mabui.org Open in urlscan Pro
183.181.98.30 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mabui.org/
Effective URL:
https://mabui.org/
Submission: On August 13 via manual (August 13th 2021, 8:08:34 am UTC) from JP

Summary HTTP 138 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 20 domains to perform 138 HTTP transactions. The main IP is 183.181.98.30, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is mabui.org.
TLS certificate: Issued by R3 on June 26th 2021. Valid for: 3 months.

This is the only time mabui.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 50	183.181.98.30 183.181.98.30	131965 (XSERVER X...) (XSERVER Xserver Inc.)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	13.225.78.50 13.225.78.50	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b8::2b97	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	65.9.73.111 65.9.73.111	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
3 6	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	91.228.74.226 91.228.74.226	16509 (AMAZON-02) (AMAZON-02)
1 1	52.59.79.213 52.59.79.213	16509 (AMAZON-02) (AMAZON-02)
5	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	79.137.69.91 79.137.69.91	16276 (OVH) (OVH)
138	26

50 183.181.98.30 (Japan) 1 redirects

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv6029.xserver.jp

mabui.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-50.fra2.r.cloudfront.net

b.st-hatena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b8::2b97 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

bitflyer.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.111 (United States)

ASN16509 (AMAZON-02, US)

b.hatena.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.226 (United Kingdom)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.79.213 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-79-213.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.137.69.91 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm11.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	mabui.org 1 redirects mabui.org	741 KB
35	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	431 KB
20	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	124 KB
9	google.com 3 redirects adservice.google.com www.google.com	1 KB
7	googleapis.com fonts.googleapis.com ajax.googleapis.com	124 KB
4	googletagservices.com www.googletagservices.com	140 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	gstatic.com fonts.gstatic.com	66 KB
2	2mdn.net s0.2mdn.net	126 KB
2	google.de adservice.google.de	975 B
2	youtube.com www.youtube.com	43 KB
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	339 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	459 B
1	agkn.com 1 redirects d.agkn.com	763 B
1	quantserve.com cms.quantserve.com	463 B
1	googleadservices.com partner.googleadservices.com	655 B
1	hatena.ne.jp b.hatena.ne.jp	366 B
1	bitflyer.jp bitflyer.jp	4 KB
1	st-hatena.com b.st-hatena.com	11 KB
138	20

	Domain	Requested by
50	mabui.org	1 redirects mabui.org
24	tpc.googlesyndication.com	googleads.g.doubleclick.net mabui.org tpc.googlesyndication.com pagead2.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net mabui.org
11	pagead2.googlesyndication.com	mabui.org pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	cm.g.doubleclick.net	googleads.g.doubleclick.net
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	fonts.googleapis.com	mabui.org tpc.googlesyndication.com googleads.g.doubleclick.net
3	ajax.googleapis.com	mabui.org tpc.googlesyndication.com
3	www.google-analytics.com	mabui.org www.google-analytics.com
2	image6.pubmatic.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	s0.2mdn.net	tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.youtube.com	mabui.org www.youtube.com
1	googlecm.hit.gemius.pl	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	d.agkn.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	b.hatena.ne.jp	mabui.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	bitflyer.jp	mabui.org
1	b.st-hatena.com	mabui.org
138	25

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
plus.google.com
b.hatena.ne.jp
line.me
bitflyer.jp
www.binance.com
manualstinger.com

Subject Issuer	Validity	Valid
www.mabui.org R3	`2021-06-26` - `2021-09-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.b.st-hatena.com Amazon	`2020-10-25` - `2021-11-24`	a year	crt.sh
bitflyer.jp DigiCert SHA2 Extended Validation Server CA	`2021-06-29` - `2022-07-30`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.b.hatena.ne.jp Amazon	`2020-10-20` - `2021-11-19`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://mabui.org/
Frame ID: 2340AADFB8649BA29C1F6EF58E1DF64C
Requests: 71 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html
Frame ID: 757879ABD4682DB0EF2C849B7BF72A77
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6426500405646559&output=html&adk=1812271804&adf=3025194257&lmt=1628842093&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmabui.org%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093273&bpp=4&bdt=2357&idt=57&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1044594837019&frm=20&pv=2&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=78
Frame ID: CC58E54286CA74640FE0101032E55B10
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6426500405646559&output=html&h=600&adk=2396653557&adf=4066160023&pi=t.aa~a.1615223857~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1628842093&rafmt=1&to=qs&pwprc=2488837378&psa=0&format=300x600&url=https%3A%2F%2Fmabui.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=2&bdt=2570&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0&nras=2&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=UoPGjOyGsd&p=https%3A//mabui.org&dtd=8
Frame ID: 3F291CBE229747CE3E13B15D2163087D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6426500405646559&output=html&h=240&adk=2285683262&adf=1555212231&pi=t.aa~a.1615223857~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1628842093&rafmt=1&to=qs&pwprc=2488837378&psa=0&format=300x240&url=https%3A%2F%2Fmabui.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=1&bdt=2570&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0%2C300x600&nras=3&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=2536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1lFeVHOn72&p=https%3A//mabui.org&dtd=12
Frame ID: DC0E8729E9168660C7D8BF85D09A3BE1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6426500405646559&output=html&h=147&adk=262794433&adf=4106228985&pi=t.aa~a.2479000084~rp.4&w=640&lmt=1628842093&nsk=fa8ae823&rafmt=11&pwprc=2488837378&psa=0&ad_type=text_image&format=640x147&url=https%3A%2F%2Fmabui.org%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=1&bdt=2570&idt=0&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0%2C300x600%2C300x240&nras=4&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PkuHbqzW5I&p=https%3A//mabui.org&dtd=14
Frame ID: F10FFDBD6179B7A815E884CFC6698522
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2507882471031310698/index.html
Frame ID: 74DFAECBDA11BECDE140C8640E1AD318
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11899247218272190717/index.html
Frame ID: 8FF6981791BCA3C9CE1E9331B0FC332D
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CwxxjbSgWYfuyH8_C7_UPreO2-AL804rCY_6jlcvNDbGyjuzuDBABILeZ8mpglQKgAf-Ere0DyAEJqAMByANIqgSuAU_QFGtglplqRkIm2R_j9IC-moZVE0_e3t5nsqAqJebhYKTBzi3jBGX3rp8xSZbWT7Hd7t6wFnlb3fsZs2f1OjPjrJkvlXZeFZVGRX-2D-Q1tTOqZAarDcyrWztWddj8oGg0CUcIEqLIpkeMl1eXFJhXhck8sO1qn6wmyA78XSBsXp08kesR2tPxhqCD0_p3jKWQjdDnmmZDha0XsyTeWZ6OJMbBywH3CuAeRfcjnMAEvP7GwvgCkgUECAQYAZIFBAgFGASgBi6AB5L7mh2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQueEC0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTY0MjY1MDA0MDU2NDY1NTkYAA&sigh=nxpbRXhRmmI&template_id=419
Frame ID: 58FA2547E9C03264ED763CBFD1BA1F8D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 4F49192683E8EABDA2AB17E2D701FFDC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 50DF5AA020E7C9D683D24D3D7920564A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: CE8B847AA014BE0FDED1527279C5B2C4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 81022344FFD3943E20E32544ABD03FE1
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js
Frame ID: 5DA1AEF80679736A7783F93333D297AC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: FF098286ADE9211ED03D334C848C2BED
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 66F90B39C5ACBE22452230B89728CFE1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://mabui.org/ HTTP 301
https://mabui.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- All in One SEO Pack ([\d.]+) /i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- All in One SEO Pack ([\d.]+) /i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- All in One SEO Pack ([\d.]+) /i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

All in One SEO Pack (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- All in One SEO Pack ([\d.]+) /i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

138
Requests

99 %
HTTPS

66 %
IPv6

20
Domains

25
Subdomains

26
IPs

6
Countries

1832 kB
Transfer

4090 kB
Size

3
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer.php?src=bm&u=https%3A%2F%2Fmabui.org&t=
Title: Share

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https%3A%2F%2Fmabui.org
Title: Google+

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/
Title: B!Hatena

Search URL Search Domain Scan URL

URL: https://line.me/R/msg/text/?%0Ahttps%3A%2F%2Fmabui.org
Title: LINE

Search URL Search Domain Scan URL

URL: https://bitflyer.jp/?bf=0i2aea5s

Search URL Search Domain Scan URL

URL: https://www.binance.com/?ref=13505381

Search URL Search Domain Scan URL

URL: http://manualstinger.com/cr
Title: STINGER

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mabui.org/ HTTP 301
https://mabui.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 103

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 104

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 126

https://d.agkn.com/pixel/2175/?google_gid=CAESEFGPicHLRnD2eF3azVS0RQc&google_cver=1&google_push=AYg5qPJOV69VRw_8CDO54Nx18LDSiovAuG6SqXQ63cmQksQZ86ans4XaifS9ot5-HIR-1T5kNe2dISdpxKgpXVvtHn7xIGDUqeR_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJOV69VRw_8CDO54Nx18LDSiovAuG6SqXQ63cmQksQZ86ans4XaifS9ot5-HIR-1T5kNe2dISdpxKgpXVvtHn7xIGDUqeR_&google_hm=Q0FFU0VGR1BpY0hMUm5EMmVGM2F6VlMwUlFj

Request Chain 127

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJQL6GSEz7_K3HLtkM_wJHA&google_cver=1&google_push=AYg5qPJsnDoKfoXC6Dnk6REzpRnDH6yjw24K-hvLuoOAV2_Sp-QggG-Vg5MaDopAtLQuzPZSrRxXMq6mBef8UhAGTgi6RPlKjNHL-g HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJQL6GSEz7_K3HLtkM_wJHA&google_cver=1&google_push=AYg5qPJsnDoKfoXC6Dnk6REzpRnDH6yjw24K-hvLuoOAV2_Sp-QggG-Vg5MaDopAtLQuzPZSrRxXMq6mBef8UhAGTgi6RPlKjNHL-g&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-hfbbKmoTqOMgd-SBM-m-w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJsnDoKfoXC6Dnk6REzpRnDH6yjw24K-hvLuoOAV2_Sp-QggG-Vg5MaDopAtLQuzPZSrRxXMq6mBef8UhAGTgi6RPlKjNHL-g

Request Chain 128

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHp5Wr5xG5h2bhtSLgUD7ro&google_cver=1&google_push=AYg5qPLQ6zyKceJmwvELqStPZAMHP2zTROCSgWCKZD4rXbcTq1zoxLeDTzk0TfHSk0GztZBkeMP5WohH74R4mgWkvIsJd2wVGecVuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NBMklaV0ktNS1JUUdH&google_push=AYg5qPLQ6zyKceJmwvELqStPZAMHP2zTROCSgWCKZD4rXbcTq1zoxLeDTzk0TfHSk0GztZBkeMP5WohH74R4mgWkvIsJd2wVGecVuA

