urlscan.io logo urlscan.io
SecurityTrails logo

chatdemaison.jugem.jp Open in urlscan Pro
18.176.200.96  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://chatdemaison.jugem.jp/
Submission: On June 30 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 92 IPs in 8 countries across 104 domains to perform 371 HTTP transactions. The main IP is 18.176.200.96, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is chatdemaison.jugem.jp.
This is the only time chatdemaison.jugem.jp was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: JR East (Transportation)

Domain & IP information

IP Address AS Autonomous System
2 4 18.176.200.96 16509 (AMAZON-02)
2 2600:9000:202... 16509 (AMAZON-02)
1 13.35.93.55 16509 (AMAZON-02)
6 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:202... 16509 (AMAZON-02)
13 2606:2800:220... 15133 (EDGECAST)
6 2600:9000:21e... 16509 (AMAZON-02)
1 23.47.144.138 20940 (AKAMAI-ASN1)
1 133.237.60.111 23820 (RAKUTEN R...)
1 3 108.138.107.138 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
3 34.160.89.38 15169 (GOOGLE)
22 2a03:2880:f01... 32934 (FACEBOOK)
1 18.164.107.227 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 13.113.171.214 16509 (AMAZON-02)
4 124.146.215.46 2514 (INFOSPHER...)
4 2602:803:c002... 26667 (RUBICONPR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.213.115.3 15169 (GOOGLE)
1 2620:100:a001... 19750 (AS-CRITEO)
1 103.132.192.30 138552 (RTBHOUSE-...)
10 15 68.67.160.75 29990 (ASN-APPNEX)
1 34.237.98.178 14618 (AMAZON-AES)
4 18.164.124.68 16509 (AMAZON-02)
6 10 35.213.109.249 15169 (GOOGLE)
1 104.36.115.111 62713 (AS-PUBMATIC)
2 104.18.25.185 13335 (CLOUDFLAR...)
4 104.244.42.136 13414 (TWITTER)
2 14 52.46.143.56 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 2600:9000:220... 16509 (AMAZON-02)
5 5 70.42.32.95 22075 (AS-OUTBRAIN)
3 23.77.173.8 16625 (AKAMAI-AS)
5 24 192.40.39.223 27381 (CASALE-MEDIA)
1 5 35.244.159.8 15169 (GOOGLE)
2 2 23.105.12.158 30633 (LEASEWEB-...)
6 104.127.172.242 16625 (AKAMAI-AS)
19 67 142.250.65.194 15169 (GOOGLE)
9 9 52.223.40.198 16509 (AMAZON-02)
8 8 3.225.186.40 14618 (AMAZON-AES)
3 5 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 141.226.224.48 200478 (TABOOLA-AS)
3 3 3.225.218.10 14618 (AMAZON-AES)
2 6 2600:1f18:4e9... 14618 (AMAZON-AES)
1 3 8.28.7.81 62713 (AS-PUBMATIC)
1 2607:f8b0:400... 15169 (GOOGLE)
21 2607:f8b0:400... 15169 (GOOGLE)
7 10 69.173.151.100 26667 (RUBICONPR...)
2 2620:1ec:21::14 8068 (MICROSOFT...)
1 52.95.125.22 16509 (AMAZON-02)
2 3 151.101.194.49 54113 (FASTLY)
1 1 199.38.167.130 54312 (ROCKETFUEL)
9 162.248.18.37 62713 (AS-PUBMATIC)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 1 198.148.27.140 ()
1 1 23.105.12.151 ()
1 1 216.200.232.249 30419 (MEDIAMATH...)
2 20 8.28.7.83 62713 (AS-PUBMATIC)
1 2 38.91.45.7 398989 (DEEPINTENT)
1 1 2620:116:800b... 14618 (AMAZON-AES)
2 2 173.231.178.117 32475 (SINGLEHOP...)
1 74.119.119.150 19750 (AS-CRITEO)
2 2 52.202.52.98 14618 (AMAZON-AES)
2 3 34.230.233.1 14618 (AMAZON-AES)
1 1 54.211.72.252 14618 (AMAZON-AES)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 1 35.214.209.26 15169 (GOOGLE)
4 34.149.40.38 15169 (GOOGLE)
4 5 34.111.113.62 396982 (GOOGLE-CL...)
4 13 52.223.22.214 16509 (AMAZON-02)
1 2 34.196.240.12 14618 (AMAZON-AES)
3 3 34.133.71.175 396982 (GOOGLE-CL...)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
3 8.28.7.84 62713 (AS-PUBMATIC)
2 2 2606:ae80:147... 25751 (VALUECLICK)
1 54.90.39.207 14618 (AMAZON-AES)
1 1 52.0.248.85 14618 (AMAZON-AES)
9 10 35.211.178.172 15169 (GOOGLE)
1 1 54.156.165.4 14618 (AMAZON-AES)
2 2 207.198.113.87 13768 (COGECO-PEER1)
1 2 38.98.69.175 174 (COGENT-174)
2 2 185.167.164.49 198622 (ADFORM)
1 1 23.4.226.82 16625 (AKAMAI-AS)
2 2620:100:a001::4 19750 (AS-CRITEO)
1 1 8.39.36.141 ()
5 2607:f8b0:400... ()
4 2607:f8b0:400... ()
4 2607:f8b0:400... ()
2 222.230.178.129 ()
12 2607:f8b0:400... ()
2 222.230.178.130 ()
2 2600:141b:e80... ()
1 1 38.68.201.140 ()
1 1 69.166.1.10 ()
2 2 52.23.63.120 ()
1 1 159.203.145.121 ()
1 1 3.215.195.177 ()
2 2 52.203.174.216 ()
1 1 104.112.8.40 ()
1 2 51.222.239.230 ()
4 142.250.72.98 ()
2 4 2620:100:a001::c ()
3 74.119.119.139 ()
2 162.19.138.82 ()
1 2600:1400:d::... ()
1 1 35.211.118.13 ()
1 107.178.248.96 ()
2 104.18.10.47 ()
1 23.77.241.5 ()
1 2 13.225.63.2 ()
1 2600:1901:0:e... ()
1 1 35.190.90.30 ()
1 2620:1ec:c11:... ()
1 1 23.197.21.62 ()
7 11 133.186.12.12 ()
1 1 222.230.178.29 ()
1 202.232.238.37 ()
1 1 13.113.41.51 ()
1 1 172.104.105.5 ()
1 1 52.192.19.90 ()
4 4 199.127.204.142 ()
1 1 34.102.163.6 ()
1 35.186.193.173 ()
1 1 172.105.232.22 ()
1 1 20.85.134.6 ()
1 162.55.120.196 ()
1 195.5.165.20 ()
2 2 104.127.64.185 ()
1 3.91.118.28 ()
1 35.153.221.178 ()
1 34.251.135.187 ()
1 1 34.102.253.54 ()
3 2607:f8b0:400... ()
1 162.19.138.119 ()
1 1 34.111.151.213 ()
10 2a03:2880:f11... ()
4 142.251.40.194 ()
371 92
4    18.176.200.96 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-200-96.ap-northeast-1.compute.amazonaws.com
chatdemaison.jugem.jp
2    2600:9000:202c:1000:13:9454:1700:93a1 (United States)

ASN16509 (AMAZON-02, US)
imaging.jugem.jp
1    13.35.93.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-55.jfk50.r.cloudfront.net
flux-cdn.com
6    2607:f8b0:4006:824::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2600:9000:202c:6e00:13:9454:1700:93a1 (United States)

ASN16509 (AMAZON-02, US)
imaging.jugem.jp
13    2606:2800:220:de:468:2285:c1:4a3 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
6    2600:9000:21ec:5e00:1d:8805:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
img-cdn.jg.jugem.jp
1    23.47.144.138 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-47-144-138.deploy.static.akamaitechnologies.com
www.eki-net.com
1    133.237.60.111 (Japan)

ASN23820 (RAKUTEN Rakuten Group, Inc., JP)
PTR: corp.rakuten.co.jp
corp.rakuten.co.jp
3    108.138.107.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-107-138.jfk50.r.cloudfront.net
c.amazon-adsystem.com
3    2607:f8b0:4006:80f::200e (Flushing, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    34.160.89.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.89.160.34.bc.googleusercontent.com
a.flux.jp
22    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
1    18.164.107.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-107-227.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
4    13.113.171.214 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-171-214.ap-northeast-1.compute.amazonaws.com
pb.ladsp.com
4    124.146.215.46 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
d.socdm.com
4    2602:803:c002:200::41 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    35.213.115.3 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 3.115.213.35.bc.googleusercontent.com
rtb-jp.mediago.io
1    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
1    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
15    68.67.160.75 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    34.237.98.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-98-178.compute-1.amazonaws.com
tlx.3lift.com
4    18.164.124.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-68.jfk50.r.cloudfront.net
ad.as.amanad.adtdp.com
10    35.213.109.249 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 249.109.213.35.bc.googleusercontent.com
y.one.impact-ad.jp
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
4    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
14    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2607:f8b0:4004:c08::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2600:9000:2209:fa00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
5    70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    23.77.173.8 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-77-173-8.deploy.static.akamaitechnologies.com
ads.pubmatic.com
24    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
2    23.105.12.158 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
6    104.127.172.242 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-172-242.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
67    142.250.65.194 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net
cm.g.doubleclick.net
pagead2.googlesyndication.com
www.googletagservices.com
9    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
8    3.225.186.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-186-40.compute-1.amazonaws.com
match.prod.bidr.io
5    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
3    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
6    2600:1f18:4e9:5a07:2a9f:40df:c424:1e81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
3    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2607:f8b0:4006:807::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
21    2607:f8b0:4006:817::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)
ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
tpc.googlesyndication.com
10    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    52.95.125.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
9    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    2603:c020:400d:3000:7130:bb0b:d7e:bee2 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    198.148.27.140 (None, )

ASN- ()
bh.contextweb.com
1    23.105.12.151 (None, )

ASN- ()
rtb-csync.smartadserver.com
1    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
20    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
2    173.231.178.117 (Secaucus, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: lga-delivery-9.sys.adgear.com
cm.adgrx.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    52.202.52.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-52-98.compute-1.amazonaws.com
pm.w55c.net
3    34.230.233.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-233-1.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    54.211.72.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-72-252.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
1    35.214.209.26 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 26.209.214.35.bc.googleusercontent.com
csync.loopme.me
4    34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
5    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
13    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    34.196.240.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-240-12.compute-1.amazonaws.com
thrtle.com
3    34.133.71.175 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 175.71.133.34.bc.googleusercontent.com
um.simpli.fi
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
3    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    2606:ae80:1471:19::1080 (United States)

ASN25751 (VALUECLICK, US)
pubmatic-match.dotomi.com
1    54.90.39.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-39-207.compute-1.amazonaws.com
rtb.adentifi.com
1    52.0.248.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-248-85.compute-1.amazonaws.com
sync.ipredictive.com
10    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    54.156.165.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-165-4.compute-1.amazonaws.com
sonata-notifications.taptapnetworks.com
2    207.198.113.87 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    38.98.69.175 (New York, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
2    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    23.4.226.82 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-4-226-82.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    8.39.36.141 (None, )

ASN- ()
pixel-us-west.rubiconproject.com
5    2607:f8b0:4006:816::2001 (None, )

ASN- ()
cdn.ampproject.org
4    2607:f8b0:4006:817::2004 (None, )

ASN- ()
www.google.com
4    2607:f8b0:4006:809::2002 (None, )

ASN- ()
googleads.g.doubleclick.net
2    222.230.178.129 (None, )

ASN- ()
js.mediams.mb.softbank.jp
12    2607:f8b0:4006:824::2006 (None, )

ASN- ()
s0.2mdn.net
2    222.230.178.130 (None, )

ASN- ()
mediamsmbsoftbank.genieesspv.jp
2    2600:141b:e800:38::17c6:d654 (None, )

ASN- ()
dmp.im-apps.net
1    38.68.201.140 (None, )

ASN- ()
aep.mxptint.net
1    69.166.1.10 (None, )

ASN- ()
sync.go.sonobi.com
2    52.23.63.120 (None, )

ASN- ()
match.360yield.com
1    159.203.145.121 (None, )

ASN- ()
cs.chocolateplatform.com
1    3.215.195.177 (None, )

ASN- ()
fksnk.com
2    52.203.174.216 (None, )

ASN- ()
t.pswec.com
1    104.112.8.40 (None, )

ASN- ()
cs.media.net
2    51.222.239.230 (None, )

ASN- ()
onetag-sys.com
4    142.250.72.98 (None, )

ASN- ()
googleads4.g.doubleclick.net
4    2620:100:a001::c (None, )

ASN- ()
gum.criteo.com
3    74.119.119.139 (None, )

ASN- ()
mug.criteo.com
2    162.19.138.82 (None, )

ASN- ()
id5-sync.com
1    2600:1400:d::1721:eea8 (None, )

ASN- ()
sync6.im-apps.net
1    35.211.118.13 (None, )

ASN- ()
r.bidswitch.net
1    107.178.248.96 (None, )

ASN- ()
penta.a.one.impact-ad.jp
2    104.18.10.47 (None, )

ASN- ()
js-sec.indexww.com
cdn.indexww.com
1    23.77.241.5 (None, )

ASN- ()
acdn.adnxs.com
2    13.225.63.2 (None, )

ASN- ()
cr-p31.ladsp.com
1    2600:1901:0:e207:: (None, )

ASN- ()
audiencedata.im-apps.net
1    35.190.90.30 (None, )

ASN- ()
odr.mookie1.com
1    2620:1ec:c11::200 (None, )

ASN- ()
c.bing.com
1    23.197.21.62 (None, )

ASN- ()
stags.bluekai.com
11    133.186.12.12 (None, )

ASN- ()
cs.gssprt.jp
1    222.230.178.29 (None, )

ASN- ()
rt.gsspat.jp
1    202.232.238.37 (None, )

ASN- ()
sync.fout.jp
1    13.113.41.51 (None, )

ASN- ()
bypass.ad-stir.com
1    172.104.105.5 (None, )

ASN- ()
g.c.appier.net
1    52.192.19.90 (None, )

ASN- ()
ds.uncn.jp
4    199.127.204.142 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
1    34.102.163.6 (None, )

ASN- ()
ad.mrtnsvr.com
1    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    172.105.232.22 (None, )

ASN- ()
gocm.c.appier.net
1    20.85.134.6 (None, )

ASN- ()
mweb.ck.inmobi.com
1    162.55.120.196 (None, )

ASN- ()
matching.truffle.bid
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
2    104.127.64.185 (None, )

ASN- ()
px.owneriq.net
1    3.91.118.28 (None, )

ASN- ()
crb.kargo.com
1    35.153.221.178 (None, )

ASN- ()
sync.bfmio.com
1    34.251.135.187 (None, )

ASN- ()
synchroscript.deliveryengine.adswizz.com
1    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
3    2607:f8b0:4006:81d::2002 (None, )

ASN- ()
pagead2.googlesyndication.com
1    162.19.138.119 (None, )

ASN- ()
lb.eu-1-id5-sync.com
1    34.111.151.213 (None, )

ASN- ()
dmp.brand-display.com
10    2a03:2880:f112:182:face:b00c:0:25de (None, )

ASN- ()
www.facebook.com
4    142.251.40.194 (None, )

