 KB
6 KB 3ms
2ms Font
text/html 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj757A4Fe-MyMW7V3n4UTMhb-R8o_MdpiiXiLurVzkGr7ojDrr0nBAxqgrJx4xG1JEtsMRz6KEZJsFtg&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E3%83%B3%E3%81%AE%E3%83%A0%E3%82%A2%E3%81%A4%E3%83%86%E3%83%AC%E3%83%89%E3%82%8B%E3%82%A4%E3%81%8B%E3%83%88%E3%81%8C%E8%A6%8B%E7%A7%8B&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98310312b036383566ae88fc3709eaa392648a0b6e5f58dd73046fdeeedf10c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 03:22:21 GMT
x-content-type-options: nosniff
age: 27013
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5836
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Sun, 24 Sep 2023 03:22:21 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 8FE8 20 KB
20 KB 4ms
2ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 12:16:50 GMT
x-content-type-options: nosniff
age: 81344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Sep 2024 12:16:50 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 21A1 283 B
337 B 41ms
40ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E6%9C%809e%E5%A4%A7m%EF%BC%8D0%E3%83%95u%EF%BC%85T%E3%82%AA&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&h=280&adk=2068306026&adf=370986342&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695517288&rafmt=1&to=qs&pwprc=8385215632&format=1200x280&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1695552753364&bpp=1&bdt=153&idt=296&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=2&correlator=5035433800962&frm=20&pv=1&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=rBWQKsN4Wv&p=http%3A//kajjfawjagr.lfhfdfiehgg.com&dtd=298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

949439bdd534e1df9d211ef6117ba4a0cec1b05f245fa4e2a270cde286798a8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Sep 2023 10:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Sep 2023 10:52:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Sep 2023 10:52:34 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 21A1 2 KB
650 B 40ms
39ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c55aa64d0d6318f1d0cb8532f013afe0e79cb90ec549e6c44f735a6fc4bb34d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Sep 2023 10:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Sep 2023 10:37:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Sep 2023 10:52:34 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame 21A1 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 21A1 3 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 21A1 20 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 21A1 182 KB
57 KB 81ms
80ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Sep 2023 10:52:34 GMT

GET
H2 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 21A1 36 KB
15 KB 3ms
3ms Script
text/javascript 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 03:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 20:01:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 03:00:05 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 358A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CpxnC8RQQZfOTKsCX29gPx8eIuAHX5aOUc47S1deAEpSq7dviEBABIMSTx21gifPFhPQToAGIzZPbA8gBCakCeLCqKZvyPD6oAwHIA8sEqgTiAU_QCFoReqVYSOPhECCxIfEDlnsOkoKiTCg...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe8e38098557f48320000000000000000%22,%222%22:%220x3b71d7d8feecffdf0000000000000000%22,%223%22:%220x56eff6...

0
0

85ms
42ms

Fetch
text/css

142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe8e38098557f48320000000000000000%22,%222%22:%220x3b71d7d8feecffdf0000000000000000%22,%223%22:%220x56eff67c2cd717040000000000000000%22,%224%22:%220x348a6810bbb604b20000000000000000%22,%225%22:%220x408d3f98aa3774330000000000000000%22},%22debug_key%22:%229756807136814099464%22,%22debug_reporting%22:true,%22destination%22:%22https://baycrews.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22996468360%22],%224%22:[%2209-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212293022191054139825%22}&andc=true

Requested by

Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/

Protocol

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:34 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xe8e38098557f48320000000000000000","2":"0x3b71d7d8feecffdf0000000000000000","3":"0x56eff67c2cd717040000000000000000","4":"0x348a6810bbb604b20000000000000000","5":"0x408d3f98aa3774330000000000000000"},"debug_key":"9756807136814099464","debug_reporting":true,"destination":"https://baycrews.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["996468360"],"4":["09-24"],"6":["true"]},"priority":"500","source_event_id":"12293022191054139825"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 24 Sep 2023 10:52:34 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 24 Sep 2023 10:52:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xe8e38098557f48320000000000000000","2":"0x3b71d7d8feecffdf0000000000000000","3":"0x56eff67c2cd717040000000000000000","4":"0x348a6810bbb604b20000000000000000","5":"0x408d3f98aa3774330000000000000000"},"debug_key":"9756807136814099464","debug_reporting":true,"destination":"https://baycrews.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["996468360"],"4":["09-24"],"6":["true"]},"priority":"500","source_event_id":"12293022191054139825"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 154 KB
53 KB 60ms
59ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cb5a304000f5a93b64fb7d672a6dc55c8481701db31ae0df4aeeab6e0428c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53722
x-xss-protection: 0
server: cafe
etag: 294575476512804585
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 10:52:34 GMT

GET
H3 200 kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js Show response
pagead2.googlesyndication.com/bg/ Frame F0E0 38 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9203eef2e7058d05a6f6c3f022d1b7c460bd0bce1bfa33dc52dfde9c3dc5e8e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:02:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 08:02:47 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F670 180 KB
49 KB 423ms
423ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&h=240&adk=2335202906&adf=1853087367&pi=t.aa~a.4263631882~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1695517288&rafmt=1&to=qs&pwprc=8385215632&format=300x240&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1695552754518&bpp=1&bdt=1306&idt=1&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cf1e49132d6ec91-22136621f8e30058%3AT%3D1695552753%3ART%3D1695552753%3AS%3DALNI_MZi1fmy9iH8E33RcnmLesJiGN1rOg&gpic=UID%3D00000c5390b8852a%3AT%3D1695552753%3ART%3D1695552753%3AS%3DALNI_MaF0_Sqid8Pn-qHytdwjZp_U9gRMQ&prev_fmts=0x0%2C336x280%2C336x280%2C1200x280&nras=3&correlator=5035433800962&frm=20&pv=1&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1035&ady=1461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&psts=AOrYGskA0vjT4FynACHE4B_8VhWZteKprA-vETe5K0BaNN700T0i5pMxs7MyJHwme1NUbMIqcPCvdtFpSZm2cy8_bAJhWg%2CAOrYGsk7-kMn-zEHoaTNLZropVSbl17f5WyEqkb0m6BVFFhx_GK2MWXCeY8ZUHmNhXQPrMRyvk88mNQU7IW1Dc8Yfbc9aA&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=PSFuZQe4hW&p=http%3A//kajjfawjagr.lfhfdfiehgg.com&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5be035abd10097d0acc7a8ea1d52dda69fd6352886dc4532b9eae1466e388a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kajjfawjagr.lfhfdfiehgg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 49950
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 10:52:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 21A1 26 KB
27 KB 5ms
3ms Image
image/jpeg 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcS3-4U8gr5s3X4gO-N0anv29nGC8pQXN9WVXbpRqxcUQI-KweMjWm4hSYWE2A&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43f3239db79d0b4cae257175b53eebd3e958e237fb93ac1b75d1cf309cd895a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 08:30:37 GMT
x-content-type-options: nosniff
age: 8517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27089
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 17:51:30 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 23 Sep 2024 08:30:37 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 21A1 23 KB
23 KB 4ms
3ms Image
image/jpeg 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRp5ibuM7bs2Sd1gRDl3voXylMblF8iyc-DOIeutbWT9ZI0iZewLR8oj4aVPBQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81be3d0688cd78734dd055ed1f46537a7b900cd079bafba7abb42b837be13b63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 13:44:58 GMT
x-content-type-options: nosniff
age: 248856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23263
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 14:44:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 20 Sep 2024 13:44:58 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 21A1 11 KB
12 KB 82ms
2ms Image
image/jpeg 2404:6800:4004:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcShVDoqLCiBGZGahVc4om5o4B1i0izKCC48bFeGjUYhR63b8h0kP3zhp4DEAvA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a7bb98567992396b1fe2651aaad18fc79f05d935180e67ecc50d16ccfea909f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:02:26 GMT
x-content-type-options: nosniff
age: 388208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11475
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 15:53:18 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 18 Sep 2024 23:02:26 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 21A1 29 KB
29 KB 50ms
3ms Image
image/jpeg 2404:6800:4004:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTocsTO3cWv3jDKYvTFD34QuroImrXYUzr4HljBCRjUJAJEZ0xqMICcthNSdA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e3e633885e58dd5fbbc255dca55cb4882d6ba562d4dce7abe834fdd7b441a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 22:51:12 GMT
x-content-type-options: nosniff
age: 388882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29218
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 05:34:54 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 18 Sep 2024 22:51:12 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 21A1 29 KB
29 KB 51ms
4ms Image
image/jpeg 2404:6800:4004:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRjRPrjj1Vt3Jm4ARSJ3_qrtcaxK-Rk_csoLPe_Pbg3Er0QQe2mqfgk7GB35kY&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44d532f6f63748c9df26cc2dc6b5c2de841bcbc73cb0d8d2a53d3a2201252410

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 16:03:38 GMT
x-content-type-options: nosniff
age: 499736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30057
x-xss-protection: 0
last-modified: Sun, 23 Apr 2023 13:58:57 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 17 Sep 2024 16:03:38 GMT

GET
H3

200

2857579807472363985
tpc.googlesyndication.com/simgad/ Frame 21A1
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODepr-ypwEQsAkYsAkyCHmvXX3teOpg
https://tpc.googlesyndication.com/simgad/2857579807472363985

77 KB
77 KB

3ms
2ms

Image
image/png

2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2857579807472363985

Requested by

Protocol

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 21:37:42 GMT
x-content-type-options: nosniff
age: 47692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79088
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 08:16:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 22 Sep 2024 21:37:42 GMT

Redirect headers

date: Sat, 23 Sep 2023 22:36:47 GMT
x-content-type-options: nosniff
server: cafe
age: 44147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/2857579807472363985
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 23 Oct 2023 22:36:47 GMT

GET
DATA 200
OK truncated
/ Frame 21A1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eea52d34e800f0753df6bc24a2bff1aa2b8b4e3f8b11c146399edfa20080097f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 font
fonts.gstatic.com/l/ Frame 21A1 3 KB
3 KB 3ms
2ms Font
text/html 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj757AzoQG7KX6FF3k70TOtbm0-4rSfZScQi7Qgg&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E6%9C%809e%E5%A4%A7m%EF%BC%8D0%E3%83%95u%EF%BC%85T%E3%82%AA&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d43b0ed66d2a4b8b3c420ef0e10f24e34b29af524657a8d06dd87f3da235f15a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 08:36:28 GMT
x-content-type-options: nosniff
age: 8166
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2744
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Sun, 24 Sep 2023 08:36:28 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 21A1 20 KB
20 KB 4ms
3ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 12:16:50 GMT
x-content-type-options: nosniff
age: 81344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Sep 2024 12:16:50 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 115ms
41ms Preflight
text/html 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Sep 2023 10:52:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8FE8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CexiT8RQQZaf5Kc-a29gPouSzwAXX5aOUc47S1deAEpSq7dviEBABIMSTx21gifPFhPQToAGIzZPbA8gBCakCeLCqKZvyPD6oAwHIA8sEqgTiAU_Qi8uHptZo6jx359i0WUt-l2NF36x_tWD...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe8e38098557f48320000000000000000%22,%222%22:%220x3b71d7d8feecffdf0000000000000000%22,%223%22:%220x56eff6...