Request Chain 129

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--fESluoUM_lUZ8RJlGcX0MJTMgxP3sF8zpqtZalSIImaDNBorZpoZVkTBNumcow2A HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--fESluoUM_lUZ8RJlGcX0MJTMgxP3sF8zpqtZalSIImaDNBorZpoZVkTBNumcow2A&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--fESluoUM_lUZ8RJlGcX0MJTMgxP3sF8zpqtZalSIImaDNBorZpoZVkTBNumcow2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--fESluoUM_lUZ8RJlGcX0MJTMgxP3sF8zpqtZalSIImaDNBorZpoZVkTBNumcow2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--fESluoUM_lUZ8RJlGcX0MJTMgxP3sF8zpqtZalSIImaDNBorZpoZVkTBNumcow2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--fESluoUM_lUZ8RJlGcX0MJTMgxP3sF8zpqtZalSIImaDNBorZpoZVkTBNumcow2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--fESluoUM_lUZ8RJlGcX0MJTMgxP3sF8zpqtZalSIImaDNBorZpoZVkTBNumcow2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--fESluoUM_lUZ8RJlGcX0MJTMgxP3sF8zpqtZalSIImaDNBorZpoZVkTBNumcow2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--fESluoUM_lUZ8RJlGcX0MJTMgxP3sF8zpqtZalSIImaDNBorZpoZVkTBNumcow2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--fESluoUM_lUZ8RJlGcX0MJTMgxP3sF8zpqtZalSIImaDNBorZpoZVkTBNumcow2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--fESluoUM_lUZ8RJlGcX0MJTMgxP3sF8zpqtZalSIImaDNBorZpoZVkTBNumcow2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--fESluoUM_lUZ8RJlGcX0MJTMgxP3sF8zpqtZalSIImaDNBorZpoZVkTBNumcow2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--fESluoUM_lUZ8RJlGcX0MJTMgxP3sF8zpqtZalSIImaDNBorZpoZVkTBNumcow2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--fESluoUM_lUZ8RJlGcX0MJTMgxP3sF8zpqtZalSIImaDNBorZpoZVkTBNumcow2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--fESluoUM_lUZ8RJlGcX0MJTMgxP3sF8zpqtZalSIImaDNBorZpoZVkTBNumcow2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--fESluoUM_lUZ8RJlGcX0MJTMgxP3sF8zpqtZalSIImaDNBorZpoZVkTBNumcow2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--fESluoUM_lUZ8RJlGcX0MJTMgxP3sF8zpqtZalSIImaDNBorZpoZVkTBNumcow2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--fESluoUM_lUZ8RJlGcX0MJTMgxP3sF8zpqtZalSIImaDNBorZpoZVkTBNumcow2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--fESluoUM_lUZ8RJlGcX0MJTMgxP3sF8zpqtZalSIImaDNBorZpoZVkTBNumcow2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--fESluoUM_lUZ8RJlGcX0MJTMgxP3sF8zpqtZalSIImaDNBorZpoZVkTBNumcow2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--fESluoUM_lUZ8RJlGcX0MJTMgxP3sF8zpqtZalSIImaDNBorZpoZVkTBNumcow2A

Request Chain 130

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFMYX_R0KcD724W9ZoyuNEI&google_cver=1&google_push=AYg5qPKr6vSwa3m-zPiXDO9kMP8imP4Zq0ncqrw0-MIP36UHEFVgq9_Iyv_IddNEJRzx8TkByWc6GTNImVUXokov2ppogeJt3PbPZQ HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKr6vSwa3m-zPiXDO9kMP8imP4Zq0ncqrw0-MIP36UHEFVgq9_Iyv_IddNEJRzx8TkByWc6GTNImVUXokov2ppogeJt3PbPZQ&google_hm=

Request Chain 133

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

138 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mabui.org/
Redirect Chain

http://mabui.org/
https://mabui.org/

59 KB
14 KB

1249ms
691ms

Document
text/html

183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: a623c8126810b6f5707458efe17af563dce796cb2d48477e3ab86a5e65e66f84

Request headers

:method: GET
:authority: mabui.org
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Fri, 13 Aug 2021 08:08:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://mabui.org/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip

Redirect headers

Server: nginx
Date: Fri, 13 Aug 2021 08:08:09 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 226
Connection: keep-alive
Location: https://mabui.org/

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
4ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: mabui.org
URL: https://mabui.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 3269
date: Fri, 13 Aug 2021 07:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Fri, 13 Aug 2021 09:13:41 GMT

GET
H2 200 crayon.min.css
mabui.org/wp-content/plugins/crayon-syntax-highlighter/css/min/ 20 KB
5 KB 292ms
288ms Stylesheet
text/css 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css?ver=_2.7.2_beta
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: e3d961493e244e06bf91a9857442891e2e2ad8d49cf8e0a7781c53f0707443d7

Request headers

:path: /wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css?ver=_2.7.2_beta
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:11 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2018 12:33:01 GMT
server: nginx
etag: W/"4ecc-562f80c52c32d"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 classic.css
mabui.org/wp-content/plugins/crayon-syntax-highlighter/themes/classic/ 4 KB
979 B 287ms
284ms Stylesheet
text/css 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css?ver=_2.7.2_beta
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 01e43870a4218fe731a3516dd76725698c3aadfb285465086849c6b52ef71719

Request headers

:path: /wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css?ver=_2.7.2_beta
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:11 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2018 12:33:01 GMT
server: nginx
etag: W/"1110-562f80c53fbae"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 monaco.css
mabui.org/wp-content/plugins/crayon-syntax-highlighter/fonts/ 529 B
662 B 294ms
291ms Stylesheet
text/css 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css?ver=_2.7.2_beta
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 8b33eebc11529672afc8f1ac6d5d4ef24bed8dfec1505a2510c805e0dd21565f

Request headers

:path: /wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css?ver=_2.7.2_beta
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:11 GMT
last-modified: Wed, 17 Jan 2018 12:33:01 GMT
server: nginx
accept-ranges: bytes
etag: "211-562f80c52e26d"
content-length: 529
content-type: text/css

GET
H2 200 wpp.css
mabui.org/wp-content/plugins/wordpress-popular-posts/public/css/ 1 KB
707 B 291ms
288ms Stylesheet
text/css 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-content/plugins/wordpress-popular-posts/public/css/wpp.css?ver=4.0.13
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 951c201eceb26489dc9b4cc8ea4e408ae957410ea32b0fc7d4845d851886739f

Request headers

:path: /wp-content/plugins/wordpress-popular-posts/public/css/wpp.css?ver=4.0.13
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:11 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2018 12:36:32 GMT
server: nginx
etag: W/"4c1-562f818dde73f"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.min.css
mabui.org/wp-content/plugins/easy-table-of-contents/vendor/icomoon/ 369 B
502 B 294ms
291ms Stylesheet
text/css 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=1.7
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: bd2317f75582f7f94823a6289701498ee4c75d51ce502c09fd4663de07f3dda4

Request headers

:path: /wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=1.7
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:11 GMT
last-modified: Thu, 16 Aug 2018 01:17:11 GMT
server: nginx
accept-ranges: bytes
etag: "171-5738333da5b77"
content-length: 369
content-type: text/css

GET
H2 200 screen.min.css
mabui.org/wp-content/plugins/easy-table-of-contents/assets/css/ 5 KB
2 KB 286ms
283ms Stylesheet
text/css 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=1.7
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: d35c809bcd9170b889f996ca93908d12502201718a5c13cf63eecdc5232f1e2d

Request headers

:path: /wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=1.7
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:11 GMT
content-encoding: gzip
last-modified: Thu, 16 Aug 2018 01:17:11 GMT
server: nginx
etag: W/"14d2-5738333da3c37"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
mabui.org/wp-content/themes/stingerpro/ 82 KB
22 KB 294ms
291ms Stylesheet
text/css 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-content/themes/stingerpro/style.css?ver=4.9.18
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: b89c49e40e1079859cf193c5c0c019b98b480083f6269ff3bd48865d5cb0bad7

Request headers

:path: /wp-content/themes/stingerpro/style.css?ver=4.9.18
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:11 GMT
content-encoding: gzip
last-modified: Sat, 13 Jan 2018 07:32:58 GMT
server: nginx
etag: W/"148ed-562a363e14005"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 2 KB
607 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400&ver=4.9.18

Requested by

Host: mabui.org
URL: https://mabui.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8cd48a23b5cf3b3659e12bf6eee322a1781a624117ffe71bed68503224829031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 06:08:11 GMT
server: ESF
date: Fri, 13 Aug 2021 08:08:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Aug 2021 08:08:10 GMT

GET
H2 200 normalize.css
mabui.org/wp-content/themes/stingerpro/css/ 2 KB
1 KB 285ms
282ms Stylesheet
text/css 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-content/themes/stingerpro/css/normalize.css?ver=1.5.9
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 72e5e3fcd775fb75052cfa8980a8664b47e978d986fc7ab4ccd5f5c70c2ce9fb

Request headers

:path: /wp-content/themes/stingerpro/css/normalize.css?ver=1.5.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:11 GMT
content-encoding: gzip
last-modified: Sat, 13 Jan 2018 07:32:58 GMT
server: nginx
etag: W/"7b2-562a363e120c5"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 font-awesome.min.css
mabui.org/wp-content/themes/stingerpro/css/fontawesome/css/ 30 KB
8 KB 290ms
287ms Stylesheet
text/css 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-content/themes/stingerpro/css/fontawesome/css/font-awesome.min.css?ver=4.7.0
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

:path: /wp-content/themes/stingerpro/css/fontawesome/css/font-awesome.min.css?ver=4.7.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:11 GMT
content-encoding: gzip
last-modified: Sat, 13 Jan 2018 07:32:58 GMT
server: nginx
etag: W/"791c-562a363e120c5"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
mabui.org/wp-content/themes/stingerpro-child/ 748 B
881 B 293ms
290ms Stylesheet
text/css 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-content/themes/stingerpro-child/style.css?ver=4.9.18
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 0b1aafb7f02e7c2a3bfae06e3897dd9f0e445a0453d1016bd5bcfb80435ef38c

Request headers

:path: /wp-content/themes/stingerpro-child/style.css?ver=4.9.18
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:11 GMT
last-modified: Tue, 24 Jul 2018 09:24:13 GMT
server: nginx
accept-ranges: bytes
etag: "2ec-571bb534137f5"
content-length: 748
content-type: text/css

GET
H2 200 st-kanricss.php
mabui.org/wp-content/themes/stingerpro/ 2 KB
988 B 2115ms
2113ms Stylesheet
text/css 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-content/themes/stingerpro/st-kanricss.php
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 326f79d8de1bf7e1f5e317736ce962cd59978b649bf8ff7dea2fc5ce0005f5ee

Request headers

:path: /wp-content/themes/stingerpro/st-kanricss.php
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/css; charset=utf-8

GET
H2 200 st-tagcss.php
mabui.org/wp-content/themes/stingerpro/ 8 KB
2 KB 1351ms
1349ms Stylesheet
text/css 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-content/themes/stingerpro/st-tagcss.php
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 978b91442ec0cb49574698ace54b3190ea4a792c75d744e5009d9eedefa977fe

Request headers

:path: /wp-content/themes/stingerpro/st-tagcss.php
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/css; charset=utf-8

GET
H2 200 st-themecss-loader.php
mabui.org/wp-content/themes/stingerpro/ 16 KB
5 KB 553ms
551ms Stylesheet
text/css 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-content/themes/stingerpro/st-themecss-loader.php?ver=4.9.18
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: ef31ff5955af2191a873202eaf72a91e9cb30b6db71047452f00b3c3182668dd

Request headers

:path: /wp-content/themes/stingerpro/st-themecss-loader.php?ver=4.9.18
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 08:08:11 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: no-cache, must-revalidate, max-age=0
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js?ver=1.11.3

Requested by

Host: mabui.org
URL: https://mabui.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 08:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Aug 2022 08:04:05 GMT

GET
H2 200 crayon.min.js Show response
mabui.org/wp-content/plugins/crayon-syntax-highlighter/js/min/ 22 KB
8 KB 552ms
551ms Script
application/javascript 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-content/plugins/crayon-syntax-highlighter/js/min/crayon.min.js?ver=_2.7.2_beta
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 193fbb968733b8a7049da19274546e6b80b76e9a8f1b837fee9a5fdeb8f97c7b

Request headers

:path: /wp-content/plugins/crayon-syntax-highlighter/js/min/crayon.min.js?ver=_2.7.2_beta
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:11 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2018 12:33:01 GMT
server: nginx
etag: W/"5741-562f80c52f20d"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
49 KB 62ms
37ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: mabui.org
URL: https://mabui.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd902c8972819fa72cbec32cc1e70809717d9a174b23ec0ce2cc831e4f82ae33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49916
x-xss-protection: 0
server: cafe
etag: 16652301563836661712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 08:08:13 GMT

GET
H2 200 banner_mabui_labo2700x420.png
mabui.org/wp-content/uploads/2019/08/ 272 KB
272 KB 293ms
285ms Image
image/png 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabui.org/wp-content/uploads/2019/08/banner_mabui_labo2700x420.png
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 642a6034a5f6682587bcc5a68a64c6a7906483f8756965359322fa75ad8aa5bc

Request headers

:path: /wp-content/uploads/2019/08/banner_mabui_labo2700x420.png
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
last-modified: Sat, 24 Aug 2019 03:34:29 GMT
server: nginx
accept-ranges: bytes
etag: "43fef-590d499abaf13"
content-length: 278511
content-type: image/png

GET
H2 200 k8s-mini-3-150x150.png
mabui.org/wp-content/uploads/2020/07/ 6 KB
6 KB 293ms
285ms Image
image/png 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabui.org/wp-content/uploads/2020/07/k8s-mini-3-150x150.png
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 0b37c886b74752f0efe3d183fb4e46bce94c747c5894cd9620854d4cd7a080f2