ASN- ()
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
54 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
cm.g.doubleclick.net — Cisco Umbrella Rank: 254
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
264 KB
53 googlesyndication.com
ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
ade.googlesyndication.com
255 KB
39 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 575
ads.pubmatic.com — Cisco Umbrella Rank: 553
image6.pubmatic.com — Cisco Umbrella Rank: 812
image2.pubmatic.com — Cisco Umbrella Rank: 1036
simage2.pubmatic.com — Cisco Umbrella Rank: 797
image4.pubmatic.com — Cisco Umbrella Rank: 1305
simage4.pubmatic.com
44 KB
26 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 642
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 485
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635
dsum.casalemedia.com
20 KB
22 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 552
eus.rubiconproject.com — Cisco Umbrella Rank: 616
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1199
token.rubiconproject.com — Cisco Umbrella Rank: 652
pixel.rubiconproject.com — Cisco Umbrella Rank: 374
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1160
pixel-us-west.rubiconproject.com
43 KB
20 fbcdn.net
static.xx.fbcdn.net
1 MB
19 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 353
aax.amazon-adsystem.com — Cisco Umbrella Rank: 438
s.amazon-adsystem.com — Cisco Umbrella Rank: 333
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1025
71 KB
17 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 978
syndication.twitter.com — Cisco Umbrella Rank: 1152
278 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 257
secure.adnxs.com
acdn.adnxs.com
33 KB
14 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 646
eb2.3lift.com — Cisco Umbrella Rank: 422
6 KB
14 jugem.jp
chatdemaison.jugem.jp
imaging.jugem.jp
img-cdn.jg.jugem.jp
72 KB
12 2mdn.net
s0.2mdn.net
318 KB
11 gssprt.jp
cs.gssprt.jp
3 KB
11 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 359
r.bidswitch.net
5 KB
11 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 4785
penta.a.one.impact-ad.jp
9 KB
10 facebook.com
www.facebook.com
136 KB
9 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 338
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481
5 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 383
4 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 719
dis.criteo.com — Cisco Umbrella Rank: 608
gum.criteo.com
mug.criteo.com
9 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 610
4 KB
7 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1574
mp.4dex.io — Cisco Umbrella Rank: 2835
u.4dex.io — Cisco Umbrella Rank: 4330
27 KB
6 ladsp.com
pb.ladsp.com — Cisco Umbrella Rank: 66768
cr-p31.ladsp.com
3 KB
5 ampproject.org
cdn.ampproject.org
110 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 524
1 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 113
www.google.com
1 KB
5 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 893
s.tribalfusion.com — Cisco Umbrella Rank: 1946
2 KB
5 openx.net
u.openx.net — Cisco Umbrella Rank: 769
us-u.openx.net — Cisco Umbrella Rank: 496
1 KB
5 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 573
3 KB
4 im-apps.net
dmp.im-apps.net
sync6.im-apps.net
audiencedata.im-apps.net
4 KB
4 adtdp.com
ad.as.amanad.adtdp.com — Cisco Umbrella Rank: 5965
3 KB
4 socdm.com
d.socdm.com — Cisco Umbrella Rank: 52313
9 KB
3 1rx.io
sync.1rx.io
2 KB
3 googletagservices.com
www.googletagservices.com
168 KB
3 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 6888
aep.mxptint.net
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 1067
1 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 981
2 KB
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1667
1 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 796
943 B
3 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 8420
rtb-csync.smartadserver.com
ssbsync.smartadserver.com
1 KB
3 flux.jp
a.flux.jp — Cisco Umbrella Rank: 79852
875 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
21 KB
2 owneriq.net
px.owneriq.net
1 KB
2 appier.net
g.c.appier.net
gocm.c.appier.net
823 B
2 indexww.com
js-sec.indexww.com
cdn.indexww.com
2 KB
2 id5-sync.com
id5-sync.com
2 KB
2 onetag-sys.com
onetag-sys.com
807 B
2 pswec.com
t.pswec.com
1 KB
2 360yield.com
match.360yield.com
811 B
2 genieesspv.jp
mediamsmbsoftbank.genieesspv.jp
3 KB
2 softbank.jp
js.mediams.mb.softbank.jp
6 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 568
58 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 633
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 756
938 B
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4489
744 B
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1499
682 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1044
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1657
1011 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1137
561 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 414
880 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 173
88 KB
1 brand-display.com
dmp.brand-display.com
349 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com
407 B
1 playground.xyz
ads.playground.xyz
464 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com
397 B
1 bfmio.com
sync.bfmio.com
425 B
1 kargo.com
crb.kargo.com
504 B
1 iprom.net
core.iprom.net
279 B
1 truffle.bid
matching.truffle.bid
1 inmobi.com
mweb.ck.inmobi.com
348 B
1 ctnsnet.com
ipac.ctnsnet.com
369 B
1 mrtnsvr.com
ad.mrtnsvr.com
308 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
633 B
1 uncn.jp
ds.uncn.jp
399 B
1 ad-stir.com
bypass.ad-stir.com
398 B
1 fout.jp
sync.fout.jp
527 B
1 gsspat.jp
rt.gsspat.jp
266 B
1 bluekai.com
stags.bluekai.com
747 B
1 bing.com
c.bing.com
667 B
1 mookie1.com
odr.mookie1.com
641 B
1 media.net
cs.media.net
1 KB
1 fksnk.com
fksnk.com
617 B
1 chocolateplatform.com
cs.chocolateplatform.com
465 B
1 sonobi.com
sync.go.sonobi.com
874 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 7253
346 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1072
554 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1366
35 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1061
225 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1453
674 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 813
940 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 862
592 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 577
738 B
1 contextweb.com
bh.contextweb.com
952 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1634
3 KB
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 977
792 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1091
312 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 822
531 B
1 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 18260
183 B
1 mediago.io
rtb-jp.mediago.io — Cisco Umbrella Rank: 140472
428 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368
1 KB
1 rakuten.co.jp
corp.rakuten.co.jp
1 KB
1 eki-net.com
www.eki-net.com
10 KB
1 flux-cdn.com
flux-cdn.com — Cisco Umbrella Rank: 85043
138 KB
0 hqzbjthk.com Failed
hqzbjthk.com Failed
0 j-league.or.jp Failed
www.j-league.or.jp Failed
371 104
Domain Requested by
39 cm.g.doubleclick.net 19 redirects u.openx.net
eus.rubiconproject.com
googleads.g.doubleclick.net
ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
chatdemaison.jugem.jp
eb2.3lift.com
28 pagead2.googlesyndication.com ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
chatdemaison.jugem.jp
securepubads.g.doubleclick.net
20 static.xx.fbcdn.net www.facebook.com
20 simage2.pubmatic.com 2 redirects ads.pubmatic.com
17 tpc.googlesyndication.com chatdemaison.jugem.jp
ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
cdn.ampproject.org
tpc.googlesyndication.com
securepubads.g.doubleclick.net
17 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
14 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
u.openx.net
eus.rubiconproject.com
ads.pubmatic.com
13 eb2.3lift.com 4 redirects ads.pubmatic.com
flux-cdn.com
eb2.3lift.com
13 platform.twitter.com chatdemaison.jugem.jp
platform.twitter.com
12 s0.2mdn.net chatdemaison.jugem.jp
s0.2mdn.net
11 cs.gssprt.jp 7 redirects ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
10 www.facebook.com connect.facebook.net
10 x.bidswitch.net 9 redirects ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
10 y.one.impact-ad.jp 6 redirects chatdemaison.jugem.jp
10 ib.adnxs.com 5 redirects flux-cdn.com
googleads.g.doubleclick.net
acdn.adnxs.com
9 image2.pubmatic.com ads.pubmatic.com
9 match.adsrvr.org 9 redirects
8 match.prod.bidr.io 8 redirects
6 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
u.openx.net
ads.pubmatic.com
6 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
chatdemaison.jugem.jp
flux-cdn.com
6 img-cdn.jg.jugem.jp chatdemaison.jugem.jp
6 securepubads.g.doubleclick.net chatdemaison.jugem.jp
securepubads.g.doubleclick.net
ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
www.googletagservices.com
5 secure.adnxs.com 5 redirects
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 pixel.tapad.com 4 redirects ads.pubmatic.com
5 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
5 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
5 b1sync.zemanta.com 5 redirects
4 ade.googlesyndication.com
4 gum.criteo.com 2 redirects static.criteo.net
4 googleads4.g.doubleclick.net chatdemaison.jugem.jp
4 googleads.g.doubleclick.net ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
pagead2.googlesyndication.com
4 www.google.com chatdemaison.jugem.jp
ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 u.4dex.io ads.pubmatic.com
eus.rubiconproject.com
chatdemaison.jugem.jp
4 token.rubiconproject.com 4 redirects
4 ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 syndication.twitter.com platform.twitter.com
chatdemaison.jugem.jp
4 ad.as.amanad.adtdp.com flux-cdn.com
4 fastlane.rubiconproject.com flux-cdn.com
4 d.socdm.com flux-cdn.com
4 pb.ladsp.com flux-cdn.com
4 imaging.jugem.jp chatdemaison.jugem.jp
4 chatdemaison.jugem.jp 2 redirects chatdemaison.jugem.jp
3 sync.1rx.io 3 redirects
3 mug.criteo.com chatdemaison.jugem.jp
3 www.googletagservices.com ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
3 ad.turn.com 3 redirects
3 um.simpli.fi 3 redirects
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 us-u.openx.net u.openx.net
ads.pubmatic.com
3 ups.analytics.yahoo.com 3 redirects
3 a.tribalfusion.com 2 redirects ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
3 ads.pubmatic.com chatdemaison.jugem.jp
ads.pubmatic.com
flux-cdn.com
3 a.flux.jp flux-cdn.com
3 www.google-analytics.com chatdemaison.jugem.jp
www.google-analytics.com
3 c.amazon-adsystem.com 1 redirects chatdemaison.jugem.jp
c.amazon-adsystem.com
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 px.owneriq.net 2 redirects
2 cr-p31.ladsp.com 1 redirects chatdemaison.jugem.jp
2 id5-sync.com flux-cdn.com
2 onetag-sys.com 1 redirects ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
2 t.pswec.com 2 redirects
2 match.360yield.com 2 redirects
2 dmp.im-apps.net js.mediams.mb.softbank.jp
dmp.im-apps.net
2 mediamsmbsoftbank.genieesspv.jp chatdemaison.jugem.jp
ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
2 simage4.pubmatic.com ads.pubmatic.com
2 js.mediams.mb.softbank.jp ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
chatdemaison.jugem.jp
2 static.criteo.net flux-cdn.com
static.criteo.net
2 c1.adform.net 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pixel-sync.sitescout.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 thrtle.com 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 cm.adgrx.com 2 redirects
2 match.deepintent.com 1 redirects ads.pubmatic.com
2 px.ads.linkedin.com eus.rubiconproject.com
eb2.3lift.com
2 s.tribalfusion.com 1 redirects ads.pubmatic.com
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 htlb.casalemedia.com flux-cdn.com
2 script.4dex.io flux-cdn.com
script.4dex.io
2 connect.facebook.net chatdemaison.jugem.jp
connect.facebook.net
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 lb.eu-1-id5-sync.com flux-cdn.com
1 ads.playground.xyz 1 redirects
1 synchroscript.deliveryengine.adswizz.com ads.pubmatic.com
1 sync.bfmio.com ads.pubmatic.com
1 crb.kargo.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 mweb.ck.inmobi.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 ad.mrtnsvr.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 ds.uncn.jp 1 redirects
1 g.c.appier.net 1 redirects
1 bypass.ad-stir.com 1 redirects
1 sync.fout.jp ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
1 rt.gsspat.jp 1 redirects
1 stags.bluekai.com 1 redirects
1 c.bing.com eb2.3lift.com
1 odr.mookie1.com 1 redirects
1 audiencedata.im-apps.net dmp.im-apps.net
1 acdn.adnxs.com flux-cdn.com
1 js-sec.indexww.com flux-cdn.com
1 penta.a.one.impact-ad.jp flux-cdn.com
1 r.bidswitch.net 1 redirects
1 sync6.im-apps.net flux-cdn.com
1 ssbsync.smartadserver.com 1 redirects
1 cs.media.net 1 redirects
1 fksnk.com 1 redirects
1 cs.chocolateplatform.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 aep.mxptint.net 1 redirects
1 pixel-us-west.rubiconproject.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 rtb.adentifi.com ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 ums.acuityplatform.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 sync.mathtag.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 p.rfihub.com 1 redirects
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 adservice.google.com securepubads.g.doubleclick.net
1 sync.taboola.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 hbopenbid.pubmatic.com flux-cdn.com
1 tlx.3lift.com flux-cdn.com
1 prebid-asia.creativecdn.com flux-cdn.com
1 bidder.criteo.com flux-cdn.com
1 rtb-jp.mediago.io flux-cdn.com
1 mp.4dex.io flux-cdn.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.jsdelivr.net flux-cdn.com
1 corp.rakuten.co.jp chatdemaison.jugem.jp
1 www.eki-net.com chatdemaison.jugem.jp
1 flux-cdn.com chatdemaison.jugem.jp
0 hqzbjthk.com Failed chatdemaison.jugem.jp
0 www.j-league.or.jp Failed chatdemaison.jugem.jp
371 154
Subject Issuer Validity Valid
flux-cdn.com
Amazon RSA 2048 M02		 2023-02-24 -
2023-12-17		 10 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
imaging.jugem.jp
Amazon RSA 2048 M02		 2023-02-22 -
2024-01-22		 a year crt.sh
www.eki-net.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-18 -
2023-09-19		 a year crt.sh
*.rakuten.co.jp
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-19 -
2023-11-19		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
a.flux.jp
GTS CA 1D4		 2023-06-11 -
2023-09-09		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.ladsp.com
GlobalSign RSA OV SSL CA 2018		 2023-05-16 -
2024-06-16		 a year crt.sh
*.socdm.com
GlobalSign RSA OV SSL CA 2018		 2023-05-31 -
2024-06-30		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-31 -
2023-08-31		 a year crt.sh
*.mediago.io
GlobalSign GCC R3 DV TLS CA 2020		 2023-01-13 -
2024-02-11		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.as.amanad.adtdp.com
Amazon RSA 2048 M02		 2023-02-05 -
2024-03-05		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-31 -
2024-01-30		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-04-08 -
2023-07-07		 3 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
u.4dex.io
GTS CA 1D4		 2023-06-29 -
2023-09-27		 3 months crt.sh
adentifi.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-03		 6 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.mediams.mb.softbank.jp
Cybertrust Japan SureServer CA G4		 2022-12-26 -
2024-01-23		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.genieesspv.jp
GeoTrust TLS RSA CA G1		 2023-03-31 -
2024-04-30		 a year crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-13		 a year crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
a.one.impact-ad.jp
SECOM Passport for Web SR 3.0 CA		 2023-03-27 -
2024-03-31		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
audiencedata.im-apps.net
GTS CA 1D4		 2023-06-08 -
2023-09-06		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-06-02 -
2023-12-02		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
truffle.bid
R3		 2023-05-24 -
2023-08-22		 3 months crt.sh
*.iprom.net
R3		 2023-05-23 -
2023-08-21		 3 months crt.sh
*.app.kargo.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-18		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh

This page contains 79 frames:

Primary Page: http://chatdemaison.jugem.jp/
Frame ID: 8FBC0ACF2B389B818F55AE5D6A2C0E20
Requests: 84 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fchatdemaison.jugem.jp
Frame ID: F7062AC09F3002019F471C8F87899B1D
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_rbd_ox-db5_smrt_n-Outbrain&dcc=t
Frame ID: 4CC977D07369BC15BB1C9830E668065A
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Frame ID: 5CA3715D4AF8599FB28CA8FC1554EF47
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Frame ID: 78EDC61AE4F014091DA1CDD11F851CF4
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Frame ID: 5D7AED1829FB707A581889936F6C0FB4
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Frame ID: 9101438B5C405CA1B4A9DD3263A80503
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Frame ID: 9A5E7FB9469F17E6190FAA0AF1F1A7E3
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Frame ID: 8C61C71C08C4B76B0CEA21E839148D92
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Frame ID: 80053C22C508DDFB5921840DC0604BEC
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Frame ID: 08AD90A9DAF8C4D6317D571CD3F456D1
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Frame ID: 37DB38843FC4BA1BA88A56E450517575
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Frame ID: 0EF1EC357530A8B02551ACB849B8479F
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_ox-db5_smrt_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 68DAB829A0A16D7442E777F381008EF8
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: E8F286E8AB01E3DF958A6C6E5B0732E1
Requests: 21 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 17C3FBE09D65488B4ED9F2D3AA8065E4
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 133CC13F0CB90792AB55524E27C4556F
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1972436629914980997&gdpr=0&gdpr_consent=
Frame ID: 8CD819B465BA12455C0F54EBDFE31068
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 53BF55E1284CFC12F974012F2F4F40DF
Requests: 11 HTTP requests in this frame

Frame: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 48C46458E4A73CDD070C449C3589B371
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJ7xQgAVoRvEcgAn
Frame ID: D5F69BAC9650A64AADE2282AB0EF3E22
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970033164935195368
Frame ID: 055C747D9A4ED988DD2D36BC4765D924
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=36D35827-2FE1-431A-862D-A6ACD80453C3&redir=true&gdpr=0&gdpr_consent=
Frame ID: A2ED9D003194C8BC8652008A98FD151A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABEfU7JPeMAAB_WMUhC8Q&gdpr=0&gdpr_consent=
Frame ID: BEC7E9540A639CBA8B90CE4B1ACC3FAC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e17a649e-f143-4100-97b0-c0acad47afda&gdpr=0&gdpr_consent=
Frame ID: 886FB7754F18C80371DD1F48DAA6D7B7
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: B568838E441260718E00F2A1219594F7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3132452749006503740&gdpr=0&gdpr_consent=
Frame ID: 341FD56839FA0AE5DEBE7409B4FE28C7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ved1qwXiePxOtn38BbdhqADjKKtOsXn-Vutq5KpM
Frame ID: EB8CE7A28C1CE4964CCD12DB8338CA19
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c4141be8-1758-11ee-9144-2b12b7d9247e
Frame ID: 12AB7ED1C2F63C7423144EACA7E1A465
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: ED6189A7FCF57EA4615C0FF59AA297CF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:lIUq4eeT1QffP55&gdpr=0&gdpr_consent=
Frame ID: 34B57B1DA44A2C2C2D980C90A46DFF73
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=36D35827-2FE1-431A-862D-A6ACD80453C3
Frame ID: 885774228347DBD0AA10FABE16F1C36C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vx14wWBVUUhNaK1m_OcDKWAJ-So&gdpr=0&gdpr_consent=
Frame ID: 6024CAAAF93383039B75A645E8D32D7B
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: E6C53B5372F4F356EEB1CF40AD780FF8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=795479655190
Frame ID: AB0A4BB31084D88B0DDC4D0555D8A091
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 949BEF3C6214E8C9F29422036A949C2A
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)36D35827-2FE1-431A-862D-A6ACD80453C3
Frame ID: 66059E0BC4DDE68489B97C3721FB09D5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Frame ID: C1CA3AF0AD8EC0D7287C728184001862
Requests: 3 HTTP requests in this frame

Frame: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 95E5B45447DF1C8C23059A1C20112881
Requests: 22 HTTP requests in this frame

Frame: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2291726ED138CAA294367DCF7AAC6C45
Requests: 22 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032306202201000/amp4ads-v0.mjs
Frame ID: 414FE3E4BBB832709BDEB11777BA62FC
Requests: 13 HTTP requests in this frame

Frame: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EB38FBEF6905F5521DC8375C79DE240A
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0Y09ah5gEwAQ&v=APEucNWdsVFAxDTYST7gefavQZbiAQt9pgq_CYw-OoYQpVccJsK8WSSsT7LSeSWHxfIV59HLwxUrKJGvi5CTarSemQA-ekkNag
Frame ID: CD9BA90E6DEFA3B511222B935B022E46
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0Y_67w5QEwAQ&v=APEucNUfK12kc0NCQVY24MrAmcscAla6C1JtcRDEvt__MgT7iucX1RPWfd56_zV5ZgLS78raY2U0WQPQORmYJ7JCaKGBY575Eg
Frame ID: E033D82DCE25EEA4B1A8BA3A237CB865
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F20CD8CC8E02689FD74F6653723F0B53
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DACD7EEB8FBB3C30E904FB45E70E9F10
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17403406530319944925/35978-1_PG_BRD_HADA_300x250_PR_LM_4_04-2023/index.html?ev=01_250
Frame ID: 22C009A880B17119C4E7F9AFE50A9550
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/828958424189773656/35978-6%20PG%20_BRD%20_PG%20Rebrand%20_%20IT_%20300x250_LM_2__04-2023%20/index.html?ev=01_250
Frame ID: B0457B4154EE363523170B283DA55C1C
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3A1D0EFBEDD5464EEE32586CF3AF4C17
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E735086BC0C124A6FAB89134FF6B124F
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 12A3CC288A66BC4B12E257A02914C7C2
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 95C715ABA65A1FE0870EF0386110B7B7
Requests: 11 HTTP requests in this frame

