gekka-no-kasumi.com Open in urlscan Pro
183.181.96.20 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gekka-no-kasumi.com/
Effective URL:
https://gekka-no-kasumi.com/
Submission: On December 11 via api (December 11th 2023, 8:26:26 am UTC) from US — Scanned from NO

Summary HTTP 354 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 35 IPs in 3 countries across 24 domains to perform 354 HTTP transactions. The main IP is 183.181.96.20, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is gekka-no-kasumi.com.
TLS certificate: Issued by R3 on November 28th 2023. Valid for: 3 months.

This is the only time gekka-no-kasumi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 108	183.181.96.20 183.181.96.20	131965 (XSERVER X...) (XSERVER Xserver Inc.)
7	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	202.226.37.225 202.226.37.225	131965 (XSERVER X...) (XSERVER Xserver Inc.)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1 1	23.197.53.137 23.197.53.137	16625 (AKAMAI-AS) (AKAMAI-AS)
4	52.222.236.32 52.222.236.32	16509 (AMAZON-02) (AMAZON-02)
4 4	52.119.170.28 52.119.170.28	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:264... 2600:9000:2644:6a00:1d:d7f6:39d3:7a61	16509 (AMAZON-02) (AMAZON-02)
1	3.112.186.112 3.112.186.112	16509 (AMAZON-02) (AMAZON-02)
1	18.179.103.207 18.179.103.207	16509 (AMAZON-02) (AMAZON-02)
8	153.120.49.75 153.120.49.75	7684 (SAKURA-A ...) (SAKURA-A SAKURA Internet Inc.)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
6	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
9 12	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
6 12	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 9	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
52	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:710... 2a02:26f0:7100::213:c699	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1 3	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
2	88.198.56.59 88.198.56.59	24940 (HETZNER-AS) (HETZNER-AS)
13	192.229.233.6 192.229.233.6	15133 (EDGECAST) (EDGECAST)
6	162.55.246.95 162.55.246.95	24940 (HETZNER-AS) (HETZNER-AS)
4	2600:9000:225... 2600:9000:2251:9000:15:157b:ff80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
354	35

108 183.181.96.20 (Japan) 1 redirects

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv12659.xserver.jp

gekka-no-kasumi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 202.226.37.225 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: webmail.xserver.jp

webfonts.xserver.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.197.53.137 (Düsseldorf, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-53-137.deploy.static.akamaitechnologies.com

img.finalfantasyxiv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.236.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-32.fra56.r.cloudfront.net

lds-img.finalfantasyxiv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.119.170.28 (Boardman, United States) 4 redirects

ASN16509 (AMAZON-02, US)

ws-fe.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2644:6a00:1d:d7f6:39d3:7a61 (United States)

ASN16509 (AMAZON-02, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.112.186.112 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-112-186-112.ap-northeast-1.compute.amazonaws.com

www22.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.179.103.207 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-103-207.ap-northeast-1.compute.amazonaws.com

www17.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 153.120.49.75 (Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)
PTR: www27.with2.net

blog.with2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.66 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.64.151.101 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.89.211.12 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100::213:c699 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.56.59 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-56-59.clients.your-server.de

ads.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 192.229.233.6 (Brigham City, United States)

ASN15133 (EDGECAST, US)

cdn.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 162.55.246.95 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.95.246.55.162.clients.your-server.de

pix.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2251:9000:15:157b:ff80:93a1 (United States)

ASN16509 (AMAZON-02, US)

img01.ztat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
108	gekka-no-kasumi.com 1 redirects gekka-no-kasumi.com	18 MB
65	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148 ade.googlesyndication.com — Cisco Umbrella Rank: 293	733 KB
52	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	348 KB
36	doubleclick.net 10 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515 ad.doubleclick.net — Cisco Umbrella Rank: 139	220 KB
21	revjet.com ads.revjet.com — Cisco Umbrella Rank: 6785 cdn.revjet.com — Cisco Umbrella Rank: 6853 pix.revjet.com — Cisco Umbrella Rank: 5801	729 KB
12	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	7 KB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	22 KB
9	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	7 KB
8	with2.net blog.with2.net — Cisco Umbrella Rank: 648283	70 KB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	128 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	508 KB
6	xserver.jp webfonts.xserver.jp — Cisco Umbrella Rank: 420640	27 KB
5	gstatic.com fonts.gstatic.com t1.gstatic.com www.gstatic.com	36 KB
5	finalfantasyxiv.com 1 redirects img.finalfantasyxiv.com — Cisco Umbrella Rank: 239824 lds-img.finalfantasyxiv.com	19 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 340 fonts.googleapis.com — Cisco Umbrella Rank: 29	37 KB
4	ztat.net img01.ztat.net — Cisco Umbrella Rank: 33606	34 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	255 KB
4	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 360	34 KB
4	amazon-adsystem.com 4 redirects ws-fe.amazon-adsystem.com — Cisco Umbrella Rank: 589096 ir-jp.amazon-adsystem.com Failed	800 B
2	createjs.com code.createjs.com — Cisco Umbrella Rank: 1586	125 KB
2	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	447 B
2	a8.net www22.a8.net www17.a8.net	121 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	4 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	4 KB
354	24

	Domain	Requested by
108	gekka-no-kasumi.com	1 redirects gekka-no-kasumi.com
52	s0.2mdn.net	gekka-no-kasumi.com s0.2mdn.net googleads.g.doubleclick.net code.createjs.com
34	pagead2.googlesyndication.com	gekka-no-kasumi.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
27	tpc.googlesyndication.com	googleads.g.doubleclick.net gekka-no-kasumi.com tpc.googlesyndication.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com gekka-no-kasumi.com googleads.g.doubleclick.net
13	cdn.revjet.com	ads.revjet.com srcdoc gekka-no-kasumi.com
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
12	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
9	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
8	blog.with2.net	gekka-no-kasumi.com blog.with2.net
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
7	www.googletagmanager.com	gekka-no-kasumi.com www.googletagmanager.com
6	pix.revjet.com	srcdoc googleads.g.doubleclick.net gekka-no-kasumi.com
6	region1.google-analytics.com	www.googletagmanager.com
6	webfonts.xserver.jp	gekka-no-kasumi.com webfonts.xserver.jp
4	ade.googlesyndication.com	gekka-no-kasumi.com
4	img01.ztat.net	gekka-no-kasumi.com
4	googleads4.g.doubleclick.net	gekka-no-kasumi.com
4	www.googletagservices.com	gekka-no-kasumi.com googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com gekka-no-kasumi.com
4	m.media-amazon.com	gekka-no-kasumi.com
4	ws-fe.amazon-adsystem.com	4 redirects
4	lds-img.finalfantasyxiv.com	gekka-no-kasumi.com img.finalfantasyxiv.com
4	fonts.googleapis.com	gekka-no-kasumi.com googleads.g.doubleclick.net
3	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net srcdoc
3	www.gstatic.com	googleads.g.doubleclick.net
2	ads.revjet.com	googleads.g.doubleclick.net ads.revjet.com
2	code.createjs.com	s0.2mdn.net
2	www.google.com	2 redirects
1	t1.gstatic.com	gekka-no-kasumi.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.jsdelivr.net	gekka-no-kasumi.com
1	www17.a8.net	gekka-no-kasumi.com
1	www22.a8.net	gekka-no-kasumi.com
1	img.finalfantasyxiv.com	1 redirects
1	cdnjs.cloudflare.com	gekka-no-kasumi.com
1	ajax.googleapis.com	gekka-no-kasumi.com
0	ir-jp.amazon-adsystem.com Failed	gekka-no-kasumi.com
354	38

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
b.hatena.ne.jp
getpocket.com
timeline.line.me
www.youtube.com
www.twitch.tv
www.amazon.co.jp
px.a8.net
blog.with2.net

Subject Issuer	Validity	Valid
www.gekka-no-kasumi.com R3	`2023-11-28` - `2024-02-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.xserver.jp SecureCore RSA DV CA	`2023-03-31` - `2024-04-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.a8.net GlobalSign GCC R3 DV TLS CA 2020	`2023-06-01` - `2024-07-02`	a year	crt.sh
blog.with2.net JPRS Domain Validation Authority - G4	`2023-11-30` - `2024-12-31`	a year	crt.sh
*.finalfantasyxiv.com Amazon RSA 2048 M02	`2023-04-19` - `2024-05-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.revjet.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-11`	a year	crt.sh
cdn.revjet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh
img01.ztat.net Amazon RSA 2048 M01	`2023-05-24` - `2024-06-21`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://gekka-no-kasumi.com/
Frame ID: A2C8E87B4D4E6F4546A86B552E166E3F
Requests: 163 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Frame ID: 4DB0AD016CD13A19E7BB57A49C22DA6E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6227073263319178&output=html&adk=1812271804&adf=3025194257&lmt=1702283158&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fgekka-no-kasumi.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702283157535&bpp=5&bdt=2105&idt=484&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4729264806909&frm=20&pv=2&ga_vid=998381432.1702283156&ga_sid=1702283158&ga_hid=816293540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079928%2C95320870%2C95320885&oid=2&pvsid=1613787901476305&tmod=1118250832&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=515
Frame ID: B9E718385B098C8BF3FF84FA6C16CC09
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C49B8AAD9BAABC178103576FD299DADD
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C4821C7EC06E2587B2D9B380BAF47403
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8755728673627DA0C8681E798037A9BB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 12A9EA19FC4741A6B46C96293F7F8B3A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY05XXgAIwAQ&v=APEucNV1RYPWmZ22k0RXD8A0A8Izu6B3aQQDiyaaWrnfzAmQv4enXz_PjEl97cYUd5ai_CelwzvFIfhVd2zTWFUHG7QFJWKBMiiP3g8eaeef-S0tjnLd36DwXqEpwGCPatdUwGxrWvNjyGNamX__atYCp_RwA3zhP-5k4L4MEATPXQc85VfZwxc
Frame ID: 8DDB350C770C19AE6EC308D538E0791C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 3FDC23A173296ED4A1AE6F3A49965D05
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY05XXgAIwAQ&v=APEucNUZ6ZLLAGGmCoDkUjz5tLe1LV3d78OeIN8rCQqVF3fzQhQgM2Wbf-USx3K3ouo_kUDC6_jg0-fIr_VSUPl8kU6tuRcUMvEf2d_Of2ERebFnP5WJaAC8Kxw9DzUzWG2C465-ywhRylveJKvrRDKJGowtS5Kd-hxXOx0nh2ff0dSfVt-Tyug
Frame ID: 01B5A162ED6E428E41922B39502E6F1B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: F572E01729C1CE34ABB68C749DF50934
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNfz3uABMAE&v=APEucNWrQg4UU6mOavGMg4lagq7wxzdDHQF85iJZmijr_dtc14RTZdfsuGGw90BU6oxgjdTDRmgDg9Jx0c1Jx1Eb8I4Me9g98odKe7BuLlzY3adhmnj_a8DqpdEWuuEM8nIGKbFkpc9zA9lf-t_k09Vuq8FW1tGU-fbQLnkK1s6HCk8jHCsUlAM
Frame ID: 574E476A37524ABD16F6B105D05B132A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 4526FCA790BABFACEBD1966B1BACC229
Requests: 17 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E3%81%98%E9%96%89%E3%82%8B
Frame ID: 9B2D2CAA3CE4050A0826071B5C7557C4
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B1DE5F9A4977255E16A8078B692ABCF8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 264CADCDA72D52041C5CF302DA18099C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: CC4DB2A767A12457D749762962F19E4D
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6227073263319178&output=html&h=420&slotname=8432113424&adk=2347388405&adf=1365182113&pi=t.ma~as.8432113424&w=700&cr_col=4&cr_row=2&fwrn=2&lmt=1702283160&rafmt=9&format=700x420&url=https%3A%2F%2Fgekka-no-kasumi.com%2F&ea=0&host=ca-host-pub-2644536267352236&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702283157540&bpp=2&bdt=2110&idt=518&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df56a739d32f5e926%3AT%3D1702283158%3ART%3D1702283158%3AS%3DALNI_MZBjf0jmCeKHQrzEBKknH_DdREu-A&gpic=UID%3D00000d1376cd2018%3AT%3D1702283158%3ART%3D1702283158%3AS%3DALNI_MYWuugW8jYw_MAJrB1-l-eXOKqI6A&prev_fmts=0x0%2C1600x1200%2C160x600%2C160x600%2C728x90&nras=5&correlator=4729264806909&frm=20&pv=1&ga_vid=998381432.1702283156&ga_sid=1702283158&ga_hid=816293540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=251&ady=2597&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079928%2C95320870%2C95320885&oid=2&pvsid=1613787901476305&tmod=1118250832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=4&fsb=1&dtd=2671
Frame ID: 886607BE37734CA6DCEABCD75FB4C491
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6227073263319178&output=html&h=280&slotname=9375328300&adk=1620165619&adf=2788080696&pi=t.ma~as.9375328300&w=700&fwrn=4&fwrnh=100&lmt=1702283160&rafmt=1&format=700x280&url=https%3A%2F%2Fgekka-no-kasumi.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702283157542&bpp=2&bdt=2111&idt=517&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df56a739d32f5e926%3AT%3D1702283158%3ART%3D1702283158%3AS%3DALNI_MZBjf0jmCeKHQrzEBKknH_DdREu-A&gpic=UID%3D00000d1376cd2018%3AT%3D1702283158%3ART%3D1702283158%3AS%3DALNI_MYWuugW8jYw_MAJrB1-l-eXOKqI6A&prev_fmts=0x0%2C1600x1200%2C160x600%2C160x600%2C728x90%2C700x420&nras=5&correlator=4729264806909&frm=20&pv=1&ga_vid=998381432.1702283156&ga_sid=1702283158&ga_hid=816293540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=251&ady=3071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079928%2C95320870%2C95320885&oid=2&pvsid=1613787901476305&tmod=1118250832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=5&fsb=1&dtd=2674
Frame ID: 904CE22AE7DDFF634495378417409473
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
Frame ID: C4F25303973AB8DEB03DBDF7E8D30240
Requests: 26 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 0C2927BE8E6FA1F38DBF200E2A351F93
Requests: 16 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
Frame ID: 67F9E80AD988542065C73B1CBCCD5AD5
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D22554F78AB43AC40F0BB170410EAFFB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B643359817E32001152EB7AD0F16956C
Requests: 3 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fgoogleads.g.doubleclick.net
Frame ID: D99C2B829BC9B853A02846E745898610
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Frame ID: DE4FEF060BAC63C6CCE9FB3DD3782B40
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

月下ノ霞

Page URL History Show full URLs

http://gekka-no-kasumi.com/ HTTP 301
https://gekka-no-kasumi.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

354
Requests

94 %
HTTPS

54 %
IPv6

24
Domains

38
Subdomains

35
IPs

3
Countries

21548 kB
Transfer

31904 kB
Size

20
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/intent/tweet?text=%E3%83%9B%E3%83%BC%E3%83%A0&url=https%3A%2F%2Fgekka-no-kasumi.com%2F
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fgekka-no-kasumi.com%2F&t=%E3%83%9B%E3%83%BC%E3%83%A0
Title: Facebook

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/s/gekka-no-kasumi.com/
Title: はてブ

Search URL Search Domain Scan URL

URL: https://getpocket.com/edit?url=https://gekka-no-kasumi.com/
Title: Pocket

Search URL Search Domain Scan URL

URL: https://timeline.line.me/social-plugin/share?url=https%3A%2F%2Fgekka-no-kasumi.com%2F
Title: LINE

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCTzB2wcWFPZYpyS-qDh1SCg?view_as

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/haruka_ninja

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/%E3%83%95%E3%82%A1%E3%82%A4%E3%83%8A%E3%83%AB%E3%83%95%E3%82%A1%E3%83%B3%E3%82%BF%E3%82%B8%E3%83%BCXIV-%E6%96%B0%E7%94%9F%E3%82%A8%E3%82%AA%E3%83%AB%E3%82%BC%E3%82%A2-%E3%82%AA%E3%83%95%E3%82%A3%E3%82%B7%E3%83%A3%E3%83%AB%E3%82%B3%E3%83%B3%E3%83%97%E3%83%AA%E3%83%BC%E3%83%88%E3%82%AC%E3%82%A4%E3%83%89-%E3%83%87%E3%82%B8%E3%82%BF%E3%83%AB%E7%89%88SE-MOOK-%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BE%E3%82%B9%E3%82%AF%E3%82%A6%E3%82%A7%E3%82%A2%E3%83%BB%E3%82%A8%E3%83%8B%E3%83%83%E3%82%AF%E3%82%B9-ebook/dp/B071WK62JG?crid=560LKTEQVTAT&keywords=%E3%83%95%E3%82%A1%E3%82%A4%E3%83%8A%E3%83%AB%E3%83%95%E3%82%A1%E3%83%B3%E3%82%BF%E3%82%B8%E3%83%BCxiv&qid=1651082100&s=books&sprefix=%E3%83%95%E3%82%A1%E3%82%A4%E3%83%8A%E3%83%AB%E3%83%95%E3%82%A1%E3%83%B3%E3%82%BF%E3%82%B8%E3%83%BC%2Cstripbooks%2C159&sr=1-8&linkCode=li2&tag=harukasetsuna-22&linkId=1ac872dbd3b2c3fde3af0c6f5f9230e3&language=ja_JP&ref_=as_li_ss_il

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/FINAL-FANTASY-XIV-ENDWALKER-Resurrection/dp/4757579004?__mk_ja_JP=%E3%82%AB%E3%82%BF%E3%82%AB%E3%83%8A&crid=162J9F90OF34J&keywords=%E3%83%95%E3%82%A1%E3%82%A4%E3%83%8A%E3%83%AB%E3%83%95%E3%82%A1%E3%83%B3%E3%82%BF%E3%82%B8%E3%83%BC&qid=1651081957&s=books&sprefix=%E3%83%95%E3%82%A1%E3%82%A4%E3%83%8A%E3%83%AB%E3%83%95%E3%82%A1%E3%83%B3%E3%82%BF%E3%82%B8%E3%83%BC%2Cstripbooks%2C156&sr=1-1&linkCode=li2&tag=harukasetsuna-22&linkId=f5f2ed6612c15e94aac506f6c750d3a1&language=ja_JP&ref_=as_li_ss_il

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/Sinners%EF%BC%9AFINAL-Arrangement-Album%EF%BC%88%E6%98%A0%E5%83%8F%E4%BB%98%E3%82%B5%E3%83%B3%E3%83%88%E3%83%A9%EF%BC%8FBlu-ray-%E3%82%B2%E3%83%BC%E3%83%A0%E5%86%85%E3%82%A2%E3%82%A4%E3%83%86%E3%83%A0%E3%80%8C%E3%82%AA%E3%83%BC%E3%82%B1%E3%82%B9%E3%83%88%E3%83%AA%E3%82%AA%E3%83%B3%E8%AD%9C%E3%80%8D2%E7%82%B9%E3%82%92%E5%85%A5%E6%89%8B%E3%81%A7%E3%81%8D%E3%82%8B%E3%82%A2%E3%82%A4%E3%83%86%E3%83%A0%E3%82%B3%E3%83%BC%E3%83%89%E5%B0%81%E5%85%A5-%E3%80%90Blu-ray%E3%80%91/dp/B08W3SL6T7?__mk_ja_JP=%E3%82%AB%E3%82%BF%E3%82%AB%E3%83%8A&crid=3LWSZUMR8SN6C&keywords=%E3%83%95%E3%82%A1%E3%82%A4%E3%83%8A%E3%83%AB%E3%83%95%E3%82%A1%E3%83%B3%E3%82%BF%E3%82%B8%E3%83%BC14+%E3%82%B5%E3%83%B3%E3%83%88%E3%83%A9&qid=1651081302&refinements=p_n_format_browse-bin%3A81873051&rnid=81872051&s=music&sprefix=%E3%83%95%E3%82%A1%E3%82%A4%E3%83%8A%E3%83%AB%E3%83%95%E3%82%A1%E3%83%B3%E3%82%BF%E3%82%B8%E3%83%BC14+%E3%82%B5%E3%83%B3%E3%83%88%E3%83%A9%2Caps%2C153&sr=1-7&linkCode=li2&tag=harukasetsuna-22&linkId=70805675efa926af6fcfa180b0313ba3&language=ja_JP&ref_=as_li_ss_il

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/FINAL-FANTASY-XIV-SHADOWBRINGERS-%E3%83%87%E3%82%B8%E3%82%BF%E3%83%AB%E7%89%88SE-MOOK-ebook/dp/B09SG3RW69?_encoding=UTF8&qid=1651081449&sr=8-25&linkCode=li2&tag=harukasetsuna-22&linkId=43a17edd9426cb8ca25e99b989d02751&language=ja_JP&ref_=as_li_ss_il

Search URL Search Domain Scan URL

URL: https://px.a8.net/svt/ejp?a8mat=3N8KK8+3FU6LU+4F56+HWXLD

Search URL Search Domain Scan URL

URL: https://blog.with2.net/link/?id=2078227&cid=1412

Search URL Search Domain Scan URL

URL: https://blog.with2.net/link/?id=2078227&cid=5457

Search URL Search Domain Scan URL

URL: https://blog.with2.net/link.php?2078227:top

Search URL Search Domain Scan URL

URL: https://blog.with2.net/welcome/?parts=y
Title: 参加する

Search URL Search Domain Scan URL

URL: https://blog.with2.net/link.php?2078227
Title: このブログに投票する

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gekka-no-kasumi.com/ HTTP 301
https://gekka-no-kasumi.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://img.finalfantasyxiv.com/lds/pc/global/js/eorzeadb/loader.js?v2 HTTP 301
https://lds-img.finalfantasyxiv.com/pc/global/js/eorzeadb/loader.js?v2

Request Chain 47

https://ws-fe.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B071WK62JG&Format=_SL160_&ID=AsinImage&MarketPlace=JP&ServiceVersion=20070822&WS=1&tag=harukasetsuna-22&language=ja_JP HTTP 302
https://m.media-amazon.com/images/I/614a4QtULnL._SL160_.jpg

Request Chain 49

https://ws-fe.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=4757579004&Format=_SL160_&ID=AsinImage&MarketPlace=JP&ServiceVersion=20070822&WS=1&tag=harukasetsuna-22&language=ja_JP HTTP 302
https://m.media-amazon.com/images/I/51NYmNrZkpL._SL160_.jpg

Request Chain 51

https://ws-fe.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B08W3SL6T7&Format=_SL160_&ID=AsinImage&MarketPlace=JP&ServiceVersion=20070822&WS=1&tag=harukasetsuna-22&language=ja_JP HTTP 302
https://m.media-amazon.com/images/I/51xfeW6odlL._SL160_.jpg

Request Chain 53

https://ws-fe.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B09SG3RW69&Format=_SL160_&ID=AsinImage&MarketPlace=JP&ServiceVersion=20070822&WS=1&tag=harukasetsuna-22&language=ja_JP HTTP 302
https://m.media-amazon.com/images/I/51f2c2L07QL._SL160_.jpg

Request Chain 107

https://www.google.com/s2/favicons?domain=https://gekka-no-kasumi.com HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://gekka-no-kasumi.com&size=16

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFyhOxVnNhAiIhtSkqKFdIM&google_cver=1

Request Chain 162

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXbHl6.DnlsFITAk88PXqgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKviC9NLrR7HfS1ICpP0to&google_cver=1&google_hm=2

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKkD-EdwIIA0wvnk87SITYI&google_cver=1

Request Chain 164

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMDYxNzk4MjEwMTk0OTQ2OQ%3D%3D

Request Chain 165

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKviC9NLrR7HfS1ICpP0to&google_cver=1

Request Chain 166

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXbHlwK09kWiuI8SsisK1AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKviC9NLrR7HfS1ICpP0to&google_cver=1

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGa2vWeewXlkbZnDnK_QhWo&google_cver=1

Request Chain 168

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMDYxNzk4MjEwMTk0OTQ2OQ%3D%3D

Request Chain 169

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKviC9NLrR7HfS1ICpP0to&google_cver=1

Request Chain 170

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXbHlwK09kWiuI8SsisK1AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKviC9NLrR7HfS1ICpP0to&google_cver=1

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGa2vWeewXlkbZnDnK_QhWo&google_cver=1

Request Chain 172

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMDYxNzk4MjEwMTk0OTQ2OQ%3D%3D

Request Chain 176

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 286

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29306803.359271985;dc_trk_aid=550194765;dc_trk_cid=186938619;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1702283161408 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29306803.359271985;dc_pre=CIDFnvn6hoMDFaXkEQgdrLUKlQ;dc_trk_aid=550194765;dc_trk_cid=186938619;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1702283161408

354 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gekka-no-kasumi.com/
Redirect Chain

http://gekka-no-kasumi.com/
https://gekka-no-kasumi.com/

295 KB
40 KB

1995ms
1373ms

Document
text/html

183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 92fd75cafeb344b67aa50564ac167641838692342e6fe10a74da38a0f86368e3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 11 Dec 2023 08:25:54 GMT
link: <https://gekka-no-kasumi.com/wp-json/>; rel="https://api.w.org/", <https://gekka-no-kasumi.com/wp-json/wp/v2/pages/927>; rel="alternate"; type="application/json", <https://gekka-no-kasumi.com/>; rel=shortlink
server: nginx
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 236
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 11 Dec 2023 08:25:53 GMT
Location: https://gekka-no-kasumi.com/
Server: nginx

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 245ms
88ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-214735621-1

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

703d4778942bfb69bd9b6beb4747ee0cdc6043b6a8471927a54f161dcac617b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69009
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Dec 2023 08:25:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
85 KB 348ms
191ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-561MLEJ5LJ

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b5bf0e91402c7b402022dfc4ebfbdfb1e10c9309fe00d7f48fc53c3c9a72dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87227
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 08:25:55 GMT

GET
H2 200 style.min.css
gekka-no-kasumi.com/wp-includes/css/dist/block-library/ 107 KB
15 KB 318ms
312ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2&fver=20231108060246
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
content-encoding: br
last-modified: Wed, 08 Nov 2023 06:02:46 GMT
server: nginx
etag: W/"1add3-6099dd612b57f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 block.css
gekka-no-kasumi.com/wp-content/plugins/liquid-speech-balloon/css/ 6 KB
1 KB 320ms
314ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/liquid-speech-balloon/css/block.css?ver=6.4.2&fver=20230412060200
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 16ae355a44618e8930477d56bffb4b03b27811ac47cf025a03b88392772b8fd5

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
content-encoding: br
last-modified: Wed, 12 Apr 2023 06:02:00 GMT
server: nginx
etag: W/"19db-5f91d58b1145a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 menu-image.css
gekka-no-kasumi.com/wp-content/plugins/menu-image/includes/css/ 3 KB
1 KB 321ms
315ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/menu-image/includes/css/menu-image.css?ver=3.0.8&fver=20221019032724
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 75db663f63c3505c2d1d2c41b82da41465bcd39b390516728f7fd323f95f644e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
content-encoding: br
last-modified: Wed, 19 Oct 2022 03:27:24 GMT
server: nginx
etag: W/"d0f-5eb5ac99195e8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 dashicons.min.css
gekka-no-kasumi.com/wp-includes/css/ 58 KB
35 KB 318ms
312ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-includes/css/dashicons.min.css?ver=6.4.2&fver=20210520124119
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
content-encoding: br
last-modified: Thu, 20 May 2021 00:41:19 GMT
server: nginx
etag: W/"e688-5c2b8339929c0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 styles.css
gekka-no-kasumi.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 628ms
622ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.3&fver=20230208104526
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:26 GMT
server: nginx
etag: W/"af3-5f4380538632e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 style-index.css
gekka-no-kasumi.com/wp-content/plugins/flexible-table-block/build/ 2 KB
560 B 319ms
313ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/flexible-table-block/build/style-index.css?ver=1666533034&fver=20221023015034
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 372fa4b0f21bf643d55f67f3fa831cc7ab480b91cd11fcc850ebb44cc490b93e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
content-encoding: br
last-modified: Sun, 23 Oct 2022 13:50:34 GMT
server: nginx
etag: W/"792-5ebb3f58e6255"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 widget-options.css
gekka-no-kasumi.com/wp-content/plugins/widget-options/assets/css/ 2 KB
509 B 320ms
315ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/widget-options/assets/css/widget-options.css?fver=20230208104612
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 20f10af39ce515ef6555b1214483b829e36e457908bd93a55b1d4837ac852a40

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:46:12 GMT
server: nginx
etag: W/"671-5f43807fdbdb7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 wpsm-style.css
gekka-no-kasumi.com/wp-content/plugins/wp-show-more/ 407 B
592 B 319ms
313ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/wp-show-more/wpsm-style.css?ver=6.4.2&fver=20220909081527
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 70a01c74e416d55d22922317d3aad135253a47e1042c1441d3867ddf3f13b0c0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
last-modified: Fri, 09 Sep 2022 20:15:27 GMT
server: nginx
etag: "197-5e84434eec3f9"
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 407
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 slick.css
gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/ 1 KB
736 B 318ms
313ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/slick.css?ver=3.1.4&fver=20230208104619
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 82dfce8760ca230bb796f728f5444cec9f3611c94bfe33298cad70aa524e0eb2

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:46:19 GMT
server: nginx
etag: W/"591-5f438085d9112"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 wpsisac-public.css
gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/ 13 KB
2 KB 320ms
315ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/wpsisac-public.css?ver=3.1.4&fver=20230208104619
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 07463065874649f8f8795c60019f59f5f4912c4ebbadda4902be5e6d8fcb074f

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:46:19 GMT
server: nginx
etag: W/"326b-5f438085d9112"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 style.css
gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/ 9 KB
3 KB 628ms
623ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/style.css?ver=202312110825&fver=20221019014757
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 59c17570d4f97bcc025b337acf5bc8d348e7f56796913806292a41da82b30f25

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
content-encoding: br
last-modified: Wed, 19 Oct 2022 01:47:57 GMT
server: nginx
etag: W/"24ae-5eb5965e95a2a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 style.css
gekka-no-kasumi.com/wp-content/themes/cocoon-master/ 214 KB
41 KB 628ms
624ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/style.css?ver=6.4.2&fver=20221018122551
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: cdbcb41557b2860c3e955d41f5a14ec5f5e7fcff150d5a5a3583a0283400dbe1

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 00:25:51 GMT
server: nginx
etag: W/"3564c-5eb44226f1d3e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 keyframes.css
gekka-no-kasumi.com/wp-content/themes/cocoon-master/ 292 B
477 B 628ms
623ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/keyframes.css?ver=6.4.2&fver=20221018122551
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: d04b1faa2da8b85f4f650a0ed3645bb5aee8b8faa5ce054de1115b315059ad68

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
last-modified: Tue, 18 Oct 2022 00:25:51 GMT
server: nginx
etag: "124-5eb44226f1d3e"
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 292
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 font-awesome.min.css
gekka-no-kasumi.com/wp-content/themes/cocoon-master/webfonts/fontawesome/css/ 30 KB
7 KB 629ms
625ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/webfonts/fontawesome/css/font-awesome.min.css?ver=6.4.2&fver=20221018122551
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 00:25:51 GMT
server: nginx
etag: W/"792a-5eb44226bf0bf"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 style.css
gekka-no-kasumi.com/wp-content/themes/cocoon-master/webfonts/icomoon/ 3 KB
928 B 627ms
623ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/webfonts/icomoon/style.css?ver=6.4.2&fver=20221018122551
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: f6956c081898cba209f04bf3a248390c30564a1042f500d1152ecb50429acbce

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 00:25:51 GMT
server: nginx
etag: W/"add-5eb44226f1d3e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 baguetteBox.min.css
gekka-no-kasumi.com/wp-content/themes/cocoon-master/plugins/baguettebox/dist/ 4 KB
1 KB 631ms
626ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/plugins/baguettebox/dist/baguetteBox.min.css?ver=6.4.2&fver=20221018122551
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 70b31859862eb4792df8aa4daa383b355918490f84d956eb5ec12f3aa53b98bd

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 00:25:51 GMT
server: nginx
etag: W/"e19-5eb44226a79c0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 style.css
gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/ 9 KB
3 KB 633ms
629ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/style.css?ver=6.4.2&fver=20221019014757
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 59c17570d4f97bcc025b337acf5bc8d348e7f56796913806292a41da82b30f25

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
content-encoding: br
last-modified: Wed, 19 Oct 2022 01:47:57 GMT
server: nginx
etag: W/"24ae-5eb5965e95a2a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 keyframes.css
gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/ 130 B
314 B 630ms
626ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/keyframes.css?ver=6.4.2&fver=20210805040705
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
last-modified: Thu, 05 Aug 2021 04:07:05 GMT
server: nginx
etag: "82-5c8c80d4e9e92"
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 130
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 style.basic.css
gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/css/ 19 KB
4 KB 633ms
630ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=4.11&fver=20230208104502
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 3854779897861fc0c29a85ce47b8ab3456fa239f0d8484d77e8737ea3abaf738

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:02 GMT
server: nginx
etag: W/"4cae-5f43803ced048"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 style-curvy-black.css
gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/css/ 6 KB
1 KB 633ms
629ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/css/style-curvy-black.css?ver=4.11&fver=20230208104502
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 5c80505133c2b387dbe571c9b908be7e815b86ec57d1cb8de7f1b8212cb0d304

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:02 GMT
server: nginx
etag: W/"1927-5f43803ced048"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 235ms
75ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:52:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 19:52:07 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ 10 KB
4 KB 146ms
57ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1386798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3550
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-2748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M6roU7dXAcDDivKLhKeD%2Bg8ZSyD46wNcI2V%2BSsxaE%2FLEK%2Bs3rhRoHyuGHP1YnoxYRUs6NW7rLW%2BVz%2BUdaZ11FcslducyWnk18YZAIvs5alpit1XCACZMclrW7UNseB26XpWexz%2FBAr%2FhMUTELBDb6iX2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 833c56fa2a95568f-OSL
expires: Sat, 30 Nov 2024 08:25:55 GMT

GET
H/1.1 200
OK xserver.js Show response
webfonts.xserver.jp/js/ 20 KB
8 KB 1669ms
313ms Script
application/javascript 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/js/xserver.js?ver=1.2.4
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: b96773c4b9e609994855c2ff9b4463610ee73c5a4a3f11938d88dcc2894d1c16

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 08:25:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Aug 2019 03:18:48 GMT
Server: nginx
ETag: W/"5d522c18-4e15"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 240ms
85ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 08:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 07:15:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 08:25:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 355ms
198ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6227073263319178&host=ca-host-pub-2644536267352236

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91100a4d2d92b28d20444ebab9a767387c57075c316743529c83797ef7fdb347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gekka-no-kasumi.com/
Origin: https://gekka-no-kasumi.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52719
x-xss-protection: 0
server: cafe
etag: 7000792576589553748
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 08:25:57 GMT

GET
H2 200 icomoon.woff
gekka-no-kasumi.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/ 13 KB
8 KB 627ms
624ms Font
application/font-woff 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.woff
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: c54947e67503bb21778d64789ceac992de7249f7cbcfea7dc233e7db5c2a72fa

Request headers

Referer: https://gekka-no-kasumi.com/
Origin: https://gekka-no-kasumi.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 00:25:51 GMT
server: nginx
etag: W/"32c8-5eb44226f1d3e"
vary: Accept-Encoding
content-type: application/font-woff
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 icomoon.ttf
gekka-no-kasumi.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/ 13 KB
8 KB 629ms
627ms Font
application/font-sfnt 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.ttf
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 5bbf0b6502199ad3bfdac4d910b304ad0fd6a07d38f13d386b433829c2b651b3

Request headers

Referer: https://gekka-no-kasumi.com/
Origin: https://gekka-no-kasumi.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 00:25:51 GMT
server: nginx
etag: W/"3278-5eb44226f1d3e"
vary: Accept-Encoding
content-type: application/font-sfnt
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 fontawesome-webfont.woff2
gekka-no-kasumi.com/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/ 75 KB
76 KB 632ms
630ms Font
application/octet-stream 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://gekka-no-kasumi.com/
Origin: https://gekka-no-kasumi.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
last-modified: Tue, 18 Oct 2022 00:25:51 GMT
server: nginx
etag: "12d68-5eb44226bf0bf"
content-type: application/octet-stream
cache-control: max-age=604800
accept-ranges: bytes
content-length: 77160
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2

200

loader.js Show response
lds-img.finalfantasyxiv.com/pc/global/js/eorzeadb/
Redirect Chain

https://img.finalfantasyxiv.com/lds/pc/global/js/eorzeadb/loader.js?v2
https://lds-img.finalfantasyxiv.com/pc/global/js/eorzeadb/loader.js?v2

2 KB
1 KB

252ms
68ms

Script
text/javascript

52.222.236.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lds-img.finalfantasyxiv.com/pc/global/js/eorzeadb/loader.js?v2
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Server: 52.222.236.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 61fd9f7b7f48caa12170ed562a9d00b948b26a6381550005ba6b3f75e26616f4

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:01:48 GMT
content-encoding: gzip
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
last-modified: Mon, 23 Oct 2023 07:10:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 84248
x-amz-server-side-encryption: AES256
etag: W/"80f6f8e7417a3a48d4323fd43ede72a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -ZE7VSMxDpqxuzYVQJzuRe1BbvqRbwo2fTTu1LMCN8uDSgiVP_hN5g==