Request headers

:path: /wp-content/uploads/2020/07/k8s-mini-3-150x150.png
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
last-modified: Sat, 04 Jul 2020 07:50:36 GMT
server: nginx
accept-ranges: bytes
etag: "1688-5a998e5a4a50a"
content-length: 5768
content-type: image/png

GET
H2 200 gatsbyjs_logo-1-150x150.png
mabui.org/wp-content/uploads/2020/04/ 7 KB
7 KB 292ms
285ms Image
image/png 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabui.org/wp-content/uploads/2020/04/gatsbyjs_logo-1-150x150.png
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 13baee8f04e9ad0adb9ebf45ba5f0521ed1a44f98774d312501d4d6dc2245314

Request headers

:path: /wp-content/uploads/2020/04/gatsbyjs_logo-1-150x150.png
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
last-modified: Tue, 28 Apr 2020 08:54:40 GMT
server: nginx
accept-ranges: bytes
etag: "1d58-5a455fb698138"
content-length: 7512
content-type: image/png

GET
H2 200 cloud_run-150x150.png
mabui.org/wp-content/uploads/2019/12/ 4 KB
5 KB 815ms
808ms Image
image/png 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabui.org/wp-content/uploads/2019/12/cloud_run-150x150.png
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: df6b48163935ef0ea26630bb1ee53d2f72cc93e01765f873df2e2428442cb287

Request headers

:path: /wp-content/uploads/2019/12/cloud_run-150x150.png
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
last-modified: Mon, 23 Dec 2019 11:29:26 GMT
server: nginx
accept-ranges: bytes
etag: "11ec-59a5d57108669"
content-length: 4588
content-type: image/png

GET
H2 200 %E3%82%B9%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%B3%E3%82%B7%E3%83%A7%E3%83%83%E3%83%88-2019-08-24-12.04.06-150x150.png
mabui.org/wp-content/uploads/2019/08/ 4 KB
4 KB 815ms
808ms Image
image/png 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabui.org/wp-content/uploads/2019/08/%E3%82%B9%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%B3%E3%82%B7%E3%83%A7%E3%83%83%E3%83%88-2019-08-24-12.04.06-150x150.png
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 97da5160e17f4e577950abe9f01d0f153e4df0295274663e4cb7391c98bce341

Request headers

:path: /wp-content/uploads/2019/08/%E3%82%B9%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%B3%E3%82%B7%E3%83%A7%E3%83%83%E3%83%88-2019-08-24-12.04.06-150x150.png
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
last-modified: Sat, 24 Aug 2019 03:22:00 GMT
server: nginx
accept-ranges: bytes
etag: "e0e-590d46d1144ec"
content-length: 3598
content-type: image/png

GET
H2 200 Nuxt_TypeScript-150x150.png
mabui.org/wp-content/uploads/2019/08/ 6 KB
6 KB 817ms
810ms Image
image/png 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabui.org/wp-content/uploads/2019/08/Nuxt_TypeScript-150x150.png
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: caa787b55f64e13610ea085ca203f95b628ca48200194a1bd5169581b6af2676

Request headers

:path: /wp-content/uploads/2019/08/Nuxt_TypeScript-150x150.png
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
last-modified: Sat, 24 Aug 2019 02:08:34 GMT
server: nginx
accept-ranges: bytes
etag: "1975-590d36672cfc3"
content-length: 6517
content-type: image/png

GET
H2 200 bvinside_original_original_original-1-150x150.jpg
mabui.org/wp-content/uploads/2019/06/ 10 KB
10 KB 817ms
810ms Image
image/jpeg 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabui.org/wp-content/uploads/2019/06/bvinside_original_original_original-1-150x150.jpg
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: f5ef009a81455b73b4f86df1ae34b573bf4c9f3af49bda9b8dc8e2ca094d1c2e

Request headers

:path: /wp-content/uploads/2019/06/bvinside_original_original_original-1-150x150.jpg
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
last-modified: Sat, 29 Jun 2019 10:44:02 GMT
server: nginx
accept-ranges: bytes
etag: "26e5-58c7412c36bb5"
content-length: 9957
content-type: image/jpeg

GET
H2 200 Go_module-150x150.png
mabui.org/wp-content/uploads/2019/04/ 7 KB
8 KB 815ms
808ms Image
image/png 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabui.org/wp-content/uploads/2019/04/Go_module-150x150.png
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: a32bc6cea11dd86b7b0539a9b2915997ea107fb6f4a0f1758163bca6563c32d5

Request headers

:path: /wp-content/uploads/2019/04/Go_module-150x150.png
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
last-modified: Thu, 11 Apr 2019 11:38:50 GMT
server: nginx
accept-ranges: bytes
etag: "1da0-5863fa1467760"
content-length: 7584
content-type: image/png

GET
H2 200 nuxt%E3%81%A6%E3%82%99%E5%A4%96%E9%83%A8api%E3%82%92%E5%AE%9F%E8%A1%8C-150x150.png
mabui.org/wp-content/uploads/2019/03/ 6 KB
6 KB 815ms
809ms Image
image/png 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabui.org/wp-content/uploads/2019/03/nuxt%E3%81%A6%E3%82%99%E5%A4%96%E9%83%A8api%E3%82%92%E5%AE%9F%E8%A1%8C-150x150.png
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 9318ed1baca2753d6cddae35a2955ed5ead55c3089169041ab7695ebc195d313

Request headers

:path: /wp-content/uploads/2019/03/nuxt%E3%81%A6%E3%82%99%E5%A4%96%E9%83%A8api%E3%82%92%E5%AE%9F%E8%A1%8C-150x150.png
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
last-modified: Mon, 11 Mar 2019 04:36:36 GMT
server: nginx
accept-ranges: bytes
etag: "1731-583ca1e2ffbc5"
content-length: 5937
content-type: image/png

GET
H2 200 plotly-orca-150x150.png
mabui.org/wp-content/uploads/2019/03/ 14 KB
14 KB 815ms
809ms Image
image/png 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabui.org/wp-content/uploads/2019/03/plotly-orca-150x150.png
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 7207857885a952b1c2186665075d3f5462556ed5c9e7f81c49895bb9b70c7b91

Request headers

:path: /wp-content/uploads/2019/03/plotly-orca-150x150.png
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
last-modified: Tue, 05 Mar 2019 13:21:42 GMT
server: nginx
accept-ranges: bytes
etag: "3859-58358c1071e9a"
content-length: 14425
content-type: image/png

GET
H2 200 linuxbrew-150x150.png
mabui.org/wp-content/uploads/2019/03/ 11 KB
11 KB 815ms
809ms Image
image/png 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabui.org/wp-content/uploads/2019/03/linuxbrew-150x150.png
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: cb661d430466376925828d7044b6d454fed1351eaeb97ca289970864af405a44

Request headers

:path: /wp-content/uploads/2019/03/linuxbrew-150x150.png
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
last-modified: Tue, 05 Mar 2019 13:10:21 GMT
server: nginx
accept-ranges: bytes
etag: "2cbf-5835898769865"
content-length: 11455
content-type: image/png

GET
H2 200 IMG_0896-150x150.jpg
mabui.org/wp-content/uploads/2019/01/ 5 KB
5 KB 816ms
810ms Image
image/jpeg 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabui.org/wp-content/uploads/2019/01/IMG_0896-150x150.jpg
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 39381b3223d06d2fcd3e0d70a07cefefbc958a7e478194f84ee5af90b087abb2

Request headers

:path: /wp-content/uploads/2019/01/IMG_0896-150x150.jpg
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
last-modified: Sun, 20 Jan 2019 07:09:41 GMT
server: nginx
accept-ranges: bytes
etag: "1287-57fde6d9600fe"
content-length: 4743
content-type: image/jpeg

GET
H2 200 %E7%A0%B4%E5%A4%A9%E8%8D%92%E3%83%95%E3%82%A7%E3%83%8B%E3%83%83%E3%82%AF%E3%82%B9-150x150.jpg
mabui.org/wp-content/uploads/2019/01/ 8 KB
9 KB 816ms
810ms Image
image/jpeg 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabui.org/wp-content/uploads/2019/01/%E7%A0%B4%E5%A4%A9%E8%8D%92%E3%83%95%E3%82%A7%E3%83%8B%E3%83%83%E3%82%AF%E3%82%B9-150x150.jpg
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 4a9a75ce3c408f4aabe29481866bc0dde783ed3db01e4015ea2e4417f52589a2

Request headers

:path: /wp-content/uploads/2019/01/%E7%A0%B4%E5%A4%A9%E8%8D%92%E3%83%95%E3%82%A7%E3%83%8B%E3%83%83%E3%82%AF%E3%82%B9-150x150.jpg
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
last-modified: Fri, 11 Jan 2019 08:51:44 GMT
server: nginx
accept-ranges: bytes
etag: "21fd-57f2acdf5efb0"
content-length: 8701
content-type: image/jpeg

GET
H2 200 %E3%83%95%E3%83%AA%E3%83%BC%E3%82%A8%E3%83%B3%E3%82%B7%E3%82%99%E3%83%8B%E3%82%A2%E4%B8%80%E5%B9%B4%E9%96%93%E3%81%AE%E6%8C%AF%E3%82%8A%E8%BF%94%E3%82%8A%E3%83%9F%E3%83%8B-150x150.png
mabui.org/wp-content/uploads/2018/12/ 22 KB
22 KB 815ms
809ms Image
image/png 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabui.org/wp-content/uploads/2018/12/%E3%83%95%E3%83%AA%E3%83%BC%E3%82%A8%E3%83%B3%E3%82%B7%E3%82%99%E3%83%8B%E3%82%A2%E4%B8%80%E5%B9%B4%E9%96%93%E3%81%AE%E6%8C%AF%E3%82%8A%E8%BF%94%E3%82%8A%E3%83%9F%E3%83%8B-150x150.png
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 093929e14d12a988230795c666934dbc9000c6cffe710916d82981c27c82d84b

Request headers

:path: /wp-content/uploads/2018/12/%E3%83%95%E3%83%AA%E3%83%BC%E3%82%A8%E3%83%B3%E3%82%B7%E3%82%99%E3%83%8B%E3%82%A2%E4%B8%80%E5%B9%B4%E9%96%93%E3%81%AE%E6%8C%AF%E3%82%8A%E8%BF%94%E3%82%8A%E3%83%9F%E3%83%8B-150x150.png
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
last-modified: Sat, 22 Dec 2018 02:22:12 GMT
server: nginx
accept-ranges: bytes
etag: "590f-57d93080b5c1c"
content-length: 22799
content-type: image/png

GET
H2 200 bookmark_button.js Show response
b.st-hatena.com/js/ 35 KB
11 KB 95ms
30ms Script
application/x-javascript 13.225.78.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.st-hatena.com/js/bookmark_button.js

Requested by

Host: mabui.org
URL: https://mabui.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-50.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

df7082849e38de724a9e44f1169768edf49b462f04d295927960d588a735bb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 06:37:28 GMT
server: nginx
age: 53810
etag: W/"61121ea8-8aee"
x-cache: Hit from cloudfront
content-type: application/x-javascript
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=86400
date: Thu, 12 Aug 2021 17:11:23 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: GyH9R3AAwefLREcrUullIuXVjnPYMjtFix0G2vqHoG63oXzObohIAw==
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
expires: Fri, 13 Aug 2021 17:11:23 GMT

GET
H2 200 affi_04_300x250.gif
bitflyer.jp/Images/Affiliate/ 4 KB
4 KB 182ms
56ms Image
image/gif 2a02:26f0:6c00:2b8::2b97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitflyer.jp/Images/Affiliate/affi_04_300x250.gif?201709

Requested by

Host: mabui.org
URL: https://mabui.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2b8::2b97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

be815cf735c98cb9548bf1660d794f733eaf2d7081a6e0fcb04f9dd33e7d47d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 03:06:24 GMT
etag: "0f818de5d8ed71:0"
x-frame-options: sameorigin
content-type: image/gif
cache-control: public, max-age=9552
date: Fri, 13 Aug 2021 08:08:13 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4330
x-xss-protection: 1; mode=block