Frame: https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Frame ID: 561672E215D4D055D810EFD5B3BD673F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5945F01EB294534F7AC4CEED91ED4586
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Frame ID: CCDEE874D379BFAEF061AD8DA976A303
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B9FFEA680F901226F6172E8ABDC990AD
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-f600d383-9265-4771-896b-d6a2bf0ec9e4-005
Frame ID: E345229CBE8CDE45AA7DB7D0272FED6E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=36D35827-2FE1-431A-862D-A6ACD80453C3&gdpr=0&gdpr_consent=
Frame ID: ED967A34ED721259156513D9151DFA4E
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: BA4B6ECDE3CB315F9F88970B46A70CA7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=bbhyJtaZBsKo7u1YRvGeZA
Frame ID: 37CA5E436B67991E196CB9986FB8F217
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=a1e60451-1eab-4c47-aff2-ceb8e95707b5
Frame ID: 78135A97F9BE61EFD2D9A49345DCFB3C
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: DB01244A363174FA8D59B630476946C4
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: A4DDE39186F107CBBE5537E59F172FBF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7414244541546166342
Frame ID: F389ABB39939E9925C45C48AE43B2AB1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0A77C99E046A4F0186A413477C1A3C36&gdpr=0&gdpr_consent=
Frame ID: B99C3CECF8E821AAB7F8F2EB73226CF5
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fchatdemaison.jugem.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 506CE883C62A38842136B7B4259D5811
Requests: 10 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df8762405fb863%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D706&layout=button_count&locale=ja_JP&sdk=joey&width=110
Frame ID: 9F3F1852E584180E3C0AE1A7DEB19768
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df124239f2f12b24%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D705&layout=button_count&locale=ja_JP&sdk=joey&width=110
Frame ID: DC2A216EAAE4190D896092699A127ED0
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1775fe570a7c%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D704&layout=button_count&locale=ja_JP&sdk=joey&width=110
Frame ID: 4B6D2D883A218CA0A4A2AFDF5B4048B4
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30d691bb07cc84%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D703&layout=button_count&locale=ja_JP&sdk=joey&width=110
Frame ID: 15940E71DF1FA3615F361804AAE240AB
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ad93dd3a55c6c%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D702&layout=button_count&locale=ja_JP&sdk=joey&width=110
Frame ID: 933D693685711F9BB5B3393E5F2C030A
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36fb00686e192%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D701&layout=button_count&locale=ja_JP&sdk=joey&width=110
Frame ID: 8305F5E5AE4B96684249DBCF18F9E486
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5d4a042aeaeac%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D700&layout=button_count&locale=ja_JP&sdk=joey&width=110
Frame ID: 670E6D9164F1E72F564A41684230D38A
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b8482fc6d099%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D699&layout=button_count&locale=ja_JP&sdk=joey&width=110
Frame ID: CFC744639BB1C93AAA4BC77C6E66E0D3
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28d5c168edc7e8%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D698&layout=button_count&locale=ja_JP&sdk=joey&width=110
Frame ID: 44DFE06AC34B34F2E7E337FDE18B50AF
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df99c8b9299358%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D697&layout=button_count&locale=ja_JP&sdk=joey&width=110
Frame ID: FA8092C2C54C0C7D98E1BCF111974717
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=chatdemaison.jugem.jp
Frame ID: 5654121AAB8CECE063B24DB7CD12F9FE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CEDF107783AB45F8CD1865EA611B04F7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 40B5C5A2A8D72764EF589F59BF217CBB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

chocolat et cacao

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

371
Requests

71 %
HTTPS

25 %
IPv6

104
Domains

154
Subdomains

92
IPs

8
Countries

3537 kB
Transfer

11140 kB
Size

196
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://chatdemaison.jugem.jp/template/js/cookie.js HTTP 301
  • http://imaging.jugem.jp/template/js/cookie.js
Request Chain 5
  • http://chatdemaison.jugem.jp/template/banner/powered_07b.gif HTTP 301
  • http://imaging.jugem.jp/template/banner/powered_07b.gif
Request Chain 13
  • http://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
  • https://c.amazon-adsystem.com/aax2/apstag.js
Request Chain 14
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 23
  • http://connect.facebook.net/ja_JP/sdk.js HTTP 307
  • https://connect.facebook.net/ja_JP/sdk.js
Request Chain 51
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=127824&cb=31502514656&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=52c4f3166a23e5b&tid=014241c9-65cd-4be2-802b-4c5b76782557&uc=div-gpt-ad-1621995771513-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250 HTTP 302
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127824&cb=31502514656&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=52c4f3166a23e5b&tid=014241c9-65cd-4be2-802b-4c5b76782557&uc=div-gpt-ad-1621995771513-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Request Chain 52
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=127823&cb=16834801967&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=53300798f8f4953&tid=e58f1e72-85d4-4fe6-a415-40cfabaf5dde&uc=div-gpt-ad-1621995717528-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250 HTTP 302
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127823&cb=16834801967&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=53300798f8f4953&tid=e58f1e72-85d4-4fe6-a415-40cfabaf5dde&uc=div-gpt-ad-1621995717528-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Request Chain 53
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=127826&cb=69109485080&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=54be43c6956e64e&tid=3556f33a-2bbe-460d-ae22-c912eab17d3c&uc=div-gpt-ad-1621996027683-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250 HTTP 302
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127826&cb=69109485080&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=54be43c6956e64e&tid=3556f33a-2bbe-460d-ae22-c912eab17d3c&uc=div-gpt-ad-1621996027683-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Request Chain 54
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=127825&cb=72780312673&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=55213fc15ef7b07&tid=fe1519f2-c45c-4ad0-86af-75993b60ae0f&uc=div-gpt-ad-1621995812598-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250 HTTP 302
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127825&cb=72780312673&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=55213fc15ef7b07&tid=fe1519f2-c45c-4ad0-86af-75993b60ae0f&uc=div-gpt-ad-1621995812598-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Request Chain 60
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_rbd_ox-db5_smrt_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_rbd_ox-db5_smrt_n-Outbrain&dcc=t
Request Chain 80
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=cfa09e45
Request Chain 81
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=FWUOh2yxJBqQy64WHcGh
Request Chain 84
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 85
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 87
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1972436629914980997&gdpr=0&gdpr_consent=
Request Chain 95
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZJ7xQk02Xe7iQfYlVmIdzwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENsjS3kB2r8flA9uiVNs3qc&google_cver=1
Request Chain 96
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZJ7xQk02Xe7iQfYlVmIdzwAABScAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZJ7xQk02Xe7iQfYlVmIdzwAABScAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJjoftrPni4s_BTY0xOOqyw&google_cver=1
Request Chain 98
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f1d34261-a1bf-4d8c-944a-92124c8c5995&expiration=1690730050&gdpr=0&gdpr_consent=
Request Chain 99
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD9uk7JPeMAACFwFW9-jw&expiration=1689347650
Request Chain 100
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZJ7xQk02Xe7iQfYlVmIdzwAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZJ7xQk02Xe7iQfYlVmIdzwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662096371634216
Request Chain 101
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZJ7xQk02Xe7iQfYlVmIdzwAA%261319&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=8c327656-2dd3-47b5-8cb5-b56b175dbdc9-tuctb9876c2
Request Chain 102
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZJ7xQk02Xe7iQfYlVmIdzwAABScAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZJ7xQk02Xe7iQfYlVmIdzwAABScAAAIB
Request Chain 107
  • https://match.adsrvr.org/track/cmf/openx?oxid=fb81b3a0-c67d-3ece-67c4-9c788dcba373&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=fb81b3a0-c67d-3ece-67c4-9c788dcba373&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=f1d34261-a1bf-4d8c-944a-92124c8c5995&ttd_puid=fb81b3a0-c67d-3ece-67c4-9c788dcba373&gdpr=0&gdpr_consent=
Request Chain 109
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPWUcrIPu9QLCHpnyPYe_8k&google_cver=1
Request Chain 118
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LJIPT34R-O-GL8V HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LJIPT34R-O-GL8V&ex=d-rubiconproject.com&status=ok
Request Chain 119
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJIPT34R-O-GL8V
Request Chain 120
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/1J17lynmm2JC2M-eJlnqgw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4LyHbNtE2oJVj_v3M4fjaiCwsMlfD5QSlN0ewg--~A
Request Chain 121
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFKLTxwgsxRa93M5yOC0pLY&google_cver=1
Request Chain 122
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEpJUFQzNFItTy1HTDhW HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENqQKkM8QbFfDyHStyPQN6E&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpJUFQzNFItTy1HTDhW&google_push=
Request Chain 124
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODE5NmY1MGVmZmY4OTcyNzAyYTg2YzhlYWIwMTkxZjQ4Y2QyODgyMQ
Request Chain 125
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=4C82EdxIR0-cUejyE0E-gw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4C82EdxIR0-cUejyE0E-gw
Request Chain 126
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://match.adsrvr.org/track/cmb/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f1d34261-a1bf-4d8c-944a-92124c8c5995&gdpr=0&gdpr_consent=&expires=30
Request Chain 127
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJ7xQgAVoRvEcgAn
Request Chain 128
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970033164935195368
Request Chain 130
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCRWZVN0pQZU1BQUJfV01VaEM4UQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABEfU7JPeMAAB_WMUhC8Q&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABEfU7JPeMAAB_WMUhC8Q&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABEfU7JPeMAAB_WMUhC8Q&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABEfU7JPeMAAB_WMUhC8Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=1972436629914980997&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABEfU7JPeMAAB_WMUhC8Q&gdpr=0&gdpr_consent=
Request Chain 131
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e17a649e-f143-4100-97b0-c0acad47afda&gdpr=0&gdpr_consent=
Request Chain 133
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3132452749006503740&gdpr=0&gdpr_consent=
Request Chain 134
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ved1qwXiePxOtn38BbdhqADjKKtOsXn-Vutq5KpM
Request Chain 135
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c4141be8-1758-11ee-9144-2b12b7d9247e
Request Chain 137
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:lIUq4eeT1QffP55&gdpr=0&gdpr_consent=
Request Chain 138
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=14745fb5-8602-49c8-9ed0-f91e533d12b1&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=36D35827-2FE1-431A-862D-A6ACD80453C3
Request Chain 139
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vx14wWBVUUhNaK1m_OcDKWAJ-So&gdpr=0&gdpr_consent=
Request Chain 140
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 141
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=795479655190
Request Chain 142
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 144
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NtNYJy_hQxqGLaas2ARTww%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 145
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=36D35827-2FE1-431A-862D-A6ACD80453C3 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=36D35827-2FE1-431A-862D-A6ACD80453C3 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=7ff2cb5c-a4b8-416a-ba9c-bccf9df3df25%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f1d34261-a1bf-4d8c-944a-92124c8c5995&ttd_puid=7ff2cb5c-a4b8-416a-ba9c-bccf9df3df25%2C%2C
Request Chain 146
  • https://eb2.3lift.com/xuid?mid=7976&xuid=36D35827-2FE1-431A-862D-A6ACD80453C3&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=36D35827-2FE1-431A-862D-A6ACD80453C3&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Request Chain 147
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=36D35827-2FE1-431A-862D-A6ACD80453C3&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=36D35827-2FE1-431A-862D-A6ACD80453C3&vxii_pid=12&vxii_pid1=10067&vxii_rcid=d511eb3b-ce1b-4aaf-8715-4abf4b65abaa
Request Chain 148
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzZEMzU4MjctMkZFMS00MzFBLTg2MkQtQTZBQ0Q4MDQ1M0Mz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 149
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMyPyxcUmY7JR4Fj0T-EUj0&google_cver=1
Request Chain 150
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0A77C99E046A4F0186A413477C1A3C36
Request Chain 151
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7427183075023782322&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 152
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f1d34261-a1bf-4d8c-944a-92124c8c5995&gdpr=0&gdpr_consent=
Request Chain 153
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=36D35827-2FE1-431A-862D-A6ACD80453C3&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-BZDaYAxE2uWvYXF4SPKWZWYxP1bl1TM-~A&gdpr=0
Request Chain 155
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=36D35827-2FE1-431A-862D-A6ACD80453C3&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=135bb40446ab04e5&is_secure=true&networkId=17100&version=1&nuid=36D35827-2FE1-431A-862D-A6ACD80453C3&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHs8gHBOXKUgNl1DwqAAAAAAA&expiration=1688224451&nuid=36D35827-2FE1-431A-862D-A6ACD80453C3&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 157
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1bb623d7-9252-403a-b591-03c55dc5a4e5&gdpr=0&gdpr_consent=
Request Chain 158
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=dbd0bf58-358f-461b-a20a-84d8457d6734&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_303ff47e-f082-42f1-af5e-823041c8a5b0&bsw_param=dbd0bf58-358f-461b-a20a-84d8457d6734&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=dbd0bf58-358f-461b-a20a-84d8457d6734&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 159
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=5f24a635-74e4-4a3c-8186-629336b9a86e-649ef142-5553&gdpr=0&gdpr_consent=
Request Chain 160
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33646_10515B1F9_59136952&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 161
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6024546099386426311
Request Chain 162
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Request Chain 166
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LJIPT34R-O-GL8V HTTP 302
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LJIPT34R-O-GL8V
Request Chain 181
  • https://ups.analytics.yahoo.com/ups/58675/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://u.4dex.io/setuid?bidder=yahoo&uid=y-QS5WvNZE2uFFhhbRMJR1D1_v9CpcM1ZbAfGaKx0-~A&gdpr=0
Request Chain 201
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsjS3kB2r8flA9uiVNs3qc&google_cver=1
Request Chain 202
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJ7xQk02Xe7iQfYlVmIdzwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsjS3kB2r8flA9uiVNs3qc&google_cver=1
Request Chain 203
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJVTTIFZiPBpPGBw9igZR2I&google_cver=1
Request Chain 204
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzEzMjQ1Mjc0OTAwNjUwMzc0MA%3D%3D
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsjS3kB2r8flA9uiVNs3qc&google_cver=1
Request Chain 206
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJ7xQk02Xe7iQfYlVmIdzwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsjS3kB2r8flA9uiVNs3qc&google_cver=1
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJVTTIFZiPBpPGBw9igZR2I&google_cver=1
Request Chain 208
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzEzMjQ1Mjc0OTAwNjUwMzc0MA%3D%3D
Request Chain 219
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D HTTP 302
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=ZJ7xQk02Xe7iQfYlVmIdzwAABScAAAIB
Request Chain 235
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEENlR4-apw2f36qP2WG0YvE&google_cver=1&google_push=AaAOQGFJQaXbjmeWjmbHV5-XCTRa8ZcA5MunJTsRr_u5PiiQoasi3o8uPwNQJ5ypRvc7VzWfdEknYuLw8L1U-PaXoqwfjJ9MCsXf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AaAOQGFJQaXbjmeWjmbHV5-XCTRa8ZcA5MunJTsRr_u5PiiQoasi3o8uPwNQJ5ypRvc7VzWfdEknYuLw8L1U-PaXoqwfjJ9MCsXf&google_hm=UjMzNjQ2XzEwNTE1QjFGOV81OTEzNjk1Mg%3D%3D
Request Chain 236
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAaAOQGGmYwl6oM-T33jh242xJBJgbgeWriCWP1Db_409CcWFfb8Cmt-6Budl4wfiHkpqqGPAbhb-z9J0kMi3MSbQ9DQHAsVXn9oW%26google_hm%3D%5BUID%5D&google_gid=CAESEBTK5xJ5uWO5QoHipf6cj14&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AaAOQGGmYwl6oM-T33jh242xJBJgbgeWriCWP1Db_409CcWFfb8Cmt-6Budl4wfiHkpqqGPAbhb-z9J0kMi3MSbQ9DQHAsVXn9oW&google_hm=2623dc68-b067-487f-b61b-7ed856e821c4
Request Chain 237
  • https://match.360yield.com/match/ebda?google_gid=CAESEFS9ifJRLhQdhYrQW451JFs&google_cver=1&google_push=AaAOQGENgw8rya8B5keMUbw9I92KO68gWbqFuCg8TfzGMTpkU4ZJUKWA_acPfjKeiNJOkX8irFZlfMyTKUTgEG_6amPtLOqsY94 HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEFS9ifJRLhQdhYrQW451JFs&google_cver=1&google_push=AaAOQGENgw8rya8B5keMUbw9I92KO68gWbqFuCg8TfzGMTpkU4ZJUKWA_acPfjKeiNJOkX8irFZlfMyTKUTgEG_6amPtLOqsY94 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=_k_rorS8TDWyCUiyfnDDiQ&google_push=AaAOQGENgw8rya8B5keMUbw9I92KO68gWbqFuCg8TfzGMTpkU4ZJUKWA_acPfjKeiNJOkX8irFZlfMyTKUTgEG_6amPtLOqsY94
Request Chain 238
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEEKfYEUAtLAgqhU7UaAvR-4&google_cver=1&google_push=AaAOQGGDcNJFXrTv8nMsYtUIqqM0GZS0Xy6ec15HaW2WTCpwkLW10ALQzlokG9v067i-qyGqZk6DmLstPXOB1u8a5eSXNcgTgGzK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=&google_push=AaAOQGGDcNJFXrTv8nMsYtUIqqM0GZS0Xy6ec15HaW2WTCpwkLW10ALQzlokG9v067i-qyGqZk6DmLstPXOB1u8a5eSXNcgTgGzK
Request Chain 239
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEHRZi766kQ-vn360pDKbxOE&google_cver=1&google_push=AaAOQGGjwSa7RbVExgHD6BjiHh4FejG7RsXAPQT9lY2em2Wq7NYZZTHNa8-j758LwlBQQkVeWppDPyVAqpb7p7gkK-mu7dGaDMSKkA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AaAOQGGjwSa7RbVExgHD6BjiHh4FejG7RsXAPQT9lY2em2Wq7NYZZTHNa8-j758LwlBQQkVeWppDPyVAqpb7p7gkK-mu7dGaDMSKkA&google_hm=RldVT2gyeXhKQnFReTY0V0hjR2g=
Request Chain 240
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJ1QLAfruQw9JPYPWKn9fx0&google_cver=1&google_push=AaAOQGHVk0eF0j-hWUxktTt1Cg0hVjlvmdFHXFfR2-_d5zk_Y4v8_qzXTUccEhUGeDJLsffxS_O9qP2EyvE0uPFgkoQA2uMt_1VY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzEzMjQ1Mjc0OTAwNjUwMzc0MA%3D%3D&google_gid=CAESEJ1QLAfruQw9JPYPWKn9fx0&google_cver=1&google_push=AaAOQGHVk0eF0j-hWUxktTt1Cg0hVjlvmdFHXFfR2-_d5zk_Y4v8_qzXTUccEhUGeDJLsffxS_O9qP2EyvE0uPFgkoQA2uMt_1VY
Request Chain 242
  • https://fksnk.com/cs/google?google_gid=CAESELlUElM9H-blsYlr5Rlnyik&google_cver=1&google_push=AaAOQGEfzuD_SXxMhHClaHOk3mplVPnmibawSZapmXv8fND-YlOamVwjvjeyg7Uxey9Fvel4uNxxKp9L3dIAkCM4JOnCQzMbF8E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUYzRjZDNEM0MDk1QURBMA==
Request Chain 243
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPEMCAcLTkygVqx_MF2tpV4&google_cver=1&google_push=AaAOQGGXqbcxr9aP0H7sbtD92-VyCs-Wjon_ymmmU5OVjR0zxQ20g7DKiBPfnYNy-lC9hNkigcqS5LJnvdOqiSJjCyrz3UpPC_t1 HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=google&bsw_user_id=dbd0bf58-358f-461b-a20a-84d8457d6734 HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=google&bsw_user_id=dbd0bf58-358f-461b-a20a-84d8457d6734 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=e2c9856e-2b0c-41eb-88fc-6a7224c7a5d8&expires=3&user_group=1&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGXqbcxr9aP0H7sbtD92-VyCs-Wjon_ymmmU5OVjR0zxQ20g7DKiBPfnYNy-lC9hNkigcqS5LJnvdOqiSJjCyrz3UpPC_t1&google_hm=29C_WDWPRhuiCoTYRX1nNA==
Request Chain 244
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAdAm0dfv8F7qy3Nr_Vr7wg&google_cver=1&google_push=AaAOQGEJ8SOsMluKB28I6gjpByZLg82NkDQRziAi_raNKXgYHXvbeBu0dlVjDZN0ynMDbJ9Dh4QgzmmIb4gkyD8HNkICKoCoY9c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUzMjQzNTIzNjI4OTI0ODk0NDMzNA%3D%3D&google_push=AaAOQGEJ8SOsMluKB28I6gjpByZLg82NkDQRziAi_raNKXgYHXvbeBu0dlVjDZN0ynMDbJ9Dh4QgzmmIb4gkyD8HNkICKoCoY9c
Request Chain 245
  • https://cs.media.net/cksync?type=g&google_gid=CAESEL0mPs_0p5Pc7Mz44NDSIqs&google_cver=1&google_push=AaAOQGH2NnrsspnYvYjFB3j87YTjkwIsh8xZyKT6PUIwto-ZYBzpQjBNgKtoCOxBWAh0djOCU5mdU0ThnQ_DRNcyWBnfvoT83dk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMxMTM5NjUzNjYzNDY2MjAwMFYxMA%3d%3d&mn_hm=MzMxMTM5NjUzNjYzNDY2MjAwMFYxMA%3d%3d&google_sc=1&google_push=AaAOQGH2NnrsspnYvYjFB3j87YTjkwIsh8xZyKT6PUIwto-ZYBzpQjBNgKtoCOxBWAh0djOCU5mdU0ThnQ_DRNcyWBnfvoT83dk&gdpr=&gdpr_consent=
Request Chain 246
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEAAl8yyydDhE3I9ZykoZwIY&google_cver=1&google_push=AaAOQGGeihPlQ4p9bpfKiy4lV4xLlA5-Q8PuEsFstxUiDeXTWuhvLzmP8M3MmQPqRl1dhyBOk27u2fpQzpFrUuNyrnlNUXRgPIM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AaAOQGGeihPlQ4p9bpfKiy4lV4xLlA5-Q8PuEsFstxUiDeXTWuhvLzmP8M3MmQPqRl1dhyBOk27u2fpQzpFrUuNyrnlNUXRgPIM&google_hm=MTk3MjQzNjYyOTkxNDk4MDk5Nw%3D%3D
Request Chain 247
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEP7ceb2SeGayb7VZgrLEhmY&google_cver=1&google_push=AaAOQGFqXNhs-nkTMBvP-69z_r3lyeGichRQsRP1Ch8SzxbUZQR9w8Wk5zPfGLMeg3FN6pb_S3SekfvQQdg4nyRJJ6o6d_GjdRrJFQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiQzed9f8nG2Z9NCbwXiHu1CfJ40g5VNe8w&google_push=AaAOQGFqXNhs-nkTMBvP-69z_r3lyeGichRQsRP1Ch8SzxbUZQR9w8Wk5zPfGLMeg3FN6pb_S3SekfvQQdg4nyRJJ6o6d_GjdRrJFQ HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 248
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJ1QLAfruQw9JPYPWKn9fx0&google_cver=1&google_push=AaAOQGE7Mqb7zcHI21MegtQ3Ee6XnakY8CMWTcqkBSzjMp2XTg_r16RviC2dR7N91Bt3Gpyvyerv6wDb0skyGm-YEODV_VvPNqGKGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzEzMjQ1Mjc0OTAwNjUwMzc0MA%3D%3D&google_gid=CAESEJ1QLAfruQw9JPYPWKn9fx0&google_cver=1&google_push=AaAOQGE7Mqb7zcHI21MegtQ3Ee6XnakY8CMWTcqkBSzjMp2XTg_r16RviC2dR7N91Bt3Gpyvyerv6wDb0skyGm-YEODV_VvPNqGKGQ
Request Chain 258
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fchatdemaison.jugem.jp%2F&domain=chatdemaison.jugem.jp&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=mSwNOHx3TjZhRFZnekg2WFo3OEMyZ1R0NGJKVWQwRTcwZ2pvYThKWlUwZlJwaGg2cU1Ic3JhVUhPOFEvVWluTHBMdzI5OG1MWlFEclFQYjRVaUMvT2NDVEt6VHJHd1AzSklsUjJGT01GR1RGcDFnT2hDaWtLZmd5cWR4TStONzBRNXViUjYyelNZQlFSR29wRW1laCtRTjQ1WS9IRy85YVFiTmJqOFJyNEcxUWtWS0ZyaFRwVkpyemVkMWZHcGlNTlEvNno5eEh2YlExTFdBcERncTl0Qit4MG5BTVF4ejNnZkVIelpuK3N5elZvQmZSMFJpRTdGYWZyM3lta1NkWUt5NGRBfA&cppv=2
Request Chain 263
  • https://y.one.impact-ad.jp/push_sync HTTP 302
  • https://x.bidswitch.net/sync?ssp=yieldone&bsw=85ec7d62-0f7d-4ad9-ab9c-dda930d08817 HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=yieldone&bsw_custom_parameter=dbd0bf58-358f-461b-a20a-84d8457d6734 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=dbd0bf58-358f-461b-a20a-84d8457d6734&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dyieldone%26bsw_param%3Ddbd0bf58-358f-461b-a20a-84d8457d6734 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D7ff2cb5c-a4b8-416a-ba9c-bccf9df3df25%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Dyieldone%252526bsw_param%25253Ddbd0bf58-358f-461b-a20a-84d8457d6734%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3132452749006503740&pt=7ff2cb5c-a4b8-416a-ba9c-bccf9df3df25%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dyieldone%2526bsw_param%253Ddbd0bf58-358f-461b-a20a-84d8457d6734%2C HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=yieldone&bsw_param=dbd0bf58-358f-461b-a20a-84d8457d6734 HTTP 302
  • https://y.one.impact-ad.jp/cs?d=105&uid=dbd0bf58-358f-461b-a20a-84d8457d6734&tg=1&et=30&r=no&bsw_dsp_id=&bsw_dsp_uuid= HTTP 302
  • https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Request Chain 267
  • https://cr-p31.ladsp.com/cookiesender/31 HTTP 302
  • https://cr-p31.ladsp.com/cookiesender/31?cr=true
Request Chain 272
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=f1d34261-a1bf-4d8c-944a-92124c8c5995&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 273
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUzMjQzNTIzNjI4OTI0ODk0NDMzNA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 274
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBBEvxlq0VZetFY9b83OU5M&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 275
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUzMjQzNTIzNjI4OTI0ODk0NDMzNA%3D%3D
Request Chain 277
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4532435236289248944334&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=dbd0bf58-358f-461b-a20a-84d8457d6734&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10609777035710782546&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=dbd0bf58-358f-461b-a20a-84d8457d6734&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 279
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4532435236289248944334?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-8.jwEEdE2oSOM6eFo4bXhln70C03bw1.sQJcEgFXhg--~A&dongle=0883
Request Chain 280
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=FWUOh2yxJBqQy64WHcGh&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5IZLVKT3IGJ4XQSSCOFIXSNRUK5EGGR3I&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5IZLVKT3IGJ4XQSSCOFIXSNRUK5EGGR3I HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=FWUOh2yxJBqQy64WHcGh
Request Chain 281
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3132452749006503740&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 287
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=16 HTTP 302
  • https://rt.gsspat.jp/lcs?lamp_sc=aladdin HTTP 302
  • https://cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=8aaf305a6270e969fa9405517091a44a
Request Chain 288
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=freakout&format=gif&vid=16 HTTP 302
  • https://sync.fout.jp/sync?xid=geniee
Request Chain 289
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=motionbeat2&format=gif&vid=16 HTTP 302
  • https://bypass.ad-stir.com/push_sync?xid=12345 HTTP 302
  • https://cs.gssprt.jp/yie/ld/cs?dspid=motionbeat2&uid=49e6e190-868e-49e8-afd9-a3ca55e41138
Request Chain 290
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=16 HTTP 302
  • https://g.c.appier.net/ge HTTP 302
  • https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=k9oo0n3-DfaP3WoQR_GeZA
Request Chain 291
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=bswit&format=gif&vid=16 HTTP 302
  • https://x.bidswitch.net/sync?ssp=geniee
Request Chain 292
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=rtbhouse&format=gif&vid=16 HTTP 302
  • https://mediamsmbsoftbank.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybA6z4S6T72ja2yR0ekeWTHtZRkngG5B5z_8x9OBGWlYFRMomzINXNCR8jzoL-mFuuzg&format=gif
Request Chain 293
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=unicorn&format=gif&vid=16 HTTP 302
  • https://ds.uncn.jp/geniee/0/sync_push HTTP 302
  • https://cs.gssprt.jp/yie/ld/cs?dspid=unicorn&uid=v_9631e276-ba06-44f0-9eeb-259e61fd4ec7
Request Chain 296
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1688138054512 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6795769835 HTTP 302
  • https://sync.1rx.io/usersync/turn/7427183075023782322?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f600d383-9265-4771-896b-d6a2bf0ec9e4-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-f600d383-9265-4771-896b-d6a2bf0ec9e4-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-f600d383-9265-4771-896b-d6a2bf0ec9e4-005
Request Chain 297
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=36D35827-2FE1-431A-862D-A6ACD80453C3&gdpr=0&gdpr_consent=
Request Chain 299
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=bbhyJtaZBsKo7u1YRvGeZA
Request Chain 300
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=a1e60451-1eab-4c47-aff2-ceb8e95707b5
Request Chain 303
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7414244541546166342&uid=Q7414244541546166342&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7414244541546166342
Request Chain 304
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0A77C99E046A4F0186A413477C1A3C36&gdpr=0&gdpr_consent=
Request Chain 309
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3132452749006503740
Request Chain 323
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3132452749006503740
Request Chain 324
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7427183075023782322
Request Chain 325
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZJ7xQgAVoRvEcgAn
Request Chain 326
  • https://match.deepintent.com/usersync/113 HTTP 303
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_e45526db2ada48ea80fba
Request Chain 327
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0A77C99E046A4F0186A413477C1A3C36
Request Chain 328
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=0cacf892-56f9-59ab-904318f8
Request Chain 329
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=abcb76c9-4ae9-40b4-9643-05375f79b776&expiration=1719760454
Request Chain 350
  • http://www.google-analytics.com/collect?v=1&_v=j101&a=1301269030&t=timing&_s=2&dl=http%3A%2F%2Fchatdemaison.jugem.jp%2F&ul=en-us&de=EUC-JP&dt=chocolat%20et%20cacao&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=12469&pdt=184&dns=1591&rrt=13&srt=185&tcp=1512&dit=5208&clt=5208&_gst=3810&_gbt=5712&_u=YGBACAABBAAAAC~&jid=&gjid=&cid=516528138.1688138049&tid=UA-26106898-2&_gid=1075648414.1688138049&cd1=0&cd2=none&cd3=none&cd8=none&cd9=none&cd10=none&z=1743020275 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j101&a=1301269030&t=timing&_s=2&dl=http%3A%2F%2Fchatdemaison.jugem.jp%2F&ul=en-us&de=EUC-JP&dt=chocolat%20et%20cacao&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=12469&pdt=184&dns=1591&rrt=13&srt=185&tcp=1512&dit=5208&clt=5208&_gst=3810&_gbt=5712&_u=YGBACAABBAAAAC~&jid=&gjid=&cid=516528138.1688138049&tid=UA-26106898-2&_gid=1075648414.1688138049&cd1=0&cd2=none&cd3=none&cd8=none&cd9=none&cd10=none&z=1743020275
Request Chain 353
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=jugem.jp&sn=ChromeSyncframe&so=3&topUrl=chatdemaison.jugem.jp&bundle=x_Lpp19TJTJCallQT1JJamZFWjVic0V1NEUxZ290UnppM1ZialFjeFpSMlRWT2ZFVTRoWnBhMExycEhLVjZYZnk4RXR1MEs1UVBLUVBFMXNtdm5BcVFDNWQ0S2JYTDk1dEVVJTJCN2VGYkFObmQ3NW5HdGM0Y0JISkY5UWtEMEExTDlTMGU1NFI&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=8FXYknxzQWVDQ3Q0MG1uMHlORUFjNFIzajdIdk50dXpSUU5hTUdhWDBVQ2RmTzFGMkpOTklhbmhjMkVkcmZuTjU1Umh4eUxvaFJtdDBMblRTQndMbnFjL3d4RGVONWIyaVkzSVRQcFlKWEdsR0dhVjdCbUVKU3hUcTBJakJyK0M1VlJ4WHdjMWxDUkxsemFOb2tQUDhxUXVmYkhmVTJMc2JLUllab2EwR0NvVHhQS3NCdWo0SURGcEVPaTdMNlprSVhvcGcwaTlDaFVGWStoejU2elV3ZzdweVlaMzlGVkVsMW1jcEFPM1ltelltYVpQWXg1bTlROEZMcEFqK1JBZEptZ2FhbGVYanAvZlJwQWpET3BDQ3YxQ3U1QT09fA&cppv=2