Redirect headers

location: https://lds-img.finalfantasyxiv.com/pc/global/js/eorzeadb/loader.js?v2
date: Mon, 11 Dec 2023 08:25:55 GMT
server: nginx
content-length: 178
content-type: text/html

GET
H2 200 %E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E_%E7%99%BD%E6%96%87%E5%AD%97.png
gekka-no-kasumi.com/wp-content/uploads/2021/08/ 30 KB
30 KB 630ms
628ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E_%E7%99%BD%E6%96%87%E5%AD%97.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 807b626980aa2f6b984a501a2cb507da8973736f4cf71fd356c28087dc55aa29

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
last-modified: Sun, 15 Aug 2021 03:05:32 GMT
server: nginx
etag: "774e-5c9905b9884c5"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 30542
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 DRKp6s.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 915 KB
916 KB 626ms
624ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRKp6s.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 3d4c84c1644ec2fcf6e59cf9b576e2be1aeddd8011de89fd0427a0ef2315a694

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:55 GMT
last-modified: Sun, 23 Oct 2022 09:28:38 GMT
server: nginx
etag: "e4bb0-5ebb04cc39563"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 936880
expires: Mon, 18 Dec 2023 08:25:55 GMT

GET
H2 200 DRKp5s.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 914 KB
915 KB 612ms
611ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRKp5s.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 3366c9a13a670b1f53202a99d7fa0de311822a2d58bb05a06fcf273e5a99b2fc

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:56 GMT
last-modified: Sat, 22 Oct 2022 19:41:23 GMT
server: nginx
etag: "e4674-5eba4be4a3441"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 935540
expires: Mon, 18 Dec 2023 08:25:56 GMT

GET
H2 200 DRK1.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 911 KB
913 KB 326ms
313ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRK1.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: c364cef4508d2a28e0bd8117ee3f512101e91bd7f8c784514fc277bb4615e13e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Thu, 13 Oct 2022 02:58:04 GMT
server: nginx
etag: "e3d70-5eae1ad9032fd"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 933232
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 DRK2.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 962 KB
963 KB 330ms
317ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRK2.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 03c8a2ac1af4021e48cd150019936388ef7179090ca15635b6e68a001013af69

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Thu, 13 Oct 2022 02:58:10 GMT
server: nginx
etag: "f080b-5eae1adef1bc9"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 985099
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 GNB1.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 869 KB
870 KB 637ms
627ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/GNB1.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 80f72478bff029d379adc18094e8c2e05a903f9df33cc3cf4b6b20c8a2011cc0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Thu, 13 Oct 2022 02:58:16 GMT
server: nginx
etag: "d94ec-5eae1ae4df4f6"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 890092
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 NIN1.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 957 KB
958 KB 642ms
632ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/NIN1.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: ef189bf0e502073d3becc0c5f09692d014539f680f7326859d1a719f2a9b1b59

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Thu, 13 Oct 2022 02:58:30 GMT
server: nginx
etag: "ef3df-5eae1af2b1629"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 979935
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 NIN2.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 1 MB
1 MB 643ms
634ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/NIN2.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: a9db2e1b815a1de1440efcca7a74f60252c315da44774ebf78d29440e05a6c25

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Sat, 15 Oct 2022 12:41:27 GMT
server: nginx
etag: "132d9e-5eb120fa1f086"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1256862
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 MNK1.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 754 KB
755 KB 637ms
628ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/MNK1.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 68786a0d96efc556026d729da8463f547ec0da396866b2ad0260d503fb17b5e1

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Thu, 13 Oct 2022 02:58:23 GMT
server: nginx
etag: "bc8c4-5eae1aebedf1f"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 772292
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 DRG1.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 883 KB
885 KB 643ms
634ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRG1.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: c2ca44748573300c502d74ce68e4ab57ff952e496d0327a1a48040cade4784ba

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Thu, 13 Oct 2022 02:57:55 GMT
server: nginx
etag: "dcd8d-5eae1ad15a415"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 904589
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 SAM1.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 879 KB
880 KB 639ms
631ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/SAM1.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 56a76001e47f0b1f5e421956fef054f349943e793501faad19dc63429395e425

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Thu, 13 Oct 2022 02:58:56 GMT
server: nginx
etag: "dbc4c-5eae1b0b41737"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 900172
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 SAM2.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 1005 KB
1006 KB 633ms
625ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/SAM2.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: ac3ffb71b2f89868c908d62364b8512502aa9b8ff6f12eb192f510ad9b349330

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Thu, 13 Oct 2022 02:59:03 GMT
server: nginx
etag: "fb479-5eae1b1232c9f"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1029241
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 RPR1.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 916 KB
917 KB 639ms
631ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/RPR1.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: abd30ce315ff361f1b9ec565aabe8b8057c3ee5b1e7df5378c8eddce38f4f430

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Thu, 13 Oct 2022 02:58:43 GMT
server: nginx
etag: "e4fdb-5eae1afec81a0"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 937947
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 RPR2.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 770 KB
771 KB 663ms
654ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/RPR2.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 1b2b9e59887c17ed0a61af10a7d94cd8d7856e7d3780a0f71a7f09ef31a86d76

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Thu, 13 Oct 2022 02:58:49 GMT
server: nginx
etag: "c08e2-5eae1b043d8ee"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 788706
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 %E5%85%A8%E8%88%AC.png
gekka-no-kasumi.com/wp-content/uploads/2022/01/ 199 KB
199 KB 645ms
637ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/01/%E5%85%A8%E8%88%AC.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 01dceac7a8797dcddad1b2a00bf41e977e8418b003022416e10d0de696775718

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Wed, 19 Jan 2022 01:42:09 GMT
server: nginx
etag: "31b19-5d5e57e728aea"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 203545
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 276ms
121ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6227073263319178

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c62a9a47e6174cd7fdbb5bc576a266ec1f418843e110147d13b96b6f017e7c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gekka-no-kasumi.com/
Origin: https://gekka-no-kasumi.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52712
x-xss-protection: 0
server: cafe
etag: 13248216560055451176
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 08:25:57 GMT

GET
H2

200

614a4QtULnL._SL160_.jpg
m.media-amazon.com/images/I/
Redirect Chain

https://ws-fe.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B071WK62JG&Format=_SL160_&ID=AsinImage&MarketPlace=JP&ServiceVersion=20070822&WS=1&tag=harukasetsuna-22&language=ja_JP
https://m.media-amazon.com/images/I/614a4QtULnL._SL160_.jpg

9 KB
10 KB

276ms
85ms

Image
image/jpeg

2600:9000:2644:6a00:1d:d7f6:39d3:7a61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/614a4QtULnL._SL160_.jpg
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Server: 2600:9000:2644:6a00:1d:d7f6:39d3:7a61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: bb902f8c758e42501777d1f999bf1f6954bfc6b1729c5f748a85ceb0a1e5418c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 11:38:08 GMT
via: 1.1 218c6128df18321f9758e53ccc351448.cloudfront.net (CloudFront)
age: 403008
x-amz-cf-pop: FRA60-P6
edge-cache-tag: x-cache-192,/images/I/614a4QtULnL
x-nginx-cache-status: HIT
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
content-length: 9698
surrogate-key: x-cache-192 /images/I/614a4QtULnL
last-modified: Tue, 06 Jun 2017 10:42:51 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 19b3ab7a-12ab-47d0-adf3-fb3d565a3b52
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: 8tQMLQXfRbfR2FdofiA3IZlgI_6xNlHa70sJ0RoJoarH9CQdxCzAog==
expires: Sun, 04 Oct 2043 11:38:08 GMT

Redirect headers

Location: https://m.media-amazon.com/images/I/614a4QtULnL._SL160_.jpg
Date: Mon, 11 Dec 2023 08:25:57 GMT
Server: Server
Connection: close
Content-Length: 0
Vary: User-Agent

GET ir
ir-jp.amazon-adsystem.com/e/ 0
0

GET
H2

200

51NYmNrZkpL._SL160_.jpg
m.media-amazon.com/images/I/
Redirect Chain

https://ws-fe.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=4757579004&Format=_SL160_&ID=AsinImage&MarketPlace=JP&ServiceVersion=20070822&WS=1&tag=harukasetsuna-22&language=ja_JP
https://m.media-amazon.com/images/I/51NYmNrZkpL._SL160_.jpg

8 KB
9 KB

263ms
72ms

Image
image/jpeg

2600:9000:2644:6a00:1d:d7f6:39d3:7a61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/51NYmNrZkpL._SL160_.jpg
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Server: 2600:9000:2644:6a00:1d:d7f6:39d3:7a61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 4f5be18bfb9a65abec19d2ab187a3d5008b55d193811fa5557a19ba2247d0b33

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 22:46:39 GMT
via: 1.1 218c6128df18321f9758e53ccc351448.cloudfront.net (CloudFront)
age: 152531
x-amz-cf-pop: FRA60-P6
edge-cache-tag: x-cache-934,/images/I/51NYmNrZkpL
x-nginx-cache-status: HIT
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
content-length: 8560
surrogate-key: x-cache-934 /images/I/51NYmNrZkpL
last-modified: Fri, 01 Apr 2022 04:48:07 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 82296126-bd86-4893-bfd0-7f9c2c9d4590
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: qFfipOTRr9OBsqcr_U8756Dqr8NJHDiP7aD-6zWXe1Cazy5F0RP6_A==
expires: Sun, 11 Oct 2043 22:46:39 GMT

Redirect headers

Location: https://m.media-amazon.com/images/I/51NYmNrZkpL._SL160_.jpg
Date: Mon, 11 Dec 2023 08:25:57 GMT
Server: Server
Connection: close
Content-Length: 0
Vary: User-Agent

GET ir
ir-jp.amazon-adsystem.com/e/ 0
0

GET
H2

200

51xfeW6odlL._SL160_.jpg
m.media-amazon.com/images/I/
Redirect Chain

https://ws-fe.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B08W3SL6T7&Format=_SL160_&ID=AsinImage&MarketPlace=JP&ServiceVersion=20070822&WS=1&tag=harukasetsuna-22&language=ja_JP
https://m.media-amazon.com/images/I/51xfeW6odlL._SL160_.jpg

7 KB
8 KB

317ms
126ms

Image
image/jpeg

2600:9000:2644:6a00:1d:d7f6:39d3:7a61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/51xfeW6odlL._SL160_.jpg
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Server: 2600:9000:2644:6a00:1d:d7f6:39d3:7a61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 5d76ce57e286c2eee0fdaf6fd10764d93d24f25c1cd2f65b026985cab4fff419

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:15:24 GMT
via: 1.1 218c6128df18321f9758e53ccc351448.cloudfront.net (CloudFront)
age: 152531
x-amz-cf-pop: FRA60-P6
edge-cache-tag: x-cache-102,/images/I/51xfeW6odlL
x-nginx-cache-status: HIT
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
content-length: 7188
surrogate-key: x-cache-102 /images/I/51xfeW6odlL
last-modified: Sun, 07 Feb 2021 00:20:46 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 3e48a3d7-4407-4b2f-a2d3-81c906bfc736
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: _ndElwjTaQ_Igs7gncOuofaUbI2h9S6tnce3odeRcQf0U8fQwLzhAg==
expires: Sat, 28 Nov 2043 16:15:24 GMT

Redirect headers

Location: https://m.media-amazon.com/images/I/51xfeW6odlL._SL160_.jpg
Date: Mon, 11 Dec 2023 08:25:57 GMT
Server: Server
Connection: close
Content-Length: 0
Vary: User-Agent

GET ir
ir-jp.amazon-adsystem.com/e/ 0
0

GET
H2

200

51f2c2L07QL._SL160_.jpg
m.media-amazon.com/images/I/
Redirect Chain

https://ws-fe.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B09SG3RW69&Format=_SL160_&ID=AsinImage&MarketPlace=JP&ServiceVersion=20070822&WS=1&tag=harukasetsuna-22&language=ja_JP
https://m.media-amazon.com/images/I/51f2c2L07QL._SL160_.jpg

6 KB
7 KB

265ms
77ms

Image
image/jpeg

2600:9000:2644:6a00:1d:d7f6:39d3:7a61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/51f2c2L07QL._SL160_.jpg
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Server: 2600:9000:2644:6a00:1d:d7f6:39d3:7a61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: b182ce9818749272518c3638442485626394afd6ac6cc38ff7a2f882c3253373

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 08:46:06 GMT
via: 1.1 218c6128df18321f9758e53ccc351448.cloudfront.net (CloudFront)
age: 308660
x-amz-cf-pop: FRA60-P6
edge-cache-tag: x-cache-957,/images/I/51f2c2L07QL
x-nginx-cache-status: HIT
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
content-length: 6635
surrogate-key: x-cache-957 /images/I/51f2c2L07QL
last-modified: Mon, 14 Feb 2022 08:33:32 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 8702e365-368f-4bd6-b11a-9a49db639172
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: T9wp9uOTaI1-3SvuuPaXsJcVdS5_1DOt_U6-0u3ma-Xvsu5dWvPP_Q==
expires: Wed, 28 Oct 2043 08:46:06 GMT

Redirect headers

Location: https://m.media-amazon.com/images/I/51f2c2L07QL._SL160_.jpg
Date: Mon, 11 Dec 2023 08:25:57 GMT
Server: Server
Connection: close
Content-Length: 0
Vary: User-Agent

GET ir
ir-jp.amazon-adsystem.com/e/ 0
0

GET
H/1.1 200
OK bgt
www22.a8.net/svt/ 121 KB
121 KB 2981ms
2078ms Image
image/gif 3.112.186.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www22.a8.net/svt/bgt?aid=220429592208&wid=001&eno=01&mid=s00000020625003009000&mc=1
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.112.186.112 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-112-186-112.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 9f0f8495b6aa810aa13618bb9c1f22d7212e887024ab5381671be8f0619f6832

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 08:25:58 GMT
Server: Apache
Connection: keep-alive
Content-Length: 123778
Content-Type: image/gif

GET
H/1.1 200
OK 0.gif
www17.a8.net/ 43 B
184 B 1229ms
306ms Image
image/gif 18.179.103.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www17.a8.net/0.gif?a8mat=3N8KK8+3FU6LU+4F56+HWXLD
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.179.103.207 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-179-103-207.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 08:25:58 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 113 KB
43 KB 97ms
91ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P87VKPQ

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d67544a4f3713345c405ff2b28da7541602a9b3151c9efb91b8f44a8a87eedf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44399
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Dec 2023 08:25:57 GMT

GET
H/1.1 200
OK br_c_1412_1.gif
blog.with2.net/img/banner/c/banner_1/ 2 KB
3 KB 1482ms
345ms Image
image/gif 153.120.49.75
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.with2.net/img/banner/c/banner_1/br_c_1412_1.gif
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.49.75 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www27.with2.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5cbbd4c70dd9505c880c33a1d33ec9996531d00cdd6a80786446d44d1c34b2fa

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 08:25:59 GMT
Last-Modified: Fri, 25 Dec 2009 07:32:04 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "a20213-93c-47b888d588500"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 2364

GET
H/1.1 200
OK br_c_5457_1.gif
blog.with2.net/img/banner/c/banner_1/ 3 KB
4 KB 1596ms
315ms Image
image/gif 153.120.49.75
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.with2.net/img/banner/c/banner_1/br_c_5457_1.gif
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.49.75 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www27.with2.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 742defd20336d8ac878b62e675d77e1d1f723bc5b71c9278cc5b98de626e1f65

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 08:25:59 GMT
Last-Modified: Tue, 13 Oct 2020 05:16:43 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "a24de9-d49-5b186854244c0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 3401

GET
H/1.1 200
OK / Show response
blog.with2.net/parts/2.0/ 104 KB
37 KB 2650ms
337ms Script
text/javascript 153.120.49.75
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.with2.net/parts/2.0/?id=2078227:vG0wQVSZtgY&c=fireworks
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.49.75 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www27.with2.net
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b2610e713fc3ad4e7719f8e4793ab3987cb70d63a7c9ef82c06106508e40541c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 08:25:59 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript; charset=euc-jp
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 37108

GET
H2 200 NIN1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 276 KB
276 KB 658ms
653ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/NIN1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 16c882993a940c7402192bffff614fdbd22968efca99bac650063e7acc4dfa1b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Thu, 13 Oct 2022 08:29:35 GMT
server: nginx
etag: "44f11-5eae64f2d7cba"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 282385
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 MNK1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 207 KB
207 KB 639ms
634ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/MNK1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 297c0d7825ebb6743ab5898c1f7c12c459c975cc8999eae82c0e62bab5f45b74

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Thu, 13 Oct 2022 08:29:49 GMT
server: nginx
etag: "33abb-5eae6500732ca"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 211643
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 DRG1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 261 KB
261 KB 637ms
632ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRG1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 1b92d601922abf7afc05dc7c5840db3d92ccce7e0f2c2cd0394c7542867e9407

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Thu, 13 Oct 2022 08:29:56 GMT
server: nginx
etag: "413f3-5eae6506ade45"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 267251
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 SAM1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 244 KB
244 KB 657ms
652ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/SAM1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 695e0b318a3127cd115b3fcc46944461c1545157479c1d01feb0d0c58f904149

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Thu, 13 Oct 2022 08:30:05 GMT
server: nginx
etag: "3cf57-5eae650fff9ef"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 249687
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 RPR1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 250 KB
251 KB 657ms
652ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/RPR1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 3178bb1690f47a0d14c672e294c63adde0592e2afc80d46c8fcd72206ee09d5d

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Thu, 13 Oct 2022 08:30:13 GMT
server: nginx
etag: "3e9d7-5eae65175e543"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 256471
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 DRK1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 245 KB
245 KB 659ms
655ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRK1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: e98b27d59723cdf19cb87b69322d9b4aa0c9a4eb3402cf8944ea94a3e082de3e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Thu, 13 Oct 2022 08:30:21 GMT
server: nginx
etag: "3d291-5eae651e9adb9"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 250513
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 GNB1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 213 KB
213 KB 632ms
628ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/GNB1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: ed3c5bf39d8a53722d045a9d7688bc17e6940df622fafcd0651baf6bac741636

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Thu, 13 Oct 2022 08:30:29 GMT
server: nginx
etag: "352cc-5eae6526c4b09"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 217804
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 nivo-slider.css
gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/ 2 KB
1 KB 327ms
314ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/nivo-slider.css?ver=3.28.3&fver=20230208104554
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: a330a0196da3072001cf3494d57e3ae7bd7ed26db7214a24e9f7488d2e7e9d54

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:54 GMT
server: nginx
etag: W/"80a-5f43806e5b5e8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 public.css
gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/metaslider/ 7 KB
2 KB 329ms
317ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.28.3&fver=20230208104554
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: f17f72445932b16d39475b09b03d9baec8cebb7ad60ac74f3bbed56e3cdc7e46

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:54 GMT
server: nginx
etag: W/"1a29-5f43806e5a648"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 default.css
gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/ 2 KB
888 B 326ms
314ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/default.css?ver=3.28.3&fver=20230208104554
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: b5da7316f6aba1d9e5d7a912dd6d381311efb8959a35e108416d570c8745fbab

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:54 GMT
server: nginx
etag: W/"7ba-5f43806e5b5e8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 index.js Show response
gekka-no-kasumi.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 328ms
316ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3&fver=20230208104526
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:26 GMT
server: nginx
etag: W/"2945-5f438053872ce"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 index.js Show response
gekka-no-kasumi.com/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 328ms
316ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3&fver=20230208104526
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: af0f96462799a9eccfa6c5a30819ea991f9c0c4eddaa2984a638dc473c03ce2f

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:26 GMT
server: nginx
etag: W/"31d9-5f438053872ce"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 wpsm-script.js Show response
gekka-no-kasumi.com/wp-content/plugins/wp-show-more/ 531 B
726 B 326ms
314ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/wp-show-more/wpsm-script.js?ver=1.0.1&fver=20220909081527
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 07ed98a3b2e3e5f1d3c8f5feb13211b469f30dd6aba8274652a10aeea3c44c7f

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Fri, 09 Sep 2022 20:15:27 GMT
server: nginx
etag: "213-5e84434eec3f9"
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 531
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 baguetteBox.min.js Show response
gekka-no-kasumi.com/wp-content/themes/cocoon-master/plugins/baguettebox/dist/ 9 KB
4 KB 330ms
318ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/plugins/baguettebox/dist/baguetteBox.min.js?ver=6.4.2&fver=20221018122551
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 50b415d35552f4b088d9e3e92ec9a46be5b499ac05a44034aedc677b3523e00e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 00:25:51 GMT
server: nginx
etag: W/"2569-5eb44226a79c0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 stickyfill.min.js Show response
gekka-no-kasumi.com/wp-content/themes/cocoon-master/plugins/stickyfill/dist/ 6 KB
2 KB 328ms
316ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/plugins/stickyfill/dist/stickyfill.min.js?ver=6.4.2&fver=20221018122551
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: ea6b03f54820c7ce3aa1378f599c83a4a07fad0d58667c98c586af1119a186d0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 00:25:51 GMT
server: nginx
etag: W/"17fb-5eb44226ac7e0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 comment-reply.min.js Show response
gekka-no-kasumi.com/wp-includes/js/ 3 KB
2 KB 638ms
633ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-includes/js/comment-reply.min.js?ver=6.4.2&fver=20220525060239
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
last-modified: Wed, 25 May 2022 06:02:39 GMT
server: nginx
etag: W/"ba5-5dfcfd215587f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 javascript.js Show response
gekka-no-kasumi.com/wp-content/themes/cocoon-master/ 7 KB
3 KB 329ms
317ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/javascript.js?ver=6.4.2&fver=20221018122551
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: ad163f38e07adcf5b324e9ff12bf50beb763539dfaba69278f141bb14144b39a

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 00:25:51 GMT
server: nginx
etag: W/"1b0e-5eb44226f1d3e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 javascript.js Show response
gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/ 298 B
493 B 638ms
627ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/javascript.js?ver=6.4.2&fver=20210805040705
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: b0bb9969a7c75f2d24e8c08cacb1856ecc281c6759da8ab8c60b43605b8c3b5b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Thu, 05 Aug 2021 04:07:05 GMT
server: nginx
etag: "12a-5c8c80d4e9e92"
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 298
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 asl-prereq.js Show response
gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 20 KB
7 KB 644ms
633ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-prereq.js?ver=4756&fver=20230208104502
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: dab69af700e302b9d41e9267aeff95d778fe26e000f4038b7b07cc1e3c87034e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:02 GMT
server: nginx
etag: W/"4e74-5f43803cf0ec8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 asl-core.js Show response
gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 39 KB
11 KB 643ms
632ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-core.js?ver=4756&fver=20230208104502
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 8bebf0d4ddf01b1b36bc61508a9f49506b4470bd9b43155c925cff5bf5aa25a9

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:02 GMT
server: nginx
etag: W/"9b34-5f43803cf0ec8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 asl-settings.js Show response
gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 5 KB
2 KB 642ms
631ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-settings.js?ver=4756&fver=20230208104502
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 62d488ea36e8a9825f058050d92c778e9734e929f4c68289f884c4f980d93b2e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:02 GMT
server: nginx
etag: W/"15db-5f43803cf0ec8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 asl-results-vertical.js Show response
gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 1 KB
849 B 636ms
625ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-results-vertical.js?ver=4756&fver=20230208104502
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 45ae39b83ce75a8dbf0febf1e5b630fc54a713039ccfad6b46238212a1b858a9

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:02 GMT
server: nginx
etag: W/"566-5f43803cf0ec8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 asl-load.js Show response
gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 71 B
264 B 643ms
632ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-load.js?ver=4756&fver=20230208104502
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 1771aad88d0164b8f869d097851c94cc83d1a837f12fe8de39d0f309fe45f33c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Wed, 08 Feb 2023 22:45:02 GMT
server: nginx
etag: "47-5f43803cf0ec8"
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 71
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 asl-wrapper.js Show response
gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 5 KB
2 KB 635ms
625ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-wrapper.js?ver=4756&fver=20230208104502
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: a0fadfcb29de9d60aa0ef729fca932b7c31910e4a096864010157b123ec9f4d7

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:02 GMT
server: nginx
etag: W/"13c9-5f43803cf0ec8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 slick.min.js Show response
gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/js/ 40 KB
11 KB 639ms
628ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/js/slick.min.js?ver=3.1.4&fver=20230208104619
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 1baae8e47e441abac03b5be86bc0c92464fd273e6025d80ddc6b1827bd36af92

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:46:19 GMT
server: nginx
etag: W/"a06d-5f438085da0b2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 wpsisac-public.js Show response
gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/js/ 11 KB
2 KB 634ms
624ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/js/wpsisac-public.js?ver=3.1.4&fver=20230208104619
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: f563642e7589abf892c5e8d0919e5dbd1d837509ed160f364d4cc7d18998dffe

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:46:19 GMT
server: nginx
etag: W/"2ae9-5f438085da0b2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 jquery.nivo.slider.pack.js Show response
gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/ 12 KB
3 KB 636ms
626ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/jquery.nivo.slider.pack.js?ver=3.28.3&fver=20230208104554
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 702706bb34de6eeddcb094ef47f54f7e27a4c1990e205aa66c533a8482ed9d85

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:54 GMT
server: nginx
etag: W/"2edc-5f43806e5b5e8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 clipboard.min.js Show response
cdn.jsdelivr.net/clipboard.js/1.5.13/ 10 KB
4 KB 152ms
50ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clipboard.js/1.5.13/clipboard.min.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fac02a96e87d9afaa0ccb933490c281386d6f3b3971e419c747fd6e1f5875e1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 239713
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220116-FRA, cache-bma1622-BMA
server: cloudflare
etag: W/"29b8-SfrX8LNZaoGlcNmIEvoJIzsobb4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDvsfhlbPhLZZeCQGwMny1bX592xXjtAtBu%2BkHDvF7QCNnXDV8sjQji0zsruDbJ6VANW%2FimQtKy0n4qrGRmSZcX%2BAUnR4O7my1H2j2AK9sit%2BLmC57rjayiQgP0suBWM%2Fgxkxd8jBHv309ZVVnQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 833c5704ba381bfe-OSL

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 136ms
131ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FPC3XEC025&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-214735621-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

46f798ac7abb254fb56e88ab90898e4185ab2323069194b7534f2d0420b55aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81789
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 08:25:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 235ms
75ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-214735621-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 11 Dec 2023 07:22:30 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3808
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 11 Dec 2023 09:22:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
84 KB 106ms
102ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-561MLEJ5LJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-214735621-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b24b1622031884caaf4e9227131692284bde23a3115a84f4514cc4825e140fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86203
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 08:25:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 111ms
107ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-214735621-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-561MLEJ5LJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

311e790d350b129a27769bca397272494920a34ebba64382958cda1aadab257d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68896
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Dec 2023 08:25:57 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 169ms
59ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-561MLEJ5LJ&gtm=45je3bt0v881561445&_p=1702283155453&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=998381432.1702283156&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702283155&sct=1&seg=0&dl=https%3A%2F%2Fgekka-no-kasumi.com%2F&dt=%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3925
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-561MLEJ5LJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gekka-no-kasumi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK checkdigit Show response
webfonts.xserver.jp/advance/ref/ja/107/ 1 B
314 B 935ms
311ms XHR
text/plain 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/advance/ref/ja/107/checkdigit?K18MUcZzRRA%3D
Requested by: Host: webfonts.xserver.jp
URL: https://webfonts.xserver.jp/js/xserver.js?ver=1.2.4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://gekka-no-kasumi.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: cache
Date: Mon, 11 Dec 2023 08:25:57 GMT
Server: nginx
ETag: "typesquare-use-cache"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Content-Type: text/plain;;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=8640000
Connection: keep-alive

GET
H2 200 version.js Show response
lds-img.finalfantasyxiv.com/pc/global/js/eorzeadb/ 126 B
506 B 71ms
67ms Script
text/javascript 52.222.236.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lds-img.finalfantasyxiv.com/pc/global/js/eorzeadb/version.js?1702283100
Requested by: Host: img.finalfantasyxiv.com
URL: https://img.finalfantasyxiv.com/lds/pc/global/js/eorzeadb/loader.js?v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc4a3abaab97dbcd71253b20c906c1d63a3299a41f1ea3363e909ed143b2af42

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:23:52 GMT
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 09:44:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 126
etag: "87b8e331b04a12cbdfb334da0403d30b"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 126
x-amz-cf-id: gBGD9H7fLwB3o6zwBKLLMbXC3Ittl-8P-1NPaWBmix27P7cViHCWZw==

GET
H2 200 %E9%9C%9E%E6%9F%84%E8%A9%A6%E4%BD%9C5.png
gekka-no-kasumi.com/wp-content/uploads/2021/08/ 356 KB
356 KB 633ms
633ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E9%9C%9E%E6%9F%84%E8%A9%A6%E4%BD%9C5.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: c21dc968819eab15345ca6f57d18f258e4d54479aeb570d07b03daaf731c311c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Sun, 15 Aug 2021 03:52:22 GMT
server: nginx
etag: "58ea7-5c991030e5a4b"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 364199
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 %E3%83%98%E3%83%83%E3%83%80%E3%83%BC%E8%83%8C%E6%99%AF%E8%A9%A6%E4%BD%9C5.png
gekka-no-kasumi.com/wp-content/uploads/2021/08/ 279 KB
279 KB 635ms
635ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E3%83%98%E3%83%83%E3%83%80%E3%83%BC%E8%83%8C%E6%99%AF%E8%A9%A6%E4%BD%9C5.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: aa4ce1879084683ab392c6268fa0f034572ed9e9c22b5db9bf3ee142ac8dfaa8

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Sun, 15 Aug 2021 06:20:02 GMT
server: nginx
etag: "45ade-5c99313237391"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 285406
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 004-2_maru.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 318 KB
318 KB 631ms
631ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/004-2_maru.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 18ec62a7cf6e9f6bc62d924850886f6c65cc108e32d077d57a6ab591ecacf156

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Sat, 22 Oct 2022 17:35:34 GMT
server: nginx
etag: "4f72f-5eba2fc5932ad"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 325423
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 18 KB
19 KB 244ms
78ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gekka-no-kasumi.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:43:34 GMT
x-content-type-options: nosniff
age: 31343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:36:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Dec 2024 23:43:34 GMT

GET
H2 200 access.php
gekka-no-kasumi.com/wp-content/themes/cocoon-master/lib/analytics/ 0
79 B 941ms
941ms Image
text/html 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/lib/analytics/access.php?post_id=927&post_type=page
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
server: nginx
accept-ranges: bytes
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 icomoon.ttf
gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/fonts/ 17 KB
12 KB 625ms
624ms Font
application/font-sfnt 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/fonts/icomoon.ttf?ov1gtr
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/style.css?ver=202312110825&fver=20221019014757
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 36664f6529c5d8217af1fb3b55daaf23489bab6e97e7960e4a52495f41272036

Request headers

Referer: https://gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/style.css?ver=202312110825&fver=20221019014757
Origin: https://gekka-no-kasumi.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
last-modified: Wed, 20 Apr 2022 18:02:35 GMT
server: nginx
etag: W/"4570-5dd19cc4dd7c4"
vary: Accept-Encoding
content-type: application/font-sfnt
cache-control: max-age=604800
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 DRKskillrotation-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 300 KB
301 KB 586ms
584ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRKskillrotation-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: c9fefa23da3533747fdfe64cd273aba048ebb8a96fcf5d7ffc983699097c2c0c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Sat, 22 Oct 2022 20:10:08 GMT
server: nginx
etag: "4b171-5eba525194d66"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 307569
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 DRG%E3%83%9E%E3%82%AF%E3%83%AD-240x135.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 46 KB
47 KB 579ms
578ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRG%E3%83%9E%E3%82%AF%E3%83%AD-240x135.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 27d7cbd0f47b3c947ec845d47d830d0393d5c0a9fae65eab6b490c79ff2214b9

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Thu, 13 Oct 2022 04:38:34 GMT
server: nginx
etag: "b91d-5eae314fe50a9"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 47389
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 NIN%E3%83%9E%E3%82%AF%E3%83%AD2-240x135.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 46 KB
46 KB 580ms
579ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/NIN%E3%83%9E%E3%82%AF%E3%83%AD2-240x135.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: a945b38123553f00373e1b55e984c4aa642a6416aabe61e9b1810fa0684ed4ff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Thu, 13 Oct 2022 03:41:21 GMT
server: nginx
etag: "b846-5eae2485cd050"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 47174
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 DRKskillrotation-240x135.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 54 KB
55 KB 602ms
601ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRKskillrotation-240x135.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: c7e4b214068cce010314ad81890bf22e525883bead39ddb8ca247a84794c3ac1

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Sat, 22 Oct 2022 20:10:07 GMT
server: nginx
etag: "d9ec-5eba5250bdff7"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 55788
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 2022-05-31_20-13-21-812_YukiFairylandGameplay-e1654009844395-160x90.png
gekka-no-kasumi.com/wp-content/uploads/2022/06/ 28 KB
28 KB 615ms
614ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/06/2022-05-31_20-13-21-812_YukiFairylandGameplay-e1654009844395-160x90.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: caed392a399c3ab794fc055c3ea59f1a99230f67bf05fdae5f422344c36f771e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Tue, 31 May 2022 15:10:50 GMT
server: nginx
etag: "70b3-5e0502d9969d6"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 28851
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2

200

faviconV2
t1.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=https://gekka-no-kasumi.com
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://gekka-no-kasumi.com&size=16

317 B
922 B

266ms
85ms

Image
image/png

2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://gekka-no-kasumi.com&size=16

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99a82385c107ac5efac03331fbe9a779a18d14730c2b769027b6669ffd91faa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:58 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 317
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 10:23:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://gekka-no-kasumi.com/wp-content/uploads/2021/08/cropped-%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E-%E5%AE%B6%E7%B4%8B-32x32.png
expires: Mon, 18 Dec 2023 08:25:58 GMT

Redirect headers

date: Mon, 11 Dec 2023 08:25:58 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://gekka-no-kasumi.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 340
x-xss-protection: 0
expires: Mon, 11 Dec 2023 08:55:58 GMT

GET
H2 200 QA2-320x180.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 89 KB
89 KB 581ms
580ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/QA2-320x180.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 78b89aa4b48f508c7833c2b177c7f16d803f9cbac869771b2434968a5b4454b6

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Thu, 13 Oct 2022 03:40:38 GMT
server: nginx
etag: "1623b-5eae245cd3d0c"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 90683
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H3 200 eorzeadb_external.css
lds-img.finalfantasyxiv.com/pc/global/css/ 94 KB
14 KB 69ms
69ms Stylesheet
text/css 52.222.236.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lds-img.finalfantasyxiv.com/pc/global/css/eorzeadb_external.css?dbe72a423fb02b76000bf35b90e29fcb
Requested by: Host: img.finalfantasyxiv.com
URL: https://img.finalfantasyxiv.com/lds/pc/global/js/eorzeadb/loader.js?v2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3751104d350d8d0f8e470dee328af04f3756fc00f456da97df1be9ebc05fac6e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:01:49 GMT
content-encoding: gzip
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
last-modified: Mon, 23 Oct 2023 07:10:39 GMT
server: AmazonS3
age: 84249
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
etag: W/"dbe72a423fb02b76000bf35b90e29fcb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 4pn5R5ulwvIIknBc49D6fzYWWit8rmE-gUVLk690C8hCAIIo2eItPg==

GET
H3 200 main.js Show response
lds-img.finalfantasyxiv.com/pc/global/js/eorzeadb/ 8 KB
3 KB 72ms
71ms Script
text/javascript 52.222.236.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lds-img.finalfantasyxiv.com/pc/global/js/eorzeadb/main.js?e4fe2b78953a2861be0e3b0ada83be70
Requested by: Host: img.finalfantasyxiv.com
URL: https://img.finalfantasyxiv.com/lds/pc/global/js/eorzeadb/loader.js?v2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c3b3708dd61923b22cf7fc2af1f7afc2818dc672a72cfe38c032c65929db1bc

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 06:19:29 GMT
content-encoding: gzip
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
last-modified: Mon, 23 Oct 2023 07:10:41 GMT
server: AmazonS3
age: 7589
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
etag: W/"e4fe2b78953a2861be0e3b0ada83be70"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 3A8ZXeGBY5WyhmcL0Mft3XDR-7Gj4_2yziARgTa9j2s_whwW9DVU4Q==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 96ms
95ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8PC0V2T516&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-214735621-2&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

28dc798fb20d3bd599649c4084ca44cbdb7e800b44edf998741dac19d581ed0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81727
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 08:25:57 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 58ms
58ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FPC3XEC025&gtm=45je3bt0v9114174993&_p=1702283155453&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=998381432.1702283156&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&ngs=1&_s=1&sid=1702283157&sct=1&seg=0&dl=https%3A%2F%2Fgekka-no-kasumi.com%2F&dt=%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E&en=page_view&_fv=1&_ss=1&tfd=5349
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FPC3XEC025&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gekka-no-kasumi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 398 KB
135 KB 300ms
147ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6227073263319178&plah=gekka-no-kasumi.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6227073263319178