GET
H2 200 binance.jpg
mabui.org/wp-content/uploads/2018/02/ 74 KB
75 KB 815ms
809ms Image
image/jpeg 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabui.org/wp-content/uploads/2018/02/binance.jpg
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: ed389330efe9cd4d87a3eaaca915a7d82ae809ef14b2928d8966a2d490152a61

Request headers

:path: /wp-content/uploads/2018/02/binance.jpg
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
last-modified: Wed, 07 Feb 2018 11:47:23 GMT
server: nginx
accept-ranges: bytes
etag: "12926-5649ddbc4dc9a"
content-length: 76070
content-type: image/jpeg

GET
H2 200 icon_Koala02_400x400.png
mabui.org/wp-content/uploads/2019/08/ 50 KB
50 KB 814ms
809ms Image
image/png 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabui.org/wp-content/uploads/2019/08/icon_Koala02_400x400.png
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: faf7299242a360da14d08ca221ad48c067a1de98bbe82ad4804f87a630a40d0d

Request headers

:path: /wp-content/uploads/2019/08/icon_Koala02_400x400.png
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
last-modified: Sat, 24 Aug 2019 04:05:54 GMT
server: nginx
accept-ranges: bytes
etag: "c6a5-590d50a0cca93"
content-length: 50853
content-type: image/png

GET
H2 200 search.png
mabui.org/wp-content/themes/stingerpro/images/ 356 B
490 B 815ms
810ms Image
image/png 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabui.org/wp-content/themes/stingerpro/images/search.png
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: eeccf8db2f38aff197eb60e56e0957b2035e3e4e51b6f2117d32e139ee711eff

Request headers

:path: /wp-content/themes/stingerpro/images/search.png
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
last-modified: Sat, 13 Jan 2018 07:32:58 GMT
server: nginx
accept-ranges: bytes
etag: "164-562a363e120c5"
content-length: 356
content-type: image/png

GET
H2 200 stock_1537967379-300x225.jpg
mabui.org/wp-content/uploads/2018/09/ 11 KB
11 KB 816ms
810ms Image
image/jpeg 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabui.org/wp-content/uploads/2018/09/stock_1537967379-300x225.jpg
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 555220b39b9ba3ca9725a4247295fdd2739754253b5fbf3b78750d9480e049ec

Request headers

:path: /wp-content/uploads/2018/09/stock_1537967379-300x225.jpg
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
last-modified: Wed, 26 Sep 2018 13:09:45 GMT
server: nginx
accept-ranges: bytes
etag: "2a76-576c5efadb78d"
content-length: 10870
content-type: image/jpeg

GET
H2 200 bot_1520403088-300x200.jpg
mabui.org/wp-content/uploads/2018/03/ 15 KB
15 KB 816ms
811ms Image
image/jpeg 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabui.org/wp-content/uploads/2018/03/bot_1520403088-300x200.jpg
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 98391e0fbf40ab5db458801d6bf122c3d13484028c9db79b557f55684e822c6c

Request headers

:path: /wp-content/uploads/2018/03/bot_1520403088-300x200.jpg
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
last-modified: Wed, 07 Mar 2018 06:11:35 GMT
server: nginx
accept-ranges: bytes
etag: "3b1c-566cc6e66ac0c"
content-length: 15132
content-type: image/jpeg

GET
H2 200 react-100x100.jpeg
mabui.org/wp-content/uploads/2018/06/ 2 KB
2 KB 816ms
811ms Image
image/jpeg 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabui.org/wp-content/uploads/2018/06/react-100x100.jpeg
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 98ee4fbe8614db8a5ccfe591a80d8807a27e05abd4a0ec64abad91a63a65e2dd

Request headers

:path: /wp-content/uploads/2018/06/react-100x100.jpeg
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
last-modified: Fri, 15 Jun 2018 15:00:45 GMT
server: nginx
accept-ranges: bytes
etag: "86e-56eaf7af92336"
content-length: 2158
content-type: image/jpeg

GET
H2 200 shadow-3249321_1280-100x100.png
mabui.org/wp-content/uploads/2018/03/ 8 KB
8 KB 816ms
811ms Image
image/png 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabui.org/wp-content/uploads/2018/03/shadow-3249321_1280-100x100.png
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: a88ef5948f23c5b0adbc0b50a4d9f92a0e4d741b46ac68167ba08fd1db58f141

Request headers

:path: /wp-content/uploads/2018/03/shadow-3249321_1280-100x100.png
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
last-modified: Sat, 24 Mar 2018 05:36:35 GMT
server: nginx
accept-ranges: bytes
etag: "1f26-56821ec8aa339"
content-length: 7974
content-type: image/png

GET
H2 200 json_1526456675-300x200.jpg
mabui.org/wp-content/uploads/2018/05/ 13 KB
13 KB 815ms
810ms Image
image/jpeg 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabui.org/wp-content/uploads/2018/05/json_1526456675-300x200.jpg
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: b36ecb1a50ac889c83d1d6d2b55173ffb0808114cb2ecd4a5d7989a9781e750d

Request headers

:path: /wp-content/uploads/2018/05/json_1526456675-300x200.jpg
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
last-modified: Wed, 16 May 2018 07:44:41 GMT
server: nginx
accept-ranges: bytes
etag: "3238-56c4de444cd1c"
content-length: 12856
content-type: image/jpeg

GET
H2 200 base.js Show response
mabui.org/wp-content/themes/stingerpro/js/ 9 KB
3 KB 280ms
279ms Script
application/javascript 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-content/themes/stingerpro/js/base.js?ver=4.9.18
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 3686f7b1a4cde2c272a4393108eb92db4316d7df62172794b98b7f48c61a4597

Request headers

:path: /wp-content/themes/stingerpro/js/base.js?ver=4.9.18
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:12 GMT
content-encoding: gzip
last-modified: Sat, 13 Jan 2018 07:32:58 GMT
server: nginx
etag: W/"2293-562a363e120c5"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 scroll.js Show response
mabui.org/wp-content/themes/stingerpro/js/ 2 KB
848 B 279ms
279ms Script
application/javascript 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-content/themes/stingerpro/js/scroll.js?ver=4.9.18
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: fec2acc682282fdd60daef7cab7526c3b8a270c01a4a730a4f9d39addd9bff4a

Request headers

:path: /wp-content/themes/stingerpro/js/scroll.js?ver=4.9.18
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:12 GMT
content-encoding: gzip
last-modified: Sat, 13 Jan 2018 07:32:58 GMT
server: nginx
etag: W/"7ac-562a363e120c5"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery.tubular.1.0.js Show response
mabui.org/wp-content/themes/stingerpro/js/ 9 KB
3 KB 279ms
279ms Script
application/javascript 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-content/themes/stingerpro/js/jquery.tubular.1.0.js?ver=4.9.18
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 5997a50e054a2fefe8061037d88751946214d8b212a7521353e1b318ab9096ce

Request headers

:path: /wp-content/themes/stingerpro/js/jquery.tubular.1.0.js?ver=4.9.18
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:12 GMT
content-encoding: gzip
last-modified: Sat, 13 Jan 2018 07:32:58 GMT
server: nginx
etag: W/"225a-562a363e120c5"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wp-embed.min.js Show response
mabui.org/wp-includes/js/ 1 KB
907 B 280ms
280ms Script
application/javascript 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-includes/js/wp-embed.min.js?ver=4.9.18
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=4.9.18
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 03:58:11 GMT
server: nginx
etag: W/"56f-5bffadf36acf6"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery.smooth-scroll.min.js Show response
mabui.org/wp-content/plugins/easy-table-of-contents/vendor/smooth-scroll/ 3 KB
2 KB 289ms
282ms Script
application/javascript 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-content/plugins/easy-table-of-contents/vendor/smooth-scroll/jquery.smooth-scroll.min.js?ver=1.5.5
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 40e9d15866315ced6279fbea2f54958e371d0ad22cc9a9afa38ff5b1e6cb8d62

Request headers

:path: /wp-content/plugins/easy-table-of-contents/vendor/smooth-scroll/jquery.smooth-scroll.min.js?ver=1.5.5
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
content-encoding: gzip
last-modified: Thu, 16 Aug 2018 01:17:11 GMT
server: nginx
etag: W/"d24-5738333da5b77"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 js.cookie.min.js Show response
mabui.org/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/ 2 KB
1 KB 289ms
282ms Script
application/javascript 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.0.3
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 2a13f0614c6eda6350a19c5114a4ba7eacaa97c4f57877e459a933046ab3897e

Request headers

:path: /wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.0.3
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
content-encoding: gzip
last-modified: Thu, 16 Aug 2018 01:17:11 GMT
server: nginx
etag: W/"64f-5738333da5b77"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery.sticky-kit.min.js Show response
mabui.org/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/ 3 KB
1 KB 289ms
281ms Script
application/javascript 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 9b4ed13bfe6e05b6340281394abe265105b1eb916ab1e53e604352525305f7c2

Request headers

:path: /wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
content-encoding: gzip
last-modified: Thu, 16 Aug 2018 01:17:11 GMT
server: nginx
etag: W/"b4c-5738333da5b77"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery.waypoints.min.js Show response
mabui.org/wp-content/plugins/easy-table-of-contents/vendor/waypoints/ 9 KB
3 KB 291ms
283ms Script
application/javascript 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-content/plugins/easy-table-of-contents/vendor/waypoints/jquery.waypoints.min.js?ver=1.9.2
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c

Request headers

:path: /wp-content/plugins/easy-table-of-contents/vendor/waypoints/jquery.waypoints.min.js?ver=1.9.2
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
content-encoding: gzip
last-modified: Thu, 16 Aug 2018 01:17:11 GMT
server: nginx
etag: W/"2344-5738333da5b77"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 front.min.js Show response
mabui.org/wp-content/plugins/easy-table-of-contents/assets/js/ 3 KB
1 KB 291ms
283ms Script
application/javascript 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=1.7
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 74e956292bede90e0473f95f83bc70d1eece2d651825e59c79b533b61f16130c

Request headers

:path: /wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=1.7
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
content-encoding: gzip
last-modified: Thu, 16 Aug 2018 01:17:11 GMT
server: nginx
etag: W/"a92-5738333da3c37"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wp-emoji-release.min.js Show response
mabui.org/wp-includes/js/ 12 KB
5 KB 815ms
810ms Script
application/javascript 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-includes/js/wp-emoji-release.min.js?ver=4.9.18
Requested by: Host: mabui.org
URL: https://mabui.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=4.9.18
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mabui.org
referer: https://mabui.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 03:58:11 GMT
server: nginx
etag: W/"2ea7-5bffadf36acf6"
vary: Accept-Encoding
content-type: application/javascript

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1223396145&t=pageview&_s=1&dl=https%3A%2F%2Fmabui.org%2F&ul=en-us&de=UTF-8&dt=GKE%E3%82%AF%E3%83%A9%E3%82%B9%E3%82%BF%E3%81%AB%E3%82%B3%E3%83%B3%E3%83%86%E3%83%8A%E3%82%92%E3%83%87%E3%83%97%E3%83%AD%E3%82%A4%E3%81%99%E3%82%8B%20%7C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1812511243&gjid=1818540432&cid=2102060008.1628842091&tid=UA-113704420-1&_gid=756673275.1628842091&_r=1&_slc=1&z=1887019206

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 08:08:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mabui.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
81 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-113704420-1&cid=2102060008.1628842091&jid=1812511243&gjid=1818540432&_gid=756673275.1628842091&_u=IEBAAEAAAAAAAC~&z=499888187

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 13 Aug 2021 08:08:10 GMT
content-type: text/plain
access-control-allow-origin: https://mabui.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=1223396145&t=pageview&_s=2&dl=https%3A%2F%2Fmabui.org%2F&ul=en-us&de=UTF-8&dt=GKE%E3%82%AF%E3%83%A9%E3%82%B9%E3%82%BF%E3%81%AB%E3%82%B3%E3%83%B3%E3%83%86%E3%83%8A%E3%82%92%E3%83%87%E3%83%97%E3%83%AD%E3%82%A4%E3%81%99%E3%82%8B%20%7C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=2102060008.1628842091&tid=UA-113704420-1&_gid=756673275.1628842091&z=168449771