0
0

40ms
37ms

Fetch
text/css

142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe8e38098557f48320000000000000000%22,%222%22:%220x3b71d7d8feecffdf0000000000000000%22,%223%22:%220x56eff67c2cd717040000000000000000%22,%224%22:%220x348a6810bbb604b20000000000000000%22,%225%22:%220x408d3f98aa3774330000000000000000%22},%22debug_key%22:%2213205402606218880054%22,%22debug_reporting%22:true,%22destination%22:%22https://baycrews.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22996468360%22],%224%22:[%2209-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227843502294891707409%22}&andc=true

Requested by

Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/

Protocol

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:34 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xe8e38098557f48320000000000000000","2":"0x3b71d7d8feecffdf0000000000000000","3":"0x56eff67c2cd717040000000000000000","4":"0x348a6810bbb604b20000000000000000","5":"0x408d3f98aa3774330000000000000000"},"debug_key":"13205402606218880054","debug_reporting":true,"destination":"https://baycrews.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["996468360"],"4":["09-24"],"6":["true"]},"priority":"500","source_event_id":"7843502294891707409"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 24 Sep 2023 10:52:34 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 24 Sep 2023 10:52:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xe8e38098557f48320000000000000000","2":"0x3b71d7d8feecffdf0000000000000000","3":"0x56eff67c2cd717040000000000000000","4":"0x348a6810bbb604b20000000000000000","5":"0x408d3f98aa3774330000000000000000"},"debug_key":"13205402606218880054","debug_reporting":true,"destination":"https://baycrews.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["996468360"],"4":["09-24"],"6":["true"]},"priority":"500","source_event_id":"7843502294891707409"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js Show response
pagead2.googlesyndication.com/bg/ Frame 28E2 38 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&h=280&slotname=4013737838&adk=1608327833&adf=93914842&pi=t.ma~as.4013737838&w=336&lmt=1695517288&format=336x280&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&wgl=1&dt=1695552753362&bpp=1&bdt=150&idt=283&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5035433800962&frm=20&pv=1&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=295&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=N6zHxuPaTk&p=http%3A//kajjfawjagr.lfhfdfiehgg.com&dtd=290

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9203eef2e7058d05a6f6c3f022d1b7c460bd0bce1bfa33dc52dfde9c3dc5e8e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:02:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 08:02:47 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/ Frame C280 10 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kajjfawjagr.lfhfdfiehgg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 6295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 09:07:39 GMT
etag: 2603938475786422795
expires: Sun, 08 Oct 2023 09:07:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/ Frame 3662 10 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kajjfawjagr.lfhfdfiehgg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 6295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 09:07:39 GMT
etag: 2603938475786422795
expires: Sun, 08 Oct 2023 09:07:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/ Frame DF57 10 KB
4 KB 3ms
2ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kajjfawjagr.lfhfdfiehgg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 6295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 09:07:39 GMT
etag: 2603938475786422795
expires: Sun, 08 Oct 2023 09:07:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/ Frame 59AE 10 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kajjfawjagr.lfhfdfiehgg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 6295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 09:07:39 GMT
etag: 2603938475786422795
expires: Sun, 08 Oct 2023 09:07:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 37ms
36ms Preflight
text/html 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe8e38098557f48320000000000000000%22,%222%22:%220x3b71d7d8feecffdf0000000000000000%22,%223%22:%220x56eff67c2cd717040000000000000000%22,%224%22:%220x348a6810bbb604b20000000000000000%22,%225%22:%220x408d3f98aa3774330000000000000000%22},%22debug_key%22:%2213205402606218880054%22,%22debug_reporting%22:true,%22destination%22:%22https://baycrews.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22996468360%22],%224%22:[%2209-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227843502294891707409%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Sep 2023 10:52:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame C280 4 KB
671 B 39ms
39ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Sep 2023 10:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Sep 2023 09:50:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Sep 2023 10:52:34 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C280 205 B
229 B 3ms
3ms Image
image/png 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 14:26:44 GMT
x-content-type-options: nosniff
age: 159950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 21 Sep 2024 14:26:44 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C280 604 B
628 B 5ms
4ms Image
image/png 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 20:36:21 GMT
x-content-type-options: nosniff
age: 396973
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 18 Sep 2024 20:36:21 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/ Frame C280 15 KB
6 KB 4ms
4ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 03:07:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 511223485441000916
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 03:07:42 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/ Frame C280 20 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:51:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:51:27 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3662 626 B
326 B 43ms
43ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%82%A2%E7%A7%8B%E7%9D%80%E3%83%89%E3%82%8B%E3%83%AC%E3%83%88%E3%81%8C%E3%82%A4%E8%A6%8B%E3%81%AE%E3%81%8B%E6%96%B0%E3%83%B3%E3%81%A4%E3%83%86%E3%83%A0&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5b7ac3f1f7a873df8f2f854187ebc1799801d3d077cf6371dd6fa985d2dfa3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Sep 2023 10:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Sep 2023 10:52:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Sep 2023 10:52:34 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3662 2 KB
577 B 48ms
47ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c55aa64d0d6318f1d0cb8532f013afe0e79cb90ec549e6c44f735a6fc4bb34d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Sep 2023 10:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Sep 2023 10:34:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Sep 2023 10:52:34 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame 3662 23 KB
9 KB 3ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 3662 3 KB
1 KB 5ms
4ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 3662 20 KB
8 KB 3ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3662 182 KB
57 KB 79ms
78ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Sep 2023 10:52:34 GMT

GET
H3 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 3662 36 KB
15 KB 5ms
4ms Script
text/javascript 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 03:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 20:01:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 03:00:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DF57 626 B
326 B 70ms
70ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%A0%E7%A7%8B%E7%9D%80%E3%83%89%E3%83%AC%E3%82%8B%E3%81%8C%E3%83%88%E6%96%B0%E3%82%A4%E8%A6%8B%E3%81%AE%E3%81%8B%E3%83%B3%E3%83%86%E3%81%A4%E3%82%A2&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5b7ac3f1f7a873df8f2f854187ebc1799801d3d077cf6371dd6fa985d2dfa3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Sep 2023 10:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Sep 2023 10:52:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Sep 2023 10:52:34 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DF57 2 KB
577 B 74ms
72ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c55aa64d0d6318f1d0cb8532f013afe0e79cb90ec549e6c44f735a6fc4bb34d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Sep 2023 10:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Sep 2023 10:35:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Sep 2023 10:52:34 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame DF57 23 KB
9 KB 4ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame DF57 3 KB
1 KB 4ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame DF57 20 KB
8 KB 5ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF57 182 KB
57 KB 157ms
155ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Sep 2023 10:52:34 GMT

GET
H3 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame DF57 36 KB
15 KB 6ms
4ms Script
text/javascript 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 03:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 20:01:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 03:00:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 59AE 1016 B
483 B 75ms
75ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%82%B3%E5%BA%97%E4%B8%81%E3%83%BC%E5%AE%9D%E5%89%8D%E3%82%82%EF%BC%90%E5%B7%9D%E3%81%A8%E3%82%8C%E6%B0%97%E5%8F%A3%E5%8C%BA%E2%88%92%E3%83%9F%E8%BB%BD%EF%BC%95%E9%AB%98%E3%82%B5%E3%83%AB%E6%88%B8%E5%85%B8%E4%BE%A1%E3%82%B8%E5%9C%92%EF%BC%91%E8%B2%B7%E3%83%95%E5%93%81%E3%80%81%EF%BC%98%E3%82%AB%E3%80%82%E3%83%B3%E3%81%8A%E3%82%92%E3%81%AE%E8%B6%8A%E7%89%B9%E3%82%8B%E3%82%A7%E3%82%B9%E5%85%AC%E7%9F%B3%E3%83%96%E3%83%A9%E5%A4%9A%E9%A7%85%E5%8F%96%E3%81%84%E3%83%89%E7%9B%AE%E3%83%A5%E5%A3%B2%E3%82%84%E3%82%A8%E3%83%93%E3%81%AB%20&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6d416191ea6bd40eef848c202219e46fc10f3d3d5559ea5802ca3249b2f72c09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Sep 2023 10:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Sep 2023 10:52:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Sep 2023 10:52:34 GMT

GET
H3 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 59AE 225 B
249 B 5ms
3ms Image
image/png 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 06:29:32 GMT
x-content-type-options: nosniff
server: cafe
age: 15782
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Mon, 25 Sep 2023 06:29:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame 59AE 23 KB
9 KB 7ms
4ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 59AE 3 KB
1 KB 7ms
4ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 59AE 20 KB
8 KB 6ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 59AE 182 KB
57 KB 148ms
145ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Sep 2023 10:52:34 GMT

GET
H3 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 59AE 36 KB
15 KB 5ms
2ms Script
text/javascript 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 03:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 20:01:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 03:00:05 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 21A1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CcSnJ8RQQZbC4KvrD29gPneyKkAHfwd6Wc-S2lv3MEYrq0uCyARABIMSTx21gifPFhPQToAGhwJjxKMgBCakCQH9FVXVjgj6oAwHIA8sEqgTkAU_QrfE3l-Cxb8CK8GVsbl45lgXbN5__jyE...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x78500fd0098fcbea0000000000000000%22,%222%22:%220x10414f3461e64dc20000000000000000%22,%223%22:%220x597f78...

0
0

38ms
37ms

Fetch
text/css

142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x78500fd0098fcbea0000000000000000%22,%222%22:%220x10414f3461e64dc20000000000000000%22,%223%22:%220x597f789a721638590000000000000000%22,%224%22:%220x9df4373bc9630c20000000000000000%22,%225%22:%220x71707b1d862979630000000000000000%22},%22debug_key%22:%221824411955462316878%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2209-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215299463473630325745%22}&andc=true

Requested by

Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/

Protocol

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:34 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x78500fd0098fcbea0000000000000000","2":"0x10414f3461e64dc20000000000000000","3":"0x597f789a721638590000000000000000","4":"0x9df4373bc9630c20000000000000000","5":"0x71707b1d862979630000000000000000"},"debug_key":"1824411955462316878","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["09-24"],"6":["true"]},"priority":"500","source_event_id":"15299463473630325745"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 24 Sep 2023 10:52:34 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 24 Sep 2023 10:52:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x78500fd0098fcbea0000000000000000","2":"0x10414f3461e64dc20000000000000000","3":"0x597f789a721638590000000000000000","4":"0x9df4373bc9630c20000000000000000","5":"0x71707b1d862979630000000000000000"},"debug_key":"1824411955462316878","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["09-24"],"6":["true"]},"priority":"500","source_event_id":"15299463473630325745"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js Show response
pagead2.googlesyndication.com/bg/ Frame 4422 38 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9203eef2e7058d05a6f6c3f022d1b7c460bd0bce1bfa33dc52dfde9c3dc5e8e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:02:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 08:02:47 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 907E 898 B
437 B 43ms
43ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%AE%891%E3%80%81C%E3%82%92%E3%82%89%E3%82%87%E3%81%99%E3%81%90%E3%81%8F%E3%83%81%E3%81%97%E3%83%AD%E3%83%80%E3%83%89%E3%83%AB%E3%81%8B%E9%96%8B%E5%8D%98%E3%83%90%E4%BF%9D%E4%BB%8A%E3%81%BE%EF%BC%81%E3%82%B9%E5%85%A8%E3%81%86%E3%81%AA%E7%84%A10%E6%96%99%E8%AD%B7%E9%96%89P%E3%81%A7%E3%82%A6%25%E7%B0%A1%E3%83%88%E3%82%A4%E3%81%98%E3%82%8B%E3%83%B3%E3%81%AE%E3%83%BC%E3%80%82%E3%82%A2&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7b153a9189391b8be8abacfa018dcc38bfb3c3e3e3fd44036141b0b971d1ad4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Sep 2023 10:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Sep 2023 10:52:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Sep 2023 10:52:34 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 907E 8 KB
1 KB 44ms
44ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b59c6900960177a85f571bad1363890f86665e090ccbc631c5ff63f4a78c1bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Sep 2023 10:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Sep 2023 09:25:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Sep 2023 10:52:34 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame 907E 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 907E 3 KB
1 KB 3ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 907E 20 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 907E 182 KB
57 KB 119ms
119ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Sep 2023 10:52:34 GMT