371 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
chatdemaison.jugem.jp/ 		79 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://chatdemaison.jugem.jp/
Protocol
HTTP/1.1
Server
18.176.200.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-176-200-96.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
390241a579c77db57aa1ee8643977a27ecb49593dbdf6655b6575f5e34d05098

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=180
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 30 Jun 2023 15:14:06 GMT
ETag
W/"6499b49b-13da9"
Expires
Fri, 30 Jun 2023 15:17:06 GMT
Last-Modified
Mon, 26 Jun 2023 15:54:03 GMT
Server
nginx/1.18.0
Transfer-Encoding
chunked
jm_style.css
chatdemaison.jugem.jp/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://chatdemaison.jugem.jp/jm_style.css
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
HTTP/1.1
Server
18.176.200.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-176-200-96.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
b5baa11b1c8d5149380a62d1be9081467b557b3e56377585937040cb168abf27

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 15:14:06 GMT
Last-Modified
Sun, 25 Jun 2023 10:02:53 GMT
Server
nginx/1.18.0
ETag
"649810cd-11ac"
Content-Type
text/css
Cache-Control
max-age=180
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4524
Expires
Fri, 30 Jun 2023 15:17:06 GMT
cookie.js
imaging.jugem.jp/template/js/
Redirect Chain
  • http://chatdemaison.jugem.jp/template/js/cookie.js
  • http://imaging.jugem.jp/template/js/cookie.js
1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://imaging.jugem.jp/template/js/cookie.js
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
HTTP/1.1
Server
2600:9000:202c:1000:13:9454:1700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c8dfc8418f7c2ae54a0eca38c5c633ea887b3760f7ebd67a886b08d35fdeb76

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 10:39:50 GMT
Via
1.1 57a894c75d329d29ecabaa7a88eb80a4.cloudfront.net (CloudFront)
Last-Modified
Thu, 29 May 2014 11:02:55 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:501/gname:staff/uname:usr0600238/gid:20/mode:33188/mtime:1401342085/atime:1401358797/ctime:1401342085
X-Amz-Cf-Pop
EWR52-C2
Age
16480
ETag
"2b15afa92ef73b696f7b007214887c56"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1283
X-Amz-Cf-Id
4lzK8vdfo1zFHmOAcG1NVUZf6PT_ZJC5nMHD13BgdjHeHGuG0E9OCw==

Redirect headers

Location
http://imaging.jugem.jp/template/js/cookie.js
Date
Fri, 30 Jun 2023 15:14:07 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
169
Content-Type
text/html
jugem.min.js
flux-cdn.com/client/mediano/ 		566 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flux-cdn.com/client/mediano/jugem.min.js
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-55.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74f8eb7d67a652edd85f6135dbd1e34f98fba512937982a8f35d353396598736

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
sW.PQdpP.3IcM_D.6JWa_QZW5xG4OZDh
content-encoding
br
via
1.1 c2439c5d69ec72a2ab666c2eba104244.cloudfront.net (CloudFront)
date
Fri, 30 Jun 2023 15:11:22 GMT
last-modified
Thu, 15 Jun 2023 10:09:20 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P8
age
210
x-amz-server-side-encryption
AES256
etag
W/"a3d41464b4bfd50b300012a37a2d08d0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
m18ykXTrvZkH_qaHDkr65iIMkF6DH0yEiaGM1ZddIlZXRDi7U6zurA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
130eccd4d5ae996edc72799bd669fd98a916bb759c56d59079efe1cc5e6edb3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25863
x-xss-protection
0
server
cafe
etag
526 / 19538 / 31075744 / config-hash: 327100832698525116
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 30 Jun 2023 15:14:06 GMT
fctokyo.js
www.j-league.or.jp/tool/2010/blogparts/js/ 		0
0
powered_07b.gif
imaging.jugem.jp/template/banner/
Redirect Chain
  • http://chatdemaison.jugem.jp/template/banner/powered_07b.gif
  • http://imaging.jugem.jp/template/banner/powered_07b.gif
922 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imaging.jugem.jp/template/banner/powered_07b.gif
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
HTTP/1.1
Server
2600:9000:202c:1000:13:9454:1700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f8e40bd3a36f2f63ab7297027275d974d62f836330f41fcce186f825ddfc9db

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 13:43:01 GMT
Via
1.1 d873eb6ebbb9da58c373c3c3b1843e76.cloudfront.net (CloudFront)
Last-Modified
Thu, 29 May 2014 11:01:20 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:501/gname:staff/uname:usr0600238/gid:20/mode:33188/mtime:1401342085/atime:1401358797/ctime:1401342085
X-Amz-Cf-Pop
EWR52-C2
Age
7613
ETag
"13e972a569efbe84c738813001ff5c32"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
922
X-Amz-Cf-Id
8rl3n3fBBXDFKPktRxZPtN0418OiS_-9dHQYqPVA4r727TGkIyKHjw==

Redirect headers

Location
http://imaging.jugem.jp/template/banner/powered_07b.gif
Date
Fri, 30 Jun 2023 15:14:07 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
169
Content-Type
text/html
userblog_jugem_bnr.png
imaging.jugem.jp/user_blog/ad/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imaging.jugem.jp/user_blog/ad/userblog_jugem_bnr.png
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:202c:6e00:13:9454:1700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
439b43b7234d74128cdb70a2ad0e2528dc19232c0ec7449dd5601069da931484

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 15:51:51 GMT
via
1.1 6b40574acc577d1185c505c40886acc6.cloudfront.net (CloudFront)
last-modified
Wed, 31 Mar 2021 11:40:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1617184617/ctime:1617182882/gid:20/gname:staff/md5:dee800bc73e25f496e5a45693f07752d/mode:33188/mtime:1617182521/uid:503/uname:m.aoyama
x-amz-cf-pop
EWR52-C2
age
84142
etag
"dee800bc73e25f496e5a45693f07752d"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
34203
x-amz-cf-id
XErzo8MnTeKaliYm27j0DhbXg5Kok8rnE4eX3LIh40RiyK-tqB8aaA==
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://platform.twitter.com/widgets.js
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
HTTP/1.1
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D11) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 15:14:06 GMT
Content-Encoding
gzip
Age
429
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (nyb/1D11)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
uflog.jpg
hqzbjthk.com/ 		0
0
20230412_3420365.png
img-cdn.jg.jugem.jp/752/72666/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img-cdn.jg.jugem.jp/752/72666/20230412_3420365.png
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
HTTP/1.1
Server
2600:9000:21ec:5e00:1d:8805:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba4924716ed0580ae30f974eebb97421a2c10c1e2cf61e8ad60fcd39d8fbca30