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

466103b8b957748c29e0fbc581934232ebe7924c43d9f2cdf910a589bbdc2b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137721
x-xss-protection: 0
server: cafe
etag: 6355933802367519090
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 08:25:57 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame 4DB0 9 KB
4 KB 234ms
75ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6227073263319178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gekka-no-kasumi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

age: 46737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 19:27:00 GMT
etag: 5585625838579639069
expires: Sun, 24 Dec 2023 19:27:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 60ms
60ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8PC0V2T516&gtm=45je3bt0v9114528700&_p=1702283155453&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=998381432.1702283156&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1702283157&sct=1&seg=0&dl=https%3A%2F%2Fgekka-no-kasumi.com%2F&dt=%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E&en=page_view&_fv=1&_ss=1&tfd=5595
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8PC0V2T516&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gekka-no-kasumi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B9E7 316 KB
70 KB 741ms
740ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6227073263319178&output=html&adk=1812271804&adf=3025194257&lmt=1702283158&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fgekka-no-kasumi.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702283157535&bpp=5&bdt=2105&idt=484&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4729264806909&frm=20&pv=2&ga_vid=998381432.1702283156&ga_sid=1702283158&ga_hid=816293540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079928%2C95320870%2C95320885&oid=2&pvsid=1613787901476305&tmod=1118250832&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=515

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6227073263319178&plah=gekka-no-kasumi.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab0887e190c2e6ec2b90c51551b9cff2ad73c1fab309282e0d182c422a8b6299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gekka-no-kasumi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 71879
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 08:25:58 GMT
expires: Mon, 11 Dec 2023 08:25:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
209 B 194ms
191ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=816293540&t=pageview&_s=1&dl=https%3A%2F%2Fgekka-no-kasumi.com%2F&ul=en-us&de=UTF-8&dt=%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1797425492&gjid=156679576&cid=998381432.1702283156&tid=UA-214735621-1&_gid=760512584.1702283159&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=732391949

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gekka-no-kasumi.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gekka-no-kasumi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
66 B 169ms
166ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=816293540&t=pageview&_s=1&dl=https%3A%2F%2Fgekka-no-kasumi.com%2F&ul=en-us&de=UTF-8&dt=%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1493550665&gjid=1145807838&cid=998381432.1702283156&tid=UA-214735621-2&_gid=760512584.1702283159&_r=1&gtm=457e3bt0z8881561445&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1058941261

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gekka-no-kasumi.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gekka-no-kasumi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 165ms
163ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=816293540&t=pageview&_s=1&dl=https%3A%2F%2Fgekka-no-kasumi.com%2F&ul=en-us&de=UTF-8&dt=%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=&gjid=&cid=998381432.1702283156&tid=UA-214735621-1&_gid=760512584.1702283159&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&did=dZTNiMT&gdid=dZTNiMT&z=477156974

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 01:12:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25987
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 160 KB
55 KB 126ms
125ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c0e6eea02c666e20a2fc8e998811245caeda78d18b0bf099c924ad78b49a95b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56002
x-xss-protection: 0
server: cafe
etag: 12375805905335449690
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 08:25:59 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame C49B 9 KB
4 KB 78ms
78ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gekka-no-kasumi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

age: 42981
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 20:29:38 GMT
etag: 5585625838579639069
expires: Sun, 24 Dec 2023 20:29:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame C482 9 KB
4 KB 78ms
77ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gekka-no-kasumi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

age: 42981
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 20:29:38 GMT
etag: 5585625838579639069
expires: Sun, 24 Dec 2023 20:29:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 8755 9 KB
4 KB 78ms
77ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gekka-no-kasumi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

age: 42981
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 20:29:38 GMT
etag: 5585625838579639069
expires: Sun, 24 Dec 2023 20:29:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 12A9 9 KB
4 KB 82ms
81ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gekka-no-kasumi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

age: 42981
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 20:29:38 GMT
etag: 5585625838579639069
expires: Sun, 24 Dec 2023 20:29:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 %E3%83%98%E3%83%83%E3%83%80%E3%83%BC%E8%83%8C%E6%99%AF%E8%A9%A6%E4%BD%9C5.png
gekka-no-kasumi.com/wp-content/uploads/2021/08/ 279 KB
0 635ms
635ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E3%83%98%E3%83%83%E3%83%80%E3%83%BC%E8%83%8C%E6%99%AF%E8%A9%A6%E4%BD%9C5.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: aa4ce1879084683ab392c6268fa0f034572ed9e9c22b5db9bf3ee142ac8dfaa8

Request headers

Referer

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Sun, 15 Aug 2021 06:20:02 GMT
server: nginx
etag: "45ade-5c99313237391"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 285406
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 004-2_maru.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 318 KB
0 631ms
631ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gekka-no-kasumi.com/wp-content/uploads/2022/10/004-2_maru.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 18ec62a7cf6e9f6bc62d924850886f6c65cc108e32d077d57a6ab591ecacf156

Request headers

Referer

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Sat, 22 Oct 2022 17:35:34 GMT
server: nginx
etag: "4f72f-5eba2fc5932ad"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 325423
expires: Mon, 18 Dec 2023 08:25:57 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E3%83%98%E3%83%83%E3%83%80%E3%83%BC%E8%83%8C%E6%99%AF%E8%A9%A6%E4%BD%9C5.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: aa4ce1879084683ab392c6268fa0f034572ed9e9c22b5db9bf3ee142ac8dfaa8

Request headers

Referer

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Sun, 15 Aug 2021 06:20:02 GMT
server: nginx
etag: "45ade-5c99313237391"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 285406
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 004-2_maru.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 318 KB
0 631ms
631ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gekka-no-kasumi.com/wp-content/uploads/2022/10/004-2_maru.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 18ec62a7cf6e9f6bc62d924850886f6c65cc108e32d077d57a6ab591ecacf156

Request headers

Referer

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Sat, 22 Oct 2022 17:35:34 GMT
server: nginx
etag: "4f72f-5eba2fc5932ad"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 325423
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame C49B 4 KB
767 B 84ms
83ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 08:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 08:25:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 08:25:59 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C49B 205 B
519 B 248ms
94ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:43:31 GMT
x-content-type-options: nosniff
age: 31348
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 09 Dec 2024 23:43:31 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C49B 604 B
695 B 248ms
94ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:12:31 GMT
x-content-type-options: nosniff
age: 202408
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 08 Dec 2024 00:12:31 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame C49B 16 KB
7 KB 318ms
152ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8d99191997f9c3e6794142cba8b2959a673c7cd044871697b0e969620a584ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:00:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6784
x-xss-protection: 0
server: cafe
etag: 2582286893585073394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 19:00:08 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame C49B 22 KB
9 KB 259ms
93ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:57:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9231
x-xss-protection: 0
server: cafe
etag: 9385233705467680479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 18:57:47 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8DDB 624 B
246 B 119ms
118ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY05XXgAIwAQ&v=APEucNV1RYPWmZ22k0RXD8A0A8Izu6B3aQQDiyaaWrnfzAmQv4enXz_PjEl97cYUd5ai_CelwzvFIfhVd2zTWFUHG7QFJWKBMiiP3g8eaeef-S0tjnLd36DwXqEpwGCPatdUwGxrWvNjyGNamX__atYCp_RwA3zhP-5k4L4MEATPXQc85VfZwxc

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 08:25:59 GMT
expires: Mon, 11 Dec 2023 08:25:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3FDC 89 KB
31 KB 134ms
133ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 08:25:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 3FDC 3 KB
1 KB 345ms
188ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:21:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 3FDC 20 KB
9 KB 228ms
72ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:43:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 23:43:40 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3FDC 202 KB
64 KB 314ms
152ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Dec 2023 08:25:59 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3FDC 42 B
63 B 110ms
110ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AGe9KyH3PGJPfE9Z39P-ic2h1JwFekqxMY7zWBZ-Y5r9h5CKz8d9iHzGZmGlKPzJFnjidFlZtT1snVhRFL7pmb-nnrOSYqwkSCP1MGRmAMBivDFCk

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 01B5 624 B
246 B 121ms
120ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY05XXgAIwAQ&v=APEucNUZ6ZLLAGGmCoDkUjz5tLe1LV3d78OeIN8rCQqVF3fzQhQgM2Wbf-USx3K3ouo_kUDC6_jg0-fIr_VSUPl8kU6tuRcUMvEf2d_Of2ERebFnP5WJaAC8Kxw9DzUzWG2C465-ywhRylveJKvrRDKJGowtS5Kd-hxXOx0nh2ff0dSfVt-Tyug

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 08:25:59 GMT
expires: Mon, 11 Dec 2023 08:25:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F572 89 KB
31 KB 829ms
828ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 08:26:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F572 3 KB
1 KB 333ms
191ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:21:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F572 20 KB
8 KB 303ms
162ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:43:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 23:43:40 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F572 202 KB
64 KB 510ms
363ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Dec 2023 08:25:59 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F572 42 B
63 B 110ms
110ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CRrqFEtcbM6Hoe_mgPHdDFFSeZ7BDc0Z8fPAdsKmlt5MbXsk0iMhdi43bmO9i5jk2TsfbDv71UJGwvfbioav4-d-A_-jB5w5QsbT1JkUHZbQHgk1s

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 574E 624 B
246 B 117ms
117ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNfz3uABMAE&v=APEucNWrQg4UU6mOavGMg4lagq7wxzdDHQF85iJZmijr_dtc14RTZdfsuGGw90BU6oxgjdTDRmgDg9Jx0c1Jx1Eb8I4Me9g98odKe7BuLlzY3adhmnj_a8DqpdEWuuEM8nIGKbFkpc9zA9lf-t_k09Vuq8FW1tGU-fbQLnkK1s6HCk8jHCsUlAM

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 08:25:59 GMT
expires: Mon, 11 Dec 2023 08:25:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4526 89 KB
31 KB 842ms
841ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 08:26:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4526 3 KB
1 KB 317ms
192ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:21:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4526 20 KB
8 KB 297ms
173ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:43:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 23:43:40 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4526 202 KB
64 KB 482ms
351ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Dec 2023 08:25:59 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4526 42 B
63 B 112ms
112ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BSyHBA-RvueJg-RIHCZglLmioV6w5O_nGXL2OYq7MJMJoH7yCpjHgbl19rrHKSe0V3Ar6Ua8snM_6PszT222gd4ERkDDmQvGkNQn4zr_PWDnXU4wA

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9B2D 249 B
339 B 87ms
84ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E3%81%98%E9%96%89%E3%82%8B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0bb5af18639dfc54932f4340945c1dceeb1e5aac5933b578f2ab597f29137599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 08:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 08:13:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 08:25:59 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9B2D 14 KB
1 KB 114ms
111ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 08:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 07:13:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 08:25:59 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 9B2D 2 KB
903 B 274ms
216ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 19:43:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 9B2D 24 KB
9 KB 252ms
195ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42216
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 20:42:23 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B1DE 143 B
166 B 79ms
78ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

age: 3381
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 07:29:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 9B2D 3 KB
1 KB 241ms
185ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:21:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 9B2D 20 KB
8 KB 138ms
82ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:43:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 23:43:40 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B2D 202 KB
64 KB 346ms
283ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Dec 2023 08:25:59 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 9B2D 37 KB
16 KB 117ms
75ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 20:42:23 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8DDB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFyhOxVnNhAiIhtSkqKFdIM&google_cver=1

43 B
764 B

78ms
77ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFyhOxVnNhAiIhtSkqKFdIM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY05XXgAIwAQ&v=APEucNV1RYPWmZ22k0RXD8A0A8Izu6B3aQQDiyaaWrnfzAmQv4enXz_PjEl97cYUd5ai_CelwzvFIfhVd2zTWFUHG7QFJWKBMiiP3g8eaeef-S0tjnLd36DwXqEpwGCPatdUwGxrWvNjyGNamX__atYCp_RwA3zhP-5k4L4MEATPXQc85VfZwxc
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=meLU73fAmocCRqneZdUcbauAQy1iAAZoRNDIt1ADnGpOa8fwLvyfkHlxr6ubmyuD%2B6J7Dy%2BUrorbXLmV3HMfOiNkUJjc73iKkuxQXBpgeXVlrnmOz5oTfgn1ce8dYh5mwpREScpWaHn7wA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 833c57143815b509-OSL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFyhOxVnNhAiIhtSkqKFdIM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8DDB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXbHl6.DnlsFITAk88PXqgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKviC9NLrR7HfS1ICpP0to&google_cver=1&google_hm=2

43 B
729 B

74ms
73ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKviC9NLrR7HfS1ICpP0to&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY05XXgAIwAQ&v=APEucNV1RYPWmZ22k0RXD8A0A8Izu6B3aQQDiyaaWrnfzAmQv4enXz_PjEl97cYUd5ai_CelwzvFIfhVd2zTWFUHG7QFJWKBMiiP3g8eaeef-S0tjnLd36DwXqEpwGCPatdUwGxrWvNjyGNamX__atYCp_RwA3zhP-5k4L4MEATPXQc85VfZwxc
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0s40zOMtZcE6brqdmo6e4j9KiD70VEVP1TAcA1O19Qh3epO4B6de0Mq3Z%2FWcfETerCe%2BYU6s3NrLPv6jEmq4LyyysbOlChYYCjiw9Aa6e8SPY%2FoVtJnH9nlCqI7kGroAjjmBlLcgOMO9OA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 833c5714a896b509-OSL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKviC9NLrR7HfS1ICpP0to&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 8DDB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKkD-EdwIIA0wvnk87SITYI&google_cver=1

43 B
844 B

62ms
62ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKkD-EdwIIA0wvnk87SITYI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY05XXgAIwAQ&v=APEucNV1RYPWmZ22k0RXD8A0A8Izu6B3aQQDiyaaWrnfzAmQv4enXz_PjEl97cYUd5ai_CelwzvFIfhVd2zTWFUHG7QFJWKBMiiP3g8eaeef-S0tjnLd36DwXqEpwGCPatdUwGxrWvNjyGNamX__atYCp_RwA3zhP-5k4L4MEATPXQc85VfZwxc

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
an-x-request-uuid: f0d001b2-742e-4d08-b2db-53056780c8ed
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.255.148.163; 178.255.148.163; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKkD-EdwIIA0wvnk87SITYI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8DDB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMDYxNzk4MjEwMTk0OTQ2OQ%3D%3D

170 B
232 B

87ms
86ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMDYxNzk4MjEwMTk0OTQ2OQ%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
an-x-request-uuid: f51256eb-c3eb-4665-acf0-fd7ac3be0d18
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMDYxNzk4MjEwMTk0OTQ2OQ%3D%3D
x-proxy-origin: 178.255.148.163; 178.255.148.163; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 01B5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKviC9NLrR7HfS1ICpP0to&google_cver=1

43 B
733 B

80ms
80ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKviC9NLrR7HfS1ICpP0to&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY05XXgAIwAQ&v=APEucNUZ6ZLLAGGmCoDkUjz5tLe1LV3d78OeIN8rCQqVF3fzQhQgM2Wbf-USx3K3ouo_kUDC6_jg0-fIr_VSUPl8kU6tuRcUMvEf2d_Of2ERebFnP5WJaAC8Kxw9DzUzWG2C465-ywhRylveJKvrRDKJGowtS5Kd-hxXOx0nh2ff0dSfVt-Tyug
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40Br8nFZvqbwmBJZZyRFzm%2BXEwlkTlfdmGzgkLqd6bY76eMGry84R5KlqEmvtuhdoO5uLTAYdSjPzwS2VAzjni1zlh1J%2B5KaPVtm2JpIla%2FaP2WwHqbs8LoueEPNMKKmQ%2F2SwtQXVfeA6w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 833c57143818b509-OSL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKviC9NLrR7HfS1ICpP0to&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 01B5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXbHlwK09kWiuI8SsisK1AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKviC9NLrR7HfS1ICpP0to&google_cver=1

43 B
735 B

78ms
78ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKviC9NLrR7HfS1ICpP0to&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY05XXgAIwAQ&v=APEucNUZ6ZLLAGGmCoDkUjz5tLe1LV3d78OeIN8rCQqVF3fzQhQgM2Wbf-USx3K3ouo_kUDC6_jg0-fIr_VSUPl8kU6tuRcUMvEf2d_Of2ERebFnP5WJaAC8Kxw9DzUzWG2C465-ywhRylveJKvrRDKJGowtS5Kd-hxXOx0nh2ff0dSfVt-Tyug
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nM9lTpw4TUxeXeWtZz%2Bo8sGf%2BWdYroM%2BWFrhMROt4OpzvZBjPWDZLdzvtIgSUkHnZy9W2PxrL%2Bq4Xr71EwvO6tGOscmCdDz5NazwdEYJLEPJnbtxHsG4TNVJg6NyzQSvLmw08u1UGEHgbg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 833c5714a894b509-OSL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKviC9NLrR7HfS1ICpP0to&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 01B5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGa2vWeewXlkbZnDnK_QhWo&google_cver=1

43 B
843 B

93ms
91ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGa2vWeewXlkbZnDnK_QhWo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY05XXgAIwAQ&v=APEucNUZ6ZLLAGGmCoDkUjz5tLe1LV3d78OeIN8rCQqVF3fzQhQgM2Wbf-USx3K3ouo_kUDC6_jg0-fIr_VSUPl8kU6tuRcUMvEf2d_Of2ERebFnP5WJaAC8Kxw9DzUzWG2C465-ywhRylveJKvrRDKJGowtS5Kd-hxXOx0nh2ff0dSfVt-Tyug

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
an-x-request-uuid: 4dfba2ab-3e89-4638-8f5e-1cccf25b98ad
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.255.148.163; 178.255.148.163; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGa2vWeewXlkbZnDnK_QhWo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 01B5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMDYxNzk4MjEwMTk0OTQ2OQ%3D%3D

170 B
243 B

85ms
84ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMDYxNzk4MjEwMTk0OTQ2OQ%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
an-x-request-uuid: 25a26edd-a89b-42fd-ad83-145280c4a384
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMDYxNzk4MjEwMTk0OTQ2OQ%3D%3D
x-proxy-origin: 178.255.148.163; 178.255.148.163; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 574E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKviC9NLrR7HfS1ICpP0to&google_cver=1

43 B
735 B

74ms
73ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKviC9NLrR7HfS1ICpP0to&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNfz3uABMAE&v=APEucNWrQg4UU6mOavGMg4lagq7wxzdDHQF85iJZmijr_dtc14RTZdfsuGGw90BU6oxgjdTDRmgDg9Jx0c1Jx1Eb8I4Me9g98odKe7BuLlzY3adhmnj_a8DqpdEWuuEM8nIGKbFkpc9zA9lf-t_k09Vuq8FW1tGU-fbQLnkK1s6HCk8jHCsUlAM
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sC5HIvWBjuJ%2FPboq1e4q4N5OcGBPej4s44VfTtuqcJRRKFktEBEebbrUkkSCNE0N26xlCWBAU58tDrV5ZCBu6xayNNJ%2BvregTMCMBPovLKBrnL6ebor92b0EfBeKF%2FDw%2F4gD7DyMOw%2BL6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 833c57143820b509-OSL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKviC9NLrR7HfS1ICpP0to&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 574E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXbHlwK09kWiuI8SsisK1AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKviC9NLrR7HfS1ICpP0to&google_cver=1

43 B
737 B

74ms
73ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKviC9NLrR7HfS1ICpP0to&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNfz3uABMAE&v=APEucNWrQg4UU6mOavGMg4lagq7wxzdDHQF85iJZmijr_dtc14RTZdfsuGGw90BU6oxgjdTDRmgDg9Jx0c1Jx1Eb8I4Me9g98odKe7BuLlzY3adhmnj_a8DqpdEWuuEM8nIGKbFkpc9zA9lf-t_k09Vuq8FW1tGU-fbQLnkK1s6HCk8jHCsUlAM
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8A0%2F3bX3NYXpgDPvdHdMW1DE%2FNm60tgGPtBih0FgRj3%2FvcjTHhC9GkDVVDhPpQ2Qckzw7U9XPJfvN3%2BxwcIhFKxn9gSMTU%2FY81qbjz1vuBTJBy3ktaq9n4wHoh3HlKA4DCcDOv%2BnxskLaw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 833c5714b89eb509-OSL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKviC9NLrR7HfS1ICpP0to&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 574E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGa2vWeewXlkbZnDnK_QhWo&google_cver=1

43 B
843 B

69ms
69ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGa2vWeewXlkbZnDnK_QhWo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNfz3uABMAE&v=APEucNWrQg4UU6mOavGMg4lagq7wxzdDHQF85iJZmijr_dtc14RTZdfsuGGw90BU6oxgjdTDRmgDg9Jx0c1Jx1Eb8I4Me9g98odKe7BuLlzY3adhmnj_a8DqpdEWuuEM8nIGKbFkpc9zA9lf-t_k09Vuq8FW1tGU-fbQLnkK1s6HCk8jHCsUlAM

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
an-x-request-uuid: 9f87229d-94be-40cf-b75b-cdea01c7853a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.255.148.163; 178.255.148.163; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGa2vWeewXlkbZnDnK_QhWo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 574E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMDYxNzk4MjEwMTk0OTQ2OQ%3D%3D

170 B
232 B

85ms
85ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMDYxNzk4MjEwMTk0OTQ2OQ%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
an-x-request-uuid: 59c8a8fd-74bb-4c71-9767-bbcfb774a718
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMDYxNzk4MjEwMTk0OTQ2OQ%3D%3D
x-proxy-origin: 178.255.148.163; 178.255.148.163; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3FDC 0
20 B 110ms
109ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6891383702718&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3FDC 0
20 B 109ms
109ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6891383702718&version=m202309260101&ct=119&x=1&cor=6261006129961970000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3FDC 92 KB
38 KB 224ms
224ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BS6zwB7eopU14BwVdyhakeIYcwrNOw-wby3SXR3rUhc6pAYMIStX_VD-vM4N0u3glSqA3_-h6bU4hcVDnqpE0sT3TQvJhOiMUNMUugqcz6fl5IVafc4w1RRs4ORj4kRxx8Y15niI02Cfh58OnX5Hc0QB2qpwaYnFEtxh6UxEjjWEGkbpQ&cry=1&dbm_d=AKAmf-Crk1CdyKdbOZMbZvfHPSPul8IeI102Fb0F1EKFCGAZQqhSz297Rd1mPSuvsckrE4qDQMUrN5exML7lxugQCXxJiHeEcFjQ1-D4rBN-6-d9_HVk8qdTT6J_KrPova-zqUms44nqJSQwEcLwC2YApTvAAy24sGWJOUx7EslPxvT-fZoQB-_LUJRbsp4hiJ8uMNE5UYLJlO1Ks1TYbA74WY3EY-paYDnVzbbk8HgA0pD3Qmdl4p2TwbcDMH4hVPNyFwdArZ7aCypNPZqWJDAO4iX_ezvaeN-EYUiMBFXoeS0b6Zgzk8FOJo4FBT0XWaewqKobOlaXvfY-mAwxk3g7_0HCp9Wbo0_9mTnLQvVJOaoQs66eCD4OP7LcvKL_GQjp2DVYCnDs3VjUO_9PTK4ljSceJ__gpixLbIyrPg15fCHPB-IkAbVJq3KaOLoUgW8zaUm0vbZpwpXm1f6QODYGAXSj071zVf7uusAQfB2DdN63f4xH6NL2CBw7DQjmJrzeu3HYHEJPATnAqYhzR69EZ71AspEcV8WpgvO_3uP1xFtaWV3VF6K5Bv_l6EM-uSS3obYlttDeZ1NWHQTGwh2q_xmigxGT5XpjQPAVYCEQmaU-UihXLOiayjzqFW7Q8OiMqnsPNAx0W_UQXcWK2L892-8v6lWiZifINZpVIj7bCfC4-MVtAkOBuR3smKWTUDu64y4vVZsAUchrUii4hqv08PNc7ci8oOkB0adsg6GJCJPQ8R9p1TvQhONYWNomKS5iW9JraHZ_Lkjs7nV_ldZD4OOGk2bpcEaa2LeJiFbXGVFz5O46Le_VRJbST1Ptf_1tHgRc_XB_31TuOPpxZHSEJR3xIsAHppYZUTNy8QsHNVF2DEmwkw5DnCHRdk1o86vmowjhrQn5xGwQj85RUMq2rcEw66LFI44nKaOtGd00eRRi6RE7z_yACLViV-3r-JGcUpvPdcGvN8Is5zy5JVVyu0CNrWrAyldL4nPjF6ywS9dsMpmNPONUt18VwM_4-Yk7UcfnImA4PWX5Rigfy4s6zpm9OmQ3PfDwco2X1r1xjWy1aD3GwWiT9KEwpoaF3G97bXPrhPwqGtPTky4_6vC8QIEPIqtKR-ayqc8JNRwd7lVMYA13BwXbhYMqEamSNKQC8yNlhmK48V4xH5HAbLjcKy4DPVzyySG8VBESvI7jgFPyInfSGPdvPB9NiodGjzuwZyxsbSFfe8R5QYj6ipdPwQBULMl4Bl2p3MUe0GU-J1vS92DUcWHaFEHxaMWd2SWXo2eF5kNxD3TBh4Vq74Gq77ReHOsvLdSqGdIBbwuRqT07-Pzfu9SocpAW22LOqHswEc7TWQPNe7CL-BOae7GWJ274rul6979roKY7bFoku6oO6f74Yiu1ZvQeO7_3r2RVSDjXgc4ASIya5CaEjOjVs0fnrSZ6ZfucnZCliFXUIxwXNG_hGkGkW6aWbFiQg-F-ffamWHtXE0Ifk_Y0ch6d7ZGYqPuPSybLcNlJ7ZYpIgFWTtlFxvLEjsllQidj0wB4i2tzfhdQfwUMXRxT5ok2aqAjgnM_gJxv8uD0j6piEnaF5LM2UeLVd4_mj_7DpZkKTuwU-SmrvzKpEVRRjBCpuMjqArg0iOTWAt4zjFuWU0cupmqjDpvtc3RZKTgL19I58phLYp1WuzETkoSZKVmwjD71k7UfD-v8hcgBpS9THFtn7vZaIuxmjshonW5iXAsO3zCv5DnvzY8cRb3rlmjpWEySEDUgK9rkNLWa4NCmE0cXmRO2zm6OPGi2ORCxp7lprLt1y5VfhOZXX6neJMLZBgl3GH-GLpoYhesJQAbfHHMhhEwbxC490rPdHgVqilXjE2T8pmkMgUPLksA5q_gDSQ6RP3iVCU5ZTUKVlHvA8bQxqoSre8SivG0_Qtey2jTuiM3XD0_g-R5fIKJ_4D8mPDBw9syUD5v4bB0hpBY0ZA-XTso5p881tpkddM4JDYWovj2-jtjEbpYcLvJLkx0OHHOUA8TJNLdbGTbG1ULWL8f_iBVrKXy2qCmknsPhWvRgHLGxHNqijWqHL1KAMybloDVjN_-O07nAZjHjei32_gC2MJu98KNk8QerLrgnijhXSMpBDs_GzjuS6jQzRfrrVzNjx46QU-EdWqyUrFT0MsQmjg1TIIwzJsFcXgMiVx1FPP0X8LBRkaiM4M7yB9mRSPx_9vuZoMTFSsuxbqZR3j2WBE8J9CphItyXz9nh-FWZvoLiMRT8N1NUKeLwhDfGoCGBD-D1oEFVNFeq9Fi4cG9StgZ_7pHJIns0XKJQguF1IjVNiJUhxNWcTvxllMGa5YNFyEssWnLDx-qRbqigeEAkQp2TzGiGozUrVWoNSwDGQf8o5LQ8uQhvKjzYGf3OhHRcG0R6k7PNm_Rqspc7lp6DSzyZA6BfgbT5ENhz3F2o2VtmxQS4uM5iRusesLQSFEOY9-z29jdketu1BuyXnjyA5Ext6vPrCIp_xFgGWmEu_u-IgQc776-sTuJAzWm30ksWP7Smv8prIG0-YARfk7XqUNT81l4Yz4-U-xQ_yAIlwSIuV5TD_ye7HymRK3VKCe1jvaUiMZ7GT3cnxj5NQw3t-KJO4pbBnTfxlIWTaMu3YiATRkkxbgNn-AmRS0R3fj6YsbqPVBZGXb6ph6XVf5NKWont7LRy4DbkR1ciWc5yN8Ztokiw2kPvLoaa3ox-nis__0BxZIAxM0UZQKdb7WKbo_7lL7MbTx18cSwxBkSQlfcpytGVYZknhsZRGKSqf9Cj77yIzt8zIZNx8Rhnc5TnSuHMX1Ac5SpmroL7KhkX2mZeOzLlSVpRxVZU1gvWeFixGs_cwruMac1J8uzcCl64xzmCifWTZD4P7UCCpT8btN3wEO6ZRrySYWxe4sR1AiNPyC-uZmdayhuWOiWU2hhQ8ZyabU2FoLqYFum8vblMKhKsCg5XaPmQS4QKapGBf1qiEDPoVyM0NY6V5CwHlwLzSZGsiHbZO75XBa0IY4PT2e5vPSMfRvmNOJ8X_lyqXsqQcPHdnwTP10aKiTFbzgbtuRw5JnkNlAkjwHPyEy_0sOYz47cUFwVwZdYIZSsFU3wXBCEXz3VRbBHof1BJ5tv29FWRNQ_QXh_kbfsN1ZvYCxqGAeKUAwjqmsk4QU88-AugZ-64wzZ_MHC60XlbPVUYS0X11PRqNYesr2NvkvZYSeM1LraFKaJuJGBNsCc8_fSDCDyZ1GUJBGfhIo8oMj9p5E-GO1PyldGOyhYiN4ZFqvQ3ZrJ66ge-juDg9xlpiV29AHOyhcCSfBVwlsWtwjWTd3u5p7h8oHf0hXATEK3KLnDQ15CRv1ndcnMceaV8RF884lkM94qLKuQS8R0Hw0Vjx2JO8Sz5i3225wnc4-DphfeJpsMkCu3-j3vlGjKdVyP4ok8kj-aXGBFwwJUlSkQV-cfX3iuxB4E6ScYnU3s1_yDfmKdnNpr0PAqYTG7cHis4nEVncaUrLkOaraT8DrLMyGvmx9f0ylsxty8NQn-aqSelwjZb4PjuJDpoW7APv6RtEIU2XZjaRgswi_LQMhJ1URhzItFap_NmdC_CV6InNHnp5sVGKpR6J7ZG21hS6np2IAJDYm9RdMe74HBlyC0tPmcU5f1nsuOuZ-TvmVPWAlJDquSAcWpu9FYQbn36PhzhkbBxXEYY9i0I9uoRFyHfqkbri0S93X2o_d5VVcB-8TLSWTU7ygBxtAymiWhBlT1zbfX1LH-_ouwDGMQPqLHG_eAi770YRzQpdmlP7TenGG0bJQn9Faylzi9cgMN1vmMQkjEGIRBmkZByrOwg8yCfLR18Pa4&cid=CAQSTwDICaaNDbXIFKEKrWMoU3s_ERRlHEuBdcrS_dVpe0uItZq45YnAfPqEFICxY9-B_hWOOeL67tGf9s_ED_Fj7lkkA0alzGfJyGizvyb4fu0YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgekka-no-kasumi.com%2F&ds=l&xdt=1&iif=1&cor=6261006129961970000&adk=497053792&idt=145&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aba782fbb0896b261de53bfb136ac4147433ba6bc67d4f3893fb0cc809e8ea1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38999
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B1DE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

88ms
87ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 08:25:59 GMT
expires: Mon, 11 Dec 2023 08:25:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 08:25:59 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 3FDC 111 KB
39 KB 232ms
75ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:46:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41961
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Dec 2023 20:46:39 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 3FDC 11 KB
4 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BS6zwB7eopU14BwVdyhakeIYcwrNOw-wby3SXR3rUhc6pAYMIStX_VD-vM4N0u3glSqA3_-h6bU4hcVDnqpE0sT3TQvJhOiMUNMUugqcz6fl5IVafc4w1RRs4ORj4kRxx8Y15niI02Cfh58OnX5Hc0QB2qpwaYnFEtxh6UxEjjWEGkbpQ&cry=1&dbm_d=AKAmf-Crk1CdyKdbOZMbZvfHPSPul8IeI102Fb0F1EKFCGAZQqhSz297Rd1mPSuvsckrE4qDQMUrN5exML7lxugQCXxJiHeEcFjQ1-D4rBN-6-d9_HVk8qdTT6J_KrPova-zqUms44nqJSQwEcLwC2YApTvAAy24sGWJOUx7EslPxvT-fZoQB-_LUJRbsp4hiJ8uMNE5UYLJlO1Ks1TYbA74WY3EY-paYDnVzbbk8HgA0pD3Qmdl4p2TwbcDMH4hVPNyFwdArZ7aCypNPZqWJDAO4iX_ezvaeN-EYUiMBFXoeS0b6Zgzk8FOJo4FBT0XWaewqKobOlaXvfY-mAwxk3g7_0HCp9Wbo0_9mTnLQvVJOaoQs66eCD4OP7LcvKL_GQjp2DVYCnDs3VjUO_9PTK4ljSceJ__gpixLbIyrPg15fCHPB-IkAbVJq3KaOLoUgW8zaUm0vbZpwpXm1f6QODYGAXSj071zVf7uusAQfB2DdN63f4xH6NL2CBw7DQjmJrzeu3HYHEJPATnAqYhzR69EZ71AspEcV8WpgvO_3uP1xFtaWV3VF6K5Bv_l6EM-uSS3obYlttDeZ1NWHQTGwh2q_xmigxGT5XpjQPAVYCEQmaU-UihXLOiayjzqFW7Q8OiMqnsPNAx0W_UQXcWK2L892-8v6lWiZifINZpVIj7bCfC4-MVtAkOBuR3smKWTUDu64y4vVZsAUchrUii4hqv08PNc7ci8oOkB0adsg6GJCJPQ8R9p1TvQhONYWNomKS5iW9JraHZ_Lkjs7nV_ldZD4OOGk2bpcEaa2LeJiFbXGVFz5O46Le_VRJbST1Ptf_1tHgRc_XB_31TuOPpxZHSEJR3xIsAHppYZUTNy8QsHNVF2DEmwkw5DnCHRdk1o86vmowjhrQn5xGwQj85RUMq2rcEw66LFI44nKaOtGd00eRRi6RE7z_yACLViV-3r-JGcUpvPdcGvN8Is5zy5JVVyu0CNrWrAyldL4nPjF6ywS9dsMpmNPONUt18VwM_4-Yk7UcfnImA4PWX5Rigfy4s6zpm9OmQ3PfDwco2X1r1xjWy1aD3GwWiT9KEwpoaF3G97bXPrhPwqGtPTky4_6vC8QIEPIqtKR-ayqc8JNRwd7lVMYA13BwXbhYMqEamSNKQC8yNlhmK48V4xH5HAbLjcKy4DPVzyySG8VBESvI7jgFPyInfSGPdvPB9NiodGjzuwZyxsbSFfe8R5QYj6ipdPwQBULMl4Bl2p3MUe0GU-J1vS92DUcWHaFEHxaMWd2SWXo2eF5kNxD3TBh4Vq74Gq77ReHOsvLdSqGdIBbwuRqT07-Pzfu9SocpAW22LOqHswEc7TWQPNe7CL-BOae7GWJ274rul6979roKY7bFoku6oO6f74Yiu1ZvQeO7_3r2RVSDjXgc4ASIya5CaEjOjVs0fnrSZ6ZfucnZCliFXUIxwXNG_hGkGkW6aWbFiQg-F-ffamWHtXE0Ifk_Y0ch6d7ZGYqPuPSybLcNlJ7ZYpIgFWTtlFxvLEjsllQidj0wB4i2tzfhdQfwUMXRxT5ok2aqAjgnM_gJxv8uD0j6piEnaF5LM2UeLVd4_mj_7DpZkKTuwU-SmrvzKpEVRRjBCpuMjqArg0iOTWAt4zjFuWU0cupmqjDpvtc3RZKTgL19I58phLYp1WuzETkoSZKVmwjD71k7UfD-v8hcgBpS9THFtn7vZaIuxmjshonW5iXAsO3zCv5DnvzY8cRb3rlmjpWEySEDUgK9rkNLWa4NCmE0cXmRO2zm6OPGi2ORCxp7lprLt1y5VfhOZXX6neJMLZBgl3GH-GLpoYhesJQAbfHHMhhEwbxC490rPdHgVqilXjE2T8pmkMgUPLksA5q_gDSQ6RP3iVCU5ZTUKVlHvA8bQxqoSre8SivG0_Qtey2jTuiM3XD0_g-R5fIKJ_4D8mPDBw9syUD5v4bB0hpBY0ZA-XTso5p881tpkddM4JDYWovj2-jtjEbpYcLvJLkx0OHHOUA8TJNLdbGTbG1ULWL8f_iBVrKXy2qCmknsPhWvRgHLGxHNqijWqHL1KAMybloDVjN_-O07nAZjHjei32_gC2MJu98KNk8QerLrgnijhXSMpBDs_GzjuS6jQzRfrrVzNjx46QU-EdWqyUrFT0MsQmjg1TIIwzJsFcXgMiVx1FPP0X8LBRkaiM4M7yB9mRSPx_9vuZoMTFSsuxbqZR3j2WBE8J9CphItyXz9nh-FWZvoLiMRT8N1NUKeLwhDfGoCGBD-D1oEFVNFeq9Fi4cG9StgZ_7pHJIns0XKJQguF1IjVNiJUhxNWcTvxllMGa5YNFyEssWnLDx-qRbqigeEAkQp2TzGiGozUrVWoNSwDGQf8o5LQ8uQhvKjzYGf3OhHRcG0R6k7PNm_Rqspc7lp6DSzyZA6BfgbT5ENhz3F2o2VtmxQS4uM5iRusesLQSFEOY9-z29jdketu1BuyXnjyA5Ext6vPrCIp_xFgGWmEu_u-IgQc776-sTuJAzWm30ksWP7Smv8prIG0-YARfk7XqUNT81l4Yz4-U-xQ_yAIlwSIuV5TD_ye7HymRK3VKCe1jvaUiMZ7GT3cnxj5NQw3t-KJO4pbBnTfxlIWTaMu3YiATRkkxbgNn-AmRS0R3fj6YsbqPVBZGXb6ph6XVf5NKWont7LRy4DbkR1ciWc5yN8Ztokiw2kPvLoaa3ox-nis__0BxZIAxM0UZQKdb7WKbo_7lL7MbTx18cSwxBkSQlfcpytGVYZknhsZRGKSqf9Cj77yIzt8zIZNx8Rhnc5TnSuHMX1Ac5SpmroL7KhkX2mZeOzLlSVpRxVZU1gvWeFixGs_cwruMac1J8uzcCl64xzmCifWTZD4P7UCCpT8btN3wEO6ZRrySYWxe4sR1AiNPyC-uZmdayhuWOiWU2hhQ8ZyabU2FoLqYFum8vblMKhKsCg5XaPmQS4QKapGBf1qiEDPoVyM0NY6V5CwHlwLzSZGsiHbZO75XBa0IY4PT2e5vPSMfRvmNOJ8X_lyqXsqQcPHdnwTP10aKiTFbzgbtuRw5JnkNlAkjwHPyEy_0sOYz47cUFwVwZdYIZSsFU3wXBCEXz3VRbBHof1BJ5tv29FWRNQ_QXh_kbfsN1ZvYCxqGAeKUAwjqmsk4QU88-AugZ-64wzZ_MHC60XlbPVUYS0X11PRqNYesr2NvkvZYSeM1LraFKaJuJGBNsCc8_fSDCDyZ1GUJBGfhIo8oMj9p5E-GO1PyldGOyhYiN4ZFqvQ3ZrJ66ge-juDg9xlpiV29AHOyhcCSfBVwlsWtwjWTd3u5p7h8oHf0hXATEK3KLnDQ15CRv1ndcnMceaV8RF884lkM94qLKuQS8R0Hw0Vjx2JO8Sz5i3225wnc4-DphfeJpsMkCu3-j3vlGjKdVyP4ok8kj-aXGBFwwJUlSkQV-cfX3iuxB4E6ScYnU3s1_yDfmKdnNpr0PAqYTG7cHis4nEVncaUrLkOaraT8DrLMyGvmx9f0ylsxty8NQn-aqSelwjZb4PjuJDpoW7APv6RtEIU2XZjaRgswi_LQMhJ1URhzItFap_NmdC_CV6InNHnp5sVGKpR6J7ZG21hS6np2IAJDYm9RdMe74HBlyC0tPmcU5f1nsuOuZ-TvmVPWAlJDquSAcWpu9FYQbn36PhzhkbBxXEYY9i0I9uoRFyHfqkbri0S93X2o_d5VVcB-8TLSWTU7ygBxtAymiWhBlT1zbfX1LH-_ouwDGMQPqLHG_eAi770YRzQpdmlP7TenGG0bJQn9Faylzi9cgMN1vmMQkjEGIRBmkZByrOwg8yCfLR18Pa4&cid=CAQSTwDICaaNDbXIFKEKrWMoU3s_ERRlHEuBdcrS_dVpe0uItZq45YnAfPqEFICxY9-B_hWOOeL67tGf9s_ED_Fj7lkkA0alzGfJyGizvyb4fu0YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgekka-no-kasumi.com%2F&ds=l&xdt=1&iif=1&cor=6261006129961970000&adk=497053792&idt=145&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42216
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 20:42:23 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 3FDC 31 KB
12 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 11:19:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76001
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 11:19:18 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 3FDC 41 KB
14 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:45:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 196806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 01:45:53 GMT