GET
H3 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 907E 36 KB
15 KB 4ms
3ms Script
text/javascript 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 03:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 20:01:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 03:00:05 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 36ms
36ms Preflight
text/html 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Sep 2023 10:52:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F785 143 B
166 B 2ms
2ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 3352
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 09:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 16106435544799965397
tpc.googlesyndication.com/simgad/ Frame 59AE 2 KB
2 KB 3ms
2ms Image
image/jpeg 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16106435544799965397?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37d2a476db78ca6832f32adea2281c9ac6b7cb4e5f6a40a1142b85cd6ca6ce8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 09:22:10 GMT
x-content-type-options: nosniff
age: 178224
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2184
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 06:33:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Sep 2024 09:22:10 GMT

GET
DATA 200
OK truncated
/ Frame 59AE 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 59AE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25dcf5e5983387af7533c98a67ce60c7d0136c6f910977e6fa19814b57e1deef

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 font
fonts.gstatic.com/l/ Frame 59AE 26 KB
26 KB 3ms
3ms Font
text/html 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxrH03eHD3j2lFiDTxkRVzDcOUp04BaFxA6uoffz3cKtf_nDRUWPjTSFPNGIiEuL1wogzOxLLFVRORokmIxx_vbAbcdAv-4Yw2-s0y0EwK8ex1Stg6dpn-Rk-_QJYlczMbEfpawu58uRPgFAnS8gb30HgptinfsrM4qtm7cKRf7-XJR2lMgJvB0PFxpAKE_5pSwmj7UmkP-P1zLhwPWPIT25NjIrbDH443pIXLntFA3ZSs-FHD7WyRShmP9iigJRPhtCkRb4SMpv3VxHEIDE418&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%82%B3%E5%BA%97%E4%B8%81%E3%83%BC%E5%AE%9D%E5%89%8D%E3%82%82%EF%BC%90%E5%B7%9D%E3%81%A8%E3%82%8C%E6%B0%97%E5%8F%A3%E5%8C%BA%E2%88%92%E3%83%9F%E8%BB%BD%EF%BC%95%E9%AB%98%E3%82%B5%E3%83%AB%E6%88%B8%E5%85%B8%E4%BE%A1%E3%82%B8%E5%9C%92%EF%BC%91%E8%B2%B7%E3%83%95%E5%93%81%E3%80%81%EF%BC%98%E3%82%AB%E3%80%82%E3%83%B3%E3%81%8A%E3%82%92%E3%81%AE%E8%B6%8A%E7%89%B9%E3%82%8B%E3%82%A7%E3%82%B9%E5%85%AC%E7%9F%B3%E3%83%96%E3%83%A9%E5%A4%9A%E9%A7%85%E5%8F%96%E3%81%84%E3%83%89%E7%9B%AE%E3%83%A5%E5%A3%B2%E3%82%84%E3%82%A8%E3%83%93%E3%81%AB%20&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8359d7e9c9261925c66d537e0d5c96e1a701ab8df2b7a5f3b5eb54bae8ed0bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 03:35:16 GMT
x-content-type-options: nosniff
age: 26238
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26632
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Sun, 24 Sep 2023 03:35:16 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame 3662 9 KB
9 KB 4ms
4ms Image
image/jpeg 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQ6ZVfn4Ewrid-YF_82cT5_9W_pidGl-sGvZqHxq6RGkZGH8K9tzenGTbWFM4U&usqp=CAI

Requested by

Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

565b1d912fd40f00266422a9d9cfb5b9d5b5d691b23ee7422d5b3ef5b8e251e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 07:13:12 GMT
x-content-type-options: nosniff
age: 13162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9516
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 15:50:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 23 Sep 2024 07:13:12 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame 3662 10 KB
10 KB 4ms
4ms Image
image/jpeg 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRHz1icJzRa7p8m6XjUv-77mvTPCW_RL_3NZwfKapxZfG_EwJaD1FgDSwXVmB4&usqp=CAI

Requested by

Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c085d002c429dfc30cbc112a8633515832ca0117b075bccb0c8347d11a1c0311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 19:04:18 GMT
x-content-type-options: nosniff
age: 56896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10581
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 15:52:28 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 22 Sep 2024 19:04:18 GMT

GET
H3

200

6594554202080813052
tpc.googlesyndication.com/simgad/ Frame 3662
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODY1tm7AhDYBBjYBDIIP25WhXlHEMI
https://tpc.googlesyndication.com/simgad/6594554202080813052

9 KB
9 KB

3ms
3ms

Image
image/jpeg

2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6594554202080813052

Requested by

Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/

Protocol

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd954212e37be41574e9d0063fdcb5e745d2a32ab935e6e2dd913142f8706077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:38:12 GMT
x-content-type-options: nosniff
age: 530062
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9304
x-xss-protection: 0
last-modified: Wed, 18 May 2022 01:34:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 17 Sep 2024 07:38:12 GMT

Redirect headers

date: Sun, 24 Sep 2023 08:35:37 GMT
x-content-type-options: nosniff
server: cafe
age: 8217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/6594554202080813052
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 24 Oct 2023 08:35:37 GMT

GET
DATA 200
OK truncated
/ Frame 3662 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 961b9bc16cec3de3c1369402dd8f15dcd0daa36180ec85a0998a44a577ed3d82

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 font
fonts.gstatic.com/l/ Frame 3662 11 KB
11 KB 5ms
5ms Font
text/html 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxo2MdbuZGuZ91jELBpXNTWRW0Icgjz_piXvw960v-_IHvinJELk7DzvXd7L6VrEthBwqN0YSWAyXBZM8oYZ&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%82%A2%E7%A7%8B%E7%9D%80%E3%83%89%E3%82%8B%E3%83%AC%E3%83%88%E3%81%8C%E3%82%A4%E8%A6%8B%E3%81%AE%E3%81%8B%E6%96%B0%E3%83%B3%E3%81%A4%E3%83%86%E3%83%A0&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e68425a8acd855e2299f45ae20818723a4992d13fcf9e6ff3ba9b6268fc3cde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 02:59:18 GMT
x-content-type-options: nosniff
age: 28396
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10764
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Sun, 24 Sep 2023 02:59:18 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 3662 20 KB
20 KB 4ms
4ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 12:16:50 GMT
x-content-type-options: nosniff
age: 81344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Sep 2024 12:16:50 GMT

GET
H3 200 kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js Show response
pagead2.googlesyndication.com/bg/ Frame 14D0 38 KB
14 KB 2ms
2ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9203eef2e7058d05a6f6c3f022d1b7c460bd0bce1bfa33dc52dfde9c3dc5e8e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:02:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 08:02:47 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F785
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

66ms
66ms

Document
text/html

2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 10:52:35 GMT
expires: Sun, 24 Sep 2023 10:52:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 10:52:34 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 3662
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CHGtq8RQQZbCTKY-t29gPkOWrkAvX5aOUc47S1deAEpSq7dviEBABIMSTx21gifPFhPQToAGIzZPbA8gBCakCeLCqKZvyPD6oAwHIA8sEqgTiAU_QBy5ejuoEc8OpunLJzHoRKmaxNsz1Ks4...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe8e38098557f48320000000000000000%22,%222%22:%220x3b71d7d8feecffdf0000000000000000%22,%223%22:%220x56eff6...

0
0

40ms
40ms

Fetch
text/css

142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe8e38098557f48320000000000000000%22,%222%22:%220x3b71d7d8feecffdf0000000000000000%22,%223%22:%220x56eff67c2cd717040000000000000000%22,%224%22:%220x348a6810bbb604b20000000000000000%22,%225%22:%220x408d3f98aa3774330000000000000000%22},%22debug_key%22:%2214091441803250458301%22,%22debug_reporting%22:true,%22destination%22:%22https://baycrews.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22996468360%22],%224%22:[%2209-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217421835526855439585%22}&andc=true

Requested by

Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/

Protocol

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:35 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xe8e38098557f48320000000000000000","2":"0x3b71d7d8feecffdf0000000000000000","3":"0x56eff67c2cd717040000000000000000","4":"0x348a6810bbb604b20000000000000000","5":"0x408d3f98aa3774330000000000000000"},"debug_key":"14091441803250458301","debug_reporting":true,"destination":"https://baycrews.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["996468360"],"4":["09-24"],"6":["true"]},"priority":"500","source_event_id":"17421835526855439585"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 24 Sep 2023 10:52:35 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 24 Sep 2023 10:52:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xe8e38098557f48320000000000000000","2":"0x3b71d7d8feecffdf0000000000000000","3":"0x56eff67c2cd717040000000000000000","4":"0x348a6810bbb604b20000000000000000","5":"0x408d3f98aa3774330000000000000000"},"debug_key":"14091441803250458301","debug_reporting":true,"destination":"https://baycrews.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["996468360"],"4":["09-24"],"6":["true"]},"priority":"500","source_event_id":"17421835526855439585"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 2ab36c0d951b69d9c04f85f5eb613648.js Show response
www.gstatic.com/mysidia/ Frame F670 9 KB
4 KB 3ms
2ms Script
text/javascript 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2ab36c0d951b69d9c04f85f5eb613648.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&h=240&adk=2335202906&adf=1853087367&pi=t.aa~a.4263631882~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1695517288&rafmt=1&to=qs&pwprc=8385215632&format=300x240&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1695552754518&bpp=1&bdt=1306&idt=1&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cf1e49132d6ec91-22136621f8e30058%3AT%3D1695552753%3ART%3D1695552753%3AS%3DALNI_MZi1fmy9iH8E33RcnmLesJiGN1rOg&gpic=UID%3D00000c5390b8852a%3AT%3D1695552753%3ART%3D1695552753%3AS%3DALNI_MaF0_Sqid8Pn-qHytdwjZp_U9gRMQ&prev_fmts=0x0%2C336x280%2C336x280%2C1200x280&nras=3&correlator=5035433800962&frm=20&pv=1&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1035&ady=1461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&psts=AOrYGskA0vjT4FynACHE4B_8VhWZteKprA-vETe5K0BaNN700T0i5pMxs7MyJHwme1NUbMIqcPCvdtFpSZm2cy8_bAJhWg%2CAOrYGsk7-kMn-zEHoaTNLZropVSbl17f5WyEqkb0m6BVFFhx_GK2MWXCeY8ZUHmNhXQPrMRyvk88mNQU7IW1Dc8Yfbc9aA&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=PSFuZQe4hW&p=http%3A//kajjfawjagr.lfhfdfiehgg.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 03:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3933
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 20:35:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 03:00:04 GMT