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 02:30:53 GMT
x-amz-version-id
s27Eh3maFc7KrFzpwafCH_oxrZBjTtzG
Via
1.1 0bb631caf01a1e61a0610f8aef984a00.cloudfront.net (CloudFront)
Last-Modified
Tue, 11 Apr 2023 21:25:29 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK51-C1
Age
45794
ETag
"5dc3fb68ca54c0446848c5786df4063c"
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2909
X-Amz-Cf-Id
vkRX4TGFwjvZwGFzDobyk3vSQtf4qcEO8VaNTvQFikrSnCpoDGZqDQ==
logo_ekinet.png
www.eki-net.com/personal/common/img/globalmenu/ 		7 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.eki-net.com/personal/common/img/globalmenu/logo_ekinet.png?ver=09
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.144.138 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-144-138.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3f7c549cfacde11c4129c09b1908d106126d823682cc758f70fc046638d7746b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.walkme.com; default-src 'self' *.withdesk.com withdeskcdn.com *.withdeskcdn.com; img-src 'self' 'unsafe-inline' h.online-metrix.net *.aa.online-metrix.net capy.storage.googleapis.com jp.api.capy.me stats.g.doubleclick.net www.google-analytics.com login.eki-net.com guest-agent.mobilus.me cdn.agent.mobilus.me *.eki-net.com *.yimg.jp *.yahoo.co.jp https://*.yimg.jp https://*.yahoo.co.jp *.facebook.net *.facebook.com https://static.ads-twitter.com https://t.co https://analytics.twitter.com *.line.me *.smartnews-ads.com https://*.ladsp.com https://googleads.g.doubleclick.net https://www.google.com googleads.g.doubleclick.net *.google.com *.walkme.com s3.walkmeusercontent.com *.withdesk.com withdeskcdn.com *.withdeskcdn.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' h.online-metrix.net login.eki-net.com cdnjs.cloudflare.com cdn.agent.mobilus.me agent.mobilus.me guest-agent.mobilus.me fonts.googleapis.com *.walkme.com *.withdesk.com withdeskcdn.com *.withdeskcdn.com; object-src *.online-metrix.net login.eki-net.com *.walkme.com; connect-src 'self' h.online-metrix.net wss://127.0.0.1:* jcn-token.cardnet.co.jp login.eki-net.com www.google-analytics.com stats.g.doubleclick.net guest-agent.mobilus.me wss://guest-agent.mobilus.me analytics.google.com *.walkme.com *.withdesk.com wss://*.withdesk.com withdeskcdn.com *.withdeskcdn.com; child-src h.online-metrix.net login.eki-net.com *.walkme.com; frame-src h.online-metrix.net www.google.com login.eki-net.com https://bid.g.doubleclick.net bid.g.doubleclick.net *.walkme.com 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net jp.api.capy.me www.googletagmanager.com www.google-analytics.com www.google.com www.gstatic.com guest-agent.mobilus.me cdn.agent.mobilus.me cdn.polyfill.io jcn-token.cardnet.co.jp login.eki-net.com agent.mobilus.me *.yimg.jp *.yahoo.co.jp www.jreast.co.jp ssl.google-analytics.com js.rtoaster.jp rt.rtoaster.jp p.eki-net.com https://*.yimg.jp https://*.yahoo.co.jp *.facebook.net *.facebook.com https://static.ads-twitter.com https://t.co https://analytics.twitter.com *.line-scdn.net *.smartnews-ads.com https://*.ladsp.com https://www.googleadservices.com https://www.google.com https://googleads.g.doubleclick.net www.googleadservices.com googleads.g.doubleclick.net *.walkme.com *.withdesk.com withdeskcdn.com *.withdeskcdn.com; worker-src blob: h.online-metrix.net login.eki-net.com *.walkme.com 'self'; font-src 'self' fonts.gstatic.com cdn.agent.mobilus.me *.walkme.com data:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.walkme.com; default-src 'self' *.withdesk.com withdeskcdn.com *.withdeskcdn.com; img-src 'self' 'unsafe-inline' h.online-metrix.net *.aa.online-metrix.net capy.storage.googleapis.com jp.api.capy.me stats.g.doubleclick.net www.google-analytics.com login.eki-net.com guest-agent.mobilus.me cdn.agent.mobilus.me *.eki-net.com *.yimg.jp *.yahoo.co.jp https://*.yimg.jp https://*.yahoo.co.jp *.facebook.net *.facebook.com https://static.ads-twitter.com https://t.co https://analytics.twitter.com *.line.me *.smartnews-ads.com https://*.ladsp.com https://googleads.g.doubleclick.net https://www.google.com googleads.g.doubleclick.net *.google.com *.walkme.com s3.walkmeusercontent.com *.withdesk.com withdeskcdn.com *.withdeskcdn.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' h.online-metrix.net login.eki-net.com cdnjs.cloudflare.com cdn.agent.mobilus.me agent.mobilus.me guest-agent.mobilus.me fonts.googleapis.com *.walkme.com *.withdesk.com withdeskcdn.com *.withdeskcdn.com; object-src *.online-metrix.net login.eki-net.com *.walkme.com; connect-src 'self' h.online-metrix.net wss://127.0.0.1:* jcn-token.cardnet.co.jp login.eki-net.com www.google-analytics.com stats.g.doubleclick.net guest-agent.mobilus.me wss://guest-agent.mobilus.me analytics.google.com *.walkme.com *.withdesk.com wss://*.withdesk.com withdeskcdn.com *.withdeskcdn.com; child-src h.online-metrix.net login.eki-net.com *.walkme.com; frame-src h.online-metrix.net www.google.com login.eki-net.com https://bid.g.doubleclick.net bid.g.doubleclick.net *.walkme.com 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' h.online-metrix.net jp.api.capy.me www.googletagmanager.com www.google-analytics.com www.google.com www.gstatic.com guest-agent.mobilus.me cdn.agent.mobilus.me cdn.polyfill.io jcn-token.cardnet.co.jp login.eki-net.com agent.mobilus.me *.yimg.jp *.yahoo.co.jp www.jreast.co.jp ssl.google-analytics.com js.rtoaster.jp rt.rtoaster.jp p.eki-net.com https://*.yimg.jp https://*.yahoo.co.jp *.facebook.net *.facebook.com https://static.ads-twitter.com https://t.co https://analytics.twitter.com *.line-scdn.net *.smartnews-ads.com https://*.ladsp.com https://www.googleadservices.com https://www.google.com https://googleads.g.doubleclick.net www.googleadservices.com googleads.g.doubleclick.net *.walkme.com *.withdesk.com withdeskcdn.com *.withdeskcdn.com; worker-src blob: h.online-metrix.net login.eki-net.com *.walkme.com 'self'; font-src 'self' fonts.gstatic.com cdn.agent.mobilus.me *.walkme.com data:;
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Fri, 30 Jun 2023 15:14:07 GMT
last-modified
Wed, 03 Jul 2019 10:42:38 GMT
etag
"0633288c31d51:0"
x-download-options
noopen
x-frame-options
sameorigin
content-type
image/png
cache-control
private, max-age=1794
accept-ranges
bytes
content-length
7480
x-xss-protection
1; mode=block
expires
Fri, 30 Jun 2023 15:44:01 GMT
20221215_3377012.jpg
img-cdn.jg.jugem.jp/752/72666/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img-cdn.jg.jugem.jp/752/72666/20221215_3377012.jpg
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
HTTP/1.1
Server
2600:9000:21ec:5e00:1d:8805:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee8e81b6bf18276e5eb722cd68324a19f5ade5196fe8340546dcd30dcc8337c6

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 02:13:29 GMT
x-amz-version-id
FrQgRdIM2MTgdwW01dVCPTy_WzFBwnWc
Via
1.1 0bb631caf01a1e61a0610f8aef984a00.cloudfront.net (CloudFront)
Last-Modified
Thu, 15 Dec 2022 02:27:20 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK51-C1
Age
46839
ETag
"271144dfedb092df929a56a9a64e1de3"
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2641
X-Amz-Cf-Id
CmoqVEkUP5Jbjn2sqGq_j1ZjDh5X2sp1ZmgO2KaNNrXqdOUvTx-S6g==
logo.svg
corp.rakuten.co.jp/assets/img/common/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://corp.rakuten.co.jp/assets/img/common/logo.svg
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
133.237.60.111 , Japan, ASN23820 (RAKUTEN Rakuten Group, Inc., JP),
Reverse DNS
corp.rakuten.co.jp
Software
Apache /
Resource Hash
adf5fb1d90811bfe8d6ab1a3fcbba6966c94215548bfa8217d2ed9644e5dc629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 15:14:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sun, 01 Jul 2018 14:56:09 GMT
Server
Apache
ETag
"72a-56ff14803d4d6-gzip"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Connection
close
Accept-Ranges
bytes
Content-Length
946
X-XSS-Protection
1; mode=block
apstag.js
c.amazon-adsystem.com/aax2/
Redirect Chain
  • http://c.amazon-adsystem.com/aax2/apstag.js
  • https://c.amazon-adsystem.com/aax2/apstag.js
236 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H2
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83dd5a9512e50ec30c2a08621826980b7d9a59b2e40e2dfd42235e494eb4f456

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 14:57:09 GMT
content-encoding
gzip
via
1.1 3dcb635971b5d310e8941cdb963aff70.cloudfront.net (CloudFront), 1.1 f07e3fd03d3423bceb1c6083ab62cf8a.cloudfront.net (CloudFront)
last-modified
Thu, 29 Jun 2023 21:03:22 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK50-P3
age
1019
x-amz-server-side-encryption
AES256
etag
W/"7c6a36eb4b73f6b7cf4a63a33418a2c9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
o8JASKPQwMlVExUA9ES_lUKol_6dtmK-PTDmYwaR6b4KK_SUHraMRg==

Redirect headers

Date
Fri, 30 Jun 2023 15:14:07 GMT
Via
1.1 c790ffcab27717f283a6e87f31c6d65a.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
JFK50-P3
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://c.amazon-adsystem.com/aax2/apstag.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
Rqq9NWg-o28WzcqmY1Xtf1DYa19UBkJpCjtbb_fa3BhWyiEBR3Lqxw==
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H2
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 30 Jun 2023 14:11:08 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3780
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 30 Jun 2023 16:11:08 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4be49a1fb727d8504115ddecec10dba598d4bffb9060b22c5cf8a65c57796d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Jun 2023 15:14:07 GMT
x-content-type-options
nosniff
content-encoding
br
age
40395
x-jsd-version
1.0.1736
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
843
x-served-by
cache-fra-eddf8230103-FRA, cache-nyc-kteb1890021-NYC
x-jsd-version-type
version
etag
W/"63e-ESKl6iXYMygNAZ2dFQmeOgrJU+I"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
20060423_167028.png
img-cdn.jg.jugem.jp/841/52797/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img-cdn.jg.jugem.jp/841/52797/20060423_167028.png
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/jm_style.css
Protocol
HTTP/1.1
Server
2600:9000:21ec:5e00:1d:8805:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
20060419_164923.jpg
img-cdn.jg.jugem.jp/841/52797/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img-cdn.jg.jugem.jp/841/52797/20060419_164923.jpg
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/jm_style.css
Protocol
HTTP/1.1
Server
2600:9000:21ec:5e00:1d:8805:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/ 		392 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 13:36:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
5854
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127514
x-xss-protection
0
server
cafe
etag
13498126467117012333
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 29 Jun 2024 13:36:33 GMT
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Jun 2023 15:14:07 GMT
content-encoding
gzip
via
1.1 google
accept-encoding
gzip
server
Google Frontend
traceparent
00-392cab566100600f999d5b5d20730fdd-097c42686828c345-00
vary
Origin
content-type
application/json
access-control-allow-origin
http://chatdemaison.jugem.jp
access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context
392cab566100600f999d5b5d20730fdd/683494259645006661
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
jg_ads_init_display.js
imaging.jugem.jp/ad/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imaging.jugem.jp/ad/jg_ads_init_display.js?20140528
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:202c:6e00:13:9454:1700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a10364c63c733f5a35967eaec8f14d5f93caf2d2403ae09d997ece909e1e45a

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:11:23 GMT
via
1.1 6b40574acc577d1185c505c40886acc6.cloudfront.net (CloudFront)
last-modified
Thu, 29 May 2014 10:34:40 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:501/gname:staff/uname:usr0600238/gid:20/mode:33188/mtime:1401342076/atime:1401358789/ctime:1401342076
x-amz-cf-pop
EWR52-C2
age
2564
etag
"b8ca9168c07c5abb98a3e2fbe1f97bff"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4519
x-amz-cf-id
U_bESzB5FI0XJ5UJXfS3Hryk3wI8PJ1m9AYNsyiDYYBVg-HaGSdAxA==
20060422_166569.jpg
img-cdn.jg.jugem.jp/841/52797/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img-cdn.jg.jugem.jp/841/52797/20060422_166569.jpg
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/jm_style.css
Protocol
HTTP/1.1
Server
2600:9000:21ec:5e00:1d:8805:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
20060509_177810.jpg
img-cdn.jg.jugem.jp/841/52797/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img-cdn.jg.jugem.jp/841/52797/20060509_177810.jpg
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/jm_style.css
Protocol
HTTP/1.1
Server
2600:9000:21ec:5e00:1d:8805:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
sdk.js
connect.facebook.net/ja_JP/
Redirect Chain
  • http://connect.facebook.net/ja_JP/sdk.js
  • https://connect.facebook.net/ja_JP/sdk.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ja_JP/sdk.js
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H2
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6dc2e789c5bfb247704b0d1aab9006a3636cc34df648cd39ef1a749a6253f2c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 30 Jun 2023 15:14:09 GMT
content-md5
esdsaL3nGAhtv5Bk5amyuA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1683
x-fb-debug
uM66DRKoYjET6L7NQNsOHeFaiH5IcmOJI+weBkk0Ra6CKzpLUnoDWyAC1ZmDVyw4xv1ZqTUQVgUcRWCO4VX3ig==
x-fb-content-md5
53aec07a6a47f2c21d38af73713df7c3
cross-origin-opener-policy
same-origin-allow-popups
etag
"68f05b6441c49ee82dc64d277e34ca96"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 30 Jun 2023 15:30:10 GMT

Redirect headers

Location
https://connect.facebook.net/ja_JP/sdk.js#xfbml=1&version=v2.5&appId=264046217008105
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
config
c.amazon-adsystem.com/cdn/prod/ 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3945&u=http%3A%2F%2Fchatdemaison.jugem.jp
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 13:50:03 GMT
via
1.1 f07e3fd03d3423bceb1c6083ab62cf8a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
age
5045
x-cache
Hit from cloudfront
access-control-allow-origin
http://chatdemaison.jugem.jp
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
9QzoYTYI3--Kt1cmw5sJx_23oCuzRMRv0jnISpq1hhz-J7XLpH77Iw==
bid
aax.amazon-adsystem.com/e/dtb/ 		608 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3945&u=http%3A%2F%2Fchatdemaison.jugem.jp%2F&pid=EEDVnzx2pPtc5&cb=0&ws=1600x1200&v=23.612.1758&t=1000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1621995771513-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F66065524%2Fjugem_pc_active%2Fjugem_pc_active_footer_1_left%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1621995717528-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F66065524%2Fjugem_pc_active%2Fjugem_pc_active_footer_1_right%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1621996027683-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F66065524%2Fjugem_pc_active%2Fjugem_pc_active_footer_2_left%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1621995812598-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F66065524%2Fjugem_pc_active%2Fjugem_pc_active_footer_2_right%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.107.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-107-227.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
6dc5e7df6160c8fa979d97f7abee0c3ece1e78915cd01936b7938fb27997374a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:08 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 00266a01055b9f1e1ad959f077c1d96a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P6
x-amz-rid
87H6VVXQAYGXCAA9FFKC
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://chatdemaison.jugem.jp
access-control-allow-credentials
true
timing-allow-origin
*
content-length
608
x-amz-cf-id
ceGmxgHF2L-3BwLTnFSTsk-3Nqz_wDBm1ALdAcDSat6KlPqzSwVPBQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		0
0
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame F706 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fchatdemaison.jugem.jp
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D29) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
5420510
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Jun 2023 15:14:08 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D29)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
localstore.js
script.4dex.io/ 		483 B
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 15:14:08 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Tue, 06 Jun 2023 12:52:55 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
2080190
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4f2%2BX%2BKot3HvuBWPljx5pNnxYQaK16fWWB9Edj0yw2EEgb2lVo0qm3Y8AVb9LuvP%2BSMyPX89qZYNJUnS93DvJnqyYHuB0Ti3owQOMcminPjfSu00O%2B5Bv79QoTqUM0UJ3640m4IaAHOX7WjU"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7df75b75acb532dc-EWR
prebid
pb.ladsp.com/adrequest/ 		91 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.ladsp.com/adrequest/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.113.171.214 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-171-214.ap-northeast-1.compute.amazonaws.com
Software
Logicad/DADServer /
Resource Hash
e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:09 GMT
content-encoding
gzip
server
Logicad/DADServer
vary
Accept-Encoding, User-Agent
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
content-type
application/json;charset=utf-8
access-control-allow-origin
http://chatdemaison.jugem.jp
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
104
expires
-1
prebid
pb.ladsp.com/adrequest/ 		91 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.ladsp.com/adrequest/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.113.171.214 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-171-214.ap-northeast-1.compute.amazonaws.com
Software
Logicad/DADServer /
Resource Hash
e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:09 GMT
content-encoding
gzip
server
Logicad/DADServer
vary
Accept-Encoding, User-Agent
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
content-type
application/json;charset=utf-8
access-control-allow-origin
http://chatdemaison.jugem.jp
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
104
expires
-1
prebid
pb.ladsp.com/adrequest/ 		91 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.ladsp.com/adrequest/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.113.171.214 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-171-214.ap-northeast-1.compute.amazonaws.com
Software
Logicad/DADServer /
Resource Hash
e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:09 GMT
content-encoding
gzip
server
Logicad/DADServer
vary
Accept-Encoding, User-Agent
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
content-type
application/json;charset=utf-8
access-control-allow-origin
http://chatdemaison.jugem.jp
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
104
expires
-1
prebid
pb.ladsp.com/adrequest/ 		91 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.ladsp.com/adrequest/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.113.171.214 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-171-214.ap-northeast-1.compute.amazonaws.com
Software
Logicad/DADServer /
Resource Hash
e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:09 GMT
content-encoding
gzip
server
Logicad/DADServer
vary
Accept-Encoding, User-Agent
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
content-type
application/json;charset=utf-8
access-control-allow-origin
http://chatdemaison.jugem.jp
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
104
expires
-1
v1
d.socdm.com/adsv/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.socdm.com/adsv/v1?posall=SSPLOC&id=135627&sdktype=0&hb=true&t=json3&transactionid=014241c9-65cd-4be2-802b-4c5b76782557&sizes=300x250&currency=JPY&pbver=7.29.0&sdkname=prebidjs&adapterver=1.4.0&imark=1&tp=http%3A%2F%2Fchatdemaison.jugem.jp%2F
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.215.46 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
29a649a9db89d50585a2e304665ff665622591fa60cfc2178e23e7c7450cb301

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 30 Jun 2023 15:14:09 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/adsv\/v1?posall=SSPLOC&id=135627&sdktype=0&hb=true&t=json3&transactionid=014241c9-65cd-4be2-802b-4c5b76782557&sizes=300x250&currency=JPY&pbver=7.29.0&sdkname=prebidjs&adapterver=1.4.0&imark=1&tp=http%3A%2F%2Fchatdemaison.jugem.jp%2F","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.42","key":"ZJ7xQcCo8XkAALbHLPAAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40387"}
X-SO-Key
ZJ7xQcCo8XkAALbHLPAAAAAA
X-SO-Upstream-ID
a-ad40387
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40387.dc2p.scaleout.jp
Connection
keep-alive
Content-Length
1102
X-SO-IP
96.9.249.42
X-SO-Cluster-ID
0
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://chatdemaison.jugem.jp
Cache-Control
private
Access-Control-Allow-Credentials
true
X-SO-Ads-Time
37
X-SO-LB-Hostname
m-tgng21.dc4p.scaleout.jp
v1
d.socdm.com/adsv/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.socdm.com/adsv/v1?posall=SSPLOC&id=135626&sdktype=0&hb=true&t=json3&transactionid=e58f1e72-85d4-4fe6-a415-40cfabaf5dde&sizes=300x250&currency=JPY&pbver=7.29.0&sdkname=prebidjs&adapterver=1.4.0&imark=1&tp=http%3A%2F%2Fchatdemaison.jugem.jp%2F
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.215.46 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
f2ed3255e4f9cb5a5b40d643224fd6bbc9c76c4e288f49d6eac3f09151e5f297