Requested by

Host: mabui.org
URL: https://mabui.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Aug 2021 18:58:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47364
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 st-themecss-loader.php
mabui.org/wp-content/themes/stingerpro/ 16 KB
16 KB 1066ms
1062ms Image
text/css 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabui.org/wp-content/themes/stingerpro/st-themecss-loader.php?ver=4.9.18
Requested by: Host: mabui.org
URL: https://mabui.org/wp-content/themes/stingerpro/st-themecss-loader.php?ver=4.9.18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /wp-content/themes/stingerpro/st-themecss-loader.php?ver=4.9.18
pragma: no-cache
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mabui.org
referer: https://mabui.org/wp-content/themes/stingerpro/st-themecss-loader.php?ver=4.9.18
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mabui.org/wp-content/themes/stingerpro/st-themecss-loader.php?ver=4.9.18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 08:08:13 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: no-cache, must-revalidate, max-age=0
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 fontawesome-webfont.woff2
mabui.org/wp-content/themes/stingerpro/css/fontawesome/fonts/ 75 KB
76 KB 812ms
811ms Font
application/octet-stream 183.181.98.30
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mabui.org/wp-content/themes/stingerpro/css/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: mabui.org
URL: https://mabui.org/wp-content/themes/stingerpro/css/fontawesome/css/font-awesome.min.css?ver=4.7.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.30 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6029.xserver.jp
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-fetch-mode: cors
origin: https://mabui.org
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga=GA1.2.2102060008.1628842091; _gid=GA1.2.756673275.1628842091; _gat=1
:path: /wp-content/themes/stingerpro/css/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: mabui.org
referer: https://mabui.org/wp-content/themes/stingerpro/css/fontawesome/css/font-awesome.min.css?ver=4.7.0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://mabui.org
Referer: https://mabui.org/wp-content/themes/stingerpro/css/fontawesome/css/font-awesome.min.css?ver=4.7.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
last-modified: Sat, 13 Jan 2018 07:32:58 GMT
server: nginx
accept-ranges: bytes
etag: "12d68-562a363e120c5"
content-length: 77160

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: mabui.org
URL: https://mabui.org/wp-content/themes/stingerpro/js/jquery.tubular.1.0.js?ver=4.9.18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5443d42c7834cd8ff927327229833a12c96c6888dbd9c56c44896b327d3a492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
accept-ch-lifetime: 2592000
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
expires: Fri, 13 Aug 2021 08:08:13 GMT

GET
H2 200 /
b.hatena.ne.jp/entry/button/ 43 B
366 B 315ms
265ms Image
image/gif 65.9.73.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.hatena.ne.jp/entry/button/?url=https%3A%2F%2Fmabui.org%2F&layout=simple&format=image

Requested by

Host: mabui.org
URL: https://mabui.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.73.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: AMS1-C1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: public, max-age=3600, s-maxage=3600
content-length: 43
x-amz-cf-id: bbUjNLEzgtZ4kPhx8fuKS08lfhqkSV-KNwKGRoRJoAiKCIz91hmJdQ==

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ 252 KB
94 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6426500405646559&plah=mabui.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95570
x-xss-protection: 0
server: cafe
etag: 10066065015092213272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 08:08:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/ Frame 7578 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210809/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mabui.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://mabui.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 12 Aug 2021 22:05:12 GMT
expires: Thu, 26 Aug 2021 22:05:12 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 36181
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/50e823fc/www-widgetapi.vflset/ 126 KB
42 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfd684487fa502cbadc6a43e262a68e04e70ba90fa536625eade641357004111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 07:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 3849
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42941
x-xss-protection: 0
expires: Sat, 13 Aug 2022 07:04:04 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
655 B 93ms
33ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=mabui.org&callback=_gfp_s_&client=ca-pub-6426500405646559

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6426500405646559&plah=mabui.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

d2f6aeb2ae955a17cec0077b528f6ac63f8119b45c37ace3a2f26838433df0af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 35ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mabui.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 08:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 36ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mabui.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 08:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CC58 38 KB
2 KB 101ms
86ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6426500405646559&output=html&adk=1812271804&adf=3025194257&lmt=1628842093&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmabui.org%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093273&bpp=4&bdt=2357&idt=57&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1044594837019&frm=20&pv=2&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=78

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76b72a49a6a8417429c603e7914cb6d6e65fb60ecbd7e8dccdfd5578111ef0f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6426500405646559&output=html&adk=1812271804&adf=3025194257&lmt=1628842093&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmabui.org%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093273&bpp=4&bdt=2357&idt=57&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1044594837019&frm=20&pv=2&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=78
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mabui.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://mabui.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 13 Aug 2021 08:08:13 GMT
server: cafe
content-length: 1843
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 13-Aug-2021 08:23:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Aug 2021 08:08:13 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 219ms
198ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffa263f5d44762ba96ccf4475d6da0960f346183c533e582ca0140acadfea7d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628681433796959"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
expires: Fri, 13 Aug 2021 08:08:13 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mabui.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 08:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
17ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mabui.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 08:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3F29 104 KB
37 KB 438ms
437ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6426500405646559&output=html&h=600&adk=2396653557&adf=4066160023&pi=t.aa~a.1615223857~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1628842093&rafmt=1&to=qs&pwprc=2488837378&psa=0&format=300x600&url=https%3A%2F%2Fmabui.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=2&bdt=2570&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0&nras=2&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=UoPGjOyGsd&p=https%3A//mabui.org&dtd=8

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89e7f9cf48d270c1eb14ae279f9164c4181615ec41ef783d6494d8f0b48d1aac

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2507882471031310698/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2507882471031310698/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMiKhNPFrfICFeznuwgdOUoJEg&gqi=bSgWYd3JHvWU9u8P36qW6A8&layout=/sadbundle/%24csp%253Der3%24/2507882471031310698/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6426500405646559&output=html&h=600&adk=2396653557&adf=4066160023&pi=t.aa~a.1615223857~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1628842093&rafmt=1&to=qs&pwprc=2488837378&psa=0&format=300x600&url=https%3A%2F%2Fmabui.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=2&bdt=2570&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0&nras=2&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=UoPGjOyGsd&p=https%3A//mabui.org&dtd=8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mabui.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://mabui.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2507882471031310698/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2507882471031310698/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMiKhNPFrfICFeznuwgdOUoJEg&gqi=bSgWYd3JHvWU9u8P36qW6A8&layout=/sadbundle/%24csp%253Der3%24/2507882471031310698/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 13 Aug 2021 08:08:13 GMT
server: cafe
content-length: 38155
x-xss-protection: 0
set-cookie: IDE=AHWqTUmOp4uLajbYhxHPCoca6tJ8Gzli_woCRY5PgdSXfjGggRuxDbZYGTgtPecPPBA; expires=Wed, 07-Sep-2022 08:08:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Aug 2021 08:08:13 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DC0E 124 KB
39 KB 468ms
468ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6426500405646559&output=html&h=240&adk=2285683262&adf=1555212231&pi=t.aa~a.1615223857~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1628842093&rafmt=1&to=qs&pwprc=2488837378&psa=0&format=300x240&url=https%3A%2F%2Fmabui.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=1&bdt=2570&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0%2C300x600&nras=3&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=2536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1lFeVHOn72&p=https%3A//mabui.org&dtd=12

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d89f617d1a4091f2da392b727f870dda2930b0ac2023af8872f0bd45735da591

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11899247218272190717/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11899247218272190717/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLudhNPFrfICFU_huwgdrbENLw&gqi=bSgWYbbnHsCQ7_UPsciowA4&layout=/sadbundle/%24csp%253Der3%24/11899247218272190717/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6426500405646559&output=html&h=240&adk=2285683262&adf=1555212231&pi=t.aa~a.1615223857~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1628842093&rafmt=1&to=qs&pwprc=2488837378&psa=0&format=300x240&url=https%3A%2F%2Fmabui.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=1&bdt=2570&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0%2C300x600&nras=3&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=2536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1lFeVHOn72&p=https%3A//mabui.org&dtd=12
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mabui.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://mabui.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11899247218272190717/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11899247218272190717/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLudhNPFrfICFU_huwgdrbENLw&gqi=bSgWYbbnHsCQ7_UPsciowA4&layout=/sadbundle/%24csp%253Der3%24/11899247218272190717/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 13 Aug 2021 08:08:13 GMT
server: cafe
content-length: 39830
x-xss-protection: 0
set-cookie: IDE=AHWqTUnENMFiszL_Uc81msgucXKEy2KBEo-cQqSYm-IQ2zySD0EneuZLBC_tLqscB_U; expires=Wed, 07-Sep-2022 08:08:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Aug 2021 08:08:13 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F10F 110 KB
39 KB 634ms
633ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6426500405646559&output=html&h=147&adk=262794433&adf=4106228985&pi=t.aa~a.2479000084~rp.4&w=640&lmt=1628842093&nsk=fa8ae823&rafmt=11&pwprc=2488837378&psa=0&ad_type=text_image&format=640x147&url=https%3A%2F%2Fmabui.org%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=1&bdt=2570&idt=0&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0%2C300x600%2C300x240&nras=4&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PkuHbqzW5I&p=https%3A//mabui.org&dtd=14

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3ce7a9a146e25b93ca191653526fdbffc9bde3e01a4a15848485d0b2251e20f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6426500405646559&output=html&h=147&adk=262794433&adf=4106228985&pi=t.aa~a.2479000084~rp.4&w=640&lmt=1628842093&nsk=fa8ae823&rafmt=11&pwprc=2488837378&psa=0&ad_type=text_image&format=640x147&url=https%3A%2F%2Fmabui.org%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=1&bdt=2570&idt=0&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0%2C300x600%2C300x240&nras=4&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PkuHbqzW5I&p=https%3A//mabui.org&dtd=14
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mabui.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://mabui.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 13 Aug 2021 08:08:14 GMT
server: cafe
content-length: 40333
x-xss-protection: 0
set-cookie: IDE=AHWqTUkvjXGubcy1UyambdVca3KQ4j8bBIdsejac8gtfrrKLRcwFdV4m_VID3ILs1uo; expires=Wed, 07-Sep-2022 08:08:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Aug 2021 08:08:14 GMT
cache-control: private

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame 3F29 18 KB
8 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6426500405646559&output=html&h=600&adk=2396653557&adf=4066160023&pi=t.aa~a.1615223857~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1628842093&rafmt=1&to=qs&pwprc=2488837378&psa=0&format=300x600&url=https%3A%2F%2Fmabui.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=2&bdt=2570&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0&nras=2&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=UoPGjOyGsd&p=https%3A//mabui.org&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 08:01:18 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 3F29 2 KB
1 KB 34ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 390
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 08:01:43 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F29 124 KB
37 KB 37ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8cbb54bbb0b069796d0f00768cebf9a55f8b794ba31b2f317633d3533155871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:13 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628681446738120"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38222
x-xss-protection: 0
expires: Fri, 13 Aug 2021 08:08:13 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 3F29 14 KB
6 KB 30ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 07:14:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 07:14:56 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3F29 0
0 14ms
13ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSnyNQClSf5KNwy8FVXw7aBf-Ne3O7bpwO6aLtsdRzs_jYjNX5zN-eCHG7PnwW48RQpN8nPsWUSQCRl8Zk3PrEvuM6EHw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6426500405646559&output=html&h=600&adk=2396653557&adf=4066160023&pi=t.aa~a.1615223857~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1628842093&rafmt=1&to=qs&pwprc=2488837378&psa=0&format=300x600&url=https%3A%2F%2Fmabui.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=2&bdt=2570&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0&nras=2&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=UoPGjOyGsd&p=https%3A//mabui.org&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2507882471031310698/ Frame 74DF 2 KB
2 KB 22ms
12ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2507882471031310698/index.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbcacae5a8586dd68637808d09727c2c86a9ad4262b5e13919939adcd552bc7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/2507882471031310698/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1133
date: Tue, 10 Aug 2021 12:35:49 GMT
expires: Wed, 10 Aug 2022 12:35:49 GMT
last-modified: Thu, 15 Apr 2021 13:47:58 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 243144
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3F29 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CduyjbSgWYYigH-zP7_UPuZSlkAH804rCY66PlcvNDbGyjuzuDBABILeZ8mpglQKgAf-Ere0DyAEJqAMByANIqgSuAU_QLVfzHYlZn2Hsz5flqzN9UMjZjb07pGO00OWtAcATwIyLt75mYd9Xmg0zbTBAKX0Hv79X7CIQqVDOQSds22mhRxs4dAgfKz3geFucECvKcop_9pSgxxHJpvRHwNLo2dAdhCz917t9qqlC2z2oMSbLkjvlvpnGhyDtMN_dqtVpJ6VbVCh__aAJJpGQJKpe_EqURwo1RCwNEHsF6Anu0Jmqpn_jSgcVuQzndjxLW8AEvP7GwvgCkgUECAQYAZIFBAgFGASgBi6AB5L7mh2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQhrQG0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTY0MjY1MDA0MDU2NDY1NTkYAA&sigh=eEWTsiPtnNQ&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6426500405646559&output=html&h=600&adk=2396653557&adf=4066160023&pi=t.aa~a.1615223857~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1628842093&rafmt=1&to=qs&pwprc=2488837378&psa=0&format=300x600&url=https%3A%2F%2Fmabui.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=2&bdt=2570&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0&nras=2&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=UoPGjOyGsd&p=https%3A//mabui.org&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 13 Aug 2021 08:08:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11899247218272190717/ Frame 8FF6 6 KB
2 KB 25ms
9ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11899247218272190717/index.html