GET
H3 200 ec22f491d90c30c9ca4146fc047cd1a9.js Show response
www.gstatic.com/mysidia/ Frame F670 141 KB
52 KB 4ms
4ms Script
text/javascript 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ec22f491d90c30c9ca4146fc047cd1a9.js?tag=video_location/web_och

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21533d25a6a9404dc1be0e02cae34792b43c16b64e98787d03aded111e6c0c40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 16:57:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 410088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52853
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 20:01:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 16:57:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F670 684 B
353 B 49ms
48ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%BC%E3%83%83%2F%E7%B4%841%E3%81%BB%E4%BA%88%E3%82%93%E7%AA%93%E3%83%89%E5%8D%98%E5%88%86%E3%81%910%E5%8F%A3%E3%83%8D%E3%83%A8%E5%A4%A72%20%E6%99%82%E3%83%88%E7%B0%A1%E3%82%A4%E7%94%BA%E5%BA%97%E3%81%A7%EF%BD%9E%E3%82%AB%E3%81%AE%E4%BA%95

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2449c777704d17bd73cb27ea3ef0339cb4297ff140d22215099d9be5175d1c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Sep 2023 10:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Sep 2023 10:52:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Sep 2023 10:52:35 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame F670 2 KB
896 B 6ms
5ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 23:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 Oct 2023 23:41:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame F670 23 KB
9 KB 6ms
5ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame F670 3 KB
1 KB 7ms
6ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame F670 20 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 01:47:23 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F670 0
0 41ms
40ms Image
text/html 2404:6800:4004:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ0KCf9g2Jt2UnUUJBcEHqDp-XNflCGU4VnsQriIsCK8zTlCwbKjUHRvr-bLBMYqmh4ent4R3I0mnCGze22RMbjhW7iYQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3452729473545040&output=html&h=240&adk=2335202906&adf=1853087367&pi=t.aa~a.4263631882~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1695517288&rafmt=1&to=qs&pwprc=8385215632&format=300x240&url=http%3A%2F%2Fkajjfawjagr.lfhfdfiehgg.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1695552754518&bpp=1&bdt=1306&idt=1&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cf1e49132d6ec91-22136621f8e30058%3AT%3D1695552753%3ART%3D1695552753%3AS%3DALNI_MZi1fmy9iH8E33RcnmLesJiGN1rOg&gpic=UID%3D00000c5390b8852a%3AT%3D1695552753%3ART%3D1695552753%3AS%3DALNI_MaF0_Sqid8Pn-qHytdwjZp_U9gRMQ&prev_fmts=0x0%2C336x280%2C336x280%2C1200x280&nras=3&correlator=5035433800962&frm=20&pv=1&ga_vid=381646171.1695552753&ga_sid=1695552753&ga_hid=486720534&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1035&ady=1461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C42531705%2C44795922&oid=2&psts=AOrYGskA0vjT4FynACHE4B_8VhWZteKprA-vETe5K0BaNN700T0i5pMxs7MyJHwme1NUbMIqcPCvdtFpSZm2cy8_bAJhWg%2CAOrYGsk7-kMn-zEHoaTNLZropVSbl17f5WyEqkb0m6BVFFhx_GK2MWXCeY8ZUHmNhXQPrMRyvk88mNQU7IW1Dc8Yfbc9aA&pvsid=3051398263470990&tmod=1667298891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=PSFuZQe4hW&p=http%3A//kajjfawjagr.lfhfdfiehgg.com&dtd=7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:801::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F670 182 KB
57 KB 84ms
83ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Sep 2023 10:52:35 GMT

GET
H3 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame F670 36 KB
15 KB 5ms
4ms Script
text/javascript 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 03:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 20:01:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 03:00:05 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 59AE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CNedQ8RQQZbKTKY-t29gPkOWrkAuS6_7lctvTu9PhEfvU5LmNDhABIMSTx21gifPFhPQToAHJvpTYA8gBCakCeLCqKZvyPD6oAwHIA8sEqgTiAU_QE0FchIKtn65i8IPLMcQRyQ8an4rpptH...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x90668ff27a1b78be0000000000000000%22,%222%22:%220x4a676d16748f0f430000000000000000%22,%223%22:%220x458b5b...

0
0

37ms
36ms

Fetch
text/css

142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x90668ff27a1b78be0000000000000000%22,%222%22:%220x4a676d16748f0f430000000000000000%22,%223%22:%220x458b5bc490de050e0000000000000000%22,%224%22:%220x9d105638693650bd0000000000000000%22,%225%22:%220x70b2059a7697d3e50000000000000000%22},%22debug_key%22:%228138872402203088799%22,%22debug_reporting%22:true,%22destination%22:%22https://jewel-cafe.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22990191433%22],%224%22:[%2209-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214995589465988192737%22}&andc=true

Requested by

Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/

Protocol

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:35 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x90668ff27a1b78be0000000000000000","2":"0x4a676d16748f0f430000000000000000","3":"0x458b5bc490de050e0000000000000000","4":"0x9d105638693650bd0000000000000000","5":"0x70b2059a7697d3e50000000000000000"},"debug_key":"8138872402203088799","debug_reporting":true,"destination":"https://jewel-cafe.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["990191433"],"4":["09-24"],"6":["true"]},"priority":"500","source_event_id":"14995589465988192737"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 24 Sep 2023 10:52:35 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 24 Sep 2023 10:52:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x90668ff27a1b78be0000000000000000","2":"0x4a676d16748f0f430000000000000000","3":"0x458b5bc490de050e0000000000000000","4":"0x9d105638693650bd0000000000000000","5":"0x70b2059a7697d3e50000000000000000"},"debug_key":"8138872402203088799","debug_reporting":true,"destination":"https://jewel-cafe.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["990191433"],"4":["09-24"],"6":["true"]},"priority":"500","source_event_id":"14995589465988192737"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame DF57 9 KB
9 KB 3ms
3ms Image
image/jpeg 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQ6ZVfn4Ewrid-YF_82cT5_9W_pidGl-sGvZqHxq6RGkZGH8K9tzenGTbWFM4U&usqp=CAI

Requested by

Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

565b1d912fd40f00266422a9d9cfb5b9d5b5d691b23ee7422d5b3ef5b8e251e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 07:13:12 GMT
x-content-type-options: nosniff
age: 13163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9516
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 15:50:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 23 Sep 2024 07:13:12 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame DF57 10 KB
10 KB 5ms
4ms Image
image/jpeg 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRHz1icJzRa7p8m6XjUv-77mvTPCW_RL_3NZwfKapxZfG_EwJaD1FgDSwXVmB4&usqp=CAI

Requested by

Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c085d002c429dfc30cbc112a8633515832ca0117b075bccb0c8347d11a1c0311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 19:04:18 GMT
x-content-type-options: nosniff
age: 56897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10581
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 15:52:28 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 22 Sep 2024 19:04:18 GMT

GET
H3

200

6594554202080813052
tpc.googlesyndication.com/simgad/ Frame DF57
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODY1tm7AhDYBBjYBDIIP25WhXlHEMI
https://tpc.googlesyndication.com/simgad/6594554202080813052

9 KB
9 KB

2ms
2ms

Image
image/jpeg

2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6594554202080813052

Requested by

Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/

Protocol

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd954212e37be41574e9d0063fdcb5e745d2a32ab935e6e2dd913142f8706077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:38:12 GMT
x-content-type-options: nosniff
age: 530063
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9304
x-xss-protection: 0
last-modified: Wed, 18 May 2022 01:34:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 17 Sep 2024 07:38:12 GMT

Redirect headers

date: Sun, 24 Sep 2023 08:35:37 GMT
x-content-type-options: nosniff
server: cafe
age: 8218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/6594554202080813052
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 24 Oct 2023 08:35:37 GMT

GET
DATA 200
OK truncated
/ Frame DF57 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e4248bfe64fabc2daa1e3f93318b97446c162dba95dab0ea042d74fc6407aed

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 font
fonts.gstatic.com/l/ Frame DF57 11 KB
11 KB 3ms
2ms Font
text/html 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxo2MdbuZGuZ91jELBpXNTWRW0Icgjz_piXvw960v-_IHvinJELk7DzvXd7L6VrEthBwqN0YSWAyXBZM8oYZ&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%A0%E7%A7%8B%E7%9D%80%E3%83%89%E3%83%AC%E3%82%8B%E3%81%8C%E3%83%88%E6%96%B0%E3%82%A4%E8%A6%8B%E3%81%AE%E3%81%8B%E3%83%B3%E3%83%86%E3%81%A4%E3%82%A2&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e68425a8acd855e2299f45ae20818723a4992d13fcf9e6ff3ba9b6268fc3cde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 02:59:18 GMT
x-content-type-options: nosniff
age: 28397
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10764
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Sun, 24 Sep 2023 02:59:18 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame DF57 20 KB
20 KB 3ms
3ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 12:16:50 GMT
x-content-type-options: nosniff
age: 81345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Sep 2024 12:16:50 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 39ms
39ms Preflight
text/html 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe8e38098557f48320000000000000000%22,%222%22:%220x3b71d7d8feecffdf0000000000000000%22,%223%22:%220x56eff67c2cd717040000000000000000%22,%224%22:%220x348a6810bbb604b20000000000000000%22,%225%22:%220x408d3f98aa3774330000000000000000%22},%22debug_key%22:%2214091441803250458301%22,%22debug_reporting%22:true,%22destination%22:%22https://baycrews.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22996468360%22],%224%22:[%2209-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217421835526855439585%22}&andc=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Sep 2023 10:52:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js Show response
pagead2.googlesyndication.com/bg/ Frame BCEF 38 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9203eef2e7058d05a6f6c3f022d1b7c460bd0bce1bfa33dc52dfde9c3dc5e8e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:02:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 08:02:47 GMT

GET
H3 200 kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js Show response
pagead2.googlesyndication.com/bg/ Frame 1122 38 KB
14 KB 4ms
3ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9203eef2e7058d05a6f6c3f022d1b7c460bd0bce1bfa33dc52dfde9c3dc5e8e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:02:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 08:02:47 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 50ms
49ms Preflight
text/html 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Sep 2023 10:52:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 3831498564357771245
tpc.googlesyndication.com/simgad/ Frame F670 93 KB
93 KB 4ms
4ms Image
image/jpeg 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3831498564357771245