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 30 Jun 2023 15:14:09 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/adsv\/v1?posall=SSPLOC&id=135626&sdktype=0&hb=true&t=json3&transactionid=e58f1e72-85d4-4fe6-a415-40cfabaf5dde&sizes=300x250&currency=JPY&pbver=7.29.0&sdkname=prebidjs&adapterver=1.4.0&imark=1&tp=http%3A%2F%2Fchatdemaison.jugem.jp%2F","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.42","key":"ZJ7xQcCo8YsAAFBfyDMAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40114"}
X-SO-Key
ZJ7xQcCo8YsAAFBfyDMAAAAA
X-SO-Upstream-ID
a-ad40114
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40114.dc2p.scaleout.jp
Connection
keep-alive
Content-Length
1102
X-SO-IP
96.9.249.42
X-SO-Cluster-ID
0
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://chatdemaison.jugem.jp
Cache-Control
private
Access-Control-Allow-Credentials
true
X-SO-Ads-Time
58
X-SO-LB-Hostname
m-tgng39.dc4p.scaleout.jp
v1
d.socdm.com/adsv/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.socdm.com/adsv/v1?posall=SSPLOC&id=135629&sdktype=0&hb=true&t=json3&transactionid=3556f33a-2bbe-460d-ae22-c912eab17d3c&sizes=300x250&currency=JPY&pbver=7.29.0&sdkname=prebidjs&adapterver=1.4.0&imark=1&tp=http%3A%2F%2Fchatdemaison.jugem.jp%2F
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.215.46 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
2efad216a389ee109fa490dadf6d650c083079a4870425b375b11c401cb84560

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 30 Jun 2023 15:14:09 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/adsv\/v1?posall=SSPLOC&id=135629&sdktype=0&hb=true&t=json3&transactionid=3556f33a-2bbe-460d-ae22-c912eab17d3c&sizes=300x250&currency=JPY&pbver=7.29.0&sdkname=prebidjs&adapterver=1.4.0&imark=1&tp=http%3A%2F%2Fchatdemaison.jugem.jp%2F","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.42","key":"ZJ7xQcCo8X4AACK-xVEAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40272"}
X-SO-Key
ZJ7xQcCo8X4AACK-xVEAAAAA
X-SO-Upstream-ID
a-ad40272
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40272.dc2p.scaleout.jp
Connection
keep-alive
Content-Length
1102
X-SO-IP
96.9.249.42
X-SO-Cluster-ID
0
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://chatdemaison.jugem.jp
Cache-Control
private
Access-Control-Allow-Credentials
true
X-SO-Ads-Time
37
X-SO-LB-Hostname
m-tgng26.dc4p.scaleout.jp
v1
d.socdm.com/adsv/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.socdm.com/adsv/v1?posall=SSPLOC&id=135628&sdktype=0&hb=true&t=json3&transactionid=fe1519f2-c45c-4ad0-86af-75993b60ae0f&sizes=300x250&currency=JPY&pbver=7.29.0&sdkname=prebidjs&adapterver=1.4.0&imark=1&tp=http%3A%2F%2Fchatdemaison.jugem.jp%2F
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.215.46 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
6e1f1966467195c6c2a136ff31c5a7104becee6dfa792fdfa68e7a72983adeae

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 30 Jun 2023 15:14:09 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/adsv\/v1?posall=SSPLOC&id=135628&sdktype=0&hb=true&t=json3&transactionid=fe1519f2-c45c-4ad0-86af-75993b60ae0f&sizes=300x250&currency=JPY&pbver=7.29.0&sdkname=prebidjs&adapterver=1.4.0&imark=1&tp=http%3A%2F%2Fchatdemaison.jugem.jp%2F","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.42","key":"ZJ7xQcCo8YMAANUqqdYAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad439"}
X-SO-Key
ZJ7xQcCo8YMAANUqqdYAAAAA
X-SO-Upstream-ID
m-ad439
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad439.dc4p.scaleout.jp
Connection
keep-alive
Content-Length
1096
X-SO-IP
96.9.249.42
X-SO-Cluster-ID
0
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://chatdemaison.jugem.jp
Cache-Control
private
Access-Control-Allow-Credentials
true
X-SO-Ads-Time
133
X-SO-LB-Hostname
m-tgng31.dc4p.scaleout.jp
fastlane.json
fastlane.rubiconproject.com/a/api/ 		390 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20510&site_id=463978&zone_id=2726858&size_id=15&rp_schain=1.0,1!flux-g.com,1000024,1,,,&eid_pubcid.org=872e23e9-e865-4482-aada-6351bff477c0%5E1&rf=http%3A%2F%2Fchatdemaison.jugem.jp%2F&tg_i.page=http%3A%2F%2Fchatdemaison.jugem.jp%2F&tg_i.domain=chatdemaison.jugem.jp&tg_i.pbadslot=%2F66065524%2Fjugem_pc_active%2Fjugem_pc_active_footer_1_left&tk_flint=pbjs_lite_v7.29.0&x_source.tid=014241c9-65cd-4be2-802b-4c5b76782557&l_pb_bid_id=1264ce0ed8e3562&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F66065524%2Fjugem_pc_active%2Fjugem_pc_active_footer_1_left&slots=1&rand=0.8063160625245931
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9029e303c26e6ccb3953fd2993b36197dad29d2a7aaea45c1e5a736e9e33e125

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://chatdemaison.jugem.jp
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
390
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		391 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20510&site_id=463978&zone_id=2726856&size_id=15&rp_schain=1.0,1!flux-g.com,1000024,1,,,&eid_pubcid.org=872e23e9-e865-4482-aada-6351bff477c0%5E1&rf=http%3A%2F%2Fchatdemaison.jugem.jp%2F&tg_i.page=http%3A%2F%2Fchatdemaison.jugem.jp%2F&tg_i.domain=chatdemaison.jugem.jp&tg_i.pbadslot=%2F66065524%2Fjugem_pc_active%2Fjugem_pc_active_footer_1_right&tk_flint=pbjs_lite_v7.29.0&x_source.tid=e58f1e72-85d4-4fe6-a415-40cfabaf5dde&l_pb_bid_id=136d89e12a7efd5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F66065524%2Fjugem_pc_active%2Fjugem_pc_active_footer_1_right&slots=1&rand=0.06857627293773927
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2e942f9d18da96e85cd7f9c23539c827e6352c98fccc555b2e56d13fc588592a

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://chatdemaison.jugem.jp
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
391
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		390 B
920 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20510&site_id=463978&zone_id=2726862&size_id=15&rp_schain=1.0,1!flux-g.com,1000024,1,,,&eid_pubcid.org=872e23e9-e865-4482-aada-6351bff477c0%5E1&rf=http%3A%2F%2Fchatdemaison.jugem.jp%2F&tg_i.page=http%3A%2F%2Fchatdemaison.jugem.jp%2F&tg_i.domain=chatdemaison.jugem.jp&tg_i.pbadslot=%2F66065524%2Fjugem_pc_active%2Fjugem_pc_active_footer_2_left&tk_flint=pbjs_lite_v7.29.0&x_source.tid=3556f33a-2bbe-460d-ae22-c912eab17d3c&l_pb_bid_id=14204910521df63&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F66065524%2Fjugem_pc_active%2Fjugem_pc_active_footer_2_left&slots=1&rand=0.35840493633542314
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7707c8373a222f4526c86d7da7cb35821cdfc73b7fbf32db5ef2a690a09182de

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://chatdemaison.jugem.jp
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
390
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		391 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20510&site_id=463978&zone_id=2726860&size_id=15&rp_schain=1.0,1!flux-g.com,1000024,1,,,&eid_pubcid.org=872e23e9-e865-4482-aada-6351bff477c0%5E1&rf=http%3A%2F%2Fchatdemaison.jugem.jp%2F&tg_i.page=http%3A%2F%2Fchatdemaison.jugem.jp%2F&tg_i.domain=chatdemaison.jugem.jp&tg_i.pbadslot=%2F66065524%2Fjugem_pc_active%2Fjugem_pc_active_footer_2_right&tk_flint=pbjs_lite_v7.29.0&x_source.tid=fe1519f2-c45c-4ad0-86af-75993b60ae0f&l_pb_bid_id=1558b1d42ae2077&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F66065524%2Fjugem_pc_active%2Fjugem_pc_active_footer_2_right&slots=1&rand=0.8379672303771879
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d68b7045d258ac0326c68ef4b6646fc4a42e80b032b27ac11e4d3e55842e3149

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://chatdemaison.jugem.jp
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
391
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9447ce46358b5d7a2e7df181d55d3a59e294bba13ad55bcae4600c7183a3f0db

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-las
date
Fri, 30 Jun 2023 15:14:09 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1044
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
http://chatdemaison.jugem.jp
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7df75b764b73d15f-BUF
expires
0
bid
rtb-jp.mediago.io/api/ 		0
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-jp.mediago.io/api/bid?tn=8ae461f4f9768b7d69acf831d84e929d
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.213.115.3 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
3.115.213.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Jun 2023 15:14:09 GMT
content-encoding
gzip
via
1.1 google
nbr
dsp
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
http://chatdemaison.jugem.jp
access-control-expose-headers
Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, Nbr, Dtt, Lid
dtt
0
access-control-allow-credentials
true
vary
Accept-Encoding
rid
fa0357c078847cad24909d009adf00f3
access-control-allow-headers
Content-Type,AccessToken,X-CSRF-Token, Authorization, Token
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdb
bidder.criteo.com/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.29.0&cb=94077032690&lsavail=1
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://chatdemaison.jugem.jp
date
Fri, 30 Jun 2023 15:14:08 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://chatdemaison.jugem.jp
date
Fri, 30 Jun 2023 15:14:09 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		19 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:09 GMT
AN-X-Request-Uuid
246b2ab8-bf1b-4f0e-8795-a6741e67089b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://chatdemaison.jugem.jp
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.29.0&referrer=http%3A%2F%2Fchatdemaison.jugem.jp%2F&tmax=2000
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.98.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-98-178.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:09 GMT
accept-ch
sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr
x-auction-status
12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
http://chatdemaison.jugem.jp
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ad.as.amanad.adtdp.com/v2/ 		68 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.as.amanad.adtdp.com/v2/prebid?asi=Ze_5svk7R&skt=5&tid=014241c9-65cd-4be2-802b-4c5b76782557&prebid_id=47aff3f34f48cff&prebid_ver=7.29.0&page_url=http%3A%2F%2Fchatdemaison.jugem.jp%2F&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22872e23e9-e865-4482-aada-6351bff477c0%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-68.jfk50.r.cloudfront.net
Software
/
Resource Hash
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Jun 2023 15:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 62c27224785ce0e5201a4eab3d49262e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
89
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
http://chatdemaison.jugem.jp
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
fcvSQpRUeaRohW0w9rgQvaal2VfnxHk-ctpoITUbZ6JrcMUrvVPgGA==
expires
Thu, 01 Jan 1970 09:00:00 GMT
prebid
ad.as.amanad.adtdp.com/v2/ 		68 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.as.amanad.adtdp.com/v2/prebid?asi=DYl5yvz7R&skt=5&tid=e58f1e72-85d4-4fe6-a415-40cfabaf5dde&prebid_id=48b8dc009ff23c2&prebid_ver=7.29.0&page_url=http%3A%2F%2Fchatdemaison.jugem.jp%2F&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22872e23e9-e865-4482-aada-6351bff477c0%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-68.jfk50.r.cloudfront.net
Software
/
Resource Hash
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Jun 2023 15:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 62c27224785ce0e5201a4eab3d49262e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
89
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
http://chatdemaison.jugem.jp
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
3Q0k2rh_FYC07wnF9eSL1yUPV1nwGFiNe_70gG_BH6SCA1MbwqrD2w==
expires
Thu, 01 Jan 1970 09:00:00 GMT
prebid
ad.as.amanad.adtdp.com/v2/ 		68 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.as.amanad.adtdp.com/v2/prebid?asi=Sbucsvkng&skt=5&tid=3556f33a-2bbe-460d-ae22-c912eab17d3c&prebid_id=49f17a9bccaac74&prebid_ver=7.29.0&page_url=http%3A%2F%2Fchatdemaison.jugem.jp%2F&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22872e23e9-e865-4482-aada-6351bff477c0%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-68.jfk50.r.cloudfront.net
Software
/
Resource Hash
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Jun 2023 15:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 62c27224785ce0e5201a4eab3d49262e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
89
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
http://chatdemaison.jugem.jp
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
IwN00mlFL7JsZjD-2fZgF5dCmb2UTibu4GUj1vHW720FNsdUD_eSMg==
expires
Thu, 01 Jan 1970 09:00:00 GMT
prebid
ad.as.amanad.adtdp.com/v2/ 		68 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.as.amanad.adtdp.com/v2/prebid?asi=Wvu5yDkng&skt=5&tid=fe1519f2-c45c-4ad0-86af-75993b60ae0f&prebid_id=50796c7e619583b&prebid_ver=7.29.0&page_url=http%3A%2F%2Fchatdemaison.jugem.jp%2F&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22872e23e9-e865-4482-aada-6351bff477c0%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-68.jfk50.r.cloudfront.net
Software
/
Resource Hash
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Jun 2023 15:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 62c27224785ce0e5201a4eab3d49262e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
89
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
http://chatdemaison.jugem.jp
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
aynQIxfdbqt_nELBlDm6_LJ9mgASuke5ffNPzfC9wciaKPSda0rXsw==
expires
Thu, 01 Jan 1970 09:00:00 GMT
h_bid
y.one.impact-ad.jp/ul_cb/
Redirect Chain
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=127824&cb=31502514656&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=52c4f3166a23e5b&tid=014241c9-65cd-4be2-802b-4c5b76782557&uc=div-gpt-ad-1621995771513-0&tma...
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127824&cb=31502514656&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=52c4f3166a23e5b&tid=014241c9-65cd-4be2-802b-4c5b76782557&uc=div-gpt-ad-1621995771513...
133 B
1007 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127824&cb=31502514656&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=52c4f3166a23e5b&tid=014241c9-65cd-4be2-802b-4c5b76782557&uc=div-gpt-ad-1621995771513-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
HTTP/1.1
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44b632400c17708167150d64529b8d9a14c419dd7bb79a7875e3f84186051ac3

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 15:14:10 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://chatdemaison.jugem.jp
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
128

Redirect headers

Date
Fri, 30 Jun 2023 15:14:09 GMT
Server
nginx
Access-Control-Allow-Origin
http://chatdemaison.jugem.jp
Location
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127824&cb=31502514656&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=52c4f3166a23e5b&tid=014241c9-65cd-4be2-802b-4c5b76782557&uc=div-gpt-ad-1621995771513-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
h_bid
y.one.impact-ad.jp/ul_cb/
Redirect Chain
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=127823&cb=16834801967&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=53300798f8f4953&tid=e58f1e72-85d4-4fe6-a415-40cfabaf5dde&uc=div-gpt-ad-1621995717528-0&tma...
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127823&cb=16834801967&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=53300798f8f4953&tid=e58f1e72-85d4-4fe6-a415-40cfabaf5dde&uc=div-gpt-ad-1621995717528...
133 B
1007 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127823&cb=16834801967&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=53300798f8f4953&tid=e58f1e72-85d4-4fe6-a415-40cfabaf5dde&uc=div-gpt-ad-1621995717528-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
HTTP/1.1
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
df5ae2cebd8313d7c521b06a45ba11abdbb7d7ce963e7cc8b2d6bdc5b3186fe1

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 15:14:10 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://chatdemaison.jugem.jp
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
128

Redirect headers

Date
Fri, 30 Jun 2023 15:14:09 GMT
Server
nginx
Access-Control-Allow-Origin
http://chatdemaison.jugem.jp
Location
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127823&cb=16834801967&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=53300798f8f4953&tid=e58f1e72-85d4-4fe6-a415-40cfabaf5dde&uc=div-gpt-ad-1621995717528-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
h_bid
y.one.impact-ad.jp/ul_cb/
Redirect Chain
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=127826&cb=69109485080&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=54be43c6956e64e&tid=3556f33a-2bbe-460d-ae22-c912eab17d3c&uc=div-gpt-ad-1621996027683-0&tma...
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127826&cb=69109485080&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=54be43c6956e64e&tid=3556f33a-2bbe-460d-ae22-c912eab17d3c&uc=div-gpt-ad-1621996027683...
133 B
1005 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127826&cb=69109485080&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=54be43c6956e64e&tid=3556f33a-2bbe-460d-ae22-c912eab17d3c&uc=div-gpt-ad-1621996027683-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
HTTP/1.1
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cafee63e1870198d0049531d3c87b3d6c184c36a59bd3ee5c523119406710663

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 15:14:10 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://chatdemaison.jugem.jp
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
126

Redirect headers

Date
Fri, 30 Jun 2023 15:14:09 GMT
Server
nginx
Access-Control-Allow-Origin
http://chatdemaison.jugem.jp
Location
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127826&cb=69109485080&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=54be43c6956e64e&tid=3556f33a-2bbe-460d-ae22-c912eab17d3c&uc=div-gpt-ad-1621996027683-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
h_bid
y.one.impact-ad.jp/ul_cb/
Redirect Chain
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=127825&cb=72780312673&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=55213fc15ef7b07&tid=fe1519f2-c45c-4ad0-86af-75993b60ae0f&uc=div-gpt-ad-1621995812598-0&tma...
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127825&cb=72780312673&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=55213fc15ef7b07&tid=fe1519f2-c45c-4ad0-86af-75993b60ae0f&uc=div-gpt-ad-1621995812598...
133 B
1006 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127825&cb=72780312673&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=55213fc15ef7b07&tid=fe1519f2-c45c-4ad0-86af-75993b60ae0f&uc=div-gpt-ad-1621995812598-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
HTTP/1.1
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
77aac0a0e4a673fec7bd62739e0343f40b4208f324095a558e9df03fccdc5bcf

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 15:14:10 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://chatdemaison.jugem.jp
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
127

Redirect headers

Date
Fri, 30 Jun 2023 15:14:09 GMT
Server
nginx
Access-Control-Allow-Origin
http://chatdemaison.jugem.jp
Location
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127825&cb=72780312673&r=http%3A%2F%2Fchatdemaison.jugem.jp%2F&uid=55213fc15ef7b07&tid=fe1519f2-c45c-4ad0-86af-75993b60ae0f&uc=div-gpt-ad-1621995812598-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
translator
hbopenbid.pubmatic.com/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://chatdemaison.jugem.jp
date
Fri, 30 Jun 2023 15:14:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=691298
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb7b3964261ff57bcdee07c33c22f07fe47ba6df8953553026c851c4f17d65e2

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hjl230fDkWirtzL1gZvJETUt7xDE85rAAuOZzWhkKqeOnx95hQ6gscyXDG8KJgG4%2Ba0uN%2B0EM5Xl25eAuSvluqvIh22RujcDUfqsGYfpFI7Z1PzLQ5UcgttJGPIVdAipZWDzYs96"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
http://chatdemaison.jugem.jp
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7df75b7678743a02-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=691298
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb7b3964261ff57bcdee07c33c22f07fe47ba6df8953553026c851c4f17d65e2

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQBrU1%2FczmVmDF65sKV1WZ5rAfV9ycjbH4ea4QlzRbZVQYWyIu4EClC57ED3PXruPkMRqI5ImnM8jTka0SNeq8ZplHxbGRzx5z1%2Fje7sO01W07xuWlQmbtJnpOPjCSG3B8gVirgv"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
http://chatdemaison.jugem.jp
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7df75b7678763a02-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Jun 2023 15:14:09 GMT
content-encoding
gzip
via
1.1 google
accept-encoding
gzip
server
Google Frontend
traceparent
00-50003442f26808fb1a0fd9ceab807ac1-c83285b0e933b6e4-00
vary
Origin
content-type
application/json
access-control-allow-origin
http://chatdemaison.jugem.jp
access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context
50003442f26808fb1a0fd9ceab807ac1/14425739551294338788
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
settings
syndication.twitter.com/ Frame F706 		870 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=78be0ee96cb635cd8ee20819e2719dea1919fdf4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fchatdemaison.jugem.jp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time
5
date
Fri, 30 Jun 2023 15:14:09 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Fri, 30 Jun 2023 15:14:09 GMT
server
tsa_b
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
04784be7e2dfbe8c
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
cb1f8eca0ad50dde2a7bdd95efb2631509508f131cf17d26d10f4b1f90d24e4d
content-length
338
iu3
s.amazon-adsystem.com/ Frame 4CC9
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_rbd_ox-db5_smrt_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_rbd_ox-db5_smrt_n-Outbrain&dcc=t
308 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_rbd_ox-db5_smrt_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
17eedfbd6207c388a4455df3dca137785efc0be264f83985aed475e7e1df1a0c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
308
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 30 Jun 2023 15:14:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
477405S5THKA0V3DJK91