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame 264C 51 KB
19 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 185521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 04:53:58 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame CC4D 38 KB
13 KB 76ms
75ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
age: 171256
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:51:43 GMT
expires: Sun, 08 Dec 2024 08:51:43 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame CC4D 39 KB
15 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Dec 2024 19:00:51 GMT

GET
H2 200 ajax-loader.gif
gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/images/ 4 KB
4 KB 311ms
310ms Image
image/gif 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/images/ajax-loader.gif
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/slick.css?ver=3.1.4&fver=20230208104619
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/slick.css?ver=3.1.4&fver=20230208104619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:00 GMT
last-modified: Wed, 08 Feb 2023 22:46:19 GMT
server: nginx
etag: "1052-5f438085da0b2"
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4178
expires: Mon, 18 Dec 2023 08:26:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8866 436 B
232 B 453ms
453ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6227073263319178&output=html&h=420&slotname=8432113424&adk=2347388405&adf=1365182113&pi=t.ma~as.8432113424&w=700&cr_col=4&cr_row=2&fwrn=2&lmt=1702283160&rafmt=9&format=700x420&url=https%3A%2F%2Fgekka-no-kasumi.com%2F&ea=0&host=ca-host-pub-2644536267352236&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702283157540&bpp=2&bdt=2110&idt=518&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df56a739d32f5e926%3AT%3D1702283158%3ART%3D1702283158%3AS%3DALNI_MZBjf0jmCeKHQrzEBKknH_DdREu-A&gpic=UID%3D00000d1376cd2018%3AT%3D1702283158%3ART%3D1702283158%3AS%3DALNI_MYWuugW8jYw_MAJrB1-l-eXOKqI6A&prev_fmts=0x0%2C1600x1200%2C160x600%2C160x600%2C728x90&nras=5&correlator=4729264806909&frm=20&pv=1&ga_vid=998381432.1702283156&ga_sid=1702283158&ga_hid=816293540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=251&ady=2597&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079928%2C95320870%2C95320885&oid=2&pvsid=1613787901476305&tmod=1118250832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=4&fsb=1&dtd=2671

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b11d6f1f8b54b77f8e9ced2064957f51fae5a21eb2f10a6820fe3f5ed592207

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gekka-no-kasumi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 08:26:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 904C 264 KB
28 KB 452ms
451ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6227073263319178&output=html&h=280&slotname=9375328300&adk=1620165619&adf=2788080696&pi=t.ma~as.9375328300&w=700&fwrn=4&fwrnh=100&lmt=1702283160&rafmt=1&format=700x280&url=https%3A%2F%2Fgekka-no-kasumi.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702283157542&bpp=2&bdt=2111&idt=517&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df56a739d32f5e926%3AT%3D1702283158%3ART%3D1702283158%3AS%3DALNI_MZBjf0jmCeKHQrzEBKknH_DdREu-A&gpic=UID%3D00000d1376cd2018%3AT%3D1702283158%3ART%3D1702283158%3AS%3DALNI_MYWuugW8jYw_MAJrB1-l-eXOKqI6A&prev_fmts=0x0%2C1600x1200%2C160x600%2C160x600%2C728x90%2C700x420&nras=5&correlator=4729264806909&frm=20&pv=1&ga_vid=998381432.1702283156&ga_sid=1702283158&ga_hid=816293540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=251&ady=3071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079928%2C95320870%2C95320885&oid=2&pvsid=1613787901476305&tmod=1118250832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=5&fsb=1&dtd=2674

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e62e5bf438c2b9f255d18237d92937dbf926cacb2db42fbc31257c1d99cc85d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gekka-no-kasumi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 29040
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 08:26:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 004-2_maru.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 318 KB
0 631ms
631ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gekka-no-kasumi.com/wp-content/uploads/2022/10/004-2_maru.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 18ec62a7cf6e9f6bc62d924850886f6c65cc108e32d077d57a6ab591ecacf156

Request headers

Referer

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Sat, 22 Oct 2022 17:35:34 GMT
server: nginx
etag: "4f72f-5eba2fc5932ad"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 325423
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 004-2_maru.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 318 KB
0 631ms
631ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gekka-no-kasumi.com/wp-content/uploads/2022/10/004-2_maru.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 18ec62a7cf6e9f6bc62d924850886f6c65cc108e32d077d57a6ab591ecacf156

Request headers

Referer

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Sat, 22 Oct 2022 17:35:34 GMT
server: nginx
etag: "4f72f-5eba2fc5932ad"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 325423
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 004-2_maru.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 318 KB
0 631ms
631ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gekka-no-kasumi.com/wp-content/uploads/2022/10/004-2_maru.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 18ec62a7cf6e9f6bc62d924850886f6c65cc108e32d077d57a6ab591ecacf156

Request headers

Referer

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Sat, 22 Oct 2022 17:35:34 GMT
server: nginx
etag: "4f72f-5eba2fc5932ad"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 325423
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 004-2_maru.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 318 KB
0 631ms
631ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gekka-no-kasumi.com/wp-content/uploads/2022/10/004-2_maru.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 18ec62a7cf6e9f6bc62d924850886f6c65cc108e32d077d57a6ab591ecacf156

Request headers

Referer

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Sat, 22 Oct 2022 17:35:34 GMT
server: nginx
etag: "4f72f-5eba2fc5932ad"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 325423
expires: Mon, 18 Dec 2023 08:25:57 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E3%83%98%E3%83%83%E3%83%80%E3%83%BC%E8%83%8C%E6%99%AF%E8%A9%A6%E4%BD%9C5.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: aa4ce1879084683ab392c6268fa0f034572ed9e9c22b5db9bf3ee142ac8dfaa8

Request headers

Referer

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Sun, 15 Aug 2021 06:20:02 GMT
server: nginx
etag: "45ade-5c99313237391"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 285406
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 004-2_maru.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 318 KB
0 631ms
631ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gekka-no-kasumi.com/wp-content/uploads/2022/10/004-2_maru.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 18ec62a7cf6e9f6bc62d924850886f6c65cc108e32d077d57a6ab591ecacf156

Request headers

Referer

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Sat, 22 Oct 2022 17:35:34 GMT
server: nginx
etag: "4f72f-5eba2fc5932ad"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 325423
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15312430290876930110/ Frame C4F2 8 KB
3 KB 223ms
75ms Document
text/html 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31c9cbdd2680df18700bfae8026599481379a9974964bd3b931a4da8411d6bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 128316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2762
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:47:24 GMT
expires: Sun, 08 Dec 2024 20:47:24 GMT
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3FDC 0
0 289ms
122ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdbtRUpn0-sF_prrP2Kq4H3Z9UHl9zUSuSamO4Ldh99HN3ZA34w7QSnr1qfm2eCGH6ubL2Mna-JQu7LRfQ7R7EklibAP8Al8Y7t0_jgEFqoKdx9qxizZuKqLZLLhDczqHvO3qxMut1HEBeFM-6xqRbR-VjCRLzLuqUDSolmelEYRKwerH3n0W5W9l3wNqTprLLk348O1dW6RCuCua7mCBB5tZGq4JEljWU_paiQhWZdtD9_OUWgvclxhD1xxC5dpkypOO5s0N0xMeP3hkeGnYOtkyMZTsePNtFZg4ruLE_GokLsdgr0lKqUw51JC5rL99e4muoApwIVgH8OO7x7bC57Mf-x6C6zDyw5JdblWqzAFP7jgd1pIjq9jJpaW9f3haVLFaRzf_NzH0sh9PU5pT4SRl63JnYfTFfUq0ZICnCVQQ0TGV0EddMkAg78EOSiKTBFRf7Naly9jiAEy52vjsluwubfTs_ea6owq6bGqrVJWut1165_UIZ0kJ0hruCpdX44qef4fkplaWb8mm7ao0ZGdEHpoqQs40K7FSR_qJOQr9j1ZrTiILU2ETjhDsdipIwdhRa7rNSt_2rB27EkmfK_dbqr5y01h4IuTg_KnlYjJH_YMFTk5D1ZAGwS11bf-4o6AKBuu2Qq80JBwaVX6WjR4wrcDsBZLhjaFE2SIJDnR2ngtR6pV7JqzlgCDK57q31qVX9txXN7SeEWBsAqyO0vMvepDMTrLH9v7JTr4CxYo-u4QtdSEbD7tGkiYas2mCM9qOyr-65eFTx60OTb7kL5iaF0yXzLJNMS7cfNjvZnDSf7mX1mlL_z67XcpWjGe0jKZ-_CZasVlBTr1EaOshpyjLLp0rt2YdAjZz7vhnqCTAwT-Aj7ZfQUG0-xxOgn8fvXF-miKlcpP-SY6CnbVjxeIOaN-Lpo4JkPs2muycc_mZNiwCYiY4O_IkWziKoD8sL51Kc-Hf5JXRlZlc9Y0WTANOB14dE9fNhnQQ5MJaUZz7tjvQ07y74dXynuhqdK-xC8cXtg1g0zYCxJRGIepS52c86E6HyXO2IgIoH2mH-bRf2MDXTzK-6GUsbkL7MUFaXfGB70DzG_n6P0xB1mzFWIfUGRl0xyMs9E--dXyUrxeSNb_HKS-sOw-g3BVBuXGkqhSQWJvljifQzQEXFSzNx8xxsJNiTyKDhdTY6JS69G3pMtUNqxIy3dY7t7lriNR9-0UOxqUjr1sUEZbeqAVCHn7QgOMbh4sAr-w72erKMM3Dlybi27gVwkVGfbbNJGC_msQglsWySn7_BbGDesZG0ABjwqtpWfy23sCM2-UF8fZAz1nLj45QVFLWV0w&sai=AMfl-YTYS8uHR1kYIbcgcvbWdQg8uZNTiXQi2k1UItjwOp-yrCQVZmblPkcmVhjOFatjErJEuas4w0jNIF58Jum9uBXMV3lA9_ZP8bfdo23hEpK8a3DVROlPxd83ALp-vw7IEXj5vg69zG79yfCuEGcBjzIDDmE9o1Rmb_tvUs2M-toxsNwRkrUhW--v2mmFPBfSQj58aQk4pxQpLB36wga6Sa_bDEzU6EXgvnIUPyoHXYQ7XWG1dpJGlqE0-whcM-TdrCxY41W9qvypFN38K2MAZaTaRQBqewzahuB9u151YA&sig=Cg0ArKJSzACwFyPCZX6NEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=431&cbvp=1&cstd=428&cisv=r20231206.61018&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 11 Dec 2023 08:26:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK ts
webfonts.xserver.jp/advance/mkfont/ja/107/ 42 B
355 B 377ms
377ms Font
text/plain 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%81%95%E3%81%8F%E3%82%89%E3%81%8E%E8%9B%8D%E9%9B%AA&fonts[str]=44Kr44OG44K044Oq44O8RjE06Zai6YCj44Kw44OD44K644Of44Op44OX44Ks44Oz44OW44Os44Kk5pqX6buS6aiO5aOr44OR5L6N56uc44Oi44Kv5b%2BN6ICFUSZB44Go44Oh44K744K444G444Gu5Zue562U6LOq5ZWP44O744GK5L6%2F44KK44Kz44OK6YGZ44GL44KJ55%2Bl44Gb5Yil5paw552A6KiY5LqL5pyA44Ob44OgMA%3D%3D
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: 03c762b9364316fe254b87db0a3b3b418de66c2334d7b3d0d5af597c1fc35fcf

Request headers

Referer: https://gekka-no-kasumi.com/
Origin: https://gekka-no-kasumi.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Dec 2023 08:26:00 GMT
Server: nginx
X-Cache-Status: MISS
Transfer-Encoding: chunked
Content-Type: text/plain;;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK ts
webfonts.xserver.jp/advance/mkfont/ja/107/ 42 B
355 B 396ms
396ms Font
text/plain 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%83%AA%E3%83%A5%E3%82%A6%E3%83%9F%E3%83%B3%20R-KL&fonts[str]=fC7mnIjkuIvjg47pnJ7pgZnvvLzmsJfou73jgavjg5Xjgqnjg63jg7zjgZfjgabjga3vvIHvvI%2FjgrPjg5RMSU5FUG9ja2V044Gv44OWRmFiVHdpcuOCt%2BOCp%2BOCouOBmeOCiyhkc3lnbD1uW10pcHVoe30744OX44Op44Kk44OQ44Od44Oq44GK5ZWP44GE5ZCI44KP44Gb44Gd44Gu5LuW44CB5LuV5LqL5L6d6aC8562J55u05o6l44Oh44Or44Gn44KE44KK5Y%2BW44Gf5aC044GL44KJ44Gp44GG44Ge44CCMjAxLW3jgZPjgaDos6rjg4Pjgrvjgrjlr77lm57nrZTjgpLkuIDopqfjgb7jg7vmiKbpl5jlhajoiKzphY3kv6HopovjgarjgaPjgYzjgrrnp7vooYzlvozmsLTpgYHmmYLjgr%2FjgrLjg4jjgY%2FpgKPmiZPjgZXjgozjgojjgYLoh6rli5VRJkHjgajjgZHjgbg2NOS%2Bv%2BOBoeWIpeODoOi2o%2BWRs%2BWAi%2BS6uueahOOCquOCuea8q%2BeUu%2BODi%2BOCk%2BOCgueUsemAgeOCr%2BOCqOWGheWuueODiuWMv%2BWQjeOCsOS9k%2BODpeaghOOBiOiJr%2BaAneaEn%2BaDs%2BOCo%2BODieWsieiomOOBnOOBsuODs%2BW5uOOCq%2BODhuOCtOiqreOCgDPjgJDjgJHmmpfpu5LpqI7lo6vnhYnnjYTnt6jpm7blvI%2FlsaTpq5jngavlipvjgq3kvovjg6zlv43ogIV244KB44Oe56ucNTnop6Poqqzlv5znlKjmnIDmlrDnnYDnn6Xjg5s%3D
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: 03c762b9364316fe254b87db0a3b3b418de66c2334d7b3d0d5af597c1fc35fcf

Request headers

Referer: https://gekka-no-kasumi.com/
Origin: https://gekka-no-kasumi.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Dec 2023 08:26:00 GMT
Server: nginx
X-Cache-Status: MISS
Transfer-Encoding: chunked
Content-Type: text/plain;;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK ts
webfonts.xserver.jp/advance/mkfont/ja/107/ 42 B
355 B 740ms
363ms Font
text/plain 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%81%97%E3%81%BE%E3%81%AA%E3%81%BF&fonts[str]=44K%2F44Oz44Kv44Oh44Os44O8MA%3D%3D
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: 03c762b9364316fe254b87db0a3b3b418de66c2334d7b3d0d5af597c1fc35fcf

Request headers

Referer: https://gekka-no-kasumi.com/
Origin: https://gekka-no-kasumi.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Dec 2023 08:26:00 GMT
Server: nginx
X-Cache-Status: MISS
Transfer-Encoding: chunked
Content-Type: text/plain;;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Expires: Thu, 01 Dec 1994 16:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E3%83%98%E3%83%83%E3%83%80%E3%83%BC%E8%83%8C%E6%99%AF%E8%A9%A6%E4%BD%9C5.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: aa4ce1879084683ab392c6268fa0f034572ed9e9c22b5db9bf3ee142ac8dfaa8

Request headers

Referer

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Sun, 15 Aug 2021 06:20:02 GMT
server: nginx
etag: "45ade-5c99313237391"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 285406
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 004-2_maru.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 318 KB
0 631ms
631ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gekka-no-kasumi.com/wp-content/uploads/2022/10/004-2_maru.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 18ec62a7cf6e9f6bc62d924850886f6c65cc108e32d077d57a6ab591ecacf156

Request headers

Referer

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Sat, 22 Oct 2022 17:35:34 GMT
server: nginx
etag: "4f72f-5eba2fc5932ad"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 325423
expires: Mon, 18 Dec 2023 08:25:57 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E3%83%98%E3%83%83%E3%83%80%E3%83%BC%E8%83%8C%E6%99%AF%E8%A9%A6%E4%BD%9C5.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: aa4ce1879084683ab392c6268fa0f034572ed9e9c22b5db9bf3ee142ac8dfaa8

Request headers

Referer

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Sun, 15 Aug 2021 06:20:02 GMT
server: nginx
etag: "45ade-5c99313237391"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 285406
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H2 200 004-2_maru.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 318 KB
0 631ms
631ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gekka-no-kasumi.com/wp-content/uploads/2022/10/004-2_maru.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 18ec62a7cf6e9f6bc62d924850886f6c65cc108e32d077d57a6ab591ecacf156

Request headers

Referer

Response headers

date: Mon, 11 Dec 2023 08:25:57 GMT
last-modified: Sat, 22 Oct 2022 17:35:34 GMT
server: nginx
etag: "4f72f-5eba2fc5932ad"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 325423
expires: Mon, 18 Dec 2023 08:25:57 GMT

GET
H/1.1 200
OK parts.2.02.css
blog.with2.net/parts/2.0/css/ 7 KB
2 KB 330ms
329ms Stylesheet
text/css 153.120.49.75
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.with2.net/parts/2.0/css/parts.2.02.css
Requested by: Host: blog.with2.net
URL: https://blog.with2.net/parts/2.0/?id=2078227:vG0wQVSZtgY&c=fireworks
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.49.75 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www27.with2.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d0006a87f68b26d4775b6d118939f02cb694e787fe4e94cd1248bd46a17b3364

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 08:26:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Dec 2018 06:47:20 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "9c22fd-1d78-57d6e808aae00"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 1861

GET
H/1.1 200
OK parts.fireworks.1.00.css
blog.with2.net/parts/2.0/css/ 725 B
675 B 316ms
316ms Stylesheet
text/css 153.120.49.75
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.with2.net/parts/2.0/css/parts.fireworks.1.00.css
Requested by: Host: blog.with2.net
URL: https://blog.with2.net/parts/2.0/?id=2078227:vG0wQVSZtgY&c=fireworks
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.49.75 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www27.with2.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 96804ca351bd316085be362f11ec8d96b4eb5bc671f09fc7c9bc2f5eb6a498b7

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 08:26:00 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Oct 2014 02:57:38 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "9c2308-2d5-505bdc2c1ec80"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 327

GET
H/1.1 200
OK logo_blogparts_26x130.png
blog.with2.net/parts/img/ 3 KB
3 KB 345ms
344ms Image
image/png 153.120.49.75
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.with2.net/parts/img/logo_blogparts_26x130.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.49.75 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www27.with2.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a6385fd389127baaf589b604b0573565a85e4c660e20a4e7307c964d5046da50

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 08:26:00 GMT
Last-Modified: Thu, 26 Jun 2014 09:25:12 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "9c2364-a61-4fcb9c50dae00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 2657

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F572 0
20 B 111ms
111ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8454497976214&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F572 0
20 B 111ms
111ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8454497976214&version=m202309260101&ct=119&x=1&cor=6295572874801820000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F572 92 KB
38 KB 217ms
216ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BnRaaRCwiLRlqpx71TqUE-CVQOdaq9ehsGS-yWNLxhGzQmlX2x90vpxs3vZMltjNrYOdzKvwTG_Ey4iN1gTOQzGGtJkc19mbC_XGfnG36eFRiUakSjUDuN9cWzoqfamXMt5g69YGg-ABpR9GXJh9yOddR04a84H0liBj5sjwJagyEsDsY&cry=1&dbm_d=AKAmf-AH-huiyBcy7o-0pnzF6MfJymHC5QP1TSf8uCYRWzWyE21y4WGj_mvkIW-vlh6Wbj0JfeL9FOKjgGfnjwXSWzcVAa5zm3Q2lhi-r1qhRw3HiHsP9WlVbnB7uxU4AuX-QlkRcRmMkquZI3jNS5C0386qEJa_c3i-9Ak-qsRsAZy93jJimSF8ZjzeVMiP6iiCnl9QpvYSYo12p7r7-o7ChhcX79N4ndNBymokojA7NkU-a5Rs5JCOWVNC_xkV7IbI3d9mzoXazpxwuQ9Ee_OHsVTJxdbmmChtOG30ss_9IBm_ypZr9HgZoLuob1rGwob48EJuLSPHelT75fGkgGWC4ExvOSyaLkt0TRRUCWYbkBy6bXh0ISNFs8kOMU5IvjS-YX08Y6hkZ-x8slD-URZ_u8NTUEmSC-OTAlls9spmiKvWJaECGG2EDsuTxwiM7l7EPHMoPXYG0ThSlTZ6fLGcJtaQ1EgK_Mc24D8WxxYnkBO-nw59ad1RuqSOsOfanakWBoEZ_TLDU0G16-bCzgQh9TKFHf-PYO9HQFK51JAyqV05bMzAwL3-E7KCEHLMiou_2yKRZDZaXo-UaTkzsQCdjVzDxO2DfQRnGGaAWILARML9gB1wvhA3881C6ZcsD53Ms8ZpyC0apekXbg2KHCcPVWS8QAYDLUBDvLLLXrhol1gdxPoDzCgvjDB97eUxHXT8aqxXC_-ypBmD-JhIHuiFojUvKWZOkPUrjEbg0xrGKIb5aO6Nl1n73SpG4_IP4zLVCiEq-GqIgkr8vf3bYLmUJ5TWwJmPKFN-BS4Wv9LCpJs0zcrZAtkNOL_oMAj5omN3kzqWqRUL2Ip5-EXvGuIwGXmNfjC2u_JElHprACU5mX7r99c7gJzVzhQVUHciM0ohJDeBG9-grHcE8ppSv3uJvRzAXRKv8PX6or-wOhaFsJJR_XxyGJszKZne4XhT9XHK6kQMBw1lN1n_jDs7GQ60mYRgDM1uxa2esaupHBhGxAfXu6aLHThg7Bsg2-GlO6ew6MGEs2kGZhv3Nx0dJ5NJiB9zvWcDFCqJy60y1ZzrBYNLCjeu2qTJOrD84c-wJ86qyQ4slA_t-1npVbCKuC0HlxbgkTNjpCHd0MuoGW7m-afRShNVmX8Y7czqDsgkoiKh2iLN9zUubHzOmEWE0mSi1-JwRdQJ_yayztKeOTIEOVvy9i4iTGucz2bX51ps05OcyfeFvGZQghji99TO2sk2CoDWq0p6XCwLaH_qm_YotCpVDzHuJVFPkGVw0Hpu_kQj_yflNxriZtK79qtfAVSxNx0OL5AcypMNc-2HkPhL7CBPKhCU5Fpm7BQQcDh7uRsd0IvaKgzE0goUj1ccj0swa99zsSPo8aJj1M8mAQGuUBID2hrE8q0tpZH8hvGE8AVF00v-xF_SbmLo7hWgGp67_hcuiRyIwVU4b20DlwN6bz62f5E52CBxfJYPGEEPRLhQHg6lL-z5MWwqZME1tXG_tdwoaXg27vvKzXYSrkkQrUO7Ha883T3FF8O72qac0sJBM-VkTCM2MQq55lP2KXfJ9H5oFj8roos59ayahzTedg9hSmwhZiWUvvUmQPevOxwvyc-9c9AdX-3ZOKopbbBXAqV6ed7I_hKJQlEmEdQxkka1wcoABCR1e3LMQbAKiH37mQcFd2kNG-wMZjb_TWlHKzON7XHIfHFLhEeVwxY0Q0q7GXzXliNvuxkxWzTRktTt5-hdDUr-uneccyL7GsMdAxoyfIrX5GJZCnvQhG67HJYoywaRAUr3Vbd44Rz9vk1eTi85wyRyYZWhcxbAwdOGeDE0y49NY9xNkXDsThqB0t8wY-uIJJr6fX5efjR42CmfJLUqJYoEDZDpjezFDSy6CFyws4Om_iaM8_RzSiKwZuZ-F8Kxdjx8YcY-QHsMXj8yKgBUii03jhjH505BTfNYCkfYQSKKZMiM_ltVEsWFmlodeXg9AfpVMu7nR1r55EWHTTpRWEnik94EulSUW5Fy3t1I_8kcqVnzRkFL_04ORFOQpk6-2rodqAmi7QuQ2j1he1z8x7Xv2EF2aI_AvKq8fa5F6qlpcdsEsor6QAj27zM5OmqBpV7P-FcP9Tk93uOPmnUbr1tGCItMl6ok5dXpO9_r3BiOPtwpyiOOfdYeuN7fEwtbaSEM-PdRe-3A6OMSLTykUN6HnuavOxaAbS0oCkiS626QyTfcVFx1oqO7ULvhE905gALXBkyrGZ7Vl17TmvFn--A_qSFtSot3odGxs9htxgJYj8ijjqUjfB8zv2HCHFFuWJC_zMSU37lpvZYbLLyVCmRAQfF9L1u9jf_cr8IJMthjOgqleMWlymIlHw6CUHDFvtHkep84cjOF1fdvm1-Vjlp0pdzoVVofTcUixhHswgSSH8M_bvbIK_3oejN3DAjqaVzsK2sLhOewIXAY56oVMz7obo9RXCLbe05qD-dxYmZuPXeqNwltk6oLOKTPY8J3iPc_VdsyNgoNzMzUyYNSayu3YL0CNm6dX_unA_ue2AeQLPjh7DGoZIR6wgoTrTrjYzYO99i60LztlrzQ68HYcGvzvplbDk76DuDonSXNKu6-_GBST4EehfbcGXLpYcGn_sDWiKLn_DdLqEoGueM2BNzkGfo-LrKF7N-XxNVNf4VK2rQvtuPPdyv7L2arnlsJvWgFUxo-6bLNsrym48Kx_irVcX0zCnGKWMJdkEtYijiDd9dcpvs-99FwoJo1KWKXGDdjpzw6MzfAjsXm0m9jHGnvyK7v8R7Sety-MIQbFn3HvtAt4syiyloq3vH7RJLKPThGn_MCI8qQwO6FJqbOfFWnMjBL1p8FFPEfmxeI-GEQ7034bGUNOwCcdKKlBb_h8bgTgVbjZgOUmIRVAew9Mp1kZ_J1brtdzBk2YW1Jo4cAAM8itgrc-TEOASxmXWC3_Nr14LrTtD1SklAH2k-K66CyOrq9YX93_bDFtw4Nl5FJ0Mivsr46WS23mHUhjJAHnU1hXz2k5Jr5e1Iwasxl3vrBD5tKeuLG00QUdv-Y8-CPrjGgjhq4-vn52z8Zf4cZD-JxZBYSr3--sLnKzFBz-WBjijiBDrvgeLLfb13zI_0_oevdpA1g3MCDv2Ksw4lCV7M9B2EzWdjKiok7GuEpHa5OZfdLPekA9Sc54NhoTaJm58i5ZNc11TlWv53YnUE7V_njqdgwhGyvwOAr0WyTKNAClKqnpMk6Y2xVp7SrQBRzbKM3zmt5uyiPetD_SCeuwZoKDMRKQ5eV5-AWpamfset7UjnWfq0Yu6J7k7flrn1dnS-K7GCc6YNmRhJzX6zf7r31uvUaZEJnw939Z_8T8P9WAp7yeaV12vt771p_fSISOpmi8wU-ognG6t-sgnj2mlroPWmQCc9EYlsSDdB35lpigjpaZT3rHctuzXBz2NgXHU9AqJLVAZ9-WUUzlLrrwYXmNodzFEQUGXakZ6Mh1F0F0eSH2v8k0CMqO1XTHSp0FKD9h2lu2M5YoReTMiljLkwFC9vf6nkhegxWOE8HUPvGARv4PAV4LsaJeB3vYw-swqvQ6l0hJuX3mcOZQjlX-ugl_ficLiafB9CHodcCudOJpGaWe5vF4EirxiAPIjYDVtFGDljqDjBxMqjuD2uj8su3oiD2dELuul28lR4LwEXnmgQxowENJ2qkEg05eWlQPJhlJv3J6jNVGvlRxpBl2by0jm_3rNknKi4VtxmtW9Yy3rE7PHJQcrIVSaP3-ouPQzTiH3tVI9rcmcPYldlFS8EaXTf0-Vh0NA1CrCd9HS41LFgIytU37KKxZGLUa_tRjbIvAtdG4xgYAuM-ZBT_RW4&cid=CAQSTwDICaaNDbXIFKEKrWMoU3s_ERRlHEuBdcrS_dVpe0uItZq45YnAfPqEFICxY9-B_hWOOeL67tGf9s_ED_Fj7lkkA0alzGfJyGizvyb4fu0YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgekka-no-kasumi.com%2F&ds=l&xdt=1&iif=1&cor=6295572874801820000&adk=1761367584&idt=836&cac=0&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3acb5a1db5b67a0b64f5d9195c01aded36d361d18c1538e6af89be04e4b1035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39058
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 arrows.png
gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/ 824 B
1010 B 312ms
310ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/arrows.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/default.css?ver=3.28.3&fver=20230208104554
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 6821ca4ae2508bdba08e189040928a0769f0a71b12fdd4325c3ae80ef5636bb8

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/default.css?ver=3.28.3&fver=20230208104554
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:00 GMT
last-modified: Wed, 08 Feb 2023 22:45:54 GMT
server: nginx
etag: "338-5f43806e5b5e8"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 824
expires: Mon, 18 Dec 2023 08:26:00 GMT

GET
H2 200 bullets.png
gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/ 1 KB
1 KB 312ms
311ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/bullets.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/default.css?ver=3.28.3&fver=20230208104554
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 97f65015a491719ae9dbf1afc7948f8e57f946a6822c6a924fb5826265e89af6

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/default.css?ver=3.28.3&fver=20230208104554
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:00 GMT
last-modified: Wed, 08 Feb 2023 22:45:54 GMT
server: nginx
etag: "501-5f43806e5b5e8"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1281
expires: Mon, 18 Dec 2023 08:26:00 GMT

GET
H/1.1 200
OK ab.woff
webfonts.xserver.jp/ 17 KB
18 KB 935ms
644ms Font
font/woff 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/ab.woff
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: e2fa69feab176160c642026437a980e8d82132c225290fcfb0c50a333dd31552

Request headers

Referer: https://gekka-no-kasumi.com/
Origin: https://gekka-no-kasumi.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 08:26:00 GMT
Last-Modified: Fri, 26 Feb 2021 05:26:27 GMT
Server: nginx
ETag: "60388683-4578"
X-Cache-Status: HIT
Access-Control-Max-Age: 31536000
Access-Control-Allow-Methods: GET
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17784

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4526 0
20 B 110ms
110ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9780597968167&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4526 0
20 B 110ms
110ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9780597968167&version=m202309260101&ct=77&x=1&cor=511873818284549250