Requested by

Host: mabui.org
URL: https://mabui.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17f00a85306d4f4a60b221b6600767d6397293f184f0c9c98d47db7f9e4e927e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/11899247218272190717/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2321
date: Tue, 10 Aug 2021 13:26:18 GMT
expires: Wed, 10 Aug 2022 13:26:18 GMT
last-modified: Thu, 15 Apr 2021 13:50:05 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 240116
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 58FA 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwxxjbSgWYfuyH8_C7_UPreO2-AL804rCY_6jlcvNDbGyjuzuDBABILeZ8mpglQKgAf-Ere0DyAEJqAMByANIqgSuAU_QFGtglplqRkIm2R_j9IC-moZVE0_e3t5nsqAqJebhYKTBzi3jBGX3rp8xSZbWT7Hd7t6wFnlb3fsZs2f1OjPjrJkvlXZeFZVGRX-2D-Q1tTOqZAarDcyrWztWddj8oGg0CUcIEqLIpkeMl1eXFJhXhck8sO1qn6wmyA78XSBsXp08kesR2tPxhqCD0_p3jKWQjdDnmmZDha0XsyTeWZ6OJMbBywH3CuAeRfcjnMAEvP7GwvgCkgUECAQYAZIFBAgFGASgBi6AB5L7mh2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQueEC0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTY0MjY1MDA0MDU2NDY1NTkYAA&sigh=nxpbRXhRmmI&template_id=419

Requested by

Host: mabui.org
URL: https://mabui.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6426500405646559&output=html&h=240&adk=2285683262&adf=1555212231&pi=t.aa~a.1615223857~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1628842093&rafmt=1&to=qs&pwprc=2488837378&psa=0&format=300x240&url=https%3A%2F%2Fmabui.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=1&bdt=2570&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0%2C300x600&nras=3&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=2536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1lFeVHOn72&p=https%3A//mabui.org&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 13 Aug 2021 08:08:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame 58FA 18 KB
7 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6426500405646559&output=html&h=240&adk=2285683262&adf=1555212231&pi=t.aa~a.1615223857~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1628842093&rafmt=1&to=qs&pwprc=2488837378&psa=0&format=300x240&url=https%3A%2F%2Fmabui.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=1&bdt=2570&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0%2C300x600&nras=3&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=2536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1lFeVHOn72&p=https%3A//mabui.org&dtd=12

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 08:01:18 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 58FA 2 KB
1 KB 16ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 07:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 07:39:47 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 58FA 124 KB
37 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8cbb54bbb0b069796d0f00768cebf9a55f8b794ba31b2f317633d3533155871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:14 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628681446738120"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38222
x-xss-protection: 0
expires: Fri, 13 Aug 2021 08:08:14 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 58FA 14 KB
6 KB 14ms
10ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 08:01:00 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 58FA 0
0 16ms
14ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSSl40n8sIphKCNACHpnA5eWPAGzNJoclLnYyVl9raCGdadE9lJjetis6yjm-5Ad2RvaZuYBO8E8gUbwdMZkTKqBGjgOQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6426500405646559&output=html&h=240&adk=2285683262&adf=1555212231&pi=t.aa~a.1615223857~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1628842093&rafmt=1&to=qs&pwprc=2488837378&psa=0&format=300x240&url=https%3A%2F%2Fmabui.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=1&bdt=2570&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0%2C300x600&nras=3&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=2536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1lFeVHOn72&p=https%3A//mabui.org&dtd=12
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4F49 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6426500405646559&output=html&h=600&adk=2396653557&adf=4066160023&pi=t.aa~a.1615223857~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1628842093&rafmt=1&to=qs&pwprc=2488837378&psa=0&format=300x600&url=https%3A%2F%2Fmabui.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=2&bdt=2570&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0&nras=2&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=UoPGjOyGsd&p=https%3A//mabui.org&dtd=8
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnENMFiszL_Uc81msgucXKEy2KBEo-cQqSYm-IQ2zySD0EneuZLBC_tLqscB_U
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6426500405646559&output=html&h=600&adk=2396653557&adf=4066160023&pi=t.aa~a.1615223857~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1628842093&rafmt=1&to=qs&pwprc=2488837378&psa=0&format=300x600&url=https%3A%2F%2Fmabui.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=2&bdt=2570&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0&nras=2&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=UoPGjOyGsd&p=https%3A//mabui.org&dtd=8

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 13 Aug 2021 07:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1517
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 3F29 0
20 B 58ms
44ms Other
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMiKhNPFrfICFeznuwgdOUoJEg&gqi=bSgWYd3JHvWU9u8P36qW6A8&layout=/sadbundle/%24csp%253Der3%24/2507882471031310698/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 08:08:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3F29 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 995b7200ad3057557b129554ba10fdd52e4c4d0093334558670a02bcf488bce8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 74DF 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2507882471031310698/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 19:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 13 Aug 2021 19:35:50 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 74DF 26 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2507882471031310698/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70241
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 13 Aug 2021 12:37:33 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 74DF 236 KB
63 KB 40ms
14ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2507882471031310698/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Aug 2021 08:08:14 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ Frame 74DF 84 KB
29 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2507882471031310698/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 07:22:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 07:22:12 GMT

GET
H3-29 200 index.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2507882471031310698/ Frame 74DF 245 KB
53 KB 10ms
9ms Script
application/x-javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2507882471031310698/index.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2507882471031310698/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf50385b6be4ae3666b51d3c7143b16e769f27f850723f757213cb2119a75828

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 261391
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54224
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:47:58 GMT
server: sffe
date: Tue, 10 Aug 2021 07:31:43 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 07:31:43 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 50DF 143 B
163 B 10ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6426500405646559&output=html&h=240&adk=2285683262&adf=1555212231&pi=t.aa~a.1615223857~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1628842093&rafmt=1&to=qs&pwprc=2488837378&psa=0&format=300x240&url=https%3A%2F%2Fmabui.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=1&bdt=2570&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0%2C300x600&nras=3&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=2536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1lFeVHOn72&p=https%3A//mabui.org&dtd=12
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnENMFiszL_Uc81msgucXKEy2KBEo-cQqSYm-IQ2zySD0EneuZLBC_tLqscB_U
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6426500405646559&output=html&h=240&adk=2285683262&adf=1555212231&pi=t.aa~a.1615223857~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1628842093&rafmt=1&to=qs&pwprc=2488837378&psa=0&format=300x240&url=https%3A%2F%2Fmabui.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=1&bdt=2570&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0%2C300x600&nras=3&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=2536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1lFeVHOn72&p=https%3A//mabui.org&dtd=12

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 13 Aug 2021 07:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1517
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 58FA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f56b4b21a4335c2ef6d629a4fc3809de0c45c57fa4422c023d13257e69e92bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 58FA 0
20 B 53ms
52ms Other
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLudhNPFrfICFU_huwgdrbENLw&gqi=bSgWYbbnHsCQ7_UPsciowA4&layout=/sadbundle/%24csp%253Der3%24/11899247218272190717/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 08:08:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 8FF6 9 KB
3 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11899247218272190717/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 19:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 13 Aug 2021 19:35:50 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8FF6 26 KB
10 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11899247218272190717/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70241
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 13 Aug 2021 12:37:33 GMT

GET
H3-29 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8FF6 236 KB
63 KB 43ms
21ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11899247218272190717/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Aug 2021 08:08:14 GMT

GET
H3-29 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ Frame 8FF6 84 KB
29 KB 41ms
16ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11899247218272190717/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 08:01:27 GMT

GET
H3-29 200 index.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11899247218272190717/ Frame 8FF6 75 KB
14 KB 20ms
18ms Script
application/x-javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11899247218272190717/index.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11899247218272190717/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff7269a008c12c7647414708d7c2c3dc48b91b79ccd98d69d5973818f96d8ca

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 271883
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14588
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:50:05 GMT
server: sffe
date: Tue, 10 Aug 2021 04:36:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 04:36:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8FF6 2 KB
636 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11899247218272190717/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 07:37:27 GMT
server: ESF
date: Fri, 13 Aug 2021 08:08:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Aug 2021 08:08:14 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4F49
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

17ms
14ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkvjXGubcy1UyambdVca3KQ4j8bBIdsejac8gtfrrKLRcwFdV4m_VID3ILs1uo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 13 Aug 2021 08:08:14 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 13-Aug-2021 09:08:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Aug 2021 08:08:14 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 13 Aug 2021 08:08:14 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 50DF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

22ms
21ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkvjXGubcy1UyambdVca3KQ4j8bBIdsejac8gtfrrKLRcwFdV4m_VID3ILs1uo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 13 Aug 2021 08:08:14 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 13-Aug-2021 09:08:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Aug 2021 08:08:14 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 13 Aug 2021 08:08:14 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 photo.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11899247218272190717/ Frame 8FF6 21 KB
21 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11899247218272190717/photo.jpg?1585642139684

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f83883da7883e41666025da3d2897dd8a481347b205b4586ebfe033601e21c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 231835
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21434
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:50:05 GMT
server: sffe
date: Tue, 10 Aug 2021 15:44:19 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 15:44:19 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame F10F 8 KB
713 B 25ms
21ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6426500405646559&output=html&h=147&adk=262794433&adf=4106228985&pi=t.aa~a.2479000084~rp.4&w=640&lmt=1628842093&nsk=fa8ae823&rafmt=11&pwprc=2488837378&psa=0&ad_type=text_image&format=640x147&url=https%3A%2F%2Fmabui.org%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=1&bdt=2570&idt=0&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0%2C300x600%2C300x240&nras=4&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PkuHbqzW5I&p=https%3A//mabui.org&dtd=14

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 07:57:28 GMT
server: ESF
date: Fri, 13 Aug 2021 08:08:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Aug 2021 08:08:14 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame F10F 116 KB
30 KB 34ms
31ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500,700&text=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6a5a122b16dafe6bc413c43f8234317c1b2d29333dd3444f9e0c20a84261c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 08:07:17 GMT
server: ESF
date: Fri, 13 Aug 2021 08:08:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Aug 2021 08:08:14 GMT

GET
H3-29 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame F10F 31 KB
12 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/m_js_controller_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6310afc6b083799134ea872e83464c204f87e0963ec77d675f732682d6a06c67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12643
x-xss-protection: 0
server: cafe
etag: 13082689728437942179
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 08:08:03 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame F10F 18 KB
7 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 08:01:18 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame F10F 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 07:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 07:39:47 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F10F 124 KB
37 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8cbb54bbb0b069796d0f00768cebf9a55f8b794ba31b2f317633d3533155871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:14 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628681446738120"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38222
x-xss-protection: 0
expires: Fri, 13 Aug 2021 08:08:14 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame F10F 14 KB
6 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 08:01:00 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame F10F 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0CKTksIZomnMW8XOGbmdfYiGFiwbPDeF1Gf9K-Qw43Wo_bYUcxwk6NFp-om0r0Ed4RzysQ6-ZoiG2EE_QOsvuk1Bewg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6426500405646559&output=html&h=147&adk=262794433&adf=4106228985&pi=t.aa~a.2479000084~rp.4&w=640&lmt=1628842093&nsk=fa8ae823&rafmt=11&pwprc=2488837378&psa=0&ad_type=text_image&format=640x147&url=https%3A%2F%2Fmabui.org%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=1&bdt=2570&idt=0&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0%2C300x600%2C300x240&nras=4&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PkuHbqzW5I&p=https%3A//mabui.org&dtd=14
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js Show response
pagead2.googlesyndication.com/bg/ Frame 74DF 35 KB
13 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13373
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 16:00:22 GMT