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

961bc63e0ac072e57ecb32e2b11d2a2d9f1b0c679780302a19b826f2e06d7a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 04:16:26 GMT
x-content-type-options: nosniff
age: 455769
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95653
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 08:39:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 18 Sep 2024 04:16:26 GMT

GET
H3 200 14829350007199982684
tpc.googlesyndication.com/simgad/ Frame F670 6 KB
6 KB 5ms
4ms Image
image/png 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14829350007199982684?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c5315c99e33f73b2e1eb29a89bf7fb63dbcd791f6df9f90cf674ad20ab44953

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 10:32:30 GMT
x-content-type-options: nosniff
age: 433205
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6052
x-xss-protection: 0
last-modified: Thu, 28 Feb 2019 09:44:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 18 Sep 2024 10:32:30 GMT

GET
H2 200 data=gomhPPBQ2RxnLZ9Jf3x0Y34ETJBspW_P_Sx1g8CSBX1jWsSAw-E3lYUlWZeRkE5Pg6--yUcrTMM-HiN-0eGPwg
mts0.google.com/vt/ Frame F670 43 KB
43 KB 85ms
3ms Image
image/png 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=gomhPPBQ2RxnLZ9Jf3x0Y34ETJBspW_P_Sx1g8CSBX1jWsSAw-E3lYUlWZeRkE5Pg6--yUcrTMM-HiN-0eGPwg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

937491c10b00f0d1fd963b718c6067dd1640bcf98a734bd666da39716f20a5ec

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
date: Sun, 24 Sep 2023 10:22:59 GMT
x-content-type-options: nosniff
age: 1776
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43823
x-xss-protection: 0
x-server-version-bin: CggIBBCtsa+oBg==
server: scaffolding on HTTPServer2
etag: 05dfc6048ea19e6db
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Sun, 24 Sep 2023 11:22:59 GMT

GET
DATA 200
OK truncated
/ Frame F670 301 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F670 418 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame DF57
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CqL6-8RQQZbGTKY-t29gPkOWrkAvX5aOUc47S1deAEpSq7dviEBABIMSTx21gifPFhPQToAGIzZPbA8gBCakCeLCqKZvyPD6oAwHIA8sEqgTiAU_QC5CLWshGeTRw9zrvNhofn3TqlqCiT_J...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe8e38098557f48320000000000000000%22,%222%22:%220x3b71d7d8feecffdf0000000000000000%22,%223%22:%220x56eff6...

0
0

41ms
40ms

Fetch
text/css

142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe8e38098557f48320000000000000000%22,%222%22:%220x3b71d7d8feecffdf0000000000000000%22,%223%22:%220x56eff67c2cd717040000000000000000%22,%224%22:%220x348a6810bbb604b20000000000000000%22,%225%22:%220x408d3f98aa3774330000000000000000%22},%22debug_key%22:%224135429704200781544%22,%22debug_reporting%22:true,%22destination%22:%22https://baycrews.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22996468360%22],%224%22:[%2209-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227303997392016572625%22}&andc=true

Requested by

Host: kajjfawjagr.lfhfdfiehgg.com
URL: http://kajjfawjagr.lfhfdfiehgg.com/

Protocol

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:35 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xe8e38098557f48320000000000000000","2":"0x3b71d7d8feecffdf0000000000000000","3":"0x56eff67c2cd717040000000000000000","4":"0x348a6810bbb604b20000000000000000","5":"0x408d3f98aa3774330000000000000000"},"debug_key":"4135429704200781544","debug_reporting":true,"destination":"https://baycrews.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["996468360"],"4":["09-24"],"6":["true"]},"priority":"500","source_event_id":"7303997392016572625"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 24 Sep 2023 10:52:35 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 24 Sep 2023 10:52:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xe8e38098557f48320000000000000000","2":"0x3b71d7d8feecffdf0000000000000000","3":"0x56eff67c2cd717040000000000000000","4":"0x348a6810bbb604b20000000000000000","5":"0x408d3f98aa3774330000000000000000"},"debug_key":"4135429704200781544","debug_reporting":true,"destination":"https://baycrews.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["996468360"],"4":["09-24"],"6":["true"]},"priority":"500","source_event_id":"7303997392016572625"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame F670 0
234 B 434ms
146ms Ping
image/gif 2607:f8b0:4009:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=1~lmxcbyy1&c=5841955935795&slotId=2920977967897.5&qqid=CODeiJ2Kw4EDFdrZFgUdto4HzA&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ulc&ulv=1&ua_e=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/ec22f491d90c30c9ca4146fc047cd1a9.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81b::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Sep 2023 10:52:35 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js Show response
pagead2.googlesyndication.com/bg/ Frame 097E 38 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9203eef2e7058d05a6f6c3f022d1b7c460bd0bce1bfa33dc52dfde9c3dc5e8e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:02:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 08:02:47 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 40ms
39ms Preflight
text/html 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe8e38098557f48320000000000000000%22,%222%22:%220x3b71d7d8feecffdf0000000000000000%22,%223%22:%220x56eff67c2cd717040000000000000000%22,%224%22:%220x348a6810bbb604b20000000000000000%22,%225%22:%220x408d3f98aa3774330000000000000000%22},%22debug_key%22:%224135429704200781544%22,%22debug_reporting%22:true,%22destination%22:%22https://baycrews.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22996468360%22],%224%22:[%2209-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227303997392016572625%22}&andc=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Sep 2023 10:52:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 206
Partial Content videoplayback
rr4---sn-oguelnzl.googlevideo.com/ Frame F670 724 KB
724 KB 24ms
5ms Media
video/mp4 2404:6800:4004:2a::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-oguelnzl.googlevideo.com/videoplayback?expire=1695581554&ei=8hQQZazrNK3Ps8IP-cbViQg&ip=2a00:1633:128:4::6&id=189bc846fb6fe2b3&itag=18&source=youtube&requiressl=yes&mh=I4&mm=31&mn=sn-oguelnzl&ms=au&mv=u&mvi=4&pl=32&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1685416948029602&mt=1695551533&cpn=FRumhptXPMwyWUyr&txp=5310224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgaS2BySQxaLS43lhbCEUg-NM53rqyr6l565d8rCepgscCIQDF823rzhj86AMRmFuMxQtAYpet7u4l43GGsLkyAb3eAg==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgJ2JNNaYbpqxzq94OM3QM0CM_-wGzrH_O4h61eD2ZP6UCIQCbRSmX9qP9Gbr5bjFacM4pKPJB0OlPT0kzTLcJiRG0aQ==

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:2a::9 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

02760364e452d4613c51b8218dfe24461db595c3b01e6dd208ba8189fee6ffcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 24 Sep 2023 10:52:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 30 May 2023 03:22:28 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-741229/741230
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 741230
Expires: Sun, 24 Sep 2023 10:52:35 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7248 1 KB
643 B 3ms
2ms Document
text/html 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 6300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 09:07:35 GMT
etag: 48472445140208031
expires: Mon, 25 Sep 2023 09:07:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F670 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05d757e7a7f9652e89c792fc447716299810f7ece7e1ffd368e30f28f65c8561

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F670
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CCvA-8hQQZeCdItqz29gPtp2e4AyEsrnjcpTS7-LrEavn1_PGARABIMSTx21gifPFhPQToAHJiqKZA8gBCakCeLCqKZvyPD6oAwHIA8sEqgT0AU_QW1jisA3rtFL1aglvDARlUR4qwvAR7E2...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2ec0746015a75f970000000000000000%22,%222%22:%220xae561015d078afe0000000000000000%22,%223%22:%220x9eb7957...

0
0

40ms
39ms

Fetch
text/css

142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2ec0746015a75f970000000000000000%22,%222%22:%220xae561015d078afe0000000000000000%22,%223%22:%220x9eb7957a85a172920000000000000000%22,%224%22:%220xf82a6bd3073d212c0000000000000000%22,%225%22:%220x2a0860d111bb1eb60000000000000000%22},%22debug_key%22:%2213285892145044377362%22,%22debug_reporting%22:true,%22destination%22:%22https://hokennomadoguchi.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22858293577%22],%224%22:[%2209-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225229888824627768529%22}&andc=true

Protocol

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:35 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x2ec0746015a75f970000000000000000","2":"0xae561015d078afe0000000000000000","3":"0x9eb7957a85a172920000000000000000","4":"0xf82a6bd3073d212c0000000000000000","5":"0x2a0860d111bb1eb60000000000000000"},"debug_key":"13285892145044377362","debug_reporting":true,"destination":"https://hokennomadoguchi.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["858293577"],"4":["09-24"],"6":["true"]},"priority":"500","source_event_id":"5229888824627768529"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 24 Sep 2023 10:52:35 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 24 Sep 2023 10:52:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x2ec0746015a75f970000000000000000","2":"0xae561015d078afe0000000000000000","3":"0x9eb7957a85a172920000000000000000","4":"0xf82a6bd3073d212c0000000000000000","5":"0x2a0860d111bb1eb60000000000000000"},"debug_key":"13285892145044377362","debug_reporting":true,"destination":"https://hokennomadoguchi.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["858293577"],"4":["09-24"],"6":["true"]},"priority":"500","source_event_id":"5229888824627768529"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7248
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFEPuoRJMPL3wf1LGBt_oM4&google_cver=1&google_push=AXcoOmQBHx1EiBO_TmF16xUtQL8_JSkiurusTKjnnkTEXo-VDwrfAJK...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=506dae996a4b201d&is_secure=true&networkId=14000&version=1&google_gid=CAESEFEPuoRJMPL3wf1LGBt_oM4&google_cver=1&google_push=AXcoOmQBHx1E...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMLeMhcIZRSgMwqtOuAAAAAAA&expiration=1695639155&google_cver=1&is_secure=true&google_gid=CAESEFEPuoRJMPL3wf1LGBt_o...

170 B
188 B

39ms
38ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMLeMhcIZRSgMwqtOuAAAAAAA&expiration=1695639155&google_cver=1&is_secure=true&google_gid=CAESEFEPuoRJMPL3wf1LGBt_oM4&google_push=AXcoOmQBHx1EiBO_TmF16xUtQL8_JSkiurusTKjnnkTEXo-VDwrfAJKszo66D1MJFMiAsf0khAQH6L1n1Y02viAYDLcCVecUpA4U3DA

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Sep 2023 10:52:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Sep 2023 10:52:35 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMLeMhcIZRSgMwqtOuAAAAAAA&expiration=1695639155&google_cver=1&is_secure=true&google_gid=CAESEFEPuoRJMPL3wf1LGBt_oM4&google_push=AXcoOmQBHx1EiBO_TmF16xUtQL8_JSkiurusTKjnnkTEXo-VDwrfAJKszo66D1MJFMiAsf0khAQH6L1n1Y02viAYDLcCVecUpA4U3DA
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7248
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJaUCu2jdcjBBIe5yg2ilLU&google_cver=1&google_push=AXcoOmQRKuKBrP9ezFf0euB5PwRWksYION2LJVJa_Xs1_8oOizeicUed-XRTUjV0-aDbtHMQ5pQGYO4BPt_m_Jt3FhO0qlNW5JJnAz8
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2864E99B249C40698EB08DCFE06CC305&google_push=AXcoOmQRKuKBrP9ezFf0euB5PwRWksYION2LJVJa_Xs1_8oOizeicUed-XRTUjV0-aDbtHMQ5pQGYO4BPt_m_Jt...