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 30 Jun 2023 15:14:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_rbd_ox-db5_smrt_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
CAW3HTMF1DG9WYKKFESM
collect
www.google-analytics.com/j/ 		4 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1301269030&t=pageview&_s=1&dl=http%3A%2F%2Fchatdemaison.jugem.jp%2F&ul=en-us&de=EUC-JP&dt=chocolat%20et%20cacao&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACAABBAAAAC~&jid=63552768&gjid=1826536260&cid=516528138.1688138049&tid=UA-26106898-2&_gid=1075648414.1688138049&_r=1&_slc=1&cd1=0&cd2=none&cd3=none&cd8=none&cd9=none&cd10=none&z=1223738280
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://chatdemaison.jugem.jp
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/ja_JP/ 		302 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ja_JP/sdk.js?hash=dc5e3e395e7b3395e7fee8133cdccd76
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/ja_JP/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9a8049071870d7f1568c4a93ded757a4c90cf45669d03ca2720ca90f872fbe7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://chatdemaison.jugem.jp/
Origin
http://chatdemaison.jugem.jp
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 30 Jun 2023 15:14:09 GMT
content-md5
nVa3u2SukaOGfrSk/IN14w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87483
x-fb-debug
BErbqbewFdGHinxpsfA9Q8JAefwM3CL23M9Uo1cYHbbC+Qt5toly721fdfUAf+BNOu+xEhMf2dBkd+otID/bHA==
x-fb-content-md5
47df0ef19265b012c36f0e94e71bfea1
cross-origin-opener-policy
same-origin-allow-popups
etag
"2328439955099ed61ef7324fef54aab1"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 29 Jun 2024 14:58:29 GMT
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 15:14:09 GMT
Content-Encoding
br
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 06 Jun 2023 12:52:54 GMT
Server
cloudflare
ETag
W/"845b176368f98c92daf7aa531dcbc491"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fbyog2H2mFRfUg5gsKaAxJSnZVHJbvHEw9vtNe%2BayGdNOxKxyyi3%2BOqD2QF3%2Fsq32Vj3WASXjwi3jdYRh3ssR9bAd8LttaT6Nt6GVUu10AzgLbCA7J9Jn525KlZRaBKLjLhxziLsjXLSnPDn"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7df75b78aa938ce8-EWR
collect
stats.g.doubleclick.net/j/ 		1 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-26106898-2&cid=516528138.1688138049&jid=63552768&gjid=1826536260&_gid=1075648414.1688138049&_u=YGBACAAABAAAAC~&z=440250346
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 30 Jun 2023 15:14:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://chatdemaison.jugem.jp
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
button.e7f9415a2e000feaab02c86dd5802747.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1A) /
Resource Hash
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 15:14:09 GMT
Content-Encoding
gzip
Age
5420511
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2618
Last-Modified
Tue, 24 Jan 2023 21:41:06 GMT
Server
ECS (nyb/1D1A)
Etag
"506673dbdb9085e7201e137e893cc152+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
platform.twitter.com/widgets/ Frame 5CA3 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1A) /
Resource Hash
1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
5420503
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
14019
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Jun 2023 15:14:09 GMT
Etag
"888d7d69b14c1f42e5b7c4c036fd76c6+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:11 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D1A)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
platform.twitter.com/widgets/ Frame 78ED 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1A) /
Resource Hash
1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
5420503
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
14019
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Jun 2023 15:14:09 GMT
Etag
"888d7d69b14c1f42e5b7c4c036fd76c6+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:11 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D1A)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
platform.twitter.com/widgets/ Frame 5D7A 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1A) /
Resource Hash
1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
5420503
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
14019
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Jun 2023 15:14:09 GMT
Etag
"888d7d69b14c1f42e5b7c4c036fd76c6+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:11 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D1A)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
platform.twitter.com/widgets/ Frame 9101 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D0D) /
Resource Hash
1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
5420500
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
14019
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Jun 2023 15:14:09 GMT
Etag
"888d7d69b14c1f42e5b7c4c036fd76c6+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:11 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D0D)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
platform.twitter.com/widgets/ Frame 9A5E 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D06) /
Resource Hash
1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
5420464
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
14019
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Jun 2023 15:14:09 GMT
Etag
"888d7d69b14c1f42e5b7c4c036fd76c6+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:11 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D06)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
platform.twitter.com/widgets/ Frame 8C61 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D31) /
Resource Hash
1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
5420506
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
14019
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Jun 2023 15:14:09 GMT
Etag
"888d7d69b14c1f42e5b7c4c036fd76c6+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:11 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D31)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
platform.twitter.com/widgets/ Frame 8005 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D04) /
Resource Hash
1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
5420507
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
14019
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Jun 2023 15:14:09 GMT
Etag
"888d7d69b14c1f42e5b7c4c036fd76c6+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:11 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D04)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
platform.twitter.com/widgets/ Frame 08AD 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D2F) /
Resource Hash
1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
5420496
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
14019
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Jun 2023 15:14:09 GMT
Etag
"888d7d69b14c1f42e5b7c4c036fd76c6+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:11 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D2F)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
platform.twitter.com/widgets/ Frame 37DB 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1A) /
Resource Hash
1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
5420503
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
14019
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Jun 2023 15:14:09 GMT
Etag
"888d7d69b14c1f42e5b7c4c036fd76c6+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:11 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D1A)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
platform.twitter.com/widgets/ Frame 0EF1 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D06) /
Resource Hash
1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
5420464
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
14019
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Jun 2023 15:14:09 GMT
Etag
"888d7d69b14c1f42e5b7c4c036fd76c6+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:11 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D06)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/ 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fchatdemaison.jugem.jp%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22ja%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1688138049720%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=78be0ee96cb635cd8ee20819e2719dea1919fdf4
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time
8
date
Fri, 30 Jun 2023 15:14:09 GMT
strict-transport-security
max-age=631138519
last-modified
Fri, 30 Jun 2023 15:14:09 GMT
server
tsa_b
vary
Origin
content-type
image/gif
x-transaction-id
d4887adc92a5ca44
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
cb1f8eca0ad50dde2a7bdd95efb2631509508f131cf17d26d10f4b1f90d24e4d
content-length
43
embeds
syndication.twitter.com/i/jot/ 		43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fchatdemaison.jugem.jp%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22ja%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1688138049736%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=78be0ee96cb635cd8ee20819e2719dea1919fdf4
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time
80
date
Fri, 30 Jun 2023 15:14:08 GMT
strict-transport-security
max-age=631138519
last-modified
Fri, 30 Jun 2023 15:14:09 GMT
server
tsa_b
vary
Origin
content-type
image/gif
x-transaction-id
b482188c0becaf0c
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
cb1f8eca0ad50dde2a7bdd95efb2631509508f131cf17d26d10f4b1f90d24e4d
content-length
43
embeds
syndication.twitter.com/i/jot/ 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fchatdemaison.jugem.jp%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22ja%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1688138049737%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=78be0ee96cb635cd8ee20819e2719dea1919fdf4
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time
6
date
Fri, 30 Jun 2023 15:14:09 GMT
strict-transport-security
max-age=631138519
last-modified
Fri, 30 Jun 2023 15:14:09 GMT
server
tsa_b
vary
Origin
content-type
image/gif
x-transaction-id
80f3b7fc8bb5cadd
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
cb1f8eca0ad50dde2a7bdd95efb2631509508f131cf17d26d10f4b1f90d24e4d
content-length
43
pr
s.amazon-adsystem.com/v3/ Frame 68DA 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_ox-db5_smrt_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_rbd_ox-db5_smrt_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
306d7e96e85f83f6286577ad4cf633fe5beef64ec287d93432beb3e97f72ddcf
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_rbd_ox-db5_smrt_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1505
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 30 Jun 2023 15:14:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
A0WBYS5S9B1DF41GYSG4
ecm3
s.amazon-adsystem.com/ Frame 68DA
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=cfa09e45
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=cfa09e45
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_ox-db5_smrt_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8XCR9D97FFSHV9VN77FE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 30 Jun 2023 15:14:09 GMT
via
1.1 e832d261a0bb86f8ba09ea0550c8e77e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=cfa09e45
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
SHSAgpHuYjoQFeoJ7Lzhm6YvDLAfda0ZSj5wLxKKUNpwltnRjpbUwA==
ecm3
s.amazon-adsystem.com/ Frame 68DA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=FWUOh2yxJBqQy64WHcGh
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=FWUOh2yxJBqQy64WHcGh
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_ox-db5_smrt_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EVXJNW7P8S28DYZW40XW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:10 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=FWUOh2yxJBqQy64WHcGh
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
101
Expires
Thu, 01 Dec 1994 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E8F2 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.173.8 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-173-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=96012
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 30 Jun 2023 15:14:10 GMT
expires
Sat, 01 Jul 2023 17:54:22 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
truncated
/ Frame 5CA3 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
usermatch
ssum-sec.casalemedia.com/ Frame 17C3
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_ox-db5_smrt_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
30ed7c9732d5f9402663ff1718476a44e6fd416455e99ddda2bd3cc3a0b167b0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
2015
Content-Type
text/html
Date
Fri, 30 Jun 2023 15:14:10 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Fri, 30 Jun 2023 15:14:10 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
cm
u.openx.net/w/1.0/ Frame 133C
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
693 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_ox-db5_smrt_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
58dd325f10c6b3d5268245700e7449c733bcf119375a88d1de2a029d73a8d84f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
398
content-type
text/html
date
Fri, 30 Jun 2023 15:14:10 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 30 Jun 2023 15:14:10 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
truncated
/ Frame 78ED 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
ecm3
s.amazon-adsystem.com/ Frame 8CD8
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1972436629914980997&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1972436629914980997&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_ox-db5_smrt_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 30 Jun 2023 15:14:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
NH2W1D5VDMBB8P674SEV

Redirect headers

content-length
0
date
Fri, 30 Jun 2023 15:14:09 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1972436629914980997&gdpr=0&gdpr_consent=
usync.html
eus.rubiconproject.com/ Frame 53BF 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_ox-db5_smrt_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 30 Jun 2023 15:14:10 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
truncated
/ Frame 5D7A 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9A5E 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9101 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8C61 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8005 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 37DB 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
crum
dsum-sec.casalemedia.com/ Frame 17C3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZJ7xQk02Xe7iQfYlVmIdzwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENsjS3kB2r8flA9uiVNs3qc&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENsjS3kB2r8flA9uiVNs3qc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENsjS3kB2r8flA9uiVNs3qc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 17C3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZJ7xQk02Xe7iQfYlVmIdzwAABScAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZJ7xQk02Xe7iQfYlVmIdzwAABScAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJjoftrPni4s_BTY0xOOqyw&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJjoftrPni4s_BTY0xOOqyw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJjoftrPni4s_BTY0xOOqyw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 17C3 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZJ7xQk02Xe7iQfYlVmIdzwAABScAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SWTWA6KQAXKV3T8NVX0D
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 17C3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f1d34261-a1bf-4d8c-944a-92124c8c5995&expiration=1690730050&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f1d34261-a1bf-4d8c-944a-92124c8c5995&expiration=1690730050&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f1d34261-a1bf-4d8c-944a-92124c8c5995&expiration=1690730050&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 17C3
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD9uk7JPeMAACFwFW9-jw&expiration=1689347650
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD9uk7JPeMAACFwFW9-jw&expiration=1689347650
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD9uk7JPeMAACFwFW9-jw&expiration=1689347650
Date
Fri, 30 Jun 2023 15:14:10 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 17C3
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662096371634216
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662096371634216
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:11 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:11 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
2
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662096371634216
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7df75b83bc43d163-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 17C3
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZJ7xQk02Xe7iQfYlVmIdzwAA%261319&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=8c327656-2dd3-47b5-8cb5-b56b175dbdc9-tuctb9876c2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=8c327656-2dd3-47b5-8cb5-b56b175dbdc9-tuctb9876c2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=8c327656-2dd3-47b5-8cb5-b56b175dbdc9-tuctb9876c2
date
Fri, 30 Jun 2023 15:14:10 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
32045
ZJ7xQk02Xe7iQfYlVmIdzwAABScAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 17C3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZJ7xQk02Xe7iQfYlVmIdzwAABScAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZJ7xQk02Xe7iQfYlVmIdzwAABScAAAIB
43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZJ7xQk02Xe7iQfYlVmIdzwAABScAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
2600:1f18:4e9:5a07:2a9f:40df:c424:1e81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZJ7xQk02Xe7iQfYlVmIdzwAABScAAAIB
date
Fri, 30 Jun 2023 15:14:10 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ecm3
s.amazon-adsystem.com/ Frame 17C3 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZJ7xQk02Xe7iQfYlVmIdzwAABScAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AQFH07KD2AB3G181CW4C
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 133C 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=a357cfdd-dad7-8534-a7ca-1eefe5f86893
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XAZKRFPHHW8H1B8V1AGH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
6f46d5e4-56d1-ac87-5613-8a8d729c6e3a
pr-bh.ybp.yahoo.com/sync/openx/ Frame 133C 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/6f46d5e4-56d1-ac87-5613-8a8d729c6e3a?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:2a9f:40df:c424:1e81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 133C 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=a357cfdd-dad7-8534-a7ca-1eefe5f86893
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2NREP4VR4ZF2WDVKXZDB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 133C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=fb81b3a0-c67d-3ece-67c4-9c788dcba373&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=fb81b3a0-c67d-3ece-67c4-9c788dcba373&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=f1d34261-a1bf-4d8c-944a-92124c8c5995&ttd_puid=fb81b3a0-c67d-3ece-67c4-9c788dcba373&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f1d34261-a1bf-4d8c-944a-92124c8c5995&ttd_puid=fb81b3a0-c67d-3ece-67c4-9c788dcba373&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f1d34261-a1bf-4d8c-944a-92124c8c5995&ttd_puid=fb81b3a0-c67d-3ece-67c4-9c788dcba373&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame 133C 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDdlZTYwNmEtMGYwYS02MDZhLTcyMjQtYzZjMTQ3Mjk2ZDEz
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 133C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPWUcrIPu9QLCHpnyPYe_8k&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPWUcrIPu9QLCHpnyPYe_8k&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPWUcrIPu9QLCHpnyPYe_8k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 0EF1 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
usync.js
eus.rubiconproject.com/ Frame 53BF 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8a15bd5054ab1321865da9cf9c5ea5ae352cb7f813c8a9be82cffc58b4c00057

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 15:14:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Jun 2023 06:29:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54917
Connection
keep-alive
Content-Length
10113
Expires
Sat, 01 Jul 2023 06:29:27 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E8F2 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58395201&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3c8aa1c212afb95bbfea2c2cf112fc0d53a0cd6274c144a36378d606fcccf200

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 30 Jun 2023 15:14:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
truncated
/ Frame 08AD 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=chatdemaison.jugem.jp
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		121 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2989611238826799&correlator=1267519494383705&eid=31072019%2C31075744%2C31075148&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fifs&iu_parts=66065524%2Cjugem_pc_active%2Cjugem_pc_active_footer_1_left%2Cjugem_pc_active_footer_1_right%2Cjugem_pc_active_footer_2_left%2Cjugem_pc_active_footer_2_right&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=300x250%2C300x250%2C300x250%2C300x250&ifi=1&adks=3443175348%2C1604814286%2C317554739%2C1321359375&sfv=1-0-40&prev_scp=amznbid%3D1xswx6o%26amznp%3Ddw6qkg%26amzniid%3DJEYSgQdrCtW3N7-59NiWEYAAAAGJDN5kgAEAAA9pAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICDymxlJ%26amznsz%3D300x250%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=publisher_id%3D544%26flux_test_flag%3Dprd&sc=0&cookie_enabled=1&abxe=1&dt=1688138050486&lmt=1687794843&dlt=1688138046831&idt=1921&adxs=314%2C618%2C314%2C618&adys=579%2C579%2C7862%2C7862&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fchatdemaison.jugem.jp%2F&frm=20&vis=1&psz=300x250%7C300x250%7C300x250%7C300x250&msz=300x250%7C300x250%7C300x250%7C300x250&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&ga_vid=516528138.1688138049&ga_sid=1688138050&ga_hid=1301269030&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c814c13eed5e77ede3bf8b0413478b343a303ee97ebb4fa9454db255b2e013fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:11 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35746
x-xss-protection
0
google-lineitem-id
-1,-1,-1,5829953976
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,138386115973
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://chatdemaison.jugem.jp
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 48C4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 15:14:10 GMT
expires
Sat, 29 Jun 2024 15:14:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Jun 2023 15:14:11 GMT
content-encoding
gzip
via
1.1 google
accept-encoding
gzip
server
Google Frontend
traceparent
00-775144b5220ab9c10eb6d7cf4b27155b-189ac27081366848-00
vary
Origin
content-type
application/json
access-control-allow-origin
http://chatdemaison.jugem.jp
access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context
775144b5220ab9c10eb6d7cf4b27155b/1772943191783663688
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
ecm3
s.amazon-adsystem.com/ Frame 53BF
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LJIPT34R-O-GL8V
  • https://s.amazon-adsystem.com/ecm3?id=LJIPT34R-O-GL8V&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LJIPT34R-O-GL8V&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZM24DJVQ2SR9CNGM8AN6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LJIPT34R-O-GL8V&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
Expires
0
setuid
px.ads.linkedin.com/ Frame 53BF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJIPT34R-O-GL8V
0
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJIPT34R-O-GL8V
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:10 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 31D54882FAAD41E8ABC9F427C5DF3FBA Ref B: NYCEDGE1416 Ref C: 2023-06-30T15:14:11Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX/WkTeXsZQ8kAswQAq3g==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJIPT34R-O-GL8V
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 53BF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/1J17lynmm2JC2M-eJlnqgw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4LyHbNtE2oJVj_v3M4fjaiCwsMlfD5QSlN0ewg--~A
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4LyHbNtE2oJVj_v3M4fjaiCwsMlfD5QSlN0ewg--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 30 Jun 2023 15:14:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4LyHbNtE2oJVj_v3M4fjaiCwsMlfD5QSlN0ewg--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 53BF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFKLTxwgsxRa93M5yOC0pLY&google_cver=1
42 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFKLTxwgsxRa93M5yOC0pLY&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFKLTxwgsxRa93M5yOC0pLY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 53BF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEpJUFQzNFItTy1HTDhW
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENqQKkM8QbFfDyHStyPQN6E&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpJUFQzNFItTy1HTDhW&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpJUFQzNFItTy1HTDhW&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpJUFQzNFItTy1HTDhW&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
314e432eb2d967cf733b82bdbbe35231
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 53BF 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TECG9SY9HT0H9ESMVNC7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 53BF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODE5NmY1MGVmZmY4OTcyNzAyYTg2YzhlYWIwMTkxZjQ4Y2QyODgyMQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODE5NmY1MGVmZmY4OTcyNzAyYTg2YzhlYWIwMTkxZjQ4Y2QyODgyMQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODE5NmY1MGVmZmY4OTcyNzAyYTg2YzhlYWIwMTkxZjQ4Y2QyODgyMQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 53BF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=4C82EdxIR0-cUejyE0E-gw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4C82EdxIR0-cUejyE0E-gw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4C82EdxIR0-cUejyE0E-gw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZF6HGGF9S2DMHKNTQPNM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4C82EdxIR0-cUejyE0E-gw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 53BF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://match.adsrvr.org/track/cmb/rubicon?
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f1d34261-a1bf-4d8c-944a-92124c8c5995&gdpr=0&gdpr_consent=&expires=30
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f1d34261-a1bf-4d8c-944a-92124c8c5995&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f1d34261-a1bf-4d8c-944a-92124c8c5995&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame D5F6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJ7xQgAVoRvEcgAn
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 30 Jun 2023 15:14:11 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4581-YYZ
x-timer
S1688138051.988783,VS0,VE19