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4526 35 KB
20 KB 232ms
232ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CoZ8_Vn3BQ6gM24JtNKBc8MpXIeKKywBhrLEiNqRWzZZsOhbuz4AyxgmVZ0RBJrJc9mD6X1o14Kun1Ga7gu2K_5p91Ut4HdGKo4SD56URPZLzgcO0eocwwZG53n7emyNMSsLh0wdzOQTuaOy1yIFXGpc12eITMItsM7sy-VxfA_QFQbkU&cry=1&dbm_d=AKAmf-Bb6yua0SAJdTTotlQsEZF2why2aNsh57n9BVX7h4v_dA22YZxP6tSpxU3BZ7uSWqDENm6XdS2YFD217GgWL6yxyzVHHSMg37pSxs8LculwOx-3R1duV64lYWfar8nKiKlMnJzcuM42XA5iWn2I8Zhhc7vIuvIpePUdPf0UqPUX93nVTyR1edVQ3J299MbOCN9_BHA7qjMuvGBYgRNjkHc9blNmF3WWEXzQ5rnPpXG5vs2RhbGTwvtnbWBs4NuMZhXjKqEG7xyhW7ZdUFfZBRfmjWh29X6Vr48sO7SnLuVALYpkDuktvjR_-wH27jgaCEu1TarizfC5DTf98lRCH33fISQcph678PrOVyOrKe7LGqFC8mhUTgtntLvjhLEPWfuhmUz9ALSti7zvvm5-kTMnimA1PKsIajCRh-Sa1pBfLeJI9KrpLl6c37DhuRGHk14_IXSbXH2cB3EPMneEnCf3AC0v9XEcd36v4N61SzapdmXqDrLMh43CPA_ch0HN7EW2KdeGtG9rNYytTYSeMoo_OXBO_A9cgJZwNBSkrWpGf8fR9lFQwI_HMyuBaiKwm24B0HmLQvKSbxAcAtD8RbnihkNuMQtGT-rE_Sw8s4i69HFZ2HnF142yeBxw-kRGlrPLGNiYtF_fTqphjrY-BPeGAMKesbO5UEJCouqpOeVMsgZvnQJmaIHmt6I900Z_QjIkJ64mV5gfqP53WreBjmmJRHhCL90nOeUpHP4IWrqBy57HbCdhvYXNpORgU35rGcJouwyy3Alab9lf-4lLacXukWBa1LuMeDOnyd92cUd8IsC5o9dWP4TY3vY9oC81srvJh2oLC_gUjDnbpJwBc9x7vq_iA3TMzoKldOURF3VnlVAnxopgKEmk-_Ac3Na2WSETy_2U6HlpbTMLdAZ72zbeatAK7fVGFxqUlIivt93OZfeFkCbInCO_J0U4Aui-s_cnGMC4I1K43QjfxwTIJDh3G60tWRkQ8Y20_-xEj0nDEXULtAVLuOqFydEa6KPnk4Ut1Qiildum7gROmJ_ilsmgWgJYfz0ZlzAGMnIZ8QoHe0fHcjlNYmFEUSa9tkbS6ACD7OlgL4ucZnQki2JcARhMC6ceOYp4_Sk947eDdt22o4_4VfZ0qZ1uB1V4wJZ962bF66Nc5KZtaRj7TPSZLKaa9Em0ce5vqWBZerYtnMI1QnXNMvrjGBRZaYaZJR7bapmILVmrOa73wqQ3pcarRw-3Bd85Wn5RDvy47GjSE_m34-JEFYTEOd8yri3VhNLBblEVund8l-DTVsae9L-QE797XRBuRd9h_co-uO93frLBDiR9L0f4V6hEVs7XcqDzdOX07wV2vlgtGRP5aMQXCVvPhL5eo1C5rFUJYx8pZDgCvZctGGqjWtxtn9ljaWd7Gfnp7xbLjEFMTwPT3STer07dokeqZWmyL3P2IC-lccK0UNi7n0WyvHE060tKA26OKgvOhMlzaYe4lALYFN8lN28yKSg6ixy7sPZN2zWazprrtbshkbhuSZl6W8vToo35zuXtJ8oxtEOd6a1Tn2QmA3Cown11g3f7kXwYKhUwlGbJFBt7EZfs5_809ksvNDpzPTv_9H9uHEZuSKDD7JXRUlYO7MvjrCK6fvX3siJPyL2R9KTftJ58GbyCqDtTK4H92_fySojMkHZbDkfwPqgcRZQubGCLusZFp4EspYwQpR9sMLTbGJw8dVCx55ekAs7v8uqMpkxPoRRdAt6T12_Ib5_Op-4gHz7QIOuhU4CipqfqxsOqu-woEJM57MikAF8o3xzoG6g12NpSc_LyE9z8bbxX_G6hdH3LGa8KrEL1PmE9o8kPTfPhJEPfdns4fKUxHJy6iR9daGPpSNO5J8BGVl0fB1m1ozLvYvDabDmL8J824CZ1Ry9zM4NC4Unm3DFyXaY0ATbjC-AGVOJZXdSjbVVfgPwpsx5rohyL3O69VhrBnVoTqNbyqL8v4bmnHkrRyJPuhzQNnKF2_PoW3HbkA_phNsVnUlAdJMFXRdc-yL9-5apj0lXaZ-Ia2po6WS8in5g6B8jCKAd_ooKzNvnjJ46wskZYgcCfRJLLjUFHtWWkOc4B231WHdoYDF9ee5likjJGA_IA4_HqOrkfrmA8m5gJNxH0NnRm2rWPoO1KGP2PgmzN36S35rwNC7R8S_zXXYOI6X4sFoybRc6IvWLQDksausixCM_j1tRAjowsDKhWYN6dY6uLtvA_HUtkowX8OGw7U-c2hzmU5EiemiSMeCY5yT27wdoSy1r83jSULVNHEwAgbsqVd9yxHxVF4HgBOc3Wq2_BKXKmQxbpDUs6F96IFitqOb77Vt3ekPgcGVaUe_P1-vkE55OJ2Mu6pY8hVNWbOmT6grKuB5DHiQ1aYzDp9s_wH1ex-nVHNvlDnuwpFWYouWl97kF9OK0yO_EIW_9VRG8-NQM7QIGBlYiIW9sIZZ65NhrZDWk2avrPguiBUKtw9D_Ue1lLul5VBoZLzD2DYU6ZkB4Ph1pqJrPTKK5W5Qk4KHkf_ULKd6NtJXUcaShuESmGJA9gahnIvOdY5mjb95PGvjZUeLHSiLOb8aPpfTxv1dq-2zYT_5WzbeBtQpOfYbj7575RfJDUffgzhtGuxg440_XijBPCgTzoQJ61AG6CeID1NZpsoM8nZq36QIZKqa4I_4y_omDeo84_aKepEVZun9lDB3OtkU6KlNWMptwElDLh4XIAY4gGj3fLqB3jS5uc-RsIWqPEJQnrBJWqKkAUdBqIFk8V06EgYc6TQ8jAkoK5a9akoK1k-moWkX9BTdYc5-7KzNrM_jYlE76yeqkzZCr5zsg2zp5m7h3_BSIG1IWIZhizc3CVCKDT_EGwVj65nLdu8qAATUrgm5ZFV19kHWegXuoWqhJKsVx2GZA43b9HGWj5OUVohHt-u090PUOIQecKA8cQiurb-EUxtKAqz2rscS3QjuFlLGcB7OG6ffLNKkxiDhq643iF9OHEiPpEth2-J1y54Z7Jz8rGIyVkeZxjrLk1bJp2GWLfizRRwobZgLrS-uft6TiHbjLjV-FdR4zi-L2CrglB5gH25GQS8HsJp7aChnbhWYz7Z7VIT-JNt-glWZQ-xFToZWBzTkIqEeG8slqe7MVejtZLV-8Aoumubbq8k1g8n33jDILg7LmvJS59cisiY-BgCPCTF5R3Djxc0-kS5kD7ImoCn77-AApj__KxbJfSUQ-VNxiuiP0WdXwPm6tYyZU5UPso0wN09yeS7i6alf8dE3gK9dYdB-1efDG1-oP1qNMpLq6itJpH5Ai6F2768mWDEBr-JdvycQgFd-Pm9fjqXXZd7oR_1ae5k8IYDozJexk90cg_DYhkDBRyfZ69Z_odaaKyn9CXsyh8SyKWVZL9xIXI_chX1tHInM8rnifnx7KbKuBs9GMOkbvoAc05UDPTCSOLT0gPIBURj_19X57TKhqh3VXSJ0jYrvc0xTop8kW01NoUb2S2-TKBUngG2oDcuR5RdlGs7IXb3xBSDTdEIww6nzbm9UJwNdxOEGQnI-HbMGCoMVfMKrRPab5F2L7U-eNVY0MQdDZ2wHpGBUw9UdsTJfq9BuTqAP_JL9DBuUKDmeXgG3n0omHLUfdNldTAW_OP_R62DU-1xDzp2Q1BFA0CVz8-w_5BFWMg0IxN7orZ-tm6qq2xEKMpwf5_LBm0QmZS2ZVbIsOyBm3KLNJu858oOqd1UkqpqB1TvMSG8dPfKgCVmv1Elr_ogsHagAoVksmgFW9phYu0OWMjfrsVWIWZ1QVI2HpksG-81PYWTODYVqHS40aL7kEhtxDXImhrzCKQ1mlfH-NEzgKC4TSCim1AtdTH3H3hmrZ6Viz0cBuBE_-DS4c9WhJ7LDAuFh_hKtP7jiWTtVZ_I9utOUn9lhOpl50KmUJPYeQzIWcvnoRaq9A-65eAjwGGnpinf5F4hnSi981sOj2TRtGEOmFl8qgCZbo_LdCcgx4ZpI9FEX5RSQ6K0A&cid=CAQSTwDICaaNDbXIFKEKrWMoU3s_ERRlHEuBdcrS_dVpe0uItZq45YnAfPqEFICxY9-B_hWOOeL67tGf9s_ED_Fj7lkkA0alzGfJyGizvyb4fu0YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgekka-no-kasumi.com%2F&ds=l&xdt=1&iif=1&cor=511873818284549250&adk=1726166463&idt=878&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59362cf09716160d25faff096399c2385418da4ee976d560f6f762ceb8400527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20264
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame C4F2 236 KB
63 KB 235ms
76ms Script
text/javascript 2a02:26f0:7100::213:c699
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100::213:c699 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:00 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Mon, 11 Dec 2023 08:41:00 GMT

GET
H3 200 160x600.js Show response
s0.2mdn.net/sadbundle/15312430290876930110/ Frame C4F2 75 KB
10 KB 75ms
75ms Script
application/x-javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/160x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6b2beebe66e30194a1e4623bd545df675a6fa8356f1e24efbbb0fb1ca7fb0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212377
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10141
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 21:26:23 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CC4D 0
20 B 114ms
113ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BA4okl8d2ZfzKJJeKjuwPm7WrkA4AAAAAOAHgBAI&bg=!goGlgc7NAAY3kmNgF5I7ADQBe5WfOM1juAsj6eDuTYtu1AZAO1bP9OcLodFWeb4-z7lcVhb4vlT5xmbnWq_556J3btg6AgAAAGNSAAAAAmgBB5kDNIZU0Ny2_xV8948fYHHUnV5Tf8S1VkTxXQbDFWMotoCGuwnhZmZameUaPxXwJeuI8S-onm0WM52ISHztmSGexX0-vlfitcwCsP6LcKd3zojNu_N0TA0vkXGe3unNaIBiMHpqu7GpvkbuCGh7Nhhku8SZRsM_YJna7S1f7Yacv6E8bFauTmgBOa11UK-7oVMH-0MI83iXWZ-CNVwUTpgDi46ULZox4JhuLbpjY4qKk1GWF2h9WXDTTfhdRzclRitRS4OGELCh6-Jbx6LXPhU6u86xT2DpzCpIJCs73lB1MeLAS8JNMG4cj_lEsdIx9Tv48jFKquOnaIUHFnP_Ul6j-kev5aY3Z2HN7o6RbJ-518F2NqjjD_o9sh6mII9EV1Gc30OUR2bhklsxCSZwB-qoTPV39MPgA3AYn7HT9O0JOci26wBrkwhxTJUtaL0DND5QcdeofdYxJIXsBa65NTO8KvNcu2qLEd1Y5XtynrwDndIyyOm45j_xd4EU3xo7HNU6GcxM1_xd35pa98UFJ6GAAlQqzCUE8NXO8dgG1Gnbt-n5KaPYdDl0BPrjKiq8huaMGLkPLEw7aklLbwYQoJaOjZmC8nRfJ2V8F0EpnuSRFvR7ShPemUaBFTviNlMG7_aDgymO8VBu1N-BQ0dZgOcC1d9n_iLA-PIk3A61mOMX04fG0Kw9cZ0EzeFxWZ6RKh-tOab0McprgQOB5lO-C-V0yxdfiIPETpPQn4-gsXw49FNEKl3a8io7IrGT4W02CzjdERFoCluP9d6-RCdAMyluL8M-kdnZn8sah5nXgibPp8WmpirkdKn8d8DwrVFNohlyd5Z3c1Z_wyJqh_7oxEKkbX1pKBp_V7nKMPwNj6djaow_IjXkDD6yJ2xSa52t1Qie6bY3v3qad7XKSU6cTPnlg7o5K3btXaQfqBNyfN4q_L4jLJ4a6RCk7G9B2M-3VpTXHKCPky6KsIVtMudVxSD8KXua8PJwh1_ZaAurg0uL4xl9HOBB_PWYsLoMdtxEEdrVSsLBsuis7k78_EgSoxHlaeQvC17cMdV6KtFQPywuwLj3IzqiBiY-WUkzCDdDhVmHpFjZCN0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame F572 111 KB
39 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:46:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41961
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Dec 2023 20:46:39 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame F572 11 KB
4 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BnRaaRCwiLRlqpx71TqUE-CVQOdaq9ehsGS-yWNLxhGzQmlX2x90vpxs3vZMltjNrYOdzKvwTG_Ey4iN1gTOQzGGtJkc19mbC_XGfnG36eFRiUakSjUDuN9cWzoqfamXMt5g69YGg-ABpR9GXJh9yOddR04a84H0liBj5sjwJagyEsDsY&cry=1&dbm_d=AKAmf-AH-huiyBcy7o-0pnzF6MfJymHC5QP1TSf8uCYRWzWyE21y4WGj_mvkIW-vlh6Wbj0JfeL9FOKjgGfnjwXSWzcVAa5zm3Q2lhi-r1qhRw3HiHsP9WlVbnB7uxU4AuX-QlkRcRmMkquZI3jNS5C0386qEJa_c3i-9Ak-qsRsAZy93jJimSF8ZjzeVMiP6iiCnl9QpvYSYo12p7r7-o7ChhcX79N4ndNBymokojA7NkU-a5Rs5JCOWVNC_xkV7IbI3d9mzoXazpxwuQ9Ee_OHsVTJxdbmmChtOG30ss_9IBm_ypZr9HgZoLuob1rGwob48EJuLSPHelT75fGkgGWC4ExvOSyaLkt0TRRUCWYbkBy6bXh0ISNFs8kOMU5IvjS-YX08Y6hkZ-x8slD-URZ_u8NTUEmSC-OTAlls9spmiKvWJaECGG2EDsuTxwiM7l7EPHMoPXYG0ThSlTZ6fLGcJtaQ1EgK_Mc24D8WxxYnkBO-nw59ad1RuqSOsOfanakWBoEZ_TLDU0G16-bCzgQh9TKFHf-PYO9HQFK51JAyqV05bMzAwL3-E7KCEHLMiou_2yKRZDZaXo-UaTkzsQCdjVzDxO2DfQRnGGaAWILARML9gB1wvhA3881C6ZcsD53Ms8ZpyC0apekXbg2KHCcPVWS8QAYDLUBDvLLLXrhol1gdxPoDzCgvjDB97eUxHXT8aqxXC_-ypBmD-JhIHuiFojUvKWZOkPUrjEbg0xrGKIb5aO6Nl1n73SpG4_IP4zLVCiEq-GqIgkr8vf3bYLmUJ5TWwJmPKFN-BS4Wv9LCpJs0zcrZAtkNOL_oMAj5omN3kzqWqRUL2Ip5-EXvGuIwGXmNfjC2u_JElHprACU5mX7r99c7gJzVzhQVUHciM0ohJDeBG9-grHcE8ppSv3uJvRzAXRKv8PX6or-wOhaFsJJR_XxyGJszKZne4XhT9XHK6kQMBw1lN1n_jDs7GQ60mYRgDM1uxa2esaupHBhGxAfXu6aLHThg7Bsg2-GlO6ew6MGEs2kGZhv3Nx0dJ5NJiB9zvWcDFCqJy60y1ZzrBYNLCjeu2qTJOrD84c-wJ86qyQ4slA_t-1npVbCKuC0HlxbgkTNjpCHd0MuoGW7m-afRShNVmX8Y7czqDsgkoiKh2iLN9zUubHzOmEWE0mSi1-JwRdQJ_yayztKeOTIEOVvy9i4iTGucz2bX51ps05OcyfeFvGZQghji99TO2sk2CoDWq0p6XCwLaH_qm_YotCpVDzHuJVFPkGVw0Hpu_kQj_yflNxriZtK79qtfAVSxNx0OL5AcypMNc-2HkPhL7CBPKhCU5Fpm7BQQcDh7uRsd0IvaKgzE0goUj1ccj0swa99zsSPo8aJj1M8mAQGuUBID2hrE8q0tpZH8hvGE8AVF00v-xF_SbmLo7hWgGp67_hcuiRyIwVU4b20DlwN6bz62f5E52CBxfJYPGEEPRLhQHg6lL-z5MWwqZME1tXG_tdwoaXg27vvKzXYSrkkQrUO7Ha883T3FF8O72qac0sJBM-VkTCM2MQq55lP2KXfJ9H5oFj8roos59ayahzTedg9hSmwhZiWUvvUmQPevOxwvyc-9c9AdX-3ZOKopbbBXAqV6ed7I_hKJQlEmEdQxkka1wcoABCR1e3LMQbAKiH37mQcFd2kNG-wMZjb_TWlHKzON7XHIfHFLhEeVwxY0Q0q7GXzXliNvuxkxWzTRktTt5-hdDUr-uneccyL7GsMdAxoyfIrX5GJZCnvQhG67HJYoywaRAUr3Vbd44Rz9vk1eTi85wyRyYZWhcxbAwdOGeDE0y49NY9xNkXDsThqB0t8wY-uIJJr6fX5efjR42CmfJLUqJYoEDZDpjezFDSy6CFyws4Om_iaM8_RzSiKwZuZ-F8Kxdjx8YcY-QHsMXj8yKgBUii03jhjH505BTfNYCkfYQSKKZMiM_ltVEsWFmlodeXg9AfpVMu7nR1r55EWHTTpRWEnik94EulSUW5Fy3t1I_8kcqVnzRkFL_04ORFOQpk6-2rodqAmi7QuQ2j1he1z8x7Xv2EF2aI_AvKq8fa5F6qlpcdsEsor6QAj27zM5OmqBpV7P-FcP9Tk93uOPmnUbr1tGCItMl6ok5dXpO9_r3BiOPtwpyiOOfdYeuN7fEwtbaSEM-PdRe-3A6OMSLTykUN6HnuavOxaAbS0oCkiS626QyTfcVFx1oqO7ULvhE905gALXBkyrGZ7Vl17TmvFn--A_qSFtSot3odGxs9htxgJYj8ijjqUjfB8zv2HCHFFuWJC_zMSU37lpvZYbLLyVCmRAQfF9L1u9jf_cr8IJMthjOgqleMWlymIlHw6CUHDFvtHkep84cjOF1fdvm1-Vjlp0pdzoVVofTcUixhHswgSSH8M_bvbIK_3oejN3DAjqaVzsK2sLhOewIXAY56oVMz7obo9RXCLbe05qD-dxYmZuPXeqNwltk6oLOKTPY8J3iPc_VdsyNgoNzMzUyYNSayu3YL0CNm6dX_unA_ue2AeQLPjh7DGoZIR6wgoTrTrjYzYO99i60LztlrzQ68HYcGvzvplbDk76DuDonSXNKu6-_GBST4EehfbcGXLpYcGn_sDWiKLn_DdLqEoGueM2BNzkGfo-LrKF7N-XxNVNf4VK2rQvtuPPdyv7L2arnlsJvWgFUxo-6bLNsrym48Kx_irVcX0zCnGKWMJdkEtYijiDd9dcpvs-99FwoJo1KWKXGDdjpzw6MzfAjsXm0m9jHGnvyK7v8R7Sety-MIQbFn3HvtAt4syiyloq3vH7RJLKPThGn_MCI8qQwO6FJqbOfFWnMjBL1p8FFPEfmxeI-GEQ7034bGUNOwCcdKKlBb_h8bgTgVbjZgOUmIRVAew9Mp1kZ_J1brtdzBk2YW1Jo4cAAM8itgrc-TEOASxmXWC3_Nr14LrTtD1SklAH2k-K66CyOrq9YX93_bDFtw4Nl5FJ0Mivsr46WS23mHUhjJAHnU1hXz2k5Jr5e1Iwasxl3vrBD5tKeuLG00QUdv-Y8-CPrjGgjhq4-vn52z8Zf4cZD-JxZBYSr3--sLnKzFBz-WBjijiBDrvgeLLfb13zI_0_oevdpA1g3MCDv2Ksw4lCV7M9B2EzWdjKiok7GuEpHa5OZfdLPekA9Sc54NhoTaJm58i5ZNc11TlWv53YnUE7V_njqdgwhGyvwOAr0WyTKNAClKqnpMk6Y2xVp7SrQBRzbKM3zmt5uyiPetD_SCeuwZoKDMRKQ5eV5-AWpamfset7UjnWfq0Yu6J7k7flrn1dnS-K7GCc6YNmRhJzX6zf7r31uvUaZEJnw939Z_8T8P9WAp7yeaV12vt771p_fSISOpmi8wU-ognG6t-sgnj2mlroPWmQCc9EYlsSDdB35lpigjpaZT3rHctuzXBz2NgXHU9AqJLVAZ9-WUUzlLrrwYXmNodzFEQUGXakZ6Mh1F0F0eSH2v8k0CMqO1XTHSp0FKD9h2lu2M5YoReTMiljLkwFC9vf6nkhegxWOE8HUPvGARv4PAV4LsaJeB3vYw-swqvQ6l0hJuX3mcOZQjlX-ugl_ficLiafB9CHodcCudOJpGaWe5vF4EirxiAPIjYDVtFGDljqDjBxMqjuD2uj8su3oiD2dELuul28lR4LwEXnmgQxowENJ2qkEg05eWlQPJhlJv3J6jNVGvlRxpBl2by0jm_3rNknKi4VtxmtW9Yy3rE7PHJQcrIVSaP3-ouPQzTiH3tVI9rcmcPYldlFS8EaXTf0-Vh0NA1CrCd9HS41LFgIytU37KKxZGLUa_tRjbIvAtdG4xgYAuM-ZBT_RW4&cid=CAQSTwDICaaNDbXIFKEKrWMoU3s_ERRlHEuBdcrS_dVpe0uItZq45YnAfPqEFICxY9-B_hWOOeL67tGf9s_ED_Fj7lkkA0alzGfJyGizvyb4fu0YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgekka-no-kasumi.com%2F&ds=l&xdt=1&iif=1&cor=6295572874801820000&adk=1761367584&idt=836&cac=0&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 20:42:23 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame F572 31 KB
12 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 11:19:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 11:19:18 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame F572 41 KB
14 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:45:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 196807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 01:45:53 GMT

GET
H/1.1 200
OK fireworks.jpg
blog.with2.net/parts/2.0/img/back/ 21 KB
21 KB 316ms
315ms Image
image/jpeg 153.120.49.75
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.with2.net/parts/2.0/img/back/fireworks.jpg
Requested by: Host: blog.with2.net
URL: https://blog.with2.net/parts/2.0/css/parts.fireworks.1.00.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.49.75 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www27.with2.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8db907d98173c24e0697eee04d69924d42f7b79f40bd8e02c4fc62aa7a77044e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://blog.with2.net/parts/2.0/css/parts.fireworks.1.00.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 08:26:00 GMT
Last-Modified: Mon, 30 Jun 2014 08:26:46 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "9c2330-5478-4fd096b71dd80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 21624

GET
H3 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 904C 67 B
91 B 75ms
75ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6227073263319178&output=html&h=280&slotname=9375328300&adk=1620165619&adf=2788080696&pi=t.ma~as.9375328300&w=700&fwrn=4&fwrnh=100&lmt=1702283160&rafmt=1&format=700x280&url=https%3A%2F%2Fgekka-no-kasumi.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702283157542&bpp=2&bdt=2111&idt=517&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df56a739d32f5e926%3AT%3D1702283158%3ART%3D1702283158%3AS%3DALNI_MZBjf0jmCeKHQrzEBKknH_DdREu-A&gpic=UID%3D00000d1376cd2018%3AT%3D1702283158%3ART%3D1702283158%3AS%3DALNI_MYWuugW8jYw_MAJrB1-l-eXOKqI6A&prev_fmts=0x0%2C1600x1200%2C160x600%2C160x600%2C728x90%2C700x420&nras=5&correlator=4729264806909&frm=20&pv=1&ga_vid=998381432.1702283156&ga_sid=1702283158&ga_hid=816293540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=251&ady=3071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079928%2C95320870%2C95320885&oid=2&pvsid=1613787901476305&tmod=1118250832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=5&fsb=1&dtd=2674

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 04:10:08 GMT
x-content-type-options: nosniff
server: cafe
age: 15352
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
x-xss-protection: 0
expires: Tue, 12 Dec 2023 04:10:08 GMT

GET
H/1.1 200
OK icon_br_crown_18x14.png
blog.with2.net/parts/2.0/img/ 313 B
604 B 329ms
328ms Image
image/png 153.120.49.75
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.with2.net/parts/2.0/img/icon_br_crown_18x14.png
Requested by: Host: blog.with2.net
URL: https://blog.with2.net/parts/2.0/css/parts.2.02.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.49.75 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www27.with2.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8cf6b0ea38e65bd94401db5eebd6949b56fee5f488ce95bb36703e45755a6b62

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://blog.with2.net/parts/2.0/css/parts.2.02.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 08:26:00 GMT
Last-Modified: Thu, 26 Jun 2014 07:50:30 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "9c2325-139-4fcb872613d80"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 313

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 0C29 196 KB
56 KB 249ms
76ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Dec 2023 15:27:25 GMT
age: 233915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Dec 2024 15:27:25 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 0C29 15 KB
5 KB 414ms
241ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Dec 2023 20:29:39 GMT
age: 215781
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Dec 2024 20:29:39 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 0C29 95 KB
29 KB 433ms
260ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 09 Dec 2023 01:47:30 GMT
age: 196710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 08 Dec 2024 01:47:30 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 0C29 72 KB
16 KB 392ms
219ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a648cdebd7ee4c7352d321540f7eff19fd50bf971b50e7ebde286ee05874f89

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 09 Dec 2023 05:24:54 GMT
age: 183666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16661
x-xss-protection: 0
server: sffe
etag: "6d0f8508d14b183a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 08 Dec 2024 05:24:54 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 0C29 5 KB
2 KB 387ms
215ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Dec 2023 20:42:11 GMT
age: 215029
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Dec 2024 20:42:11 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 0C29 40 KB
13 KB 418ms
246ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 09 Dec 2023 10:33:30 GMT
age: 165150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 08 Dec 2024 10:33:30 GMT

GET
DATA 200
OK truncated
/ Frame 0C29 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c81f206e3a0d7831b5f1ea4c5cc0c8b7476fd769a699351671e152b124185da

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0C29 3 KB
3 KB 76ms
75ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 04:10:19 GMT
x-content-type-options: nosniff
server: cafe
age: 15341
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2982
x-xss-protection: 0
expires: Tue, 12 Dec 2023 04:10:19 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0C29 344 B
368 B 79ms
77ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:50:18 GMT
x-content-type-options: nosniff
server: cafe
age: 45342
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Mon, 11 Dec 2023 19:50:18 GMT

GET
H3 200 580-400.png
tpc.googlesyndication.com/sadbundle/1968346838096204293/components/bitmaps/ Frame 0C29 13 KB
13 KB 208ms
206ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1968346838096204293/components/bitmaps/580-400.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb7ddc2f218e4e37eebc3c301342c545a8e3486668fc0aca1e5dd6bc43584ae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:23:00 GMT
x-content-type-options: nosniff
age: 187380
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13159
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:02:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Dec 2024 04:23:00 GMT

GET
H3 200 product01.png
tpc.googlesyndication.com/sadbundle/1968346838096204293/components/bitmaps/ Frame 0C29 18 KB
18 KB 168ms
166ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1968346838096204293/components/bitmaps/product01.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5fd3993c8e57b7dd4716bee4aed498d5e31ba98b3308e5b73b655b3dbc565cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:23:00 GMT
x-content-type-options: nosniff
age: 187380
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18703
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:02:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Dec 2024 04:23:00 GMT

GET
H3 200 product02.png
tpc.googlesyndication.com/sadbundle/1968346838096204293/components/bitmaps/ Frame 0C29 10 KB
10 KB 196ms
195ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1968346838096204293/components/bitmaps/product02.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a7502f042913341265cca4ac8cdd8db5f662fa5861e88ba4434fd9706f7e829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:54:30 GMT
x-content-type-options: nosniff
age: 174690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10246
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:02:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Dec 2024 07:54:30 GMT

GET
H3 200 product03.png
tpc.googlesyndication.com/sadbundle/1968346838096204293/components/bitmaps/ Frame 0C29 12 KB
12 KB 109ms
107ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1968346838096204293/components/bitmaps/product03.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

179c21e4418c2292d61120c60fc9607eeb21f6cbb8520f6490dad49549a38558

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:47:27 GMT
x-content-type-options: nosniff
age: 207513
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12640
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:02:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Dec 2024 22:47:27 GMT

GET
H3 200 product04.png
tpc.googlesyndication.com/sadbundle/1968346838096204293/components/bitmaps/ Frame 0C29 11 KB
11 KB 128ms
127ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1968346838096204293/components/bitmaps/product04.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da17b16b5c98483c19abdcca4bcaf44f17b3e226e1a0adfb07cc0a75b3dd44c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 08:17:41 GMT
x-content-type-options: nosniff
age: 86899
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11029
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:02:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 09 Dec 2024 08:17:41 GMT

GET
H3 200 product05.png
tpc.googlesyndication.com/sadbundle/1968346838096204293/components/bitmaps/ Frame 0C29 22 KB
22 KB 79ms
78ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1968346838096204293/components/bitmaps/product05.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2d6bc6f29296b10215662dd968104839d24e77849c54722239e0bec6ed38dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:07:39 GMT
x-content-type-options: nosniff
age: 242301
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22580
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:02:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Dec 2024 13:07:39 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 4526 31 KB
12 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CoZ8_Vn3BQ6gM24JtNKBc8MpXIeKKywBhrLEiNqRWzZZsOhbuz4AyxgmVZ0RBJrJc9mD6X1o14Kun1Ga7gu2K_5p91Ut4HdGKo4SD56URPZLzgcO0eocwwZG53n7emyNMSsLh0wdzOQTuaOy1yIFXGpc12eITMItsM7sy-VxfA_QFQbkU&cry=1&dbm_d=AKAmf-Bb6yua0SAJdTTotlQsEZF2why2aNsh57n9BVX7h4v_dA22YZxP6tSpxU3BZ7uSWqDENm6XdS2YFD217GgWL6yxyzVHHSMg37pSxs8LculwOx-3R1duV64lYWfar8nKiKlMnJzcuM42XA5iWn2I8Zhhc7vIuvIpePUdPf0UqPUX93nVTyR1edVQ3J299MbOCN9_BHA7qjMuvGBYgRNjkHc9blNmF3WWEXzQ5rnPpXG5vs2RhbGTwvtnbWBs4NuMZhXjKqEG7xyhW7ZdUFfZBRfmjWh29X6Vr48sO7SnLuVALYpkDuktvjR_-wH27jgaCEu1TarizfC5DTf98lRCH33fISQcph678PrOVyOrKe7LGqFC8mhUTgtntLvjhLEPWfuhmUz9ALSti7zvvm5-kTMnimA1PKsIajCRh-Sa1pBfLeJI9KrpLl6c37DhuRGHk14_IXSbXH2cB3EPMneEnCf3AC0v9XEcd36v4N61SzapdmXqDrLMh43CPA_ch0HN7EW2KdeGtG9rNYytTYSeMoo_OXBO_A9cgJZwNBSkrWpGf8fR9lFQwI_HMyuBaiKwm24B0HmLQvKSbxAcAtD8RbnihkNuMQtGT-rE_Sw8s4i69HFZ2HnF142yeBxw-kRGlrPLGNiYtF_fTqphjrY-BPeGAMKesbO5UEJCouqpOeVMsgZvnQJmaIHmt6I900Z_QjIkJ64mV5gfqP53WreBjmmJRHhCL90nOeUpHP4IWrqBy57HbCdhvYXNpORgU35rGcJouwyy3Alab9lf-4lLacXukWBa1LuMeDOnyd92cUd8IsC5o9dWP4TY3vY9oC81srvJh2oLC_gUjDnbpJwBc9x7vq_iA3TMzoKldOURF3VnlVAnxopgKEmk-_Ac3Na2WSETy_2U6HlpbTMLdAZ72zbeatAK7fVGFxqUlIivt93OZfeFkCbInCO_J0U4Aui-s_cnGMC4I1K43QjfxwTIJDh3G60tWRkQ8Y20_-xEj0nDEXULtAVLuOqFydEa6KPnk4Ut1Qiildum7gROmJ_ilsmgWgJYfz0ZlzAGMnIZ8QoHe0fHcjlNYmFEUSa9tkbS6ACD7OlgL4ucZnQki2JcARhMC6ceOYp4_Sk947eDdt22o4_4VfZ0qZ1uB1V4wJZ962bF66Nc5KZtaRj7TPSZLKaa9Em0ce5vqWBZerYtnMI1QnXNMvrjGBRZaYaZJR7bapmILVmrOa73wqQ3pcarRw-3Bd85Wn5RDvy47GjSE_m34-JEFYTEOd8yri3VhNLBblEVund8l-DTVsae9L-QE797XRBuRd9h_co-uO93frLBDiR9L0f4V6hEVs7XcqDzdOX07wV2vlgtGRP5aMQXCVvPhL5eo1C5rFUJYx8pZDgCvZctGGqjWtxtn9ljaWd7Gfnp7xbLjEFMTwPT3STer07dokeqZWmyL3P2IC-lccK0UNi7n0WyvHE060tKA26OKgvOhMlzaYe4lALYFN8lN28yKSg6ixy7sPZN2zWazprrtbshkbhuSZl6W8vToo35zuXtJ8oxtEOd6a1Tn2QmA3Cown11g3f7kXwYKhUwlGbJFBt7EZfs5_809ksvNDpzPTv_9H9uHEZuSKDD7JXRUlYO7MvjrCK6fvX3siJPyL2R9KTftJ58GbyCqDtTK4H92_fySojMkHZbDkfwPqgcRZQubGCLusZFp4EspYwQpR9sMLTbGJw8dVCx55ekAs7v8uqMpkxPoRRdAt6T12_Ib5_Op-4gHz7QIOuhU4CipqfqxsOqu-woEJM57MikAF8o3xzoG6g12NpSc_LyE9z8bbxX_G6hdH3LGa8KrEL1PmE9o8kPTfPhJEPfdns4fKUxHJy6iR9daGPpSNO5J8BGVl0fB1m1ozLvYvDabDmL8J824CZ1Ry9zM4NC4Unm3DFyXaY0ATbjC-AGVOJZXdSjbVVfgPwpsx5rohyL3O69VhrBnVoTqNbyqL8v4bmnHkrRyJPuhzQNnKF2_PoW3HbkA_phNsVnUlAdJMFXRdc-yL9-5apj0lXaZ-Ia2po6WS8in5g6B8jCKAd_ooKzNvnjJ46wskZYgcCfRJLLjUFHtWWkOc4B231WHdoYDF9ee5likjJGA_IA4_HqOrkfrmA8m5gJNxH0NnRm2rWPoO1KGP2PgmzN36S35rwNC7R8S_zXXYOI6X4sFoybRc6IvWLQDksausixCM_j1tRAjowsDKhWYN6dY6uLtvA_HUtkowX8OGw7U-c2hzmU5EiemiSMeCY5yT27wdoSy1r83jSULVNHEwAgbsqVd9yxHxVF4HgBOc3Wq2_BKXKmQxbpDUs6F96IFitqOb77Vt3ekPgcGVaUe_P1-vkE55OJ2Mu6pY8hVNWbOmT6grKuB5DHiQ1aYzDp9s_wH1ex-nVHNvlDnuwpFWYouWl97kF9OK0yO_EIW_9VRG8-NQM7QIGBlYiIW9sIZZ65NhrZDWk2avrPguiBUKtw9D_Ue1lLul5VBoZLzD2DYU6ZkB4Ph1pqJrPTKK5W5Qk4KHkf_ULKd6NtJXUcaShuESmGJA9gahnIvOdY5mjb95PGvjZUeLHSiLOb8aPpfTxv1dq-2zYT_5WzbeBtQpOfYbj7575RfJDUffgzhtGuxg440_XijBPCgTzoQJ61AG6CeID1NZpsoM8nZq36QIZKqa4I_4y_omDeo84_aKepEVZun9lDB3OtkU6KlNWMptwElDLh4XIAY4gGj3fLqB3jS5uc-RsIWqPEJQnrBJWqKkAUdBqIFk8V06EgYc6TQ8jAkoK5a9akoK1k-moWkX9BTdYc5-7KzNrM_jYlE76yeqkzZCr5zsg2zp5m7h3_BSIG1IWIZhizc3CVCKDT_EGwVj65nLdu8qAATUrgm5ZFV19kHWegXuoWqhJKsVx2GZA43b9HGWj5OUVohHt-u090PUOIQecKA8cQiurb-EUxtKAqz2rscS3QjuFlLGcB7OG6ffLNKkxiDhq643iF9OHEiPpEth2-J1y54Z7Jz8rGIyVkeZxjrLk1bJp2GWLfizRRwobZgLrS-uft6TiHbjLjV-FdR4zi-L2CrglB5gH25GQS8HsJp7aChnbhWYz7Z7VIT-JNt-glWZQ-xFToZWBzTkIqEeG8slqe7MVejtZLV-8Aoumubbq8k1g8n33jDILg7LmvJS59cisiY-BgCPCTF5R3Djxc0-kS5kD7ImoCn77-AApj__KxbJfSUQ-VNxiuiP0WdXwPm6tYyZU5UPso0wN09yeS7i6alf8dE3gK9dYdB-1efDG1-oP1qNMpLq6itJpH5Ai6F2768mWDEBr-JdvycQgFd-Pm9fjqXXZd7oR_1ae5k8IYDozJexk90cg_DYhkDBRyfZ69Z_odaaKyn9CXsyh8SyKWVZL9xIXI_chX1tHInM8rnifnx7KbKuBs9GMOkbvoAc05UDPTCSOLT0gPIBURj_19X57TKhqh3VXSJ0jYrvc0xTop8kW01NoUb2S2-TKBUngG2oDcuR5RdlGs7IXb3xBSDTdEIww6nzbm9UJwNdxOEGQnI-HbMGCoMVfMKrRPab5F2L7U-eNVY0MQdDZ2wHpGBUw9UdsTJfq9BuTqAP_JL9DBuUKDmeXgG3n0omHLUfdNldTAW_OP_R62DU-1xDzp2Q1BFA0CVz8-w_5BFWMg0IxN7orZ-tm6qq2xEKMpwf5_LBm0QmZS2ZVbIsOyBm3KLNJu858oOqd1UkqpqB1TvMSG8dPfKgCVmv1Elr_ogsHagAoVksmgFW9phYu0OWMjfrsVWIWZ1QVI2HpksG-81PYWTODYVqHS40aL7kEhtxDXImhrzCKQ1mlfH-NEzgKC4TSCim1AtdTH3H3hmrZ6Viz0cBuBE_-DS4c9WhJ7LDAuFh_hKtP7jiWTtVZ_I9utOUn9lhOpl50KmUJPYeQzIWcvnoRaq9A-65eAjwGGnpinf5F4hnSi981sOj2TRtGEOmFl8qgCZbo_LdCcgx4ZpI9FEX5RSQ6K0A&cid=CAQSTwDICaaNDbXIFKEKrWMoU3s_ERRlHEuBdcrS_dVpe0uItZq45YnAfPqEFICxY9-B_hWOOeL67tGf9s_ED_Fj7lkkA0alzGfJyGizvyb4fu0YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgekka-no-kasumi.com%2F&ds=l&xdt=1&iif=1&cor=511873818284549250&adk=1726166463&idt=878&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 11:19:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 11:19:18 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4526 41 KB
14 KB 206ms
206ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:45:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 196807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 01:45:53 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjI4MzE2MDUxMjAzOQogIHNlcnZlcl9pcDogMTQ2NTI0ODg3CiAgcHJvY2Vzc19pZDogMjczNDk1NzIwNAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3...
ad.doubleclick.net/ddm/activity/ Frame 4526 0
834 B 285ms
113ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjI4MzE2MDUxMjAzOQogIHNlcnZlcl9pcDogMTQ2NTI0ODg3CiAgcHJvY2Vzc19pZDogMjczNDk1NzIwNAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly96YWxhbmRvLmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDIKZXZlbnRfaW1wcmVzc2lvbl9pZDogOTM2OTcwMzkyMDM4MzAxMDQ4MQpkZWJ1Z19rZXk6IDU3NTI5MzkxMTIwNTU3MjIwOTEKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTExIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzI3NjgxNwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM1OTUwMzU1NAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTExMTc5OTc0MAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMDMxNjQyMjE1MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQ3MTMxNjk1MQogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly96YWxhbmRvLmRlIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vemFsYW5kby5mciIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3phbGFuZG8ucGwiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:00 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x2b4074a7511c05f50000000000000000","13":"0x48d222957979a5480000000000000000","14":"0x513c2a088fa00abe0000000000000000","15":"0x8193f8ef86fa999a0000000000000000"},"debug_key":"5752939112055722091","debug_reporting":true,"destination":"https://zalando.de","expiry":"172800","filter_data":{"14":[],"21":[],"8":["3276817"]},"priority":"0","source_event_id":"9369703920383010481"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg Show response
ads.revjet.com/ Frame 4526 43 KB
18 KB 338ms
165ms Script
application/javascript 88.198.56.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.198.56.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-56-59.clients.your-server.de
Software: nginx /
Resource Hash: 1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Mon, 11 Dec 2023 08:26:00 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Mon, 11 Dec 2023 11:26:00 GMT