170 B
188 B

39ms
39ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2864E99B249C40698EB08DCFE06CC305&google_push=AXcoOmQRKuKBrP9ezFf0euB5PwRWksYION2LJVJa_Xs1_8oOizeicUed-XRTUjV0-aDbtHMQ5pQGYO4BPt_m_Jt3FhO0qlNW5JJnAz8

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Sep 2023 10:52:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 24 Sep 2023 10:52:35 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2864E99B249C40698EB08DCFE06CC305&google_push=AXcoOmQRKuKBrP9ezFf0euB5PwRWksYION2LJVJa_Xs1_8oOizeicUed-XRTUjV0-aDbtHMQ5pQGYO4BPt_m_Jt3FhO0qlNW5JJnAz8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 23 Sep 2023 10:52:35 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7248
Redirect Chain

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEE1vemRRvzmtzxNFxv1LP0k&google_cver=1&google_push=AXcoOmQ6lzWesDKWxmd7A6ld97tJWJ8uITnpbjCnzL1t0Lbm4VZz4PIvtu7ro4WFx1LWe2pQYIlh4qaJj8zZE4EGCdq6d50o...
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmQ6lzWesDKWxmd7A6ld97tJWJ8uITnpbjCnzL1t0Lbm4VZz4PIvtu7ro4WFx1LWe2pQYIlh4qaJj8zZE4EGCdq6d50oDTIT5ec

170 B
232 B

41ms
40ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmQ6lzWesDKWxmd7A6ld97tJWJ8uITnpbjCnzL1t0Lbm4VZz4PIvtu7ro4WFx1LWe2pQYIlh4qaJj8zZE4EGCdq6d50oDTIT5ec

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Sep 2023 10:52:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmQ6lzWesDKWxmd7A6ld97tJWJ8uITnpbjCnzL1t0Lbm4VZz4PIvtu7ro4WFx1LWe2pQYIlh4qaJj8zZE4EGCdq6d50oDTIT5ec
Date: Sun, 24 Sep 2023 10:52:34 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7248
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHVeXnqyk787iWjFPOrUMYk&google_cver=1&google_push=AXcoOmRhmsYuyW4KhC4wwsF0i8egh9LYJEZop0mOnPCvBILctG21icMqTkY8s7tjE70uELHBU-oHPsz1_lgcPBJ8A8wjMQr...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRhmsYuyW4KhC4wwsF0i8egh9LYJEZop0mOnPCvBILctG21icMqTkY8s7tjE70uELHBU-oHPsz1_lgcPBJ8A8wjMQrB3mzQBSo&google_hm=eS1NaGJzTGVGRTJwRzN...

170 B
188 B

41ms
41ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRhmsYuyW4KhC4wwsF0i8egh9LYJEZop0mOnPCvBILctG21icMqTkY8s7tjE70uELHBU-oHPsz1_lgcPBJ8A8wjMQrB3mzQBSo&google_hm=eS1NaGJzTGVGRTJwRzNrWG9zdm9PdmxmQzZTQ2g2SWd4Qn5B

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Sep 2023 10:52:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 24 Sep 2023 10:52:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRhmsYuyW4KhC4wwsF0i8egh9LYJEZop0mOnPCvBILctG21icMqTkY8s7tjE70uELHBU-oHPsz1_lgcPBJ8A8wjMQrB3mzQBSo&google_hm=eS1NaGJzTGVGRTJwRzNrWG9zdm9PdmxmQzZTQ2g2SWd4Qn5B
content-length: 0

GET
H/1.1 200
200 asr
aid.send.microad.jp/g/ Frame 7248 43 B
641 B 13ms
3ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/asr?google_gid=CAESEBIKJlCVkDOpe2mjxAhENts&google_cver=1&google_push=AXcoOmS1xCx-NxszjpBohnhH3TM0HYxf-ZFGJ8YQyChPkO6ItLkABiekRB5WRe1MJUqv2irW1KvXp4tumBwQCi19_3hliSLZtJit3mI

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 24 Sep 2023 10:52:35 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7248
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEHZqcnTHQ54_ep-kRjjVAAg&c_param1=AXcoOmQ6RJxmQPnxzhXm_qEmgwrIS73znqLU6L3Na-LEJNwFpN5igGrJg7zBYOP2VcwwZ0S34FW4D8lC_cEeFRWVVaLUaD_7e60AoQ&gdpr=%%GDPR%...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQ6RJxmQPnxzhXm_qEmgwrIS73znqLU6L3Na-LEJNwFpN5igGrJg7zBYOP2VcwwZ0S34FW4D8lC_cEeFRWVVaLUaD_7e60AoQ

170 B
188 B

42ms
42ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQ6RJxmQPnxzhXm_qEmgwrIS73znqLU6L3Na-LEJNwFpN5igGrJg7zBYOP2VcwwZ0S34FW4D8lC_cEeFRWVVaLUaD_7e60AoQ

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Sep 2023 10:52:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQ6RJxmQPnxzhXm_qEmgwrIS73znqLU6L3Na-LEJNwFpN5igGrJg7zBYOP2VcwwZ0S34FW4D8lC_cEeFRWVVaLUaD_7e60AoQ
date: Sun, 24 Sep 2023 10:52:36 GMT
server: nginx/1.23.2
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7248
Redirect Chain

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEIsrbF1oSdN5Qv8h9X0dqKs&google_cver=1&google_push=AXcoOmT6R_SaDg1n5FqJgpC9_F4PmOpAnY5J8uRNTRnX3RWDw6C5M8XmUwm5SeeI4Ogigr61sFN__DLDxutvQKlsL...
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmT6R_SaDg1n5FqJgpC9_F4PmOpAnY5J8uRNTRnX3RWDw6C5M8XmUwm5SeeI4Ogigr61sFN__DLDxutvQKlsLFcE0TLNE8PfFfY&google_hm=Af6Ap0Hq30gjgV2ba...

170 B
329 B

77ms
46ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmT6R_SaDg1n5FqJgpC9_F4PmOpAnY5J8uRNTRnX3RWDw6C5M8XmUwm5SeeI4Ogigr61sFN__DLDxutvQKlsLFcE0TLNE8PfFfY&google_hm=Af6Ap0Hq30gjgV2baOi9mqM

Requested by

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Sep 2023 10:52:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmT6R_SaDg1n5FqJgpC9_F4PmOpAnY5J8uRNTRnX3RWDw6C5M8XmUwm5SeeI4Ogigr61sFN__DLDxutvQKlsLFcE0TLNE8PfFfY&google_hm=Af6Ap0Hq30gjgV2baOi9mqM
Date: Sun, 24 Sep 2023 10:52:35 GMT
Server: Apache
Connection: keep-alive
Content-Length: 234
Content-Type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7248 0
139 B 88ms
41ms Image
text/html 172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kp3XNs1Zbw1zxMGo_5INBOFJQk0KsFdxf6HTMMVf_MQyVxihEzk4wjM371AI60muSIn_7Z

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 font
fonts.gstatic.com/l/ Frame F670 16 KB
16 KB 4ms
3ms Font
text/html 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxpo8nhVttj2lUiDTgkRVxLcOWd04BCFxByuoeDz3v-tf-LDRWWPjRSFPPGIiVqL1hsgzcJLLXBROBkkmZx2xs3HVeZGtd0ezEGq3jkC5rAY_3qomJ9tiNZg0u4NUWQ3BqYTm6c&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%BC%E3%83%83%2F%E7%B4%841%E3%81%BB%E4%BA%88%E3%82%93%E7%AA%93%E3%83%89%E5%8D%98%E5%88%86%E3%81%910%E5%8F%A3%E3%83%8D%E3%83%A8%E5%A4%A72%20%E6%99%82%E3%83%88%E7%B0%A1%E3%82%A4%E7%94%BA%E5%BA%97%E3%81%A7%EF%BD%9E%E3%82%AB%E3%81%AE%E4%BA%95

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62698fc5d0ba9b5822848f4de561b1a18255399c26e1c4210067551eb8789daa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 15:14:59 GMT
x-content-type-options: nosniff
age: 70656
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15880
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Sat, 23 Sep 2023 15:14:59 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 91ms
53ms XHR
application/json 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230920&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bacb90023d18138aec2e9803f349e798466073b5eda9a4c62b19265c884b132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12113
x-xss-protection: 0

GET
H3 200 kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js Show response
pagead2.googlesyndication.com/bg/ Frame 26C1 38 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9203eef2e7058d05a6f6c3f022d1b7c460bd0bce1bfa33dc52dfde9c3dc5e8e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:02:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 08:02:47 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 37ms
37ms Preflight
text/html 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Sep 2023 10:52:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 64ms
64ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 10:52:35 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8EE1 13 KB
5 KB 5ms
2ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kajjfawjagr.lfhfdfiehgg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 81438
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 12:15:17 GMT
expires: Sun, 22 Sep 2024 12:15:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C0BC 829 B
558 B 40ms
40ms Document
text/html 2404:6800:4004:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