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Fri, 30 Jun 2023 15:14:10 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJ7xQgAVoRvEcgAn
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4581-YYZ
x-timer
S1688138051.902537,VS0,VE23
Pug
image2.pubmatic.com/AdServer/ Frame 055C
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970033164935195368
42 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970033164935195368
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 30 Jun 2023 15:14:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Fri, 30 Jun 2023 15:14:10 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970033164935195368
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
dcm
s.amazon-adsystem.com/ Frame A2ED 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=36D35827-2FE1-431A-862D-A6ACD80453C3&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 30 Jun 2023 15:14:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
VBYENVBWFKG4FCJQWBG1
Pug
image2.pubmatic.com/AdServer/ Frame BEC7
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCRWZVN0pQZU1BQUJfV01VaEM4UQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABEfU7JPeMAAB_WMUhC8Q&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_cu...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABEfU7JPeMAAB_WMUhC8Q&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABEfU7JPeMAAB_WMUhC8Q&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABEfU7JPeMAAB_WMUhC8Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=1972436629914980997&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABEfU7JPeMAAB_WMUhC8Q&gdpr=0&gdpr_consent=
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABEfU7JPeMAAB_WMUhC8Q&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 30 Jun 2023 15:14:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 30 Jun 2023 15:14:11 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABEfU7JPeMAAB_WMUhC8Q&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 886F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e17a649e-f143-4100-97b0-c0acad47afda&gdpr=0&gdpr_consent=
42 B
552 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e17a649e-f143-4100-97b0-c0acad47afda&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 30 Jun 2023 12:58:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 30 Jun 2023 15:14:10 GMT
Expires
Fri, 30 Jun 2023 15:14:09 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1031 59fd23a master ord ord-pixel-x4 config_version:"1969"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e17a649e-f143-4100-97b0-c0acad47afda&gdpr=0&gdpr_consent=
141
match.deepintent.com/usersync/ Frame B568 		0
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Fri, 30 Jun 2023 15:14:10 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
Pug
simage2.pubmatic.com/AdServer/ Frame 341F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3132452749006503740&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3132452749006503740&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 30 Jun 2023 15:14:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
ebb547a4-23ea-4f81-85aa-11c7370a33c7
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Jun 2023 15:14:10 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3132452749006503740&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame EB8C
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ved1qwXiePxOtn38BbdhqADjKKtOsXn-Vutq5KpM
42 B
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ved1qwXiePxOtn38BbdhqADjKKtOsXn-Vutq5KpM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 30 Jun 2023 15:14:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 30 Jun 2023 15:14:10 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ved1qwXiePxOtn38BbdhqADjKKtOsXn-Vutq5KpM
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 12AB
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c4141be8-1758-11ee-9144-2b12b7d9247e
42 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c4141be8-1758-11ee-9144-2b12b7d9247e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 30 Jun 2023 12:58:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Fri, 30 Jun 2023 15:14:10 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c4141be8-1758-11ee-9144-2b12b7d9247e
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-9
usersync.aspx
dis.criteo.com/dis/ Frame ED61 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 15:14:10 GMT
expires
Fri, 30 Jun 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
189615
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 34B5
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:lIUq4eeT1QffP55&gdpr=0&gdpr_consent=
42 B
221 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:lIUq4eeT1QffP55&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 30 Jun 2023 15:14:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 30 Jun 2023 15:14:10 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:lIUq4eeT1QffP55&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-07530d8be001bd58e@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 8857
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=14745fb5-8602-49c8-9ed0-f91e533d12b1&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=36D35827-2FE1-431A-862D-A6ACD80453C3
42 B
493 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=36D35827-2FE1-431A-862D-A6ACD80453C3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.233.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-233-1.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Fri, 30 Jun 2023 15:14:11 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 30 Jun 2023 12:55:45 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=36D35827-2FE1-431A-862D-A6ACD80453C3
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 6024
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vx14wWBVUUhNaK1m_OcDKWAJ-So&gdpr=0&gdpr_consent=
42 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vx14wWBVUUhNaK1m_OcDKWAJ-So&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 30 Jun 2023 12:58:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Jun 2023 15:14:11 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vx14wWBVUUhNaK1m_OcDKWAJ-So&gdpr=0&gdpr_consent=
i.match
s.tribalfusion.com/z/ Frame E6C5
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7df75b836c41d163-BUF
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 30 Jun 2023 15:14:11 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7df75b81fc32d163-BUF
content-type
text/html
date
Fri, 30 Jun 2023 15:14:10 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1
Pug
simage2.pubmatic.com/AdServer/ Frame AB0A
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=795479655190
42 B
288 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=795479655190
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 30 Jun 2023 15:14:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=795479655190
Pug
simage2.pubmatic.com/AdServer/ Frame 949B
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
79 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 30 Jun 2023 12:58:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 30 Jun 2023 15:14:11 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
setuid
u.4dex.io/ Frame 6605 		0
706 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)36D35827-2FE1-431A-862D-A6ACD80453C3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 30 Jun 2023 15:14:11 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E8F2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NtNYJy_hQxqGLaas2ARTww%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
23.77.173.8 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-173-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:10 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=96012
accept-ranges
bytes
content-length
5554
expires
Sat, 01 Jul 2023 17:54:22 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame E8F2
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=36D35827-2FE1-431A-862D-A6ACD80453C3
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=36D35827-2FE1-431A-862D-A6ACD80453C3
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=7ff2cb5c-a4b8-416a-ba9c-bccf9df3df25%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f1d34261-a1bf-4d8c-944a-92124c8c5995&ttd_puid=7ff2cb5c-a4b8-416a-ba9c-bccf9df3df25%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f1d34261-a1bf-4d8c-944a-92124c8c5995&ttd_puid=7ff2cb5c-a4b8-416a-ba9c-bccf9df3df25%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:11 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f1d34261-a1bf-4d8c-944a-92124c8c5995&ttd_puid=7ff2cb5c-a4b8-416a-ba9c-bccf9df3df25%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
xuid
eb2.3lift.com/ Frame E8F2
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7976&xuid=36D35827-2FE1-431A-862D-A6ACD80453C3&dongle=u6nf&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=36D35827-2FE1-431A-862D-A6ACD80453C3&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=36D35827-2FE1-431A-862D-A6ACD80453C3&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 30 Jun 2023 15:14:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7976&xuid=36D35827-2FE1-431A-862D-A6ACD80453C3&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date
Fri, 30 Jun 2023 15:14:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
insync
thrtle.com/ Frame E8F2
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=36D35827-2FE1-431A-862D-A6ACD80453C3&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=36D35827-2FE1-431A-862D-A6ACD80453C3&vxii_pid=12&vxii_pid1=10067&vxii_rcid=d511eb3b-ce1b-4aaf-8715-4abf4b65abaa
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=36D35827-2FE1-431A-862D-A6ACD80453C3&vxii_pid=12&vxii_pid1=10067&vxii_rcid=d511eb3b-ce1b-4aaf-8715-4abf4b65abaa
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
34.196.240.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-240-12.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Fri, 30 Jun 2023 15:14:11 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=36D35827-2FE1-431A-862D-A6ACD80453C3&vxii_pid=12&vxii_pid1=10067&vxii_rcid=d511eb3b-ce1b-4aaf-8715-4abf4b65abaa
date
Fri, 30 Jun 2023 15:14:11 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
Pug
image2.pubmatic.com/AdServer/ Frame E8F2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzZEMzU4MjctMkZFMS00MzFBLTg2MkQtQTZBQ0Q4MDQ1M0Mz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 30 Jun 2023 15:14:10 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E8F2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMyPyxcUmY7JR4Fj0T-EUj0&google_cver=1
42 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMyPyxcUmY7JR4Fj0T-EUj0&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 30 Jun 2023 15:14:09 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMyPyxcUmY7JR4Fj0T-EUj0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E8F2
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0A77C99E046A4F0186A413477C1A3C36
42 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0A77C99E046A4F0186A413477C1A3C36
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 30 Jun 2023 15:14:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Fri, 30 Jun 2023 15:14:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0A77C99E046A4F0186A413477C1A3C36
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 29 Jun 2023 15:14:11 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E8F2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7427183075023782322&gdpr=0&gdpr_consent=&us_privacy=
1 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7427183075023782322&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 30 Jun 2023 15:14:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7427183075023782322&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 30 Jun 2023 15:14:10 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame E8F2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f1d34261-a1bf-4d8c-944a-92124c8c5995&gdpr=0&gdpr_consent=
42 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f1d34261-a1bf-4d8c-944a-92124c8c5995&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 30 Jun 2023 15:14:10 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f1d34261-a1bf-4d8c-944a-92124c8c5995&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame E8F2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=36D35827-2FE1-431A-862D-A6ACD80453C3&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-BZDaYAxE2uWvYXF4SPKWZWYxP1bl1TM-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-BZDaYAxE2uWvYXF4SPKWZWYxP1bl1TM-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-BZDaYAxE2uWvYXF4SPKWZWYxP1bl1TM-~A&gdpr=0
date
Fri, 30 Jun 2023 15:14:10 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
36D35827-2FE1-431A-862D-A6ACD80453C3
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E8F2 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/36D35827-2FE1-431A-862D-A6ACD80453C3?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:2a9f:40df:c424:1e81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame E8F2
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=36D35827-2FE1-431A-862D-A6ACD80453C3&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=135bb40446ab04e5&is_secure=true&networkId=17100&version=1&nuid=36D35827-2FE1-431A-862D-A6ACD80453C3&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHs8gHBOXKUgNl1DwqAAAAAAA&expiration=1688224451&nuid=36D35827-2FE1-431A-862D-A6ACD80453C3&...
42 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHs8gHBOXKUgNl1DwqAAAAAAA&expiration=1688224451&nuid=36D35827-2FE1-431A-862D-A6ACD80453C3&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 30 Jun 2023 12:58:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:11 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHs8gHBOXKUgNl1DwqAAAAAAA&expiration=1688224451&nuid=36D35827-2FE1-431A-862D-A6ACD80453C3&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame E8F2 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.39.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-39-207.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:11 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E8F2
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1bb623d7-9252-403a-b591-03c55dc5a4e5&gdpr=0&gdpr_consent=
1 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1bb623d7-9252-403a-b591-03c55dc5a4e5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 30 Jun 2023 15:14:09 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1bb623d7-9252-403a-b591-03c55dc5a4e5&gdpr=0&gdpr_consent=
Date
Fri, 30 Jun 2023 15:14:11 GMT
Connection
keep-alive
X-CI-RTID
0798b5be-8d7e-436b-bacc-ea7ae95d1e90
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame E8F2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=dbd0bf58-358f-461b-a20a-84d8457d6734&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_303ff47e-f082-42f1-af5e-823041c8a5b0&bsw_param=dbd0bf58-358f-461b-a20a-84d8457d6734&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=dbd0bf58-358f-461b-a20a-84d8457d6734&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=dbd0bf58-358f-461b-a20a-84d8457d6734&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 30 Jun 2023 15:14:09 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=dbd0bf58-358f-461b-a20a-84d8457d6734&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Fri, 30 Jun 2023 15:14:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame E8F2
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=5f24a635-74e4-4a3c-8186-629336b9a86e-649ef142-5553&gdpr=0&gdpr_consent=
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=5f24a635-74e4-4a3c-8186-629336b9a86e-649ef142-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 30 Jun 2023 15:14:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:10 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=5f24a635-74e4-4a3c-8186-629336b9a86e-649ef142-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sn.ashx
pmp.mxptint.net/ Frame E8F2
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33646_10515B1F9_59136952&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Server
38.98.69.175 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-371142792; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:10 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-371142792; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Fri, 30 Jun 2023 15:14:10 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame E8F2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6024546099386426311
42 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6024546099386426311
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 30 Jun 2023 15:14:10 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6024546099386426311
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usync.html
eus.rubiconproject.com/ Frame C1CA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 30 Jun 2023 15:14:11 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 30 Jun 2023 15:14:11 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
server
AkamaiGHost
publishertag.prebid.132.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:31 GMT
server
nginx
etag
W/"642e8db3-16298"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 01 Jul 2023 15:14:11 GMT
usync.js
eus.rubiconproject.com/ Frame C1CA 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8a15bd5054ab1321865da9cf9c5ea5ae352cb7f813c8a9be82cffc58b4c00057

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 15:14:11 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Jun 2023 06:29:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54916
Connection
keep-alive
Content-Length
10113
Expires
Sat, 01 Jul 2023 06:29:27 GMT
publishertag.prebid.132.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:31 GMT
server
nginx
etag
W/"642e8db3-16298"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 01 Jul 2023 15:14:11 GMT
setuid
u.4dex.io/ Frame C1CA
Redirect Chain
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LJIPT34R-O-GL8V
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LJIPT34R-O-GL8V
0
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=rubicon&uid=LJIPT34R-O-GL8V
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:12 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://u.4dex.io/setuid?bidder=rubicon&uid=LJIPT34R-O-GL8V
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5daa34953a867809056448757b76591b
Expires
0
container.html
ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 95E5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 15:14:10 GMT
expires
Sat, 29 Jun 2024 15:14:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2291 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 15:14:10 GMT
expires
Sat, 29 Jun 2024 15:14:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/032306202201000/ Frame 414F 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032306202201000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
94439c92d7b20cef4532243ed9ca2e30577d5ac192a09ea4f09fd94f079f6803
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 27 Jun 2023 21:19:00 GMT
age
237312
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61909
x-xss-protection
0
server
sffe
etag
"0cf1bc09149df6f0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 26 Jun 2024 21:19:00 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/032306202201000/v0/ Frame 414F 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032306202201000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 29 Jun 2023 15:25:58 GMT
age
85694
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5217
x-xss-protection
0
server
sffe
etag
"64cbd7fca0464c6f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 28 Jun 2024 15:25:58 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/032306202201000/v0/ Frame 414F 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032306202201000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 29 Jun 2023 15:20:23 GMT
age
86029
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28896
x-xss-protection
0
server
sffe
etag
"4dcd9a8c59f0d36a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 28 Jun 2024 15:20:23 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/032306202201000/v0/ Frame 414F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032306202201000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 29 Jun 2023 15:25:58 GMT
age
85694
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1898
x-xss-protection
0
server
sffe
etag
"d7fe975149c6761d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 28 Jun 2024 15:25:58 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/032306202201000/v0/ Frame 414F 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032306202201000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 29 Jun 2023 15:25:52 GMT
age
85700
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12958
x-xss-protection
0
server
sffe
etag
"5e14f2792a869535"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 28 Jun 2024 15:25:52 GMT
17496983871431594319
tpc.googlesyndication.com/daca_images/simgad/ Frame 414F 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/17496983871431594319?w=300&h=250
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef06f9e935d43147b5d5ff306f30530de69d2f73ad25ee539d9d7aef1109a844
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 17:53:43 GMT
x-content-type-options
nosniff
age
508828
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15445
x-xss-protection
0
last-modified
Thu, 18 May 2023 20:50:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 01 Jul 2023 17:53:43 GMT
truncated
/ Frame 414F 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
096691dcaff77dd2e4582aabe5201ef4da8489b02392496e756bb7f3ab9658c7

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
container.html
ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EB38 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 15:14:10 GMT
expires
Sat, 29 Jun 2024 15:14:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 414F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 15:40:45 GMT
x-content-type-options
nosniff
server
cafe
age
84807
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2982
x-xss-protection
0
expires
Fri, 30 Jun 2023 15:40:45 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 414F 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:06:22 GMT
x-content-type-options
nosniff
server
cafe
age
11270
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sat, 01 Jul 2023 12:06:22 GMT
l
www.google.com/ads/measurement/ Frame 414F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaRfA2nnGtsR1qNfrA3ZQTDuIsQgzCaCVtLThmViZVYzQlLfD0YAdbH514ZUbB9WfAtYtWmsZf2QTsUe4TWwhie4JUhnjQ
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
HTTP/1.1
Server
2607:f8b0:4006:817::2004 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 414F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-m77QvGeZOuqI9jAzwXR16yYB4fGnbVxtuDb35YRsdKBvOcCEAEgopK4amDJ7o6LwKSMEKAB5Ka_ogPIAQHgAgCoAwHIAwiqBP0BT9BvYvD9MGSGIum0xwdVwHG4nBV4fMMPXdY10xo7x_i_jJL2sVCd0NNyBWVUm9eUyo9iiPF9eOT1s27r1kK87qJTAm2q7ufaRvEjJryPMoYZALS6E-CaNa9lmFZ8Apb0riFW87CKWDRUgzPm56cUKOC8IJG-e65l6M1SPQwLWT1NA-JdEUCzXnsgOe636H5yODFg-64meTaSdBXNk6pqF4EJhRHHIXkI0SGwRZkHFZqpYccyQ3jZ2pe1I__Cd-pyRCqLJn1w619qY-Cjc-XcQVKFUtifmu7Rxegv9BU5irX5PrSyhVIXELftrfblqcHUjHCAEC7MciN3ALjA4sAEv6Xv9bUE4AQBkgUECAQYAZIFBAgFGASgBgKAB5yt9yeoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDjowTSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAdgTAtAVAYAXAbIXHgocCAASFHB1Yi00ODgwNjA2NzU2NTY4NTYxGOSYFw&sigh=wgtB20RDLw8&uach_m=[UACH]&cid=CAQSOwBygQiDFqGs8NAaf0_KEeBV_THx_HNgEoxhOuDw-d2WJpOqvsb_g66MYkAgw4j96jxdTLaR5RnhCTZxGAE
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
setuid
u.4dex.io/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58675/occ?gdpr=0&gdpr_consent=
  • https://u.4dex.io/setuid?bidder=yahoo&uid=y-QS5WvNZE2uFFhhbRMJR1D1_v9CpcM1ZbAfGaKx0-~A&gdpr=0
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=yahoo&uid=y-QS5WvNZE2uFFhhbRMJR1D1_v9CpcM1ZbAfGaKx0-~A&gdpr=0
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:12 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

location
https:///u.4dex.io/setuid?bidder=yahoo&uid=y-QS5WvNZE2uFFhhbRMJR1D1_v9CpcM1ZbAfGaKx0-~A&gdpr=0
date
Fri, 30 Jun 2023 15:14:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
googleads.g.doubleclick.net/xbbe/ Frame CD9B 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0Y09ah5gEwAQ&v=APEucNWdsVFAxDTYST7gefavQZbiAQt9pgq_CYw-