GET
DATA 200
OK truncated
/ Frame 4526 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d9484468c6e6974a4423acbb73fefc79136a04e4046faa469684f53627cb95d

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15312430290876930110/ Frame 67F9 8 KB
3 KB 76ms
75ms Document
text/html 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31c9cbdd2680df18700bfae8026599481379a9974964bd3b931a4da8411d6bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 128316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2762
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:47:24 GMT
expires: Sun, 08 Dec 2024 20:47:24 GMT
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F572 0
0 120ms
119ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuS4D0BzIVDnZ41GPRLscD9r5izuAgy3WC-lJ2zaRwA2b0A3kyuZC6rmVcKL2b31wkd1tKXppQMW55GHfeH2YCA7b4o3g5QsYCy1kdEqXDLQhRQJbAUKMXv6vrtsuBzTVr1dcFMxe3GZGu-8ULY6792-FfbUH-KfTRMNZriuf6dfrQh3X_CugBa9GxYOSTprkaJ1SeqBb-js2AnRNA0WU4XzfmSlcrw5Bjol6g50rCj2WvbwuMLWG7QFSDQStfEPRugq7rZpZNGHIt7XF6n_ZzA1nR5LjTF1soguu6JkDjDqOuqD9kaRNj6ulcO2mpapsh7Kg8w4oy4VKRhvhUHIqR9M3o3jPhmqN9YE74ACzaphs1b-cXbWKQSjzQ1aN6Iara4L2DCGXD8fZGX-TrU25iUMy4K-0VOVWFmcLefKhBC9wY-AuIC-hyJriV4qHG03L2xkfTyTx5GJXj-9bTbLIvD9bBUIcQ6Jwr4dSnpcEAazokMMYGTQL1PsMCIeZfWWgRAGk5--taUKf_6Jhm_dUBMkneLVGMHwFrN0TwjWZrtyeug69TQs0XqhC4_HCphGrsOZJSmYE0a1ubXMdBQCcXPKxmMrHF9-H7b_-4T0M-WDTtMmlohoZmX7JGHpQQ73j2Z-r_ywvUXwultJP1muWly06jLrfN2DoLHix4MQGyjuOnoEErcrjUHFs7HkcPl2pOeiGfOQXGG90k9PtBsvUZ3AAb21qB4YxnOGPCamA_Li1fOSUtOBjtlYFiaSqkdFuxQLnKpdW5XxExvBgTgUsMp1qQw1SexMt_DQXMqUUiW7Fkd8bOryMbbZt6st88rZq56BueNW4TFRLWtfTTyobBHjIa9qPBSwY5LmH4XE05XZT1_aZeJVexlkGOLEmuB7ZdS1C_Tg2MuxNvRn0cOAc4mX9ngcWVvp_fSKN3xh7N7RqHHn18wzKgHtLJ7qNkMvmBHy6PVKimpP6wYkYe-_wyazCJxH_P91ri_oKpD8hbk7lDtn8sv37lXOWOZ97HfYJrR1KhKYIsOnZIvw6jl6SYJAmTHT-A0yX1cfCmjCuprk-tKcAuZ-PEAJoaklBZgJT9FccVqVEAZZZ9kKlynvVTwsnHnzjPHV-79ZNxQgfmQdnc-moIOf-JFjrAJMLHaCoCh0adCoQ6_le3vLKkF47b1-X64uHhgHc_TuauUIlLD3Hry9tcQZwliSRYYe0LDC6UProlED-j6MOjNlzfFNtgZWxlgmAmDZtw4Axm5JIIBaJ9L3OOpMWw-RZO_jrOPK0rCCkJ6YacOe-xszRz6bxTsfoCekgCp5-L_VmcICM0-L7Yquy2Z53_ynVxJmg&sai=AMfl-YQpxYjaXJyAhUE6wvh-8GwaEFT1wxQHwF-xiwPWWLuf_Du-sC3HMrogBScntGgBB-GHP8FFaQMFTB_3QScn3zcN-NLsufHDTc6G7_4IOxiN3vVXDEl1RNF4dFXidNsvpEHfdFYqO5f_OiuUDlYrEWNxO9vjl5pDbS782KOT5KyVa9Gzqe8PeY2I8IeXKVzpJAo36PRK-gBHI9fZBM4MG4EvyzSUgSRDtwuNB9tJf7Exv-S76O68fpAQDlzTJJd6s7yVSixQm6B_LoPYUnPIuAsuQmoilRq6pCb1Y6zxmA&sig=Cg0ArKJSzMl3Gu3fvHn1EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=180&cbvp=1&cstd=177&cisv=r20231206.65836&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 11 Dec 2023 08:26:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame D225 38 KB
13 KB 79ms
78ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
age: 171257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:51:43 GMT
expires: Sun, 08 Dec 2024 08:51:43 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 background.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame C4F2 25 KB
25 KB 75ms
75ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/background.jpg?1700216400989

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7e4c1d15cae6cd00fdd42938303778d99c537958527d23d7a0c23f9547ae28f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:39:11 GMT
x-content-type-options: nosniff
age: 208009
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25570
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 22:39:11 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3FDC 0
0 114ms
113ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdbtRUpn0-sF_prrP2Kq4H3Z9UHl9zUSuSamO4Ldh99HN3ZA34w7QSnr1qfm2eCGH6ubL2Mna-JQu7LRfQ7R7EklibAP8Al8Y7t0_jgEFqoKdx9qxizZuKqLZLLhDczqHvO3qxMut1HEBeFM-6xqRbR-VjCRLzLuqUDSolmelEYRKwerH3n0W5W9l3wNqTprLLk348O1dW6RCuCua7mCBB5tZGq4JEljWU_paiQhWZdtD9_OUWgvclxhD1xxC5dpkypOO5s0N0xMeP3hkeGnYOtkyMZTsePNtFZg4ruLE_GokLsdgr0lKqUw51JC5rL99e4muoApwIVgH8OO7x7bC57Mf-x6C6zDyw5JdblWqzAFP7jgd1pIjq9jJpaW9f3haVLFaRzf_NzH0sh9PU5pT4SRl63JnYfTFfUq0ZICnCVQQ0TGV0EddMkAg78EOSiKTBFRf7Naly9jiAEy52vjsluwubfTs_ea6owq6bGqrVJWut1165_UIZ0kJ0hruCpdX44qef4fkplaWb8mm7ao0ZGdEHpoqQs40K7FSR_qJOQr9j1ZrTiILU2ETjhDsdipIwdhRa7rNSt_2rB27EkmfK_dbqr5y01h4IuTg_KnlYjJH_YMFTk5D1ZAGwS11bf-4o6AKBuu2Qq80JBwaVX6WjR4wrcDsBZLhjaFE2SIJDnR2ngtR6pV7JqzlgCDK57q31qVX9txXN7SeEWBsAqyO0vMvepDMTrLH9v7JTr4CxYo-u4QtdSEbD7tGkiYas2mCM9qOyr-65eFTx60OTb7kL5iaF0yXzLJNMS7cfNjvZnDSf7mX1mlL_z67XcpWjGe0jKZ-_CZasVlBTr1EaOshpyjLLp0rt2YdAjZz7vhnqCTAwT-Aj7ZfQUG0-xxOgn8fvXF-miKlcpP-SY6CnbVjxeIOaN-Lpo4JkPs2muycc_mZNiwCYiY4O_IkWziKoD8sL51Kc-Hf5JXRlZlc9Y0WTANOB14dE9fNhnQQ5MJaUZz7tjvQ07y74dXynuhqdK-xC8cXtg1g0zYCxJRGIepS52c86E6HyXO2IgIoH2mH-bRf2MDXTzK-6GUsbkL7MUFaXfGB70DzG_n6P0xB1mzFWIfUGRl0xyMs9E--dXyUrxeSNb_HKS-sOw-g3BVBuXGkqhSQWJvljifQzQEXFSzNx8xxsJNiTyKDhdTY6JS69G3pMtUNqxIy3dY7t7lriNR9-0UOxqUjr1sUEZbeqAVCHn7QgOMbh4sAr-w72erKMM3Dlybi27gVwkVGfbbNJGC_msQglsWySn7_BbGDesZG0ABjwqtpWfy23sCM2-UF8fZAz1nLj45QVFLWV0w&sai=AMfl-YTYS8uHR1kYIbcgcvbWdQg8uZNTiXQi2k1UItjwOp-yrCQVZmblPkcmVhjOFatjErJEuas4w0jNIF58Jum9uBXMV3lA9_ZP8bfdo23hEpK8a3DVROlPxd83ALp-vw7IEXj5vg69zG79yfCuEGcBjzIDDmE9o1Rmb_tvUs2M-toxsNwRkrUhW--v2mmFPBfSQj58aQk4pxQpLB36wga6Sa_bDEzU6EXgvnIUPyoHXYQ7XWG1dpJGlqE0-whcM-TdrCxY41W9qvypFN38K2MAZaTaRQBqewzahuB9u151YA&sig=Cg0ArKJSzACwFyPCZX6NEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1003&vt=11&dtpt=572&dett=3&cstd=428&cisv=r20231206.61018&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3FDC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c29b40cca1e33301fd05754413f30fd96c8029f8daf0a55610d265a21fea4cb

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 67F9 236 KB
63 KB 76ms
76ms Script
text/javascript 2a02:26f0:7100::213:c699
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100::213:c699 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:00 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Mon, 11 Dec 2023 08:41:00 GMT

GET
H3 200 160x600.js Show response
s0.2mdn.net/sadbundle/15312430290876930110/ Frame 67F9 75 KB
10 KB 75ms
74ms Script
application/x-javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/160x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6b2beebe66e30194a1e4623bd545df675a6fa8356f1e24efbbb0fb1ca7fb0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212377
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10141
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 21:26:23 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame D225 39 KB
15 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Dec 2024 19:00:51 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 57ms
57ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-561MLEJ5LJ&gtm=45je3bt0v881561445&_p=1702283155453&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=998381432.1702283156&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1702283155&sct=1&seg=0&dl=https%3A%2F%2Fgekka-no-kasumi.com%2F&dt=%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E&en=scroll&epn.percent_scrolled=90&_et=6&tfd=8935
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-561MLEJ5LJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gekka-no-kasumi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 circle_black.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame C4F2 373 B
400 B 76ms
75ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/circle_black.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c93a027b08e9a14b6dd0aab92b1f1ce8e397e2ef1fe272c73842749252a508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:44:48 GMT
x-content-type-options: nosniff
age: 31272
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 373
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 09 Dec 2024 23:44:48 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B643 38 KB
13 KB 76ms
75ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
age: 171258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:51:43 GMT
expires: Sun, 08 Dec 2024 08:51:43 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 background.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame 67F9 25 KB
25 KB 76ms
76ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/background.jpg?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7e4c1d15cae6cd00fdd42938303778d99c537958527d23d7a0c23f9547ae28f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:39:11 GMT
x-content-type-options: nosniff
age: 208010
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25570
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 22:39:11 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F572 0
0 116ms
116ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuS4D0BzIVDnZ41GPRLscD9r5izuAgy3WC-lJ2zaRwA2b0A3kyuZC6rmVcKL2b31wkd1tKXppQMW55GHfeH2YCA7b4o3g5QsYCy1kdEqXDLQhRQJbAUKMXv6vrtsuBzTVr1dcFMxe3GZGu-8ULY6792-FfbUH-KfTRMNZriuf6dfrQh3X_CugBa9GxYOSTprkaJ1SeqBb-js2AnRNA0WU4XzfmSlcrw5Bjol6g50rCj2WvbwuMLWG7QFSDQStfEPRugq7rZpZNGHIt7XF6n_ZzA1nR5LjTF1soguu6JkDjDqOuqD9kaRNj6ulcO2mpapsh7Kg8w4oy4VKRhvhUHIqR9M3o3jPhmqN9YE74ACzaphs1b-cXbWKQSjzQ1aN6Iara4L2DCGXD8fZGX-TrU25iUMy4K-0VOVWFmcLefKhBC9wY-AuIC-hyJriV4qHG03L2xkfTyTx5GJXj-9bTbLIvD9bBUIcQ6Jwr4dSnpcEAazokMMYGTQL1PsMCIeZfWWgRAGk5--taUKf_6Jhm_dUBMkneLVGMHwFrN0TwjWZrtyeug69TQs0XqhC4_HCphGrsOZJSmYE0a1ubXMdBQCcXPKxmMrHF9-H7b_-4T0M-WDTtMmlohoZmX7JGHpQQ73j2Z-r_ywvUXwultJP1muWly06jLrfN2DoLHix4MQGyjuOnoEErcrjUHFs7HkcPl2pOeiGfOQXGG90k9PtBsvUZ3AAb21qB4YxnOGPCamA_Li1fOSUtOBjtlYFiaSqkdFuxQLnKpdW5XxExvBgTgUsMp1qQw1SexMt_DQXMqUUiW7Fkd8bOryMbbZt6st88rZq56BueNW4TFRLWtfTTyobBHjIa9qPBSwY5LmH4XE05XZT1_aZeJVexlkGOLEmuB7ZdS1C_Tg2MuxNvRn0cOAc4mX9ngcWVvp_fSKN3xh7N7RqHHn18wzKgHtLJ7qNkMvmBHy6PVKimpP6wYkYe-_wyazCJxH_P91ri_oKpD8hbk7lDtn8sv37lXOWOZ97HfYJrR1KhKYIsOnZIvw6jl6SYJAmTHT-A0yX1cfCmjCuprk-tKcAuZ-PEAJoaklBZgJT9FccVqVEAZZZ9kKlynvVTwsnHnzjPHV-79ZNxQgfmQdnc-moIOf-JFjrAJMLHaCoCh0adCoQ6_le3vLKkF47b1-X64uHhgHc_TuauUIlLD3Hry9tcQZwliSRYYe0LDC6UProlED-j6MOjNlzfFNtgZWxlgmAmDZtw4Axm5JIIBaJ9L3OOpMWw-RZO_jrOPK0rCCkJ6YacOe-xszRz6bxTsfoCekgCp5-L_VmcICM0-L7Yquy2Z53_ynVxJmg&sai=AMfl-YQpxYjaXJyAhUE6wvh-8GwaEFT1wxQHwF-xiwPWWLuf_Du-sC3HMrogBScntGgBB-GHP8FFaQMFTB_3QScn3zcN-NLsufHDTc6G7_4IOxiN3vVXDEl1RNF4dFXidNsvpEHfdFYqO5f_OiuUDlYrEWNxO9vjl5pDbS782KOT5KyVa9Gzqe8PeY2I8IeXKVzpJAo36PRK-gBHI9fZBM4MG4EvyzSUgSRDtwuNB9tJf7Exv-S76O68fpAQDlzTJJd6s7yVSixQm6B_LoPYUnPIuAsuQmoilRq6pCb1Y6zxmA&sig=Cg0ArKJSzMl3Gu3fvHn1EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=370&vt=11&dtpt=190&dett=3&cstd=177&cisv=r20231206.65836&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F572 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6b24c36ad2bb5f58f56d2d7e3cb02f645853b9d83627b640b0be935f029b147

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cloud_small.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame C4F2 5 KB
5 KB 75ms
75ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/cloud_small.jpg?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48785a4d40b13f059fd7e607381728675d534d26c8bd4bbab39917fdcfcfd4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:43:14 GMT
x-content-type-options: nosniff
age: 128567
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4618
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:43:14 GMT

GET
H3 200 circle_black.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame 67F9 373 B
400 B 75ms
74ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/circle_black.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c93a027b08e9a14b6dd0aab92b1f1ce8e397e2ef1fe272c73842749252a508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:44:48 GMT
x-content-type-options: nosniff
age: 31273
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 373
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 09 Dec 2024 23:44:48 GMT

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame B643 51 KB
19 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 185523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 04:53:58 GMT

GET
H3 200 clouds.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame C4F2 8 KB
8 KB 76ms
76ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/clouds.jpg?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

043dd72980c84b4a315680bb6d62b2fdb19acc739d3bfe8596c99bbba6255c1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:55:29 GMT
x-content-type-options: nosniff
age: 207032
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8612
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 22:55:29 GMT

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.2/modules/ Frame 4526 20 KB
7 KB 219ms
49ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.2/modules/rectangle.js
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F70A) /
Resource Hash: dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:01 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 15:25:13 GMT
server: ECS (ska/F70A)
age: 531
etag: "64e381d9-4ee4+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7263
expires: Mon, 11 Dec 2023 08:36:01 GMT

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame D99C 2 KB
1 KB 210ms
48ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fgoogleads.g.doubleclick.net
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F71C) /
Resource Hash: 71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

access-control-allow-origin: *
age: 36
cache-control: max-age=600
content-encoding: gzip
content-length: 942
content-type: text/html
date: Mon, 11 Dec 2023 08:26:01 GMT
etag: "64e382fe-744+gzip"
expires: Mon, 11 Dec 2023 08:36:01 GMT
last-modified: Mon, 21 Aug 2023 15:30:06 GMT
server: ECS (ska/F71C)
vary: Accept-Encoding
x-cache: HIT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D225 0
20 B 113ms
113ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BDZn1mMd2ZZaHGq-79u8PpKWZiA0AAAAAOAHgBAI&bg=!UlGlUR7NAAY3kmNgF5I7ADQBe5WfOGLs2klXaj9hafMexs2-MCmQr4jCS2LIky5ogkjl3XJLSSU0ha5p6PmLKHNsxbhNAgAAAGtSAAAAA2gBB5kDSutz4DHWlm4Tvzmi8KbPUDvwf_e8S12lutV1WC1JLRum88H0uFvXOUe7MNHzot9IbgM6OCg3-s2_7ktKBpY2xJg9dV_r4k9ve0PiPW9-OzR3o0XIPp_PPge9zZGE9SwDfpIK58tFe6voknK-FXfgg3Ntrm7wuDnoHcRdHOfaUos7TixangaA6nPw5xgr1dp2D-t20eYVbGKKvyNHQGUHV4ODNvsFXCDTCqVe-1aqNrR4VTj594N5TcXFLRhPwP1jeydQK8TYTKD9ERqordB2kywXgnBE_ZVNmWB3omv1WseXhMOIx_9NFznauiQYtQXvbB_lpIYcVrFdA4N9svrol7okrXMCNnJ7xja0PRa42Gz0457x9iUsP_v6sI39pj7pspYgie_7oLGIbQnt_bK7xbAByTpGewLjJ4WdbhAnerAZU198ZYrgKbU8Qai1nwihUsMwIzwZf4UgDokrv2vL2BAgSEDF6e2BMSVDAbO7NFWjnCyBjsq59Il4JedB7lY2_1mQa0BVPfN2jHclzYA3M2wEO253jjTOem7EPRZDVrBd4FVXrGjb8Wrc1dopWGmKzVD5R2ToK6ceuqcB-vfd66s4tm1OvZkGE3I5Tsr1Hbp7Geka1vfOCypL-QbBHBuU9v5Ro_-fCJbo7Rk9yGEMzbNNdB_wxP4HgDWWHPOvQJwFFh-rhDqH3RiQFOmd01ybkJrO-IQWGTZtkBpSEx5dH26K1HyowEVNEcW27H0iEoVEY31PBbYjL0modEvZTNrMd3PFQVp_NWw9fSJxeBMlgY1-2Dyn1nPQAkyS5rTxkfIeHJV407AVvyGPeTBE80Kto-_ueBdyyOqdgVvlyduOn8Riy84rHgEKfMw191vA2uoShVlDqvVxk2r2u8cn5ml5KaKcxrWVOZlYwq58uWaXtrZ4yuLnEkQnBQguM0ho0SrPbFejcoohWLvsjmQQ4MFi2gK1QGlAJaPrAvhD_ZXPRl6uUSkHPVFF7KG4TNuYnhO4PovRQgmPgvWsHO9xS2klyPaJuDLlnOwxSjg3jbSwwEu_fLyqf9ncGqAzhD6G_aKOZcZ0rKEYavx9r0aj7G8x77GUWYMK43GiZjv0xb5sehru8SVE421-Zdi7

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012310301456000/ 23 KB
8 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-host-v0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02980cbd7a7a4e5fd4959cc281ee86d9d737f6257ab80c8f3b85a5eef9c31ddc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 09 Dec 2023 01:09:43 GMT
age: 198978
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7813
x-xss-protection: 0
server: sffe
etag: "1d4497e3d264bf30"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 08 Dec 2024 01:09:43 GMT

GET
H3 200 cloud_small.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame 67F9 5 KB
5 KB 75ms
75ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/cloud_small.jpg?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48785a4d40b13f059fd7e607381728675d534d26c8bd4bbab39917fdcfcfd4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:43:14 GMT
x-content-type-options: nosniff
age: 128567
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4618
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:43:14 GMT

GET
H3 200 CTA_2lignes.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame C4F2 3 KB
3 KB 77ms
77ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/CTA_2lignes.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16d7264d40c92dad23bd3625cf3ea1bdf458ec5aca20c86e2a4e2942073a48c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:43:14 GMT
x-content-type-options: nosniff
age: 128567
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2908
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:43:14 GMT

GET
H3 200 clouds.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame 67F9 8 KB
8 KB 75ms
74ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/clouds.jpg?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

043dd72980c84b4a315680bb6d62b2fdb19acc739d3bfe8596c99bbba6255c1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:55:29 GMT
x-content-type-options: nosniff
age: 207032
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8612
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 22:55:29 GMT

GET
H3 200 CTA_bg.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame C4F2 2 KB
2 KB 75ms
75ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/CTA_bg.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a09d95b1b8242c2cca4d97b1a50690a2bafb042966a7fddb91b0cb8917f3299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 02:20:25 GMT
x-content-type-options: nosniff
age: 194736
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1869
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 02:20:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0C29 0
19 B 122ms
122ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmchPmMd2ZZO_E_74xtYPvNyZyAyuhMerc4D8062mC9rZHhABILq5w48BYMMEoAGvofrwA8gBCakCKo2VB4GdeD6oAwHIAwiqBNsBT9BUQg1DkNdUEUcQ32Ay4wHWPUgrLzEZ5svRgRtfOvuXJs2wzRmxWrKgsgL8ICWxidYt92UKHL6MSx2bnJe0nyG-IC5vGXbQcUFtxlmRv6QZgU1m15pWo5WZbNnJRvqJiF3aA5pZNdsulMAeXYyl4MCQ7SuVdxQnRcwO-r2ZULsPdwWl2ktsLMr5puElolrV7D5qi7Ey31U0NFy2tX1V4pNJvkg2L6EoZilvIq9qQGGMNW6ZrSzYDf6nr2MG0la4fnkZ4x-H_hBvInVKt8O5nH0LpcZ8-AtuKzrmwAS5qviZ7AGIBc7UlfwFkgUECAQYAZIFBAgFGASgBi6AB7nehQ-oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCAsQfSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLi8zPj6hoMDmgkWaHR0cHM6Ly93aW5kb29ybmV0Lm5vL4AKAcgLAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQLYEwLQFQGAFwGyFxwKGggAEhRwdWItNjIyNzA3MzI2MzMxOTE3OBgA&sigh=364n3C1RXLw&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSPADICaaN43uM4k0D2vqfU8IkeMFMJaCx4dXHK5JBw100w3cjm5GaLVREpsc7xw49wssHB96HTwF-Rr24LxgB&template_id=419&cbvp=2

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6227073263319178&output=html&h=280&slotname=9375328300&adk=1620165619&adf=2788080696&pi=t.ma~as.9375328300&w=700&fwrn=4&fwrnh=100&lmt=1702283160&rafmt=1&format=700x280&url=https%3A%2F%2Fgekka-no-kasumi.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702283157542&bpp=2&bdt=2111&idt=517&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df56a739d32f5e926%3AT%3D1702283158%3ART%3D1702283158%3AS%3DALNI_MZBjf0jmCeKHQrzEBKknH_DdREu-A&gpic=UID%3D00000d1376cd2018%3AT%3D1702283158%3ART%3D1702283158%3AS%3DALNI_MYWuugW8jYw_MAJrB1-l-eXOKqI6A&prev_fmts=0x0%2C1600x1200%2C160x600%2C160x600%2C728x90%2C700x420&nras=5&correlator=4729264806909&frm=20&pv=1&ga_vid=998381432.1702283156&ga_sid=1702283158&ga_hid=816293540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=251&ady=3071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079928%2C95320870%2C95320885&oid=2&pvsid=1613787901476305&tmod=1118250832&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=5&fsb=1&dtd=2674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 11 Dec 2023 08:26:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B643 0
20 B 113ms
112ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B4KcQmMd2ZaegH9eV7_UPlMWQmAoAAAAAOAHgBAI&bg=!NTalNnnNAAa0LlnulC47ADQBe5WfOInnYiEnNsfFv1toAN_fQqatIiHHMv-HoYlwDCXnSZ1gt-_Ovn4xnElIMt6F0oZkAgAAAG1SAAAAA2gBB5kDTr5ItrF1xlgm5i6VYlGF4Fi7uRD5K9eImN5A9skJWquF6ce-Lmoz6P1WFpqpPvkXWZ5lwCKTjHvkgero61AG7kinKMhxYKthqEfgLB4wQsfh9IM7t-qMFu_bJOkpqSo8H2DkPLEnqM64i8iaoCT_uB6f5uEm9Ec-ozaKBQSHJlSdTDC166BLSHg7JR6kTREvltYhYPfR4X_It0KdlPOwOAg-6anXuwgfPm7F5m8Byy5SkFZHfoYyLU_3jR5UoGWzH-3HizZvEdHzLLVe4cJNNDIVYNOAGAh-VRRCRafYyE3F74FgpknSNuSUXk9orJCiwTk34jMbgVdpN9coOCHB0r6yJoGiqO1qHKHvwCAj9abW0B--o8l5nbr7g-NGK4-sXC_ynlYq0_7Vg_rebeLS8f6iG8hzB0phgj7Xbx_nGHMBAaVAduxirxDftOn79iKCW8m_GnTx0soSwYrAspIAjTyclfTmHkYYcM3yPm2ENnrd5pOM8m6OzpVXlw2RuoJpHN5wCGMWhsGm5_fc_KRuPt8S26SBd2X8sQXD27BqcBDXKXJdkrKOhEycgQKleYk0b3Gb36YNtQgQhOCja2AzASOM32xgGzvuo26TR5yiqMyS8vwviOs37SUnNSn5F9UhXp2U5477XXpKc3uBE_xLXylablZwOgU0BAdHO2c2CmNGx83Bb4pLQy6FojoF6wY_Rid6E_8VIHDIGcIHoqPx40dUOQ1D4CE6jU-6s7Yr7fkKY3b4hBIfWggYJXP9JFbxgJM7Ugl_jBNAGWzdNhtPVzPSOJ4Ov4tr1gzBU9q7VAjUdlr-syeDFvg3PpYpxNKhXge0FUYoGzYWH7xT1-au4AJH12Zm8xl_0dSvdUddrvt8hdtBPOio0sa6THv9RcPRA7lDUi3KfRXMX5du1lkKmezMwycVVZFzLQ9PhjjvuN4lZCEAYCjeo7aaXQuJVbevAtQTKNtIgG_nTqq7vVB_3V5ROh-ns2gXaPw1T2kiG--VyxnYKmVGVj9Wj5cZ5Q7qQQaeFDmhoxCwn-YoDjPAzSseUO7s_OPOf-kMZm7-T8j9IefxY66xa1Eli2VIj6EzgOUsFQIjkZh_J0xO_2dh038oT_MiQfjQfarMF_8fDA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 CTA_2lignes.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame 67F9 3 KB
3 KB 76ms
75ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/CTA_2lignes.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16d7264d40c92dad23bd3625cf3ea1bdf458ec5aca20c86e2a4e2942073a48c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:43:14 GMT
x-content-type-options: nosniff
age: 128567
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2908
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:43:14 GMT

GET
H2 200 tag239961 Show response
ads.revjet.com/ Frame 4526 245 KB
39 KB 98ms
97ms Script
text/javascript 88.198.56.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag239961?_plc_id=114401764&_key=16e&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOn8elsd2ZdjlCrmOxtYPgPqY4A7x7Yi9dKfW0uO2EfAuEAEgurnDjwFgwwSgAbmskIspyAEJqQJiLYh_9w6yPqgDAcgDmwSqBPwBT9C9DB70nYXSTolBOUxdXs7oJYRcvSDcAH77cNTAZm3rkgh2AOVwbpI2ZBuTUc4VVlS_bQ4amV-mVQCkYEW-LULxbgDbnenQoByrgSrSHVBvnBwk3bacxb43KjgSVLbvVoW32IzsakD9R0QlirHsht7Z1mMgQ2mL5FyOx-VZrhuFul8Z2BZZcHzezV1CCTRuabVJbvEbbvLQrShc3XGxBwyuxgMn2VRVYGq4EyQSV9YUUasnaqQUZkmUfiiUyXeg0usgbn_HPBlkYN5fQZVj8psAwPp6qAcB93BsS5WwTZBCVmUwiY-YPcMV96tra0vrcqYuFzt5w6HKQkW5wATW57rErATgBAOIBYmA0NdLkAYBoAZNgAe55ODqA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WPLdyPf6hoMDgAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAk5PsBOYt-oV2BMNiBQD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNDbXIFKEKrWMoU3s_ERRlHEuBdcrS_dVpe0uItZq45YnAfPqEFICxY9-B_hWOOeL67tGf9s_ED_Fj7lkkA0alzGfJyGizvyb4fu0YAQ%26sig%3DAOD64_3HDazWPbsf4Hlic8U066P9ApuvBA%26client%3Dca-pub-6227073263319178%26dbm_c%3DAKAmf-DoVKcNQtX8HYGtB495JWcRWZmKqiT6YK7eYuIqocqNs_OcV9YQ_Ci2D31k_IQngvpwnvO8BDiHHrrOWc4Yl-_AFppcdSIESVXLughVWq-G1ft6cVT5451j0Kdk59ltbztsFn3Vkp6NsRC4drmh6iIoVSK1z4gSFpnT5cLpP0RNHu4KxEE%26cry%3D1%26dbm_d%3DAKAmf-Cm99Dr65r-WRSTS4vYuFZ56CPgUoOFZv-K9nlLSM70J978-lmzkcJHjF7hVIs-kTJXB6r0bGq5EsTlBKx7hvioHzkDidnr4SQIL24XXX0lTs-Hq8MmB28QqZvL2bOk3v9IezW-otBIxnNVnrCXqX05wX8cT-SVxMJKrvUAaGTG45Xjl6Buw6mwHDW0g98CLnZXCwa75SAzTYT6WhpbUK-ADzJCyClXVwLJdxk1mg62N2spZrouxm6K_YsLWi7LJrZNFsjh5rnvUUXGozjf84Am9DqIVk6wDmdMcM7hIRKqOI_SSHAnYntwXY-0o7JSqmKvO_Xl70mu_Jsjx9O2Y5RtAOP-SyXR2Qiv5kuYASh9ZrmF5LhENASi_Iy_vfadipCEcdARx168Ic-dVymXI_QWf4IBbAU36cMGYgoi6bGC3GBjOgAS7jcrSaigcRSNsD6ghVRsr2mQsWxdVfmw9uJv-wy3rIk-ILUmh4mh5K26OmIT3HR9wamJtEKZawrlPNpoyXklwrMrIwRpx5LMYcQ994ZTEzslNawwudGfHEetrLgyZPE%26adurl%3D&dv360_cmp_id=20316422153&dv360_li_id=1013245296&dv360_crv_id=471316951&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-6227073263319178%26fa%3D1%26ifi%3D7%26uci%3Da!7%26btvi%3D3&_js_site_ref=https%3A%2F%2Fgekka-no-kasumi.com%2F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=d817dc3550baef423925_1702283161349&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fgekka-no-kasumi.com&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.2&_js_tstamp=1702283161354
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.198.56.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-56-59.clients.your-server.de
Software: nginx /
Resource Hash: 8c31ca0ce15aa3a6b129756c9330eb982bef6942aa83782048d71c3fb9d51afe

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:01 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip52770
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3 200 footer.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame C4F2 966 B
993 B 76ms
76ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/footer.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e6afb8779ad0f8807117dcf9e35a6e107dc9ebea37a2caa5bfa45ecae3491cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:56:40 GMT
x-content-type-options: nosniff
age: 210561
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 966
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 21:56:40 GMT

GET
H3 200 CTA_bg.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame 67F9 2 KB
2 KB 75ms
75ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/CTA_bg.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a09d95b1b8242c2cca4d97b1a50690a2bafb042966a7fddb91b0cb8917f3299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 02:20:25 GMT
x-content-type-options: nosniff
age: 194736
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1869
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 02:20:25 GMT

GET
H3 200 hero_aile_droite.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame C4F2 11 KB
11 KB 76ms
76ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_aile_droite.jpg?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43d3f6fa74e8bc27524ad482620e80bf4b3c94ea1cf239837ae74b8093866a81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 00:08:05 GMT
x-content-type-options: nosniff
age: 29876
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 00:08:05 GMT

GET
H3 200 footer.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame 67F9 966 B
993 B 75ms
75ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/footer.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e6afb8779ad0f8807117dcf9e35a6e107dc9ebea37a2caa5bfa45ecae3491cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:56:40 GMT
x-content-type-options: nosniff
age: 210561
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 966
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 21:56:40 GMT

GET
H2 200 elements-2.10.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame DE4F 167 KB
49 KB 336ms
190ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F719) /
Resource Hash: c3958950542c3d4350757a80f8b16785b6b72aafcccaa6deca82bb70b8be692e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:01 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 14:15:13 GMT
server: ECS (ska/F719)
age: 325
etag: "64ecabf1-29d9b+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 50474
expires: Mon, 11 Dec 2023 08:36:01 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame DE4F 43 B
170 B 263ms
81ms Image
image/gif 162.55.246.95
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=dfcd7c993ce6f00793d8ab83f25bbb5f&__adt=8240603831155482152&__ade=1&vid=5075855865865285428
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.246.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.95.246.55.162.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 11 Dec 2023 08:26:01 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 lifestyle_optimized.jpg
cdn.revjet.com/s3/csp/1671558630301/ Frame DE4F 33 KB
33 KB 49ms
48ms Image
image/jpeg 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1671558630301/lifestyle_optimized.jpg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F6FE) /
Resource Hash: 3e1406c94587637a7460b7a2089dc1db426ce759c728f4a5479215e1f9360a8b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:01 GMT
x-amz-version-id: GWmWzsiL4gZfS8p3bOBsR38yaINgc04d
age: 4684
x-amz-request-id: G4H7B4ENRTR02XES
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 33574
x-amz-id-2: pZ0gLiLFDd2vrxNSYDTeJdzM4AYwifIudWI13fDkIzWFlhbT8DfWPMRCdDXR6YnBZxTcnombzAE=
last-modified: Tue, 20 Dec 2022 17:50:32 GMT
server: ECS (ska/F6FE)
etag: "432e30fdf56b7e1babca672b7e5398e9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Tue, 12 Dec 2023 08:26:01 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame DE4F 56 KB
15 KB 50ms
49ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F70F) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:01 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 19:13:24 GMT
server: ECS (ska/F70F)
age: 544
etag: "62717ed4-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Mon, 11 Dec 2023 08:36:01 GMT

GET
H2 200 logo_word_black.svg
cdn.revjet.com/s3/csp/1662732637080/ Frame DE4F 3 KB
2 KB 89ms
87ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637080/logo_word_black.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F70E) /
Resource Hash: c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:01 GMT
content-encoding: gzip
x-amz-version-id: 6dP9WoKtkjdaRlsO3V7DUipbqdCKLzpR
age: 3940
x-amz-request-id: 5MFEA6FQQGYTF1SK
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1556
x-amz-id-2: TreaSVVlCtxpEyY3jeoHOGSoujiGTxn3/4JTyawl/OFqOMJTta0jS0SM8Ik3pHTPNRTw/P6OWmo=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (ska/F70E)
etag: "4e3f110ca066e6b8dc4a9827ae6e6f50+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 12 Dec 2023 08:26:01 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame DE4F 632 B
616 B 89ms
88ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F70A) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:01 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 33079
x-amz-request-id: 1M2NKMVPY4VC70CX
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: H+PM+1+vHVNwgIuwPi5stvTuxL6be8SLTQJgI5SOPMvnrjcnUgVtPJvpGrQFbS8Cqyw91lOKj8s=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (ska/F70A)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 12 Dec 2023 08:26:01 GMT

GET
H2 200 Logo-Wordmark-White.svg
cdn.revjet.com/s3/csp/1680256735421/ Frame DE4F 7 KB
4 KB 90ms
88ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680256735421/Logo-Wordmark-White.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F71B) /
Resource Hash: 63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:01 GMT
content-encoding: gzip
x-amz-version-id: AwNg3pZ_b3UTO1Gv2fLqLaH_CNFtNLJM
age: 38796
x-amz-request-id: JZ1K81HV81BS22FZ
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3628
x-amz-id-2: fhElGdsE4wnerpWXn3R2SEM4Yf+pGYTFYZg4dUyAQZPHlDvAcSWRx3xBEIxF0jmLndHo31Oir3I=
last-modified: Fri, 31 Mar 2023 09:58:57 GMT
server: ECS (ska/F71B)
etag: "6802dc95d8e5a742e4e3e3e09650a7c7+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 12 Dec 2023 08:26:01 GMT

GET
H2

200

B29306803.359271985;dc_pre=CIDFnvn6hoMDFaXkEQgdrLUKlQ;dc_trk_aid=550194765;dc_trk_cid=186938619;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1702283161408
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame DE4F
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29306803.359271985;dc_trk_aid=550194765;dc_trk_cid=186938619;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17022831...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29306803.359271985;dc_pre=CIDFnvn6hoMDFaXkEQgdrLUKlQ;dc_trk_aid=550194765;dc_trk_cid=186938619;dc_lat=;dc_rdid=;tag_for_chil...