530d04fcde5e47485e229d803b4469849f1d6f99e66333b4906c0b14231f2e83

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yf5vzYhQT4NKXMRU8T_Tew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://kajjfawjagr.lfhfdfiehgg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-yf5vzYhQT4NKXMRU8T_Tew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 10:52:35 GMT
expires: Sun, 24 Sep 2023 10:52:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response
pagead2.googlesyndication.com/bg/ Frame 8EE1 37 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 12:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14772
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Sep 2024 12:15:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C0BC 0
0 43ms
43ms Image
text/html 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230920&jk=3051398263470990&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8EE1 0
12 B 2ms
2ms Image
text/plain 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6ycRwQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:52:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 21A1 42 B
64 B 53ms
52ms Fetch
image/gif 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxfdEF9mt8dSV801cZ0UNGHl7CaZuPrjkT0yCIGTpYsGX0CfcfzIZbsa4STGR160g-hmOqB4bKktR3cByUgIXBC2vl1yStomQUvkPP64Dsv1JEKtRR0Uo7CyFhecHu1WJyEqhImIiezQ&sai=AMfl-YTvOPaGFopBblsnXlYtLpswlyFR2j9LvXGMwV81QdcjRxlhiGNAMRxR-gGliRk7a458BXUocUnyWYKB&sig=Cg0ArKJSzBrlnrdcg7JyEAE&cid=CAQSGwDICaaN3wr0ESKL-_5k_Guvx8aMyNU0ypRYNBgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2068306026&rs=2&la=1&cr=0&vs=4&r=v&rst=1695552753663&rpt=1104&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Sep 2023 10:52:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3662 42 B
64 B 40ms
40ms Fetch
image/gif 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpP-ZHyh06MPxqOR_RQh4JEMf1FNemtrsf7SQGeZjtfe3dWjAMptZbANHlrcJ08Vsq028UnXutCb5YsT5pNXGh-kbyfxwqX9EEUlxU5m5iqyaAqHkYgNA1DJ3e9HX_nd1nxtGXKdBZqg&sai=AMfl-YRZ5mX0izYsU8heQBkDmx0OM429IxfE7eyslLqKM4QrU62Uer3hfRlEdNw7Z6fd1Tkt7xOmIVaP7e4D&sig=Cg0ArKJSzEMLLz7bmGQwEAE&cid=CAQSGwBpAlJWMH6gw5Lu7FPrYzGHcnvMoEDC90K6hhgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1695552754655&rpt=264&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Sep 2023 10:52:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 59AE 42 B
64 B 44ms
43ms Fetch
image/gif 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdgZVe_NRwdA5G2_S-q7B7vC3Ob7NZf_adosmnS5KXJkCas_ePXwwBH7AfXm-dwbHM8EDWu62PIMcEWTe2mEHlv-_hP2_HsFGwbNh_wDrs4YiL_jpVTgSe-B-zdK0K3QP2ao8M9yJeWBwQnNtJOWWTx5cDu4Kh93IKBwH7S5kYIgmmrXTSvtBuNgdeK0Z8hTkqkb2FcTt3c-OP3t98veRVtX7QMi2Y-hc0yZXt7M2UbtqrPsO0LrmZcaS6Z-2cemB-BC18jr9YOlh3aKBw5L-c0yyF42gL4nKriyHMlsV1R4IbS_37TnEOMxUN-PFbSuGskIS0G4His8s1vYL2oIcCya9uiFRijp9OgD7gqW7tf0YNhgBoTYkWPuHZy4d6jRC3UJHjOVb0QvroLguf837-qh4WXfLpQHTQLGUmZcLWIzzpyxCz3-17LGWn_ThKyOu7LaWxqppmF_w6e9xewsas0TpuN2H0I8a32nLuq-3XKMADGP3jfLZfIACxpm4b76k3ZUH5XMwcmXEsckaUVL15-QbLilEGYrxKo22189ysRb9eHa46jeVJcL8v-PSEKkA3AE_x9eXd_-4rIIPkb7KiawnTQTKUAwSjCR84jzgOqhluzmvdFcHYxxSD-wvDlNnMe830Zx-YSjrNS_UBbA5j7VQkpSuED2ovpk66AYV9TXFOzqEXnz05ZSkAGx5YbWJzdUqt6Un3T5_YECtf7MHWF-9uDrS39embqXKhHjFIccwIhTDKNNS9L42AODZeVMmAeyAzF1xr0kHQtnr9Cq98Gc-C_QIK8d9Ei7FwtnsOL2gKUHJa814UCVzVcKRJVkZ-Tv-y9Ed--kUGqwHLwzCsBFC_UXNeYr3Nh20lZh-sHUpp9Wheueygl7YrnHdxTMJ-Jb1fwykjY4Aes1pCbEQxBmbDAEcTANf-MTbfK1J2SboEQZohWAte0KnsysvYrGiHdkXV3BgliXyHXgmj6HrrSnRWQML6HwoPVhUfLP28TArzHdxvKD2m6hySlqfouDJxq9Fav-iinxPQTqh6wiVUTrJFDx8e2P9O6KfhHuLfyaVTAgsv7-w2tyNRMHPWg1pLpT5lEracqhLiIXAAj9J6Vbhl7Z8o2GmbC0YUDA513bqRQTmkEgOTgTwN_Jn0HgvjTcJhz8YsJCDUvNhrhvCQPJ2qdO9tHnVDTs1L-3cz3LcxjWHqyW_xk-ti7MHL-6TiJoOeLmLEtuWAbsaSTl0yOBx40QoSvRwVYkk7IKOOAhPhc2tBDOWyHyJwNGp1No4KPRFCpRSJU-YxtL8LGiPbWfmUfi8B&sai=AMfl-YQ-NyYjtXvv7PBmCcJp7EQ_Hf4PiQa8sg6caEWqlzelV6MXg957FFnDDpJ1uMYYbKHuYh4seWVM7bZ7E2kykEY9ZDDoMUnuOQ&sig=Cg0ArKJSzFJ2OqPhoNvmEAE&cid=CAQSGwBpAlJWMH6gw5Lu7FPrYzGHcnvMoEDC90K6hhgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=103,767,1000,1000,1000&tos=103,664,233,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1695552754658&rpt=353&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Sep 2023 10:52:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DF57 42 B
64 B 43ms
43ms Fetch
image/gif 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsty1zlYtaeSAlcDxpgEvG5O3Z2KPPcmOs7PRP3oXNuHgzYDxtMd7CPiSUtbXwQVFlxgI3zamNdrcvJKKImDurO_LQ_4-AVdiX5-hS1eu9kHo7Jbo975vL6Lz5xWYV5FeLdHU4qxHlUDyg&sai=AMfl-YRvtcFQQ99oUP7o_tQMsEEjRJgYtZdSHvrlVz5XR8T48j8PO7wK1G1quq2-x-K8i8EduBNdTnqKkfHY&sig=Cg0ArKJSzJjtIL8vWvSBEAE&cid=CAQSGwBpAlJWMH6gw5Lu7FPrYzGHcnvMoEDC90K6hhgB&id=lidar2&mcvt=1008&p=0,0,600,200&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1695552754657&rpt=369&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Sep 2023 10:52:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 48ms
47ms Image
text/html 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230920&jk=3051398263470990&bg=!S0ilSAfNAAYrDsWMCw47ADQBe5WfOJzawZEv4zo2dwK8AiAfK9IHAYjZrvbhEC_37ugVqA-0xeRBlSIFr2zmUsDDIJkZAgAAAEdSAAAAH2gBBwoAX1UPva6vqlPjyQmn7Kamg5s3ySPWg35Eck3sf4kzwkRSsfUhRIJ4eQU2HiX0YlgSGeTQqC2Bl-DE5UTO34AF8hhIT3hnVkFHEbNtwZT-Rux-nTSl23OKJ9VW3kSFjsOKmQK3PJ0pdMn3tpNBR5WNlZqbGHSgY0jF5LMbtfvrwEFsIzVXs0KZUdyVExK7Pp51_gid5tpKPwBtHwHo2NNiSysqoclkk3XjoEDr-fFm7e1hxV8FeRf8T-ItYdUbgUd4BaEYM2SmJzTrhKGKcHcJVZXMhu-2q-6niIZCqwUMT2oXlqMIuTZ-vZz4VX3voGiNhwD8EjV4_DZmgJEFC2jqcuZvYcGtg4SBdl3b4gE4aJ-AKybl3evPoAMFJE7XiUyTyVI2R14Wkn2uR7sElQl146fHMLjNOL0eKsrFV6l56WiGi6l4Xhd4PgVVU9Gzwi8qi8UaCqxAV_Stu0bv2pUaFjcGqlDjpasM7aATHMgkRd-xYGzboJoZKliTGvsUk-OJuDoIq7RM8qga5r4iQxzdDI9J4qGhetVeEKTqJL3d5xEJL6JCJltAT3Z4seUGWTPuDnzMTnFq9XFknIwqsUgl1Lx9UrndPa4YoT5Jx8KfSpx1hjc3qj_JKnrnlaVqur5yb6VO2SiqvzuLcnDBnEa2Uhqke3-857pXlX4mDdb0w8yIFofWWg4-MF0P7rDLLHKaSyxFYhERpGToFWrBWmYDrOv-gALKkPCx4tq7tuQyOseWCELo10DE5vDsLcqA7L-Fe_p-yR9E5mohTgvQEj2jjvd8m0GqVzM4rrazWWdE-1SRzocs1rO-vVNPSMt60LsOfMVJiJ1P3qJbqgWmnmrtytqF9q36A1olwHdxVwzAAXPmPPIFhLlw73wxXuH_ms4fPoYXixC8lPMHGPJeIBQ2ZGh36zVwDZUx8CRRNaNTxZgBaEILzj9Bbn_Lc18HWn7uxbPDFXGAhOiSrs6X2HV7RJD5T9m5yEatSBQsR6XHZi2GfgHJ6ktaR1Ao-fd7adCXQvbslKgyKNxhMwuLajrc5FUYpFk8BCivyaM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://kajjfawjagr.lfhfdfiehgg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame F670 0
54 B 147ms
146ms Ping
image/gif 2607:f8b0:4009:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=2~lmxcbyzm&c=5841955935795&slotId=2920977967897.5&qqid=CODeiJ2Kw4EDFdrZFgUdto4HzA&umsem=0&ape=1&ple=1&met.4=vfl.lmxcbz3l~vil.lmxcbz3n
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/ec22f491d90c30c9ca4146fc047cd1a9.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81b::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Sep 2023 10:52:36 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kajjfawjagr.lfhfdfiehgg.com/	1970-01-21 00:35:12	Name: __utma Value: 34782779.381646171.1695552753.1695552753.1695552753.1
.kajjfawjagr.lfhfdfiehgg.com/	1969-12-31 23:59:59	Name: __utmc Value: 34782779
.kajjfawjagr.lfhfdfiehgg.com/	1970-01-20 19:22:00	Name: __utmz Value: 34782779.1695552753.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.kajjfawjagr.lfhfdfiehgg.com/	1970-01-20 14:59:13	Name: __utmt Value: 1
.kajjfawjagr.lfhfdfiehgg.com/	1970-01-20 14:59:14	Name: __utmb Value: 34782779.1.10.1695552753
.lfhfdfiehgg.com/	1970-01-21 00:20:48	Name: __gads Value: ID=6cf1e49132d6ec91-22136621f8e30058:T=1695552753:RT=1695552753:S=ALNI_MZi1fmy9iH8E33RcnmLesJiGN1rOg
.lfhfdfiehgg.com/	1970-01-21 00:20:48	Name: __gpi Value: UID=00000c5390b8852a:T=1695552753:RT=1695552753:S=ALNI_MaF0_Sqid8Pn-qHytdwjZp_U9gRMQ
.doubleclick.net/	1970-01-21 00:35:12	Name: IDE Value: AHWqTUnBdXI4j5VPo8iR7jQG8At0E_r1ejiZZUIvdvnkM-b0PxqvPJD2SNIsbw_VduQ
.googleadservices.com/	1970-01-20 17:08:48	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 14:59:16	Name: DSID Value: NO_DATA
.send.microad.jp/	1970-01-20 17:08:48	Name: TR Value: 40f99db85ddc7bdd4fab1eabb3d2f1a90099eff3dc359372
.uncn.jp/	1970-01-20 23:44:48	Name: t Value: v_fe80a741-eadf-4823-815d-9b68e8bd9aa3
.yahoo.com/	1970-01-20 23:45:10	Name: A3 Value: d=AQABBPMUEGUCEOs5notG4JrDaIicpnJ3iRIFEgEBAQFmEWUZZQAAAAAA_eMAAA&S=AQAAArnl3MIcLCFCZ9Ntv5zJtNU
.simpli.fi/	1970-01-20 23:46:15	Name: suid Value: 2864E99B249C40698EB08DCFE06CC305
.dotomi.com/	1970-01-20 14:59:12	Name: DotomiTest Value: 506dae996a4b201d
.uuidksinc.net/	1970-01-20 23:44:48	Name: jcsuuid Value: zoyOmdiFam38T1PyxKqj