GET
H3-29 200 photo2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11899247218272190717/ Frame 8FF6 20 KB
20 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11899247218272190717/photo2.jpg?1585642139684

Requested by

Host: mabui.org
URL: https://mabui.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9368fda7e8c17f22a6449ca64657b4c7923e589c7170f528153bcf1961b939c4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 244494
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19984
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:50:05 GMT
server: sffe
date: Tue, 10 Aug 2021 12:13:20 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 12:13:20 GMT

GET
H3-29 200 1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js Show response
pagead2.googlesyndication.com/bg/ Frame 8FF6 35 KB
13 KB 17ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13373
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 16:00:22 GMT

GET
H3-29 200 photo3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11899247218272190717/ Frame 8FF6 16 KB
16 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11899247218272190717/photo3.jpg?1585642139684

Requested by

Host: mabui.org
URL: https://mabui.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b5b0b91b02be93fe59bfac292fe5371d7cf999cb50008dc2c5720fe91c0234d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 303474
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16075
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:50:05 GMT
server: sffe
date: Mon, 09 Aug 2021 19:50:20 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 19:50:20 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/18306737875555623458/ Frame F10F 3 KB
3 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18306737875555623458/downsize_200k_v1?sqp=4sqPyQSSAUKPAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhYIZBBkGAEgAS0AAAA_MGQ4ZEUAAIA_&rs=AOga4qk6u7Nnsbmt0bqDC19OGEw0-KyfJA

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1e26bdece3cb02827d81f6c7ed382894460a08158b95a98d4548ffb455418fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 10:12:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 06 Oct 2020 14:19:26 GMT
server: sffe
age: 338172
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2946
x-xss-protection: 0
expires: Tue, 09 Aug 2022 10:12:02 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame F10F 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdCEVbSgWYePNH8K8lQft77aADcmpxM1f2pSLr_ILloLNhYgWEAEgt5nyamCVAqABtZ7HnQPIAQapAv4Y5djtsbM-qAMByAPLBKoErQFP0Nw36P8crQ6VjN3BVf2DjaqbOFw2wY5yQsYmgqHZmP-Ttl2IB9WGADSCYP0lNt1kANdWLJTtlCe_SZwGDufxJOjE4ECladN4WgqabO3OhJTVYNslgtjp9TswztJuHp1amf3ciUBDe8UVRqy4H9fBXL9Ey2HZrYM34WrM9wTREWN40GJYQZRiQ5hlvKHvu6QYoMumsWoncGWRhr-UVL5SO1inridNK0l5MW_cscAE_oOWxpgDkgUECAQYAZIFBAgFGASgBjeAB7PhuGKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQmr8d0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTY0MjY1MDA0MDU2NDY1NTkYAA&sigh=J6STwyLiGkw&template_id=492

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6426500405646559&output=html&h=147&adk=262794433&adf=4106228985&pi=t.aa~a.2479000084~rp.4&w=640&lmt=1628842093&nsk=fa8ae823&rafmt=11&pwprc=2488837378&psa=0&ad_type=text_image&format=640x147&url=https%3A%2F%2Fmabui.org%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=1&bdt=2570&idt=0&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0%2C300x600%2C300x240&nras=4&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PkuHbqzW5I&p=https%3A//mabui.org&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 13 Aug 2021 08:08:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CE8B 143 B
163 B 11ms
11ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6426500405646559&output=html&h=147&adk=262794433&adf=4106228985&pi=t.aa~a.2479000084~rp.4&w=640&lmt=1628842093&nsk=fa8ae823&rafmt=11&pwprc=2488837378&psa=0&ad_type=text_image&format=640x147&url=https%3A%2F%2Fmabui.org%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=1&bdt=2570&idt=0&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0%2C300x600%2C300x240&nras=4&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PkuHbqzW5I&p=https%3A//mabui.org&dtd=14
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkvjXGubcy1UyambdVca3KQ4j8bBIdsejac8gtfrrKLRcwFdV4m_VID3ILs1uo; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6426500405646559&output=html&h=147&adk=262794433&adf=4106228985&pi=t.aa~a.2479000084~rp.4&w=640&lmt=1628842093&nsk=fa8ae823&rafmt=11&pwprc=2488837378&psa=0&ad_type=text_image&format=640x147&url=https%3A%2F%2Fmabui.org%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628842093486&bpp=1&bdt=2570&idt=0&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01dc73458abd7bd1-224246d39ec80001%3AT%3D1628842093%3ART%3D1628842093%3AS%3DALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg&prev_fmts=0x0%2C300x600%2C300x240&nras=4&correlator=1044594837019&frm=20&pv=1&ga_vid=2102060008.1628842091&ga_sid=1628842093&ga_hid=1223396145&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C44748553%2C31062297&oid=3&pvsid=3084710030287049&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PkuHbqzW5I&p=https%3A//mabui.org&dtd=14

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 13 Aug 2021 07:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1517
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8102 1 KB
749 B 9ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 13 Aug 2021 03:09:05 GMT
expires: Sat, 14 Aug 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 17949
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame F10F 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:12:52 GMT
x-content-type-options: nosniff
age: 284122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 01:12:52 GMT

GET
H2 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2
fonts.gstatic.com/s/notosansjp/v28/ Frame F10F 50 KB
50 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v28/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500,700&text=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839c37491e75f874f27d008facea2ca67a0ee1ac4b4cf08cea849cd867f8a481

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:09:59 GMT
x-content-type-options: nosniff
age: 277095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51132
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:33:20 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 03:09:59 GMT

GET
DATA 200
OK truncated
/ Frame F10F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2073ba62a6675fe6005723047a82776dd726e4089594bc790e3c095da989a977

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8102 35 B
463 B 391ms
27ms Image
image/gif 91.228.74.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECVhfHYI4j1Qbykc-4h8_ik&google_cver=1&google_push=AYg5qPJMGkXlxJNFrOV1Wx7sKgcKFfRTLUHmlfgmOkt14wQjOVw_UFtmdaXROjmXVNJDj-uGFouP8Rl1aWX0xorgAKhI5USeAuYHMg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.226 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 08:08:14 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8102
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEFGPicHLRnD2eF3azVS0RQc&google_cver=1&google_push=AYg5qPJOV69VRw_8CDO54Nx18LDSiovAuG6SqXQ63cmQksQZ86ans4XaifS9ot5-HIR-1T5kNe2dISdpxKgpXVvtHn7xIGDUqeR_
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJOV69VRw_8CDO54Nx18LDSiovAuG6SqXQ63cmQksQZ86ans4XaifS9ot5-HIR-1T5kNe2dISdpxKgpXVvtHn7xIGDUqeR_&google_hm=Q0FFU0VGR1BpY0hMUm5EM...

170 B
188 B

54ms
36ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJOV69VRw_8CDO54Nx18LDSiovAuG6SqXQ63cmQksQZ86ans4XaifS9ot5-HIR-1T5kNe2dISdpxKgpXVvtHn7xIGDUqeR_&google_hm=Q0FFU0VGR1BpY0hMUm5EMmVGM2F6VlMwUlFj

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 08:08:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 08:08:14 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJOV69VRw_8CDO54Nx18LDSiovAuG6SqXQ63cmQksQZ86ans4XaifS9ot5-HIR-1T5kNe2dISdpxKgpXVvtHn7xIGDUqeR_&google_hm=Q0FFU0VGR1BpY0hMUm5EMmVGM2F6VlMwUlFj
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8102
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-hfbbKmoTqOMgd-SBM-m-w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

68ms
34ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-hfbbKmoTqOMgd-SBM-m-w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJsnDoKfoXC6Dnk6REzpRnDH6yjw24K-hvLuoOAV2_Sp-QggG-Vg5MaDopAtLQuzPZSrRxXMq6mBef8UhAGTgi6RPlKjNHL-g

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 08:08:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-hfbbKmoTqOMgd-SBM-m-w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJsnDoKfoXC6Dnk6REzpRnDH6yjw24K-hvLuoOAV2_Sp-QggG-Vg5MaDopAtLQuzPZSrRxXMq6mBef8UhAGTgi6RPlKjNHL-g
date: Fri, 13 Aug 2021 08:08:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8102
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHp5Wr5xG5h2bhtSLgUD7ro&google_cver=1&google_push=AYg5qPLQ6zyKceJmwvELqStPZAMHP2zTROCSgWCKZD4rXbcTq1zoxLeDTzk0TfHSk0GztZBkeMP...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NBMklaV0ktNS1JUUdH&google_push=AYg5qPLQ6zyKceJmwvELqStPZAMHP2zTROCSgWCKZD4rXbcTq1zoxLeDTzk0TfHSk0GztZBkeMP5WohH74R4mgWkvIsJd2wVGecVuA

170 B
188 B

54ms
35ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NBMklaV0ktNS1JUUdH&google_push=AYg5qPLQ6zyKceJmwvELqStPZAMHP2zTROCSgWCKZD4rXbcTq1zoxLeDTzk0TfHSk0GztZBkeMP5WohH74R4mgWkvIsJd2wVGecVuA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 08:08:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NBMklaV0ktNS1JUUdH&google_push=AYg5qPLQ6zyKceJmwvELqStPZAMHP2zTROCSgWCKZD4rXbcTq1zoxLeDTzk0TfHSk0GztZBkeMP5WohH74R4mgWkvIsJd2wVGecVuA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 8102
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--f...

0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8102
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFMYX_R0KcD724W9ZoyuNEI&google_cver=1&google_push=AYg5qPKr6vSwa3m-zPiXDO9k...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKr6vSwa3m-zPiXDO9kMP8imP4Zq0ncqrw0-MIP36UHEFVgq9_Iyv_IddNEJRzx8TkByWc6GTNImVUXokov2ppogeJt3PbPZQ&google_hm=

170 B
188 B

39ms
38ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKr6vSwa3m-zPiXDO9kMP8imP4Zq0ncqrw0-MIP36UHEFVgq9_Iyv_IddNEJRzx8TkByWc6GTNImVUXokov2ppogeJt3PbPZQ&google_hm=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 08:08:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Aug 2021 08:08:14 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKr6vSwa3m-zPiXDO9kMP8imP4Zq0ncqrw0-MIP36UHEFVgq9_Iyv_IddNEJRzx8TkByWc6GTNImVUXokov2ppogeJt3PbPZQ&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Thu, 12 Aug 2021 08:08:14 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8102 0
253 B 95ms
33ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I0yvDFB7RupWWVvdQ_Z233UqemdabxZdqscL8qQ_uBPPsgJ301x15IVswwLCWJKzk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 19ms
19ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210809&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c9b457c76268160bb7af6be355598719036294038c49933e2b4e800d93bcf9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 08:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8462
x-xss-protection: 0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CE8B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkvjXGubcy1UyambdVca3KQ4j8bBIdsejac8gtfrrKLRcwFdV4m_VID3ILs1uo; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 13 Aug 2021 08:08:14 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 13-Aug-2021 09:08:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Aug 2021 08:08:14 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 13 Aug 2021 08:08:14 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js Show response
pagead2.googlesyndication.com/bg/ Frame 5DA1 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13373
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 16:00:22 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 13 Aug 2021 08:08:14 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame FF09 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mabui.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://mabui.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 13 Aug 2021 05:39:46 GMT
expires: Sat, 13 Aug 2022 05:39:46 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8908
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 66F9 783 B
531 B 17ms
17ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f4aba2a5aaf079f5aee8ad5e55ef00bf1f62962f917d9d8cb8911ab8fb530446

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-E9/m5febeKmBJzmyVxzJsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mabui.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://mabui.org/