42 B
118 B

98ms
98ms

Image
image/gif

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29306803.359271985;dc_pre=CIDFnvn6hoMDFaXkEQgdrLUKlQ;dc_trk_aid=550194765;dc_trk_cid=186938619;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1702283161408

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29306803.359271985;dc_pre=CIDFnvn6hoMDFaXkEQgdrLUKlQ;dc_trk_aid=550194765;dc_trk_cid=186938619;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1702283161408
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hero_aile_droite_mask.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame C4F2 4 KB
4 KB 75ms
75ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_aile_droite_mask.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aa038ccaccdac46ddec123ccab8c84adf244b0590b5bad805fa3042555b77b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:51:11 GMT
x-content-type-options: nosniff
age: 128090
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3847
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:51:11 GMT

GET
H2 200 162455845.woff
cdn.revjet.com/s3/fonts/162455845/ Frame DE4F 470 KB
470 KB 180ms
49ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162455845/162455845.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F709) /
Resource Hash: 6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:01 GMT
x-amz-version-id: kVq59ccinPiVDgarv_TkFQgofQrkf2s4
age: 62758
x-amz-request-id: 40H4AHNS2JFV12SZ
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 480984
x-amz-id-2: JBRJExbykgh6e1rr+OGg+vJCotzKJn89+0F751UtbHlXL+WXo6emGDBLviCWnNhh4bh+yPEq370=
last-modified: Thu, 16 Nov 2023 19:47:31 GMT
server: ECS (ska/F709)
etag: "a7d9ee6baf67661e8e26d1e5c04f7fd5"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Tue, 12 Dec 2023 08:26:01 GMT

GET
H3 200 hero_aile_droite.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame 67F9 11 KB
11 KB 77ms
77ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_aile_droite.jpg?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43d3f6fa74e8bc27524ad482620e80bf4b3c94ea1cf239837ae74b8093866a81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 00:08:05 GMT
x-content-type-options: nosniff
age: 29876
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 00:08:05 GMT

GET
H3 200 hero_aile_gauche.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame C4F2 14 KB
14 KB 75ms
75ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_aile_gauche.jpg?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a22e3c7d89e61398dc64b45ca7608cacf7405f6f552642769c4214f75038d3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:51:11 GMT
x-content-type-options: nosniff
age: 128090
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13900
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:51:11 GMT

GET
H2 200 GeorgiaW01Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/ Frame DE4F 33 KB
33 KB 80ms
49ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/GeorgiaW01Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F70C) /
Resource Hash: ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:01 GMT
last-modified: Fri, 04 Mar 2022 15:24:09 GMT
server: ECS (ska/F70C)
age: 86
etag: "62222f19-842c"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 33836
expires: Mon, 11 Dec 2023 08:36:01 GMT

GET
H2 200 162453298.woff
cdn.revjet.com/s3/fonts/162453298/ Frame DE4F 13 KB
13 KB 127ms
98ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162453298/162453298.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F71E) /
Resource Hash: 489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:01 GMT
x-amz-version-id: .Is8JR1jYDeMhMM7ZjPhsnsyUTdaBiJa
age: 52464
x-amz-request-id: WDJQN3R4MXPZTM7Z
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 12940
x-amz-id-2: 7+r004Wy9NN25U01XfH4HVTEdxxMUkJHxngjUGtI3gH/Jap/bBZx140/6DW7d1nHKo+bAGiIekQ=
last-modified: Thu, 16 Nov 2023 19:31:22 GMT
server: ECS (ska/F71E)
etag: "31b663ffd91c821398bdd07236df4b22"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Tue, 12 Dec 2023 08:26:01 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame DE4F 286 B
458 B 49ms
49ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F71D) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:01 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 30408
x-amz-request-id: QYD33TV4WKH6M7EE
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: 0cLtJ5cGYkOW/nfX1i7iVw1kR6wu6VliqeeTgHZblaxTkh7+svofA/Z7cl7kEP0sjXLIEKS+gps=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (ska/F71D)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 12 Dec 2023 08:26:01 GMT

GET
H3 200 hero_aile_droite_mask.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame 67F9 4 KB
4 KB 75ms
74ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_aile_droite_mask.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aa038ccaccdac46ddec123ccab8c84adf244b0590b5bad805fa3042555b77b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:51:11 GMT
x-content-type-options: nosniff
age: 128090
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3847
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:51:11 GMT

GET
H3 200 hero_aile_gauche_mask.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame C4F2 3 KB
3 KB 76ms
76ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_aile_gauche_mask.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5f52b2bc981cba3f144507b8256b6b64fa6eb5b7a1ac6cc83aec6d408ba7ded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:44:49 GMT
x-content-type-options: nosniff
age: 31272
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3186
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 09 Dec 2024 23:44:49 GMT

GET
H3 200 hero_aile_gauche.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame 67F9 14 KB
14 KB 75ms
74ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_aile_gauche.jpg?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a22e3c7d89e61398dc64b45ca7608cacf7405f6f552642769c4214f75038d3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:51:11 GMT
x-content-type-options: nosniff
age: 128090
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13900
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:51:11 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4526 42 B
174 B 113ms
113ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZMO1i2vrpeg25N7qYx9keZgLSWrfQHe3jP_Pt5yr7rJ6zztnPvLrJcYFsFANZ5LWhE0s9LZriIAVy_3_U_w7FtXPDO4BdmogV7n7QVMn9yvVxuR3nlZ12p0UY8MitM0ipZ-JwxMXAX377&sai=AMfl-YSV-iICIUJnuKBVLjhVadonVfMjlvgr3vXOUguIdLy_SJTxk_KdDF6qsxv95bLN3vStOSzFTOdvrFAhRFnwLiSlM_jU-r2J05OLuLS8VewfEy--3H7YtW8VwG6zZcXAlm_1vjoHBI5UQ6yxVlOC4x4HpZaOoAY93asz&sig=Cg0ArKJSzJ8nCtMgnQiPEAE&cid=CAQSTwDICaaNDbXIFKEKrWMoU3s_ERRlHEuBdcrS_dVpe0uItZq45YnAfPqEFICxY9-B_hWOOeL67tGf9s_ED_Fj7lkkA0alzGfJyGizvyb4fu0YAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702283159342&rpt=1440&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hero_arc.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame C4F2 5 KB
5 KB 76ms
75ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_arc.jpg?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3739e2f17787f5fcd80ff4714b96dc56841ee427bb6827fb70d788b1a77af1fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:47:27 GMT
x-content-type-options: nosniff
age: 128314
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4867
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:47:27 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3FDC 0
20 B 111ms
110ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6891383702718&version=m202309260101&ct=119&x=1&cor=6261006129961970000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hero_aile_gauche_mask.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame 67F9 3 KB
3 KB 77ms
77ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_aile_gauche_mask.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5f52b2bc981cba3f144507b8256b6b64fa6eb5b7a1ac6cc83aec6d408ba7ded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:44:49 GMT
x-content-type-options: nosniff
age: 31272
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3186
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 09 Dec 2024 23:44:49 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3FDC 42 B
108 B 110ms
110ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssthyVlMsErBvBpbBQ1409sJk75k7P80Uh28ls1Uu3iC1D_TROxwTCVX1GVnjyZp9HpKobCQydTjizPZ7T1Lb96KZ5FgfU-W_-79O_uZp-jIPMCqpQub9_7JhatQCsZK9-8s2bKRpOOYISV&sai=AMfl-YQvrVgt3MMU8W3rev5qR7EecVbeVdA-X1nfbIcuVVVIQI5JheVyw2sl5rITXEsOpPjCJAYL-A7TPiKqUhebl1BnhBdrsTyhEywzbp1HgoOrNmr8sq9k0NmulUz9ZhYUTEL1sxcNyafgR3yoZXLaeHrJ06SQFL2QwUkp&sig=Cg0ArKJSzHqd4vkhFC91EAE&cid=CAQSTwDICaaNDbXIFKEKrWMoU3s_ERRlHEuBdcrS_dVpe0uItZq45YnAfPqEFICxY9-B_hWOOeL67tGf9s_ED_Fj7lkkA0alzGfJyGizvyb4fu0YAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702283159310&rpt=591&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hero_arc_mask.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame C4F2 2 KB
2 KB 75ms
75ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_arc_mask.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c1fcbb01950ab0236ded2c62af221a31e38daa8ba8bd73fecac91402da8705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:44:49 GMT
x-content-type-options: nosniff
age: 31272
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2356
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 09 Dec 2024 23:44:49 GMT

GET
H3 200 hero_arc.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame 67F9 5 KB
5 KB 75ms
75ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_arc.jpg?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3739e2f17787f5fcd80ff4714b96dc56841ee427bb6827fb70d788b1a77af1fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:47:27 GMT
x-content-type-options: nosniff
age: 128314
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4867
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:47:27 GMT

GET
H2 200 1000
pix.revjet.com/interaction/ Frame DE4F 43 B
169 B 81ms
81ms Image
image/gif 162.55.246.95
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=dfcd7c993ce6f00793d8ab83f25bbb5f&__adt=8240603831155482152&__ade=1&vid=5075855865865285428&__clstampdif=445&__stamp=1702283161990
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.246.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.95.246.55.162.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 11 Dec 2023 08:26:02 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3 200 hero_perso.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame C4F2 13 KB
13 KB 75ms
75ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_perso.jpg?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

747c6addfd2413b959c79c25a91439206eb57ae02ea9bd5664405143ef223de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:43:03 GMT
x-content-type-options: nosniff
age: 200579
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13327
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 00:43:03 GMT

GET
H2 200 691803702_uc
cdn.revjet.com/s3/csp/1701857397530/ Frame DE4F 42 KB
42 KB 49ms
49ms Image
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1701857397530/691803702_uc
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F715) /
Resource Hash: b7999d913ac34171f67cce79c179416ca54ccd6350686a2d374ecc143ebd1a3e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:02 GMT
x-amz-version-id: eOfPlmMT1XAiv15WSTUwxkI7RVYNyZ2E
age: 77195
x-amz-request-id: N2W68E7CS6DKSKX7
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 42815
x-amz-id-2: EcoRJrNBTPHWdCv1FWzkGeinGWPvUR9I9XOPuG3qx2DxQR4SwxsqwniJky5sOt0vTxeUlHxgU6Q=
last-modified: Wed, 06 Dec 2023 10:09:58 GMT
server: ECS (ska/F715)
etag: "69798c7a9ff87d04ce15942871a1ccee"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Tue, 12 Dec 2023 08:26:02 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F572 0
20 B 110ms
110ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8454497976214&version=m202309260101&ct=119&x=1&cor=6295572874801820000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hero_arc_mask.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame 67F9 2 KB
2 KB 75ms
75ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_arc_mask.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c1fcbb01950ab0236ded2c62af221a31e38daa8ba8bd73fecac91402da8705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:44:49 GMT
x-content-type-options: nosniff
age: 31273
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2356
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 09 Dec 2024 23:44:49 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F572 42 B
64 B 214ms
214ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhpN8sSjRXz5TPXMG61eFQyYKStcHKde3YGQgZ6HDMhRwC0E_D_tgEuJvphezRqv_obWdFPOCVpwPjgt_SngIYQNrnEUlvyHJxg9I6bGj26uKWXqS89GWeF86aNZSA4j7FGQAyAukKlrwd&sai=AMfl-YRKQtjLL0jDz3noOtVrmlQFCtqHIiToSsrl06LxLBqVPcaRJprGh2d5AiFWA4Qm_uUHSNFq2b-5YEPf5qSF1O_JP9mpkA_makSBA07-cUSFuJLpt1iCmco0ZFv7iqDwLMVFAhPVN4wGxVjX2gTDtqBAJkYOcLBm76u9&sig=Cg0ArKJSzMTf6CHqqsvDEAE&cid=CAQSTwDICaaNDbXIFKEKrWMoU3s_ERRlHEuBdcrS_dVpe0uItZq45YnAfPqEFICxY9-B_hWOOeL67tGf9s_ED_Fj7lkkA0alzGfJyGizvyb4fu0YAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702283159325&rpt=1319&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hero_perso_mask.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame C4F2 3 KB
3 KB 168ms
168ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_perso_mask.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

657fbf62eea1048fca2d04b73ac0eeb62d3722fe232dd52f896c2c0e452584f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 10:36:48 GMT
x-content-type-options: nosniff
age: 337754
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2993
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Dec 2024 10:36:48 GMT

GET
H3 200 hero_perso.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame 67F9 13 KB
13 KB 161ms
161ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_perso.jpg?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

747c6addfd2413b959c79c25a91439206eb57ae02ea9bd5664405143ef223de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:43:03 GMT
x-content-type-options: nosniff
age: 200579
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13327
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 00:43:03 GMT

GET
H3 200 hero_perso_mask.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame 67F9 3 KB
3 KB 75ms
75ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_perso_mask.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

657fbf62eea1048fca2d04b73ac0eeb62d3722fe232dd52f896c2c0e452584f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 10:36:48 GMT
x-content-type-options: nosniff
age: 337754
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2993
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Dec 2024 10:36:48 GMT

GET
H3 200 hero_queue.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame C4F2 3 KB
3 KB 78ms
78ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_queue.jpg?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1086df38a170754eeb6e103d7a6b7e985b7dac21ee58431381a31865493697bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:45:49 GMT
x-content-type-options: nosniff
age: 175213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2898
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 07:45:49 GMT

GET
H3 200 hero_queue.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame 67F9 3 KB
3 KB 75ms
75ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_queue.jpg?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1086df38a170754eeb6e103d7a6b7e985b7dac21ee58431381a31865493697bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:45:49 GMT
x-content-type-options: nosniff
age: 175213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2898
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 07:45:49 GMT

GET
H3 200 hero_queue_mask.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame C4F2 992 B
1 KB 76ms
76ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_queue_mask.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d052eb319092f5a678b279318f8c23f1fb61e41f4cda5c68812a43fd278615c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 11:18:55 GMT
x-content-type-options: nosniff
age: 162427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 992
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 11:18:55 GMT

GET
H3 200 hero_queue_mask.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame 67F9 992 B
1 KB 75ms
75ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_queue_mask.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d052eb319092f5a678b279318f8c23f1fb61e41f4cda5c68812a43fd278615c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 11:18:55 GMT
x-content-type-options: nosniff
age: 162427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 992
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 11:18:55 GMT

GET
H3 200 light.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame C4F2 240 B
275 B 76ms
76ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/light.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

324ecd7340ad5d2b3159f93348854cd9cfcd7edcf34f6508e3ca4ffd7a063d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:25:47 GMT
x-content-type-options: nosniff
age: 248415
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 240
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 11:25:47 GMT

GET
H3 200 light.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame 67F9 240 B
275 B 75ms
74ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/light.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

324ecd7340ad5d2b3159f93348854cd9cfcd7edcf34f6508e3ca4ffd7a063d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:25:47 GMT
x-content-type-options: nosniff
age: 248415
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 240
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 11:25:47 GMT

GET
H3 200 logo_1.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame C4F2 5 KB
5 KB 75ms
75ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/logo_1.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ea6da7f66ffc4e7b4026c12ba6e669ff11620555c8dcfd2cb7ddcb3e8376b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:56:40 GMT
x-content-type-options: nosniff
age: 210562
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4702
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 21:56:40 GMT

GET
H3 200 logo_1.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame 67F9 5 KB
5 KB 75ms
74ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/logo_1.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ea6da7f66ffc4e7b4026c12ba6e669ff11620555c8dcfd2cb7ddcb3e8376b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:56:40 GMT
x-content-type-options: nosniff
age: 210562
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4702
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 21:56:40 GMT

GET
H3 200 logo_2.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame C4F2 5 KB
5 KB 75ms
75ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/logo_2.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a6a220226db4936bcab37bb045ce68aae5da7bfa1bb1e94251c57f8def5266e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:56:32 GMT
x-content-type-options: nosniff
age: 196170
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5316
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 01:56:32 GMT

GET
H3 200 logo_2.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame 67F9 5 KB
5 KB 75ms
75ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/logo_2.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a6a220226db4936bcab37bb045ce68aae5da7bfa1bb1e94251c57f8def5266e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:56:32 GMT
x-content-type-options: nosniff
age: 196170
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5316
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 01:56:32 GMT

GET
H3 200 pegi.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame C4F2 758 B
793 B 79ms
79ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/pegi.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72c5a077497c33886c4f42b050cc9714d7c022168299342ae9a12237222ce213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 23:04:26 GMT
x-content-type-options: nosniff
age: 206496
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 758
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 23:04:26 GMT

GET
H3 200 pegi.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame 67F9 758 B
793 B 75ms
74ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/pegi.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72c5a077497c33886c4f42b050cc9714d7c022168299342ae9a12237222ce213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 23:04:26 GMT
x-content-type-options: nosniff
age: 206496
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 758
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 23:04:26 GMT

GET
H3 200 playstation_charte.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame C4F2 3 KB
3 KB 77ms
77ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/playstation_charte.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77a925183c2fa15958c5f2e56ab6a4d330e2b0296f9af4d8b95398677bf96379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:44:49 GMT
x-content-type-options: nosniff
age: 31273
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2665
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 09 Dec 2024 23:44:49 GMT

GET
H3 200 playstation_charte.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame 67F9 3 KB
3 KB 75ms
75ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/playstation_charte.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77a925183c2fa15958c5f2e56ab6a4d330e2b0296f9af4d8b95398677bf96379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:44:49 GMT
x-content-type-options: nosniff
age: 31273
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2665
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 09 Dec 2024 23:44:49 GMT

GET
H3 200 sun.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame C4F2 6 KB
6 KB 81ms
80ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/sun.jpg?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdcc9205fe74aab84dd7c95a500dc9c763576da670639444c8c4b70a5d8f2511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 10:36:49 GMT
x-content-type-options: nosniff
age: 337753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6133
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Dec 2024 10:36:49 GMT

GET
H3 200 sun.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame 67F9 6 KB
6 KB 76ms
75ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/sun.jpg?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdcc9205fe74aab84dd7c95a500dc9c763576da670639444c8c4b70a5d8f2511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 10:36:49 GMT
x-content-type-options: nosniff
age: 337753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6133
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Dec 2024 10:36:49 GMT

GET
H2 200 900
pix.revjet.com/interaction/ Frame DE4F 43 B
169 B 81ms
80ms Image
image/gif 162.55.246.95
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/900?__ads=dfcd7c993ce6f00793d8ab83f25bbb5f&vid=5075855865865285428&__adt=8240603831155482152&__ade=1&latent=0&vis_type=8&__stamp=1702283162999
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.246.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.95.246.55.162.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 11 Dec 2023 08:26:03 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4526 0
20 B 110ms
110ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9780597968167&version=m202309260101&ct=77&x=1&cor=511873818284549250

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 NIN1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 95 KB
0 321ms
320ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/NIN1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:03 GMT
last-modified: Thu, 13 Oct 2022 08:29:35 GMT
server: nginx
etag: "44f11-5eae64f2d7cba"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 282385
expires: Mon, 18 Dec 2023 08:26:03 GMT

GET
H2 200 MNK1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 207 KB
207 KB 320ms
319ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/MNK1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 297c0d7825ebb6743ab5898c1f7c12c459c975cc8999eae82c0e62bab5f45b74

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:03 GMT
last-modified: Thu, 13 Oct 2022 08:29:49 GMT
server: nginx
etag: "33abb-5eae6500732ca"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 211643
expires: Mon, 18 Dec 2023 08:26:03 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 60ms
59ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FPC3XEC025&gtm=45je3bt0v9114174993z89114528700&_p=1702283155453&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=998381432.1702283156&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEII&ngs=1&sid=1702283157&sct=1&seg=0&dl=https%3A%2F%2Fgekka-no-kasumi.com%2F&dt=%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E&_s=2&tfd=12591
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FPC3XEC025&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gekka-no-kasumi.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gekka-no-kasumi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 59ms
59ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8PC0V2T516&gtm=45je3bt0v9114528700&_p=1702283155453&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=998381432.1702283156&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEII&sid=1702283157&sct=1&seg=0&dl=https%3A%2F%2Fgekka-no-kasumi.com%2F&dt=%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E&_s=2&tfd=12593
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8PC0V2T516&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gekka-no-kasumi.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gekka-no-kasumi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 DRG1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 261 KB
261 KB 312ms
311ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRG1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 1b92d601922abf7afc05dc7c5840db3d92ccce7e0f2c2cd0394c7542867e9407

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:06 GMT
last-modified: Thu, 13 Oct 2022 08:29:56 GMT
server: nginx
etag: "413f3-5eae6506ade45"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 267251
expires: Mon, 18 Dec 2023 08:26:06 GMT

GET
H2 200 d2d926fb819b45dfa93478b2525ee746.jpg
img01.ztat.net/article/spp-media-p1/21f7ebf416144ce781f1d07083d0ef25/ Frame DE4F 18 KB
18 KB 238ms
76ms Image
image/webp 2600:9000:2251:9000:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/21f7ebf416144ce781f1d07083d0ef25/d2d926fb819b45dfa93478b2525ee746.jpg?imwidth=350
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9000:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec16c12206913d7d2fc5ba2380b9d9ef82e379aaa1b1ece092a613a98edfe95d

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 23:01:11 GMT
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
age: 1157097
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 18104
x-amz-expiration: expiry-date="Sun, 10 Dec 2023 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Thu, 31 Aug 2023 22:00:04 GMT
server: AmazonS3
etag: "f555a2755960a678ef279f610dff81a5"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: JEi27FksunhVG53kxeqycZlRC36i6IY7nmN9BlohCuuzbBoDD4r1aA==

GET
H2 200 48bb343072a3475f915aa2fa2041be41.jpg
img01.ztat.net/article/spp-media-p1/d66bde96bc584eb58b8248cf787e5ce1/ Frame DE4F 3 KB
4 KB 244ms
82ms Image
image/webp 2600:9000:2251:9000:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/d66bde96bc584eb58b8248cf787e5ce1/48bb343072a3475f915aa2fa2041be41.jpg?imwidth=350
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9000:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de01b02c32cd94cfaee6d0260f191e1baf22a064ee1b6b0c60fe969ed14d3dc2

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 00:54:01 GMT
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
age: 891127
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3570
x-amz-expiration: expiry-date="Sun, 11 Feb 2024 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Thu, 02 Nov 2023 00:38:32 GMT
server: AmazonS3
etag: "e905a39cf0b066644e0b904618e53e5a"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: -rWJR9g4HySAD6zdko6SCOFZwMzJkDlorj6-9modyxS-ZnHqYxzSrQ==

GET
H2 200 6f1b699a209b409ba31fa1c47153f865.jpg
img01.ztat.net/article/spp-media-p1/eb179bdf356e4d48801eef1be36c9f56/ Frame DE4F 5 KB
6 KB 288ms
126ms Image
image/webp 2600:9000:2251:9000:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/eb179bdf356e4d48801eef1be36c9f56/6f1b699a209b409ba31fa1c47153f865.jpg?imwidth=350
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9000:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Skipper /
Resource Hash: 0a83e3b5a0a3be4db1cb6f9a49549147520663af739c10d426fe31e5328a6095

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 23:01:10 GMT
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
server: Skipper
age: 1157097
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: MDXGmPsf4fOxq9nK1-cbRRZc963p8SYZoRkJvR1TCBLBbBdEnOKaOA==

GET
H2 200 53e583cb95d44fae9597147c0b3a0529.jpg
img01.ztat.net/article/spp-media-p1/1493dbb49cf7435d9e2259f0233f396f/ Frame DE4F 6 KB
6 KB 248ms
87ms Image
image/webp 2600:9000:2251:9000:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/1493dbb49cf7435d9e2259f0233f396f/53e583cb95d44fae9597147c0b3a0529.jpg?imwidth=350
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9000:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Skipper /
Resource Hash: 0bfc2b0a78e4cbf4022f7fc07771e90bf21a24c88f7b10701dd7da8fc2801d31

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 23:01:13 GMT
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
server: Skipper
age: 1157094
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: yP5izQG67_wsYA1ZxUTDJtLo5TA8i5EpAMcj4ENCkzPo5rDqqRjg3g==

GET
H2 200 SAM1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 244 KB
244 KB 311ms
311ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/SAM1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 695e0b318a3127cd115b3fcc46944461c1545157479c1d01feb0d0c58f904149

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:09 GMT
last-modified: Thu, 13 Oct 2022 08:30:05 GMT
server: nginx
etag: "3cf57-5eae650fff9ef"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 249687
expires: Mon, 18 Dec 2023 08:26:09 GMT

GET
H2 200 901
pix.revjet.com/interaction/ Frame DE4F 43 B
169 B 81ms
80ms Image
image/gif 162.55.246.95
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/901?__ads=dfcd7c993ce6f00793d8ab83f25bbb5f&vid=5075855865865285428&__adt=8240603831155482152&__ade=1&latent=0&vis_type=8&__stamp=1702283170531
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.246.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.95.246.55.162.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 11 Dec 2023 08:26:10 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 dc_oe=ChMIvPKj-PqGgwMVF4WDBx2b2griEAAYACCqzM5iQhMI1ojN9_qGgwMVOYfRBB0APQbs;dc_eps=AHas8cC6j_nR7blIOewF3cv1tjSaiRdEK56BAi1gsS1ja70HRc2c6NsEyHJrhGWofTmZDXUEOJmyy0U;met=1;&timestamp=1702283170836;eid1...
ade.googlesyndication.com/ddm/activity/ Frame 3FDC 42 B
401 B 283ms
112ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIvPKj-PqGgwMVF4WDBx2b2griEAAYACCqzM5iQhMI1ojN9_qGgwMVOYfRBB0APQbs;dc_eps=AHas8cC6j_nR7blIOewF3cv1tjSaiRdEK56BAi1gsS1ja70HRc2c6NsEyHJrhGWofTmZDXUEOJmyy0U;met=1;&timestamp=1702283170836;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIlrPW-PqGgwMVr539Bx2kUgbREAAYACCqzM5iQhMI14jN9_qGgwMVOYfRBB0APQbs;dc_eps=AHas8cDoLzY9ap1DvtlzvEGAc3sqOFWjxzC4CswCBaXZ4O1R8GfZSibGDed6F6MJUy-UIGTK554D5GA;met=1;&timestamp=1702283170994;eid1...
ade.googlesyndication.com/ddm/activity/ Frame F572 42 B
107 B 124ms
112ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIlrPW-PqGgwMVr539Bx2kUgbREAAYACCqzM5iQhMI14jN9_qGgwMVOYfRBB0APQbs;dc_eps=AHas8cDoLzY9ap1DvtlzvEGAc3sqOFWjxzC4CswCBaXZ4O1R8GfZSibGDed6F6MJUy-UIGTK554D5GA;met=1;&timestamp=1702283170994;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SAM1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 223 KB
0 313ms
312ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/SAM1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:12 GMT
last-modified: Thu, 13 Oct 2022 08:30:05 GMT
server: nginx
etag: "3cf57-5eae650fff9ef"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 249687
expires: Mon, 18 Dec 2023 08:26:12 GMT

GET
H2 200 RPR1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 250 KB
251 KB 312ms
312ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/RPR1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 3178bb1690f47a0d14c672e294c63adde0592e2afc80d46c8fcd72206ee09d5d

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:12 GMT
last-modified: Thu, 13 Oct 2022 08:30:13 GMT
server: nginx
etag: "3e9d7-5eae65175e543"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 256471
expires: Mon, 18 Dec 2023 08:26:12 GMT

GET
H2 200 DRK1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 245 KB
245 KB 311ms
311ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRK1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: e98b27d59723cdf19cb87b69322d9b4aa0c9a4eb3402cf8944ea94a3e082de3e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:15 GMT
last-modified: Thu, 13 Oct 2022 08:30:21 GMT
server: nginx
etag: "3d291-5eae651e9adb9"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 250513
expires: Mon, 18 Dec 2023 08:26:15 GMT

GET
H2 200 902
pix.revjet.com/interaction/ Frame DE4F 43 B
169 B 81ms
81ms Image
image/gif 162.55.246.95
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/902?__ads=dfcd7c993ce6f00793d8ab83f25bbb5f&vid=5075855865865285428&__adt=8240603831155482152&__ade=1&latent=0&vis_type=8&__stamp=1702283178054
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.246.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.95.246.55.162.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 11 Dec 2023 08:26:18 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 DRK1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 111 KB
0 313ms
312ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRK1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:18 GMT
last-modified: Thu, 13 Oct 2022 08:30:21 GMT
server: nginx
etag: "3d291-5eae651e9adb9"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 250513
expires: Mon, 18 Dec 2023 08:26:18 GMT

GET
H2 200 GNB1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 213 KB
213 KB 312ms
312ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/GNB1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: ed3c5bf39d8a53722d045a9d7688bc17e6940df622fafcd0651baf6bac741636

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:18 GMT
last-modified: Thu, 13 Oct 2022 08:30:29 GMT
server: nginx
etag: "352cc-5eae6526c4b09"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 217804
expires: Mon, 18 Dec 2023 08:26:18 GMT

GET
H2 200 GNB1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 213 KB
213 KB 312ms
312ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/GNB1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: ed3c5bf39d8a53722d045a9d7688bc17e6940df622fafcd0651baf6bac741636

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:19 GMT
last-modified: Thu, 13 Oct 2022 08:30:29 GMT
server: nginx
etag: "352cc-5eae6526c4b09"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 217804
expires: Mon, 18 Dec 2023 08:26:19 GMT

GET
H2 200 dc_oe=ChMIvPKj-PqGgwMVF4WDBx2b2griEAAYACCqzM5iQhMI1ojN9_qGgwMVOYfRBB0APQbs;dc_eps=AHas8cC6j_nR7blIOewF3cv1tjSaiRdEK56BAi1gsS1ja70HRc2c6NsEyHJrhGWofTmZDXUEOJmyy0U;met=1;&timestamp=1702283180848;eid1...
ade.googlesyndication.com/ddm/activity/ Frame 3FDC 42 B
107 B 128ms
112ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIlrPW-PqGgwMVr539Bx2kUgbREAAYACCqzM5iQhMI14jN9_qGgwMVOYfRBB0APQbs;dc_eps=AHas8cDoLzY9ap1DvtlzvEGAc3sqOFWjxzC4CswCBaXZ4O1R8GfZSibGDed6F6MJUy-UIGTK554D5GA;met=1;&timestamp=1702283181002;eid1...
ade.googlesyndication.com/ddm/activity/ Frame F572 42 B
107 B 114ms
113ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 08:26:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 NIN1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 276 KB
276 KB 312ms
312ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/NIN1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 16c882993a940c7402192bffff614fdbd22968efca99bac650063e7acc4dfa1b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:21 GMT
last-modified: Thu, 13 Oct 2022 08:29:35 GMT
server: nginx
etag: "44f11-5eae64f2d7cba"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 282385
expires: Mon, 18 Dec 2023 08:26:21 GMT

GET
H2 200 MNK1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 207 KB
207 KB 623ms
623ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/MNK1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 297c0d7825ebb6743ab5898c1f7c12c459c975cc8999eae82c0e62bab5f45b74

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:24 GMT
last-modified: Thu, 13 Oct 2022 08:29:49 GMT
server: nginx
etag: "33abb-5eae6500732ca"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 211643
expires: Mon, 18 Dec 2023 08:26:24 GMT

GET
H2 200 903
pix.revjet.com/interaction/ Frame DE4F 43 B
169 B 80ms
80ms Image
image/gif 162.55.246.95
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/903?__ads=dfcd7c993ce6f00793d8ab83f25bbb5f&vid=5075855865865285428&__adt=8240603831155482152&__ade=1&latent=0&vis_type=8&__stamp=1702283185580
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.246.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.95.246.55.162.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 11 Dec 2023 08:26:25 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 MNK1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 207 KB
207 KB 311ms
311ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/MNK1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 297c0d7825ebb6743ab5898c1f7c12c459c975cc8999eae82c0e62bab5f45b74

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:26:25 GMT
last-modified: Thu, 13 Oct 2022 08:29:49 GMT
server: nginx
etag: "33abb-5eae6500732ca"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 211643
expires: Mon, 18 Dec 2023 08:26:25 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ir-jp.amazon-adsystem.com
URL: https://ir-jp.amazon-adsystem.com/e/ir?t=harukasetsuna-22&language=ja_JP&l=li2&o=9&a=B071WK62JG

Domain: ir-jp.amazon-adsystem.com
URL: https://ir-jp.amazon-adsystem.com/e/ir?t=harukasetsuna-22&language=ja_JP&l=li2&o=9&a=4757579004

Domain: ir-jp.amazon-adsystem.com
URL: https://ir-jp.amazon-adsystem.com/e/ir?t=harukasetsuna-22&language=ja_JP&l=li2&o=9&a=B08W3SL6T7

Domain: ir-jp.amazon-adsystem.com
URL: https://ir-jp.amazon-adsystem.com/e/ir?t=harukasetsuna-22&language=ja_JP&l=li2&o=9&a=B09SG3RW69