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://kajjfawjagr.lfhfdfiehgg.com/(Line 666) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://kajjfawjagr.lfhfdfiehgg.com/(Line 666) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aid.send.microad.jp
cm.g.doubleclick.net
csi.gstatic.com
dclk-match.dotomi.com
ds.uncn.jp
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
kajjfawjagr.lfhfdfiehgg.com
mts0.google.com
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
rr4---sn-oguelnzl.googlevideo.com
s.uuidksinc.net
stats.g.doubleclick.net
tpc.googlesyndication.com
um.simpli.fi
v9999.adv.admeme.net
webfonts.xserver.jp
www.google-analytics.com
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
142.250.196.130
172.217.175.66
202.226.37.225
202.233.84.1
202.254.239.67
2404:6800:4004:2a::9
2404:6800:4004:801::2003
2404:6800:4004:801::2004
2404:6800:4004:812::2002
2404:6800:4004:813::2002
2404:6800:4004:820::2002
2404:6800:4004:820::2003
2404:6800:4004:820::200e
2404:6800:4004:822::2001
2404:6800:4004:823::2003
2404:6800:4004:823::200a
2404:6800:4004:823::200e
2404:6800:4004:825::2002
2404:6800:4004:825::200e
2404:6800:4004:826::200e
2404:6800:4004:828::200e
2404:6800:4008:c03::9c
2406:da18:929:5a03:1636:422b:46bd:93dc
2607:f8b0:4009:81b::2003
2a02:fa8:c411:13::1400
31.220.27.134
34.124.209.251
52.193.113.189
54.92.14.223
02760364e452d4613c51b8218dfe24461db595c3b01e6dd208ba8189fee6ffcd
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
05d757e7a7f9652e89c792fc447716299810f7ece7e1ffd368e30f28f65c8561
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f20ca33e72fb3a5b5535f539dac34e20c7992458ece56bdec0d9dde4936067a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12a58e885b3e6248c40600f11fb182cd7edef46f49c8c9f75bbc74ebab489793
1641d85306449ce51856aa7f6d51d72db2986be90ac1d527e11cf606e5688d3e
16543178259754742b3caa6eb94dc43fdba6eb151f2d461dce7f29c991c99b03
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cb5a304000f5a93b64fb7d672a6dc55c8481701db31ae0df4aeeab6e0428c84
1d58537a8ab48475b4165e7613d4d60368666c5f7e5a77ed12333cd3c2229621
2132425b14a442785fd907d821122bb5b2b90ca551ed564c0b118b6249e4e129
21533d25a6a9404dc1be0e02cae34792b43c16b64e98787d03aded111e6c0c40
21f7ef690f519b4bab6f5534e63512c4275efb74a8ff50895c2f0b5c17b2e80a
25dcf5e5983387af7533c98a67ce60c7d0136c6f910977e6fa19814b57e1deef
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b60809a60c4ce7672d026a739f600a88319a433155084421cc76882c66f08d9
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
2e68425a8acd855e2299f45ae20818723a4992d13fcf9e6ff3ba9b6268fc3cde
302e3e633885e58dd5fbbc255dca55cb4882d6ba562d4dce7abe834fdd7b441a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37d2a476db78ca6832f32adea2281c9ac6b7cb4e5f6a40a1142b85cd6ca6ce8a
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d82b9aeffe7c6cf86d67183cc59d3798346fe5d4f4a6cd7c059d92844637781
3e4248bfe64fabc2daa1e3f93318b97446c162dba95dab0ea042d74fc6407aed
43f3239db79d0b4cae257175b53eebd3e958e237fb93ac1b75d1cf309cd895a4
44d532f6f63748c9df26cc2dc6b5c2de841bcbc73cb0d8d2a53d3a2201252410
480a664a442c062929d181ab1beaaa25ba23330133a73b2888fd08f5423d449a
4a3db0402a97fc98b720d04a2bce839eb05df3b9500d69f817dc3fef92bcf1d6
4a7bb98567992396b1fe2651aaad18fc79f05d935180e67ecc50d16ccfea909f
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a
5143769c3cdd36f01c58ece07e884241dee670990c26b2340487529cf190b688
530d04fcde5e47485e229d803b4469849f1d6f99e66333b4906c0b14231f2e83
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565b1d912fd40f00266422a9d9cfb5b9d5b5d691b23ee7422d5b3ef5b8e251e8
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5ab07611ab2b1359fce0fe1ca7ddb95c29f83d7cfd582fdb5a5fe8c827e35a0f
5be035abd10097d0acc7a8ea1d52dda69fd6352886dc4532b9eae1466e388a5a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60b560762905cbe8693649bd294c7e6ffbad19bb5bada338fc47e932bc8ad099
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62610333e85e3cc2ef77b39e9bbb30f73359e265094a6492915a466e734b45b0
62698fc5d0ba9b5822848f4de561b1a18255399c26e1c4210067551eb8789daa
6312a30454f945172ca19951d2269c84be231b6ce575ce3f4590b02000dd6c43
650e462d7b6b127cdeb285515ce1695cdc409d8a797145d70c577b827afb318f
651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491
66f103128075ec834fe040e5b4899f55ec9877dc20700c24c3c9c6b7325b8106
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
6d416191ea6bd40eef848c202219e46fc10f3d3d5559ea5802ca3249b2f72c09
71bf6d002fe79204c2c6b78337aa19efb0592f2acb1025ce8183096be86b6e41
736ca4bd28ced175fb191fba898a1dcb397868b3aa9ed0502ab7b22ad4a1f559
75dffca1aefd17140d4751068af64998f953c0afde838cdc6057ed6cfbd5e1f2
77dfdc80913c50cb920f3c6b0ac88a4b019fbcb5d29e65d9c7024c3f48049564
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b153a9189391b8be8abacfa018dcc38bfb3c3e3e3fd44036141b0b971d1ad4a
7c5315c99e33f73b2e1eb29a89bf7fb63dbcd791f6df9f90cf674ad20ab44953
81be3d0688cd78734dd055ed1f46537a7b900cd079bafba7abb42b837be13b63
8359d7e9c9261925c66d537e0d5c96e1a701ab8df2b7a5f3b5eb54bae8ed0bd5
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
8925d918282aece0d1cd3df04bee25b38d4f6f60da412edbd13746264883aa53
898432ed88896cbf2e01c06b107cb8e37d583ab6d6a9e2189f1186f7c5fadc3e
8af912b2e820bd0530511f79b9bfb9ba9f74331d7844a39852d2c270a52ccf35
8bacb90023d18138aec2e9803f349e798466073b5eda9a4c62b19265c884b132
8cfbd51915042b668073b4f2a350e476e6475c5f173f13e4a6e33932c34f4936
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9203eef2e7058d05a6f6c3f022d1b7c460bd0bce1bfa33dc52dfde9c3dc5e8e2
937491c10b00f0d1fd963b718c6067dd1640bcf98a734bd666da39716f20a5ec
93f7bd91df9d35ccfdd02dec61ac689d443bc96424d5ffd258f4f3075cdc93ad
949439bdd534e1df9d211ef6117ba4a0cec1b05f245fa4e2a270cde286798a8e
961b9bc16cec3de3c1369402dd8f15dcd0daa36180ec85a0998a44a577ed3d82
961bc63e0ac072e57ecb32e2b11d2a2d9f1b0c679780302a19b826f2e06d7a6c
98310312b036383566ae88fc3709eaa392648a0b6e5f58dd73046fdeeedf10c8
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b340c26787186548b4cd1384a7d3cc7de34acc35bb99c940ca603b49dfa0d55
a093c1c794e10bfe77280bfdaafd21bc2dde2bdaadd6ff219c01c4e57a3b5a44
a222b9fc5eb307d26662456f4f6bec45e07ec55820b415224de95717b4a80eea
a2f0090340ed7ad55ed26b2d6914486e5ced24e3154a571458b23d58432ff6a4
a2f06583483ac128c6ac112fabb708f7b605bdd5e6a848d64b86285f087928b9
a9a44dd0f3a32be425034ae5e04ec38cb6a0b1073761b184e923bfe280e517b2
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ace4208545fb0ff5ea87fbe1470d3bf0af8e73d7d52fea869966c4b9d8c78a60
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
b57cb6c28e39daf6d42e4d825d5229bb998136b467199d671553809ca69f4820
b59c6900960177a85f571bad1363890f86665e090ccbc631c5ff63f4a78c1bfe
b751eb0a3d74cc7f01f927b595bc09eeb0ec1e4ffb754039e278827b415d6a5f
b841fef416ee69b3b3e4e5b51dd731b9ef3b25d00f7bcad2d802e3625d6059bc
b96773c4b9e609994855c2ff9b4463610ee73c5a4a3f11938d88dcc2894d1c16
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c085d002c429dfc30cbc112a8633515832ca0117b075bccb0c8347d11a1c0311
c55aa64d0d6318f1d0cb8532f013afe0e79cb90ec549e6c44f735a6fc4bb34d6
c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48
c9516c0846f866a36b154d6705562d6a51727975be9d8458371494e0d616a18e
d03bdd7b969990d4c07851f41a43e9774ff67eb28c0b9f804a3dd08239a85036
d43b0ed66d2a4b8b3c420ef0e10f24e34b29af524657a8d06dd87f3da235f15a
dd4dc7f9d43ecd63262004e471a3575e68280e95ad0cde378a49c1d506d96c57
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df29a661d16359da8f9f0536840222db55546d87041278f25306d60a5c280637
e2449c777704d17bd73cb27ea3ef0339cb4297ff140d22215099d9be5175d1c2
e2fa69feab176160c642026437a980e8d82132c225290fcfb0c50a333dd31552
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5421330b9a712ea32d3f6ff5350b6b5225b8215c30fffd5f3dbd34b70db27fe
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19
eea52d34e800f0753df6bc24a2bff1aa2b8b4e3f8b11c146399edfa20080097f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f26d98c3973c7df12d78bbb4164589b59dc42d4797b58471b358364c1005b2d3
f5b7ac3f1f7a873df8f2f854187ebc1799801d3d077cf6371dd6fa985d2dfa3b
f714ce0b2e060376e80435c6ef962025b60c03cc856c6d6f5953ca9f78d21cd0
fd954212e37be41574e9d0063fdcb5e745d2a32ab935e6e2dd913142f8706077

kajjfawjagr.lfhfdfiehgg.com Open in urlscan Pro 202.254.239.67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

211 Requests

78 %HTTPS

69 %IPv6

19 Domains

30 Subdomains

23 IPs

7 Countries

3553 kBTransfer

7152 kBSize

16 Cookies

2 Outgoing links

Redirected requests

211 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kajjfawjagr.lfhfdfiehgg.com Open in urlscan Pro
202.254.239.67 Public Scan

Screenshot
Live screenshot

Full Image

211
Requests

78 %
HTTPS

69 %
IPv6

19
Domains

30
Subdomains

23
IPs

7
Countries

3553 kB
Transfer

7152 kB
Size

16
Cookies

211 HTTP transactions
10 data transactions