Response headers

expires: Fri, 13 Aug 2021 08:08:14 GMT
date: Fri, 13 Aug 2021 08:08:14 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-E9/m5febeKmBJzmyVxzJsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js Show response
pagead2.googlesyndication.com/bg/ Frame FF09 35 KB
13 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13373
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 16:00:22 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210809&jk=3084710030287049&bg=!U1ClUBTNAAbOj6irzo87ACkAdvg8WnSljF0MOO0IVwoz_WO8PVlEX3YCoKycJT1qfttnAonQlac4hgIAAABFUgAAAAloAQcKAIb32TI_hXcLQGh8XKK0N-xGRp-L7cGWaIeOEn9rt-dp2V9v9iBopj3zt8wPqGqDHN3x-FKcePw7SYl7TeN89bvTNn2Nq7U-zQTtHGqRzi3p0n3wrDCpv2wBFwvC7DO5AyDasyh5i4wJdEK7oLnmNJMjT9c6jajQHknb05sbRzmQ5UVgM3MBA5kCavvrRm7Eh6IaQBN2ZccOMo70HEZ-KmEl68eajWSjEW3-qgO6n07BeQRiqtLRsSYVLvRyi3I_JEt1iVnF7Qvu_7vHcg7aiMD3sVwLlbYyDyfQpkunz_8Pmyv7qZxE5QlJjKIuzIA6XoSsDHZ-pLdFIyI1sSnZIQoTV-CP-e_Km4OzefFhdTrROx5RbRoN24YCPRy3FiVafP7ivl_Waq5mksB7kJclyvdl3quQIByAsAvTh6ayFh_JDlGJR095FA-PeTqK-svtCUKyUP03NGllXyl-9gH8xopB2Q5TyF0QZ4svobBZnmIGBKJdwtHnR9vIazrNmMOvU1PsqhCk9Zkpg3_gfC-NNyqnKcGciAn18S3GczNQt7vLF7J1NzZw4obZLT1SCQc-cfxG4GcNYYRhUxoaOAdKpcvmtpfqJi1R19da4FTphjX31BbSvAUSEWhmg0OY7XU7oJvopMV_EinySvVf99yRyi2ilMy7oS5EEAEZieP6TEko2DVqse4SlgCBWE7uC0T_g7XU_rjXzovHOYysQSNEo9g4L79sbQDMNwm2_q3_0S4zbwHnXw8pZG2wuUY6cL2-Zn_Bd8_TLT5xE-gHs-LYVlYM-IsvsFFg3AulyJj9aLqxS8BWh6Cc1V6ad7Jdzg-eBGcaOHdKoFRx0A0mjj9R_J_rYgIUS97ioZPnnN8WOWwCz6q4Dfm3beZlOsu2KrpgjtGdn87t-gmU9fUWu6kMBCvO7zF2NpDbznnlwVazpcXA49kz5JB58mAmE06DVh8DeYp8_VHmq44_Ker-pC38bpvzK6iA4mirM4SGCjLh3OfxsJjtHQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mabui.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 08:08:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRYoboQZj1gcn3zSEGkMhwAABIQAAAIB&google_gid=CAESEJtbQfJxSFUVtosHPr5selE&google_cver=1&google_push=AYg5qPK00PqtOXsewRlkPtuF8IVpIXVDhn--fESluoUM_lUZ8RJlGcX0MJTMgxP3sF8zpqtZalSIImaDNBorZpoZVkTBNumcow2A

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 20:27:25	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 05:48:58	Name: IDE Value: AHWqTUkvjXGubcy1UyambdVca3KQ4j8bBIdsejac8gtfrrKLRcwFdV4m_VID3ILs1uo
.mabui.org/	1970-01-20 05:48:58	Name: __gads Value: ID=01dc73458abd7bd1-224246d39ec80001:T=1628842093:RT=1628842093:S=ALNI_MZw1F-bTa7SMukPkwBGC6cgoP1stg

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js(Line 12) Message: Deprecated property or method 'Ticker.setFPS'. See docs for info.
console-api	warning	URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js(Line 12) Message: Deprecated property or method 'Ticker.setFPS'. See docs for info.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
b.hatena.ne.jp
b.st-hatena.com
bitflyer.jp
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
mabui.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
s0.2mdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.youtube.com
cm.g.doubleclick.net
13.225.78.50
142.250.185.194
142.250.186.34
183.181.98.30
185.64.189.115
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:802::200e
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2004
2a00:1450:4001:811::200a
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a00:1450:4001:830::200a
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9d
2a02:26f0:6c00:2b8::2b97
52.59.79.213
65.9.73.111
69.173.144.165
79.137.69.91
91.228.74.226
01e43870a4218fe731a3516dd76725698c3aadfb285465086849c6b52ef71719
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
093929e14d12a988230795c666934dbc9000c6cffe710916d82981c27c82d84b
0b1aafb7f02e7c2a3bfae06e3897dd9f0e445a0453d1016bd5bcfb80435ef38c
0b37c886b74752f0efe3d183fb4e46bce94c747c5894cd9620854d4cd7a080f2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f56b4b21a4335c2ef6d629a4fc3809de0c45c57fa4422c023d13257e69e92bc
13baee8f04e9ad0adb9ebf45ba5f0521ed1a44f98774d312501d4d6dc2245314
17f00a85306d4f4a60b221b6600767d6397293f184f0c9c98d47db7f9e4e927e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
193fbb968733b8a7049da19274546e6b80b76e9a8f1b837fee9a5fdeb8f97c7b
2073ba62a6675fe6005723047a82776dd726e4089594bc790e3c095da989a977
2a13f0614c6eda6350a19c5114a4ba7eacaa97c4f57877e459a933046ab3897e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
326f79d8de1bf7e1f5e317736ce962cd59978b649bf8ff7dea2fc5ce0005f5ee
3686f7b1a4cde2c272a4393108eb92db4316d7df62172794b98b7f48c61a4597
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c
39381b3223d06d2fcd3e0d70a07cefefbc958a7e478194f84ee5af90b087abb2
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
40e9d15866315ced6279fbea2f54958e371d0ad22cc9a9afa38ff5b1e6cb8d62
4a9a75ce3c408f4aabe29481866bc0dde783ed3db01e4015ea2e4417f52589a2
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
555220b39b9ba3ca9725a4247295fdd2739754253b5fbf3b78750d9480e049ec
5997a50e054a2fefe8061037d88751946214d8b212a7521353e1b318ab9096ce
6310afc6b083799134ea872e83464c204f87e0963ec77d675f732682d6a06c67
642a6034a5f6682587bcc5a68a64c6a7906483f8756965359322fa75ad8aa5bc
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c9b457c76268160bb7af6be355598719036294038c49933e2b4e800d93bcf9c
7207857885a952b1c2186665075d3f5462556ed5c9e7f81c49895bb9b70c7b91
72e5e3fcd775fb75052cfa8980a8664b47e978d986fc7ab4ccd5f5c70c2ce9fb
74e956292bede90e0473f95f83bc70d1eece2d651825e59c79b533b61f16130c
76b72a49a6a8417429c603e7914cb6d6e65fb60ecbd7e8dccdfd5578111ef0f2
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839c37491e75f874f27d008facea2ca67a0ee1ac4b4cf08cea849cd867f8a481
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
89e7f9cf48d270c1eb14ae279f9164c4181615ec41ef783d6494d8f0b48d1aac
8b33eebc11529672afc8f1ac6d5d4ef24bed8dfec1505a2510c805e0dd21565f
8cbcacae5a8586dd68637808d09727c2c86a9ad4262b5e13919939adcd552bc7
8cd48a23b5cf3b3659e12bf6eee322a1781a624117ffe71bed68503224829031
9318ed1baca2753d6cddae35a2955ed5ead55c3089169041ab7695ebc195d313
9368fda7e8c17f22a6449ca64657b4c7923e589c7170f528153bcf1961b939c4
951c201eceb26489dc9b4cc8ea4e408ae957410ea32b0fc7d4845d851886739f
978b91442ec0cb49574698ace54b3190ea4a792c75d744e5009d9eedefa977fe
97da5160e17f4e577950abe9f01d0f153e4df0295274663e4cb7391c98bce341
98391e0fbf40ab5db458801d6bf122c3d13484028c9db79b557f55684e822c6c
98ee4fbe8614db8a5ccfe591a80d8807a27e05abd4a0ec64abad91a63a65e2dd
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
995b7200ad3057557b129554ba10fdd52e4c4d0093334558670a02bcf488bce8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b4ed13bfe6e05b6340281394abe265105b1eb916ab1e53e604352525305f7c2
9b5b0b91b02be93fe59bfac292fe5371d7cf999cb50008dc2c5720fe91c0234d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a32bc6cea11dd86b7b0539a9b2915997ea107fb6f4a0f1758163bca6563c32d5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f83883da7883e41666025da3d2897dd8a481347b205b4586ebfe033601e21c
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a623c8126810b6f5707458efe17af563dce796cb2d48477e3ab86a5e65e66f84
a88ef5948f23c5b0adbc0b50a4d9f92a0e4d741b46ac68167ba08fd1db58f141
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b36ecb1a50ac889c83d1d6d2b55173ffb0808114cb2ecd4a5d7989a9781e750d
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b89c49e40e1079859cf193c5c0c019b98b480083f6269ff3bd48865d5cb0bad7
b8cbb54bbb0b069796d0f00768cebf9a55f8b794ba31b2f317633d3533155871
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd2317f75582f7f94823a6289701498ee4c75d51ce502c09fd4663de07f3dda4
be815cf735c98cb9548bf1660d794f733eaf2d7081a6e0fcb04f9dd33e7d47d7
bf50385b6be4ae3666b51d3c7143b16e769f27f850723f757213cb2119a75828
bfd684487fa502cbadc6a43e262a68e04e70ba90fa536625eade641357004111
caa787b55f64e13610ea085ca203f95b628ca48200194a1bd5169581b6af2676
cb661d430466376925828d7044b6d454fed1351eaeb97ca289970864af405a44
cff7269a008c12c7647414708d7c2c3dc48b91b79ccd98d69d5973818f96d8ca
d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9
d2f6aeb2ae955a17cec0077b528f6ac63f8119b45c37ace3a2f26838433df0af
d35c809bcd9170b889f996ca93908d12502201718a5c13cf63eecdc5232f1e2d
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85
d89f617d1a4091f2da392b727f870dda2930b0ac2023af8872f0bd45735da591
dd902c8972819fa72cbec32cc1e70809717d9a174b23ec0ce2cc831e4f82ae33
df6b48163935ef0ea26630bb1ee53d2f72cc93e01765f873df2e2428442cb287
df7082849e38de724a9e44f1169768edf49b462f04d295927960d588a735bb5c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ce7a9a146e25b93ca191653526fdbffc9bde3e01a4a15848485d0b2251e20f
e3d961493e244e06bf91a9857442891e2e2ad8d49cf8e0a7781c53f0707443d7
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e6a5a122b16dafe6bc413c43f8234317c1b2d29333dd3444f9e0c20a84261c13
ed389330efe9cd4d87a3eaaca915a7d82ae809ef14b2928d8966a2d490152a61
eeccf8db2f38aff197eb60e56e0957b2035e3e4e51b6f2117d32e139ee711eff
ef31ff5955af2191a873202eaf72a91e9cb30b6db71047452f00b3c3182668dd
f1e26bdece3cb02827d81f6c7ed382894460a08158b95a98d4548ffb455418fc
f4aba2a5aaf079f5aee8ad5e55ef00bf1f62962f917d9d8cb8911ab8fb530446
f5443d42c7834cd8ff927327229833a12c96c6888dbd9c56c44896b327d3a492
f5ef009a81455b73b4f86df1ae34b573bf4c9f3af49bda9b8dc8e2ca094d1c2e
faf7299242a360da14d08ca221ad48c067a1de98bbe82ad4804f87a630a40d0d
fec2acc682282fdd60daef7cab7526c3b8a270c01a4a730a4f9d39addd9bff4a
ffa263f5d44762ba96ccf4475d6da0960f346183c533e582ca0140acadfea7d6

mabui.org Open in urlscan Pro 183.181.98.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

138 Requests

99 %HTTPS

66 %IPv6

20 Domains

25 Subdomains

26 IPs

6 Countries

1832 kBTransfer

4090 kBSize

3 Cookies

7 Outgoing links

Page URL History

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mabui.org Open in urlscan Pro
183.181.98.30 Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

99 %
HTTPS

66 %
IPv6

20
Domains

25
Subdomains

26
IPs

6
Countries

1832 kB
Transfer

4090 kB
Size

3
Cookies

138 HTTP transactions
3 data transactions