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gekka-no-kasumi.com/	1970-01-21 02:27:23	Name: _ga_561MLEJ5LJ Value: GS1.1.1702283155.1.0.1702283155.0.0.0
.gekka-no-kasumi.com/	1970-01-21 02:27:23	Name: _ga Value: GA1.2.998381432.1702283156
.gekka-no-kasumi.com/	1970-01-20 16:52:49	Name: _gid Value: GA1.2.760512584.1702283159
.gekka-no-kasumi.com/	1970-01-20 16:51:23	Name: _gat_gtag_UA_214735621_1 Value: 1
.gekka-no-kasumi.com/	1970-01-20 16:51:23	Name: _gat_gtag_UA_214735621_2 Value: 1
.doubleclick.net/	1970-01-21 02:27:23	Name: IDE Value: AHWqTUmMg9376pnayfBG4AL7v0q7yoRRMgpmII-5ZynmbdVoFz8ExcgQNPmHIjFH
.gekka-no-kasumi.com/	1970-01-21 02:12:59	Name: __gads Value: ID=f56a739d32f5e926:T=1702283158:RT=1702283158:S=ALNI_MZBjf0jmCeKHQrzEBKknH_DdREu-A
.gekka-no-kasumi.com/	1970-01-21 02:12:59	Name: __gpi Value: UID=00000d1376cd2018:T=1702283158:RT=1702283158:S=ALNI_MYWuugW8jYw_MAJrB1-l-eXOKqI6A
.casalemedia.com/	1970-01-20 19:00:59	Name: CMPS Value: 4492
.adnxs.com/	1970-01-20 19:00:59	Name: uuid2 Value: 1530617982101949469
.casalemedia.com/	1970-01-21 01:36:59	Name: CMID Value: ZXbHlwK09kWiuI8SsisK1AAA
.casalemedia.com/	1970-01-20 19:00:59	Name: CMPRO Value: 4492
.doubleclick.net/	1970-01-20 16:51:26	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 21:10:35	Name: APC Value: AfxxVi753AQQTpWEPl_pqwiRlO2R12hdntKmDEOX-u4_7jXzjjDKkg
.adnxs.com/	1970-01-20 19:00:59	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU(mV?e7!]tbPl1M>e)ZlrFUfJ+tGXxoiY2B)@G52$c>6OR:WpK_!LxkIlc?3GClX3!UbpRzqF1`b_vY:8*'
.gekka-no-kasumi.com/	1970-01-21 02:27:23	Name: _ga_FPC3XEC025 Value: GS1.1.1702283157.1.0.1702283160.0.0.0
.gekka-no-kasumi.com/	1970-01-21 02:27:23	Name: _ga_8PC0V2T516 Value: GS1.1.1702283157.1.0.1702283160.0.0.0
.doubleclick.net/	1970-01-20 17:34:35	Name: ar_debug Value: 1
.revjet.com/	1970-01-21 02:27:23	Name: trx Value: 5075855865865285428
.revjet.com/	1970-01-20 16:52:49	Name: ads Value: dfcd7c993ce6f00793d8ab83f25bbb5f

40 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://gekka-no-kasumi.com/ Message: Mixed Content: The page at 'https://gekka-no-kasumi.com/' was loaded over HTTPS, but requested an insecure element 'http://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E_%E7%99%BD%E6%96%87%E5%AD%97.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gekka-no-kasumi.com/ Message: Mixed Content: The page at 'https://gekka-no-kasumi.com/' was loaded over HTTPS, but requested an insecure element 'http://gekka-no-kasumi.com/wp-content/uploads/2022/01/%E5%85%A8%E8%88%AC.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gekka-no-kasumi.com/ Message: Mixed Content: The page at 'https://gekka-no-kasumi.com/' was loaded over HTTPS, but requested an insecure element 'http://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E_%E7%99%BD%E6%96%87%E5%AD%97.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gekka-no-kasumi.com/ Message: Mixed Content: The page at 'https://gekka-no-kasumi.com/' was loaded over HTTPS, but requested an insecure element 'http://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E_%E7%99%BD%E6%96%87%E5%AD%97.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gekka-no-kasumi.com/(Line 833) Message: Mixed Content: The page at 'https://gekka-no-kasumi.com/' was loaded over HTTPS, but requested an insecure element 'http://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E_%E7%99%BD%E6%96%87%E5%AD%97.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gekka-no-kasumi.com/(Line 833) Message: Mixed Content: The page at 'https://gekka-no-kasumi.com/' was loaded over HTTPS, but requested an insecure element 'http://gekka-no-kasumi.com/wp-content/uploads/2022/01/%E5%85%A8%E8%88%AC.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gekka-no-kasumi.com/(Line 1465) Message: Mixed Content: The page at 'https://gekka-no-kasumi.com/' was loaded over HTTPS, but requested an insecure element 'http://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E3%83%98%E3%83%83%E3%83%80%E3%83%BC%E8%83%8C%E6%99%AF%E8%A9%A6%E4%BD%9C5.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gekka-no-kasumi.com/(Line 1465) Message: Mixed Content: The page at 'https://gekka-no-kasumi.com/' was loaded over HTTPS, but requested an insecure element 'http://gekka-no-kasumi.com/wp-content/uploads/2022/10/004-2_maru.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gekka-no-kasumi.com/(Line 1748) Message: Mixed Content: The page at 'https://gekka-no-kasumi.com/' was loaded over HTTPS, but requested an insecure element 'http://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E_%E7%99%BD%E6%96%87%E5%AD%97.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gekka-no-kasumi.com/(Line 1748) Message: Mixed Content: The page at 'https://gekka-no-kasumi.com/' was loaded over HTTPS, but requested an insecure element 'http://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E_%E7%99%BD%E6%96%87%E5%AD%97.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%81%95%E3%81%8F%E3%82%89%E3%81%8E%E8%9B%8D%E9%9B%AA&fonts[str]=44Kr44OG44K044Oq44O8RjE06Zai6YCj44Kw44OD44K644Of44Op44OX44Ks44Oz44OW44Os44Kk5pqX6buS6aiO5aOr44OR5L6N56uc44Oi44Kv5b%2BN6ICFUSZB44Go44Oh44K744K444G444Gu5Zue562U6LOq5ZWP44O744GK5L6%2F44KK44Kz44OK6YGZ44GL44KJ55%2Bl44Gb5Yil5paw552A6KiY5LqL5pyA44Ob44OgMA%3D%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%81%95%E3%81%8F%E3%82%89%E3%81%8E%E8%9B%8D%E9%9B%AA&fonts[str]=44Kr44OG44K044Oq44O8RjE06Zai6YCj44Kw44OD44K644Of44Op44OX44Ks44Oz44OW44Os44Kk5pqX6buS6aiO5aOr44OR5L6N56uc44Oi44Kv5b%2BN6ICFUSZB44Go44Oh44K744K444G444Gu5Zue562U6LOq5ZWP44O744GK5L6%2F44KK44Kz44OK6YGZ44GL44KJ55%2Bl44Gb5Yil5paw552A6KiY5LqL5pyA44Ob44OgMA%3D%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%81%95%E3%81%8F%E3%82%89%E3%81%8E%E8%9B%8D%E9%9B%AA&fonts[str]=44Kr44OG44K044Oq44O8RjE06Zai6YCj44Kw44OD44K644Of44Op44OX44Ks44Oz44OW44Os44Kk5pqX6buS6aiO5aOr44OR5L6N56uc44Oi44Kv5b%2BN6ICFUSZB44Go44Oh44K744K444G444Gu5Zue562U6LOq5ZWP44O744GK5L6%2F44KK44Kz44OK6YGZ44GL44KJ55%2Bl44Gb5Yil5paw552A6KiY5LqL5pyA44Ob44OgMA%3D%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%81%95%E3%81%8F%E3%82%89%E3%81%8E%E8%9B%8D%E9%9B%AA&fonts[str]=44Kr44OG44K044Oq44O8RjE06Zai6YCj44Kw44OD44K644Of44Op44OX44Ks44Oz44OW44Os44Kk5pqX6buS6aiO5aOr44OR5L6N56uc44Oi44Kv5b%2BN6ICFUSZB44Go44Oh44K744K444G444Gu5Zue562U6LOq5ZWP44O744GK5L6%2F44KK44Kz44OK6YGZ44GL44KJ55%2Bl44Gb5Yil5paw552A6KiY5LqL5pyA44Ob44OgMA%3D%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%83%AA%E3%83%A5%E3%82%A6%E3%83%9F%E3%83%B3%20R-KL&fonts[str]=fC7mnIjkuIvjg47pnJ7pgZnvvLzmsJfou73jgavjg5Xjgqnjg63jg7zjgZfjgabjga3vvIHvvI%2FjgrPjg5RMSU5FUG9ja2V044Gv44OWRmFiVHdpcuOCt%2BOCp%2BOCouOBmeOCiyhkc3lnbD1uW10pcHVoe30744OX44Op44Kk44OQ44Od44Oq44GK5ZWP44GE5ZCI44KP44Gb44Gd44Gu5LuW44CB5LuV5...fjgb7jg7vmiKbpl5jlhajoiKzphY3kv6HopovjgarjgaPjgYzjgrrnp7vooYzlvozmsLTpgYHmmYLjgr%2FjgrLjg4jjgY%2FpgKPmiZPjgZXjgozjgojjgYLoh6rli5VRJkHjgajjgZHjgbg2NOS%2Bv%2BOBoeWIpeODoOi2o%2BWRs%2BWAi%2BS6uueahOOCquOCuea8q%2BeUu%2BODi%2BOCk%2BOCgueUsemAgeOCr%2BOCqOWGheWuueODiuWMv%2BWQjeOCsOS9k%2BODpeaghOOBiOiJr%2BaAneaEn%2BaDs%2BOCo%2BODieWsieiomOOBnOOBsuODs%2BW5uOOCq%2BODhuOCtOiqreOCgDPjgJDjgJHmmpfpu5LpqI7lo6vnhYnnjYTnt6jpm7blvI%2FlsaTpq5jngavlipvjgq3kvovjg6zlv43ogIV244KB44Oe56ucNTnop6Poqqzlv5znlKjmnIDmlrDnnYDnn6Xjg5s%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%83%AA%E3%83%A5%E3%82%A6%E3%83%9F%E3%83%B3%20R-KL&fonts[str]=fC7mnIjkuIvjg47pnJ7pgZnvvLzmsJfou73jgavjg5Xjgqnjg63jg7zjgZfjgabjga3vvIHvvI%2FjgrPjg5RMSU5FUG9ja2V044Gv44OWRmFiVHdpcuOCt%2BOCp%2BOCouOBmeOCiyhkc3lnbD1uW10pcHVoe30744OX44Op44Kk44OQ44Od44Oq44GK5ZWP44GE5ZCI44KP44Gb44Gd44Gu5LuW44CB5LuV5...fjgb7jg7vmiKbpl5jlhajoiKzphY3kv6HopovjgarjgaPjgYzjgrrnp7vooYzlvozmsLTpgYHmmYLjgr%2FjgrLjg4jjgY%2FpgKPmiZPjgZXjgozjgojjgYLoh6rli5VRJkHjgajjgZHjgbg2NOS%2Bv%2BOBoeWIpeODoOi2o%2BWRs%2BWAi%2BS6uueahOOCquOCuea8q%2BeUu%2BODi%2BOCk%2BOCgueUsemAgeOCr%2BOCqOWGheWuueODiuWMv%2BWQjeOCsOS9k%2BODpeaghOOBiOiJr%2BaAneaEn%2BaDs%2BOCo%2BODieWsieiomOOBnOOBsuODs%2BW5uOOCq%2BODhuOCtOiqreOCgDPjgJDjgJHmmpfpu5LpqI7lo6vnhYnnjYTnt6jpm7blvI%2FlsaTpq5jngavlipvjgq3kvovjg6zlv43ogIV244KB44Oe56ucNTnop6Poqqzlv5znlKjmnIDmlrDnnYDnn6Xjg5s%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%83%AA%E3%83%A5%E3%82%A6%E3%83%9F%E3%83%B3%20R-KL&fonts[str]=fC7mnIjkuIvjg47pnJ7pgZnvvLzmsJfou73jgavjg5Xjgqnjg63jg7zjgZfjgabjga3vvIHvvI%2FjgrPjg5RMSU5FUG9ja2V044Gv44OWRmFiVHdpcuOCt%2BOCp%2BOCouOBmeOCiyhkc3lnbD1uW10pcHVoe30744OX44Op44Kk44OQ44Od44Oq44GK5ZWP44GE5ZCI44KP44Gb44Gd44Gu5LuW44CB5LuV5...fjgb7jg7vmiKbpl5jlhajoiKzphY3kv6HopovjgarjgaPjgYzjgrrnp7vooYzlvozmsLTpgYHmmYLjgr%2FjgrLjg4jjgY%2FpgKPmiZPjgZXjgozjgojjgYLoh6rli5VRJkHjgajjgZHjgbg2NOS%2Bv%2BOBoeWIpeODoOi2o%2BWRs%2BWAi%2BS6uueahOOCquOCuea8q%2BeUu%2BODi%2BOCk%2BOCgueUsemAgeOCr%2BOCqOWGheWuueODiuWMv%2BWQjeOCsOS9k%2BODpeaghOOBiOiJr%2BaAneaEn%2BaDs%2BOCo%2BODieWsieiomOOBnOOBsuODs%2BW5uOOCq%2BODhuOCtOiqreOCgDPjgJDjgJHmmpfpu5LpqI7lo6vnhYnnjYTnt6jpm7blvI%2FlsaTpq5jngavlipvjgq3kvovjg6zlv43ogIV244KB44Oe56ucNTnop6Poqqzlv5znlKjmnIDmlrDnnYDnn6Xjg5s%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%83%AA%E3%83%A5%E3%82%A6%E3%83%9F%E3%83%B3%20R-KL&fonts[str]=fC7mnIjkuIvjg47pnJ7pgZnvvLzmsJfou73jgavjg5Xjgqnjg63jg7zjgZfjgabjga3vvIHvvI%2FjgrPjg5RMSU5FUG9ja2V044Gv44OWRmFiVHdpcuOCt%2BOCp%2BOCouOBmeOCiyhkc3lnbD1uW10pcHVoe30744OX44Op44Kk44OQ44Od44Oq44GK5ZWP44GE5ZCI44KP44Gb44Gd44Gu5LuW44CB5LuV5...fjgb7jg7vmiKbpl5jlhajoiKzphY3kv6HopovjgarjgaPjgYzjgrrnp7vooYzlvozmsLTpgYHmmYLjgr%2FjgrLjg4jjgY%2FpgKPmiZPjgZXjgozjgojjgYLoh6rli5VRJkHjgajjgZHjgbg2NOS%2Bv%2BOBoeWIpeODoOi2o%2BWRs%2BWAi%2BS6uueahOOCquOCuea8q%2BeUu%2BODi%2BOCk%2BOCgueUsemAgeOCr%2BOCqOWGheWuueODiuWMv%2BWQjeOCsOS9k%2BODpeaghOOBiOiJr%2BaAneaEn%2BaDs%2BOCo%2BODieWsieiomOOBnOOBsuODs%2BW5uOOCq%2BODhuOCtOiqreOCgDPjgJDjgJHmmpfpu5LpqI7lo6vnhYnnjYTnt6jpm7blvI%2FlsaTpq5jngavlipvjgq3kvovjg6zlv43ogIV244KB44Oe56ucNTnop6Poqqzlv5znlKjmnIDmlrDnnYDnn6Xjg5s%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%81%97%E3%81%BE%E3%81%AA%E3%81%BF&fonts[str]=44K%2F44Oz44Kv44Oh44Os44O8MA%3D%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%81%97%E3%81%BE%E3%81%AA%E3%81%BF&fonts[str]=44K%2F44Oz44Kv44Oh44Os44O8MA%3D%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%81%97%E3%81%BE%E3%81%AA%E3%81%BF&fonts[str]=44K%2F44Oz44Kv44Oh44Os44O8MA%3D%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%81%97%E3%81%BE%E3%81%AA%E3%81%BF&fonts[str]=44K%2F44Oz44Kv44Oh44Os44O8MA%3D%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%81%97%E3%81%BE%E3%81%AA%E3%81%BF&fonts[str]=44K%2F44Oz44Kv44Oh44Os44O8MA%3D%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%83%AA%E3%83%A5%E3%82%A6%E3%83%9F%E3%83%B3%20R-KL&fonts[str]=fC7mnIjkuIvjg47pnJ7pgZnvvLzmsJfou73jgavjg5Xjgqnjg63jg7zjgZfjgabjga3vvIHvvI%2FjgrPjg5RMSU5FUG9ja2V044Gv44OWRmFiVHdpcuOCt%2BOCp%2BOCouOBmeOCiyhkc3lnbD1uW10pcHVoe30744OX44Op44Kk44OQ44Od44Oq44GK5ZWP44GE5ZCI44KP44Gb44Gd44Gu5LuW44CB5LuV5...fjgb7jg7vmiKbpl5jlhajoiKzphY3kv6HopovjgarjgaPjgYzjgrrnp7vooYzlvozmsLTpgYHmmYLjgr%2FjgrLjg4jjgY%2FpgKPmiZPjgZXjgozjgojjgYLoh6rli5VRJkHjgajjgZHjgbg2NOS%2Bv%2BOBoeWIpeODoOi2o%2BWRs%2BWAi%2BS6uueahOOCquOCuea8q%2BeUu%2BODi%2BOCk%2BOCgueUsemAgeOCr%2BOCqOWGheWuueODiuWMv%2BWQjeOCsOS9k%2BODpeaghOOBiOiJr%2BaAneaEn%2BaDs%2BOCo%2BODieWsieiomOOBnOOBsuODs%2BW5uOOCq%2BODhuOCtOiqreOCgDPjgJDjgJHmmpfpu5LpqI7lo6vnhYnnjYTnt6jpm7blvI%2FlsaTpq5jngavlipvjgq3kvovjg6zlv43ogIV244KB44Oe56ucNTnop6Poqqzlv5znlKjmnIDmlrDnnYDnn6Xjg5s%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%81%95%E3%81%8F%E3%82%89%E3%81%8E%E8%9B%8D%E9%9B%AA&fonts[str]=44Kr44OG44K044Oq44O8RjE06Zai6YCj44Kw44OD44K644Of44Op44OX44Ks44Oz44OW44Os44Kk5pqX6buS6aiO5aOr44OR5L6N56uc44Oi44Kv5b%2BN6ICFUSZB44Go44Oh44K744K444G444Gu5Zue562U6LOq5ZWP44O744GK5L6%2F44KK44Kz44OK6YGZ44GL44KJ55%2Bl44Gb5Yil5paw552A6KiY5LqL5pyA44Ob44OgMA%3D%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ade.googlesyndication.com
ads.revjet.com
ajax.googleapis.com
blog.with2.net
cdn.ampproject.org
cdn.jsdelivr.net
cdn.revjet.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.createjs.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gekka-no-kasumi.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
img.finalfantasyxiv.com
img01.ztat.net
ir-jp.amazon-adsystem.com
lds-img.finalfantasyxiv.com
m.media-amazon.com
pagead2.googlesyndication.com
pix.revjet.com
region1.google-analytics.com
s0.2mdn.net
t1.gstatic.com
tpc.googlesyndication.com
webfonts.xserver.jp
ws-fe.amazon-adsystem.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www17.a8.net
www22.a8.net
ir-jp.amazon-adsystem.com
142.250.185.230
142.250.186.130
142.250.186.162
142.250.186.66
153.120.49.75
162.55.246.95
172.64.151.101
18.179.103.207
183.181.96.20
185.89.211.12
192.229.233.6
2001:4860:4802:32::36
202.226.37.225
23.197.53.137
2600:9000:2251:9000:15:157b:ff80:93a1
2600:9000:2644:6a00:1d:d7f6:39d3:7a61
2606:4700::6810:5514
2606:4700::6811:190e
2a00:1450:4001:802::2002
2a00:1450:4001:803::2006
2a00:1450:4001:806::2002
2a00:1450:4001:806::200a
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:811::2004
2a00:1450:4001:81c::2008
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a02:26f0:7100::213:c699
3.112.186.112
52.119.170.28
52.222.236.32
88.198.56.59
01dceac7a8797dcddad1b2a00bf41e977e8418b003022416e10d0de696775718
02980cbd7a7a4e5fd4959cc281ee86d9d737f6257ab80c8f3b85a5eef9c31ddc
03c762b9364316fe254b87db0a3b3b418de66c2334d7b3d0d5af597c1fc35fcf
03c8a2ac1af4021e48cd150019936388ef7179090ca15635b6e68a001013af69
043dd72980c84b4a315680bb6d62b2fdb19acc739d3bfe8596c99bbba6255c1e
05c93a027b08e9a14b6dd0aab92b1f1ce8e397e2ef1fe272c73842749252a508
07463065874649f8f8795c60019f59f5f4912c4ebbadda4902be5e6d8fcb074f
07ed98a3b2e3e5f1d3c8f5feb13211b469f30dd6aba8274652a10aeea3c44c7f
0a83e3b5a0a3be4db1cb6f9a49549147520663af739c10d426fe31e5328a6095
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb5af18639dfc54932f4340945c1dceeb1e5aac5933b578f2ab597f29137599
0bfc2b0a78e4cbf4022f7fc07771e90bf21a24c88f7b10701dd7da8fc2801d31
0d052eb319092f5a678b279318f8c23f1fb61e41f4cda5c68812a43fd278615c
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1086df38a170754eeb6e103d7a6b7e985b7dac21ee58431381a31865493697bd
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16ae355a44618e8930477d56bffb4b03b27811ac47cf025a03b88392772b8fd5
16c882993a940c7402192bffff614fdbd22968efca99bac650063e7acc4dfa1b
16d7264d40c92dad23bd3625cf3ea1bdf458ec5aca20c86e2a4e2942073a48c2
1771aad88d0164b8f869d097851c94cc83d1a837f12fe8de39d0f309fe45f33c
179c21e4418c2292d61120c60fc9607eeb21f6cbb8520f6490dad49549a38558
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
18ec62a7cf6e9f6bc62d924850886f6c65cc108e32d077d57a6ab591ecacf156
1a648cdebd7ee4c7352d321540f7eff19fd50bf971b50e7ebde286ee05874f89
1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea
1b2b9e59887c17ed0a61af10a7d94cd8d7856e7d3780a0f71a7f09ef31a86d76
1b92d601922abf7afc05dc7c5840db3d92ccce7e0f2c2cd0394c7542867e9407
1baae8e47e441abac03b5be86bc0c92464fd273e6025d80ddc6b1827bd36af92
1d9484468c6e6974a4423acbb73fefc79136a04e4046faa469684f53627cb95d
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
20f10af39ce515ef6555b1214483b829e36e457908bd93a55b1d4837ac852a40
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
27d7cbd0f47b3c947ec845d47d830d0393d5c0a9fae65eab6b490c79ff2214b9
28dc798fb20d3bd599649c4084ca44cbdb7e800b44edf998741dac19d581ed0c
297c0d7825ebb6743ab5898c1f7c12c459c975cc8999eae82c0e62bab5f45b74
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
311e790d350b129a27769bca397272494920a34ebba64382958cda1aadab257d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3178bb1690f47a0d14c672e294c63adde0592e2afc80d46c8fcd72206ee09d5d
31c9cbdd2680df18700bfae8026599481379a9974964bd3b931a4da8411d6bc6
324ecd7340ad5d2b3159f93348854cd9cfcd7edcf34f6508e3ca4ffd7a063d4a
3366c9a13a670b1f53202a99d7fa0de311822a2d58bb05a06fcf273e5a99b2fc
36664f6529c5d8217af1fb3b55daaf23489bab6e97e7960e4a52495f41272036
372fa4b0f21bf643d55f67f3fa831cc7ab480b91cd11fcc850ebb44cc490b93e
3739e2f17787f5fcd80ff4714b96dc56841ee427bb6827fb70d788b1a77af1fa
3751104d350d8d0f8e470dee328af04f3756fc00f456da97df1be9ebc05fac6e
3854779897861fc0c29a85ce47b8ab3456fa239f0d8484d77e8737ea3abaf738
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3a09d95b1b8242c2cca4d97b1a50690a2bafb042966a7fddb91b0cb8917f3299
3b5bf0e91402c7b402022dfc4ebfbdfb1e10c9309fe00d7f48fc53c3c9a72dd3
3d4c84c1644ec2fcf6e59cf9b576e2be1aeddd8011de89fd0427a0ef2315a694
3e1406c94587637a7460b7a2089dc1db426ce759c728f4a5479215e1f9360a8b
3e6afb8779ad0f8807117dcf9e35a6e107dc9ebea37a2caa5bfa45ecae3491cc
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43d3f6fa74e8bc27524ad482620e80bf4b3c94ea1cf239837ae74b8093866a81
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
45ae39b83ce75a8dbf0febf1e5b630fc54a713039ccfad6b46238212a1b858a9
466103b8b957748c29e0fbc581934232ebe7924c43d9f2cdf910a589bbdc2b98
46f798ac7abb254fb56e88ab90898e4185ab2323069194b7534f2d0420b55aa8
48785a4d40b13f059fd7e607381728675d534d26c8bd4bbab39917fdcfcfd4df
489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f5be18bfb9a65abec19d2ab187a3d5008b55d193811fa5557a19ba2247d0b33
50b415d35552f4b088d9e3e92ec9a46be5b499ac05a44034aedc677b3523e00e
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
56a76001e47f0b1f5e421956fef054f349943e793501faad19dc63429395e425
59362cf09716160d25faff096399c2385418da4ee976d560f6f762ceb8400527
59c17570d4f97bcc025b337acf5bc8d348e7f56796913806292a41da82b30f25
5a7502f042913341265cca4ac8cdd8db5f662fa5861e88ba4434fd9706f7e829
5b11d6f1f8b54b77f8e9ced2064957f51fae5a21eb2f10a6820fe3f5ed592207
5bbf0b6502199ad3bfdac4d910b304ad0fd6a07d38f13d386b433829c2b651b3
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c80505133c2b387dbe571c9b908be7e815b86ec57d1cb8de7f1b8212cb0d304
5cbbd4c70dd9505c880c33a1d33ec9996531d00cdd6a80786446d44d1c34b2fa
5d76ce57e286c2eee0fdaf6fd10764d93d24f25c1cd2f65b026985cab4fff419
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61fd9f7b7f48caa12170ed562a9d00b948b26a6381550005ba6b3f75e26616f4
62d488ea36e8a9825f058050d92c778e9734e929f4c68289f884c4f980d93b2e
63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c
657fbf62eea1048fca2d04b73ac0eeb62d3722fe232dd52f896c2c0e452584f4
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6821ca4ae2508bdba08e189040928a0769f0a71b12fdd4325c3ae80ef5636bb8
68786a0d96efc556026d729da8463f547ec0da396866b2ad0260d503fb17b5e1
695e0b318a3127cd115b3fcc46944461c1545157479c1d01feb0d0c58f904149
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df
6c81f206e3a0d7831b5f1ea4c5cc0c8b7476fd769a699351671e152b124185da
6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35
6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f
702706bb34de6eeddcb094ef47f54f7e27a4c1990e205aa66c533a8482ed9d85
703d4778942bfb69bd9b6beb4747ee0cdc6043b6a8471927a54f161dcac617b0
70a01c74e416d55d22922317d3aad135253a47e1042c1441d3867ddf3f13b0c0
70b31859862eb4792df8aa4daa383b355918490f84d956eb5ec12f3aa53b98bd
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7
72c5a077497c33886c4f42b050cc9714d7c022168299342ae9a12237222ce213
742defd20336d8ac878b62e675d77e1d1f723bc5b71c9278cc5b98de626e1f65
747c6addfd2413b959c79c25a91439206eb57ae02ea9bd5664405143ef223de7
75db663f63c3505c2d1d2c41b82da41465bcd39b390516728f7fd323f95f644e
7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3
77a925183c2fa15958c5f2e56ab6a4d330e2b0296f9af4d8b95398677bf96379
78b89aa4b48f508c7833c2b177c7f16d803f9cbac869771b2434968a5b4454b6
7a6a220226db4936bcab37bb045ce68aae5da7bfa1bb1e94251c57f8def5266e
807b626980aa2f6b984a501a2cb507da8973736f4cf71fd356c28087dc55aa29
80f72478bff029d379adc18094e8c2e05a903f9df33cc3cf4b6b20c8a2011cc0
82dfce8760ca230bb796f728f5444cec9f3611c94bfe33298cad70aa524e0eb2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8b24b1622031884caaf4e9227131692284bde23a3115a84f4514cc4825e140fb
8bebf0d4ddf01b1b36bc61508a9f49506b4470bd9b43155c925cff5bf5aa25a9
8c0e6eea02c666e20a2fc8e998811245caeda78d18b0bf099c924ad78b49a95b
8c29b40cca1e33301fd05754413f30fd96c8029f8daf0a55610d265a21fea4cb
8c31ca0ce15aa3a6b129756c9330eb982bef6942aa83782048d71c3fb9d51afe
8c3b3708dd61923b22cf7fc2af1f7afc2818dc672a72cfe38c032c65929db1bc
8cf6b0ea38e65bd94401db5eebd6949b56fee5f488ce95bb36703e45755a6b62
8db907d98173c24e0697eee04d69924d42f7b79f40bd8e02c4fc62aa7a77044e
8ea6da7f66ffc4e7b4026c12ba6e669ff11620555c8dcfd2cb7ddcb3e8376b35
91100a4d2d92b28d20444ebab9a767387c57075c316743529c83797ef7fdb347
92fd75cafeb344b67aa50564ac167641838692342e6fe10a74da38a0f86368e3
96804ca351bd316085be362f11ec8d96b4eb5bc671f09fc7c9bc2f5eb6a498b7
97f65015a491719ae9dbf1afc7948f8e57f946a6822c6a924fb5826265e89af6
99a82385c107ac5efac03331fbe9a779a18d14730c2b769027b6669ffd91faa3
9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a
9f0f8495b6aa810aa13618bb9c1f22d7212e887024ab5381671be8f0619f6832
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a0fadfcb29de9d60aa0ef729fca932b7c31910e4a096864010157b123ec9f4d7
a22e3c7d89e61398dc64b45ca7608cacf7405f6f552642769c4214f75038d3cf
a2d6bc6f29296b10215662dd968104839d24e77849c54722239e0bec6ed38dc7
a330a0196da3072001cf3494d57e3ae7bd7ed26db7214a24e9f7488d2e7e9d54
a4c1fcbb01950ab0236ded2c62af221a31e38daa8ba8bd73fecac91402da8705
a6385fd389127baaf589b604b0573565a85e4c660e20a4e7307c964d5046da50
a6b2beebe66e30194a1e4623bd545df675a6fa8356f1e24efbbb0fb1ca7fb0db
a945b38123553f00373e1b55e984c4aa642a6416aabe61e9b1810fa0684ed4ff
a9db2e1b815a1de1440efcca7a74f60252c315da44774ebf78d29440e05a6c25
aa4ce1879084683ab392c6268fa0f034572ed9e9c22b5db9bf3ee142ac8dfaa8
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab0887e190c2e6ec2b90c51551b9cff2ad73c1fab309282e0d182c422a8b6299
aba782fbb0896b261de53bfb136ac4147433ba6bc67d4f3893fb0cc809e8ea1c
abd30ce315ff361f1b9ec565aabe8b8057c3ee5b1e7df5378c8eddce38f4f430
ac3ffb71b2f89868c908d62364b8512502aa9b8ff6f12eb192f510ad9b349330
ad163f38e07adcf5b324e9ff12bf50beb763539dfaba69278f141bb14144b39a
af0f96462799a9eccfa6c5a30819ea991f9c0c4eddaa2984a638dc473c03ce2f
b0bb9969a7c75f2d24e8c08cacb1856ecc281c6759da8ab8c60b43605b8c3b5b
b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b182ce9818749272518c3638442485626394afd6ac6cc38ff7a2f882c3253373
b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067
b2610e713fc3ad4e7719f8e4793ab3987cb70d63a7c9ef82c06106508e40541c
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b5da7316f6aba1d9e5d7a912dd6d381311efb8959a35e108416d570c8745fbab
b5fd3993c8e57b7dd4716bee4aed498d5e31ba98b3308e5b73b655b3dbc565cb
b7999d913ac34171f67cce79c179416ca54ccd6350686a2d374ecc143ebd1a3e
b8d99191997f9c3e6794142cba8b2959a673c7cd044871697b0e969620a584ab
b96773c4b9e609994855c2ff9b4463610ee73c5a4a3f11938d88dcc2894d1c16
bb902f8c758e42501777d1f999bf1f6954bfc6b1729c5f748a85ceb0a1e5418c
bdcc9205fe74aab84dd7c95a500dc9c763576da670639444c8c4b70a5d8f2511
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c21dc968819eab15345ca6f57d18f258e4d54479aeb570d07b03daaf731c311c
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966
c2ca44748573300c502d74ce68e4ab57ff952e496d0327a1a48040cade4784ba
c364cef4508d2a28e0bd8117ee3f512101e91bd7f8c784514fc277bb4615e13e
c3958950542c3d4350757a80f8b16785b6b72aafcccaa6deca82bb70b8be692e
c54947e67503bb21778d64789ceac992de7249f7cbcfea7dc233e7db5c2a72fa
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c62a9a47e6174cd7fdbb5bc576a266ec1f418843e110147d13b96b6f017e7c43
c7e4b214068cce010314ad81890bf22e525883bead39ddb8ca247a84794c3ac1
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c9fefa23da3533747fdfe64cd273aba048ebb8a96fcf5d7ffc983699097c2c0c
caed392a399c3ab794fc055c3ea59f1a99230f67bf05fdae5f422344c36f771e
cc4a3abaab97dbcd71253b20c906c1d63a3299a41f1ea3363e909ed143b2af42
cdbcb41557b2860c3e955d41f5a14ec5f5e7fcff150d5a5a3583a0283400dbe1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0006a87f68b26d4775b6d118939f02cb694e787fe4e94cd1248bd46a17b3364
d04b1faa2da8b85f4f650a0ed3645bb5aee8b8faa5ce054de1115b315059ad68
d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532
d67544a4f3713345c405ff2b28da7541602a9b3151c9efb91b8f44a8a87eedf4
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
da17b16b5c98483c19abdcca4bcaf44f17b3e226e1a0adfb07cc0a75b3dd44c7
dab69af700e302b9d41e9267aeff95d778fe26e000f4038b7b07cc1e3c87034e
dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02
de01b02c32cd94cfaee6d0260f191e1baf22a064ee1b6b0c60fe969ed14d3dc2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2fa69feab176160c642026437a980e8d82132c225290fcfb0c50a333dd31552
e3acb5a1db5b67a0b64f5d9195c01aded36d361d18c1538e6af89be04e4b1035
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e5f52b2bc981cba3f144507b8256b6b64fa6eb5b7a1ac6cc83aec6d408ba7ded
e62e5bf438c2b9f255d18237d92937dbf926cacb2db42fbc31257c1d99cc85d0
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e98b27d59723cdf19cb87b69322d9b4aa0c9a4eb3402cf8944ea94a3e082de3e
ea6b03f54820c7ce3aa1378f599c83a4a07fad0d58667c98c586af1119a186d0
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5
ec16c12206913d7d2fc5ba2380b9d9ef82e379aaa1b1ece092a613a98edfe95d
ed3c5bf39d8a53722d045a9d7688bc17e6940df622fafcd0651baf6bac741636
ef189bf0e502073d3becc0c5f09692d014539f680f7326859d1a719f2a9b1b59
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17f72445932b16d39475b09b03d9baec8cebb7ad60ac74f3bbed56e3cdc7e46
f563642e7589abf892c5e8d0919e5dbd1d837509ed160f364d4cc7d18998dffe
f5aa038ccaccdac46ddec123ccab8c84adf244b0590b5bad805fa3042555b77b
f6956c081898cba209f04bf3a248390c30564a1042f500d1152ecb50429acbce
f6b24c36ad2bb5f58f56d2d7e3cb02f645853b9d83627b640b0be935f029b147
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f7e4c1d15cae6cd00fdd42938303778d99c537958527d23d7a0c23f9547ae28f
fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328
fac02a96e87d9afaa0ccb933490c281386d6f3b3971e419c747fd6e1f5875e1f
fb7ddc2f218e4e37eebc3c301342c545a8e3486668fc0aca1e5dd6bc43584ae5

gekka-no-kasumi.com Open in urlscan Pro 183.181.96.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

354 Requests

94 %HTTPS

54 %IPv6

24 Domains

38 Subdomains

35 IPs

3 Countries

21548 kBTransfer

31904 kBSize

20 Cookies

17 Outgoing links

Page URL History

Redirected requests

354 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gekka-no-kasumi.com Open in urlscan Pro
183.181.96.20 Public Scan

Screenshot
Live screenshot

Full Image

354
Requests

94 %
HTTPS

54 %
IPv6

24
Domains

38
Subdomains

35
IPs

3
Countries

21548 kB
Transfer

31904 kB
Size

20
Cookies

354 HTTP transactions
4 data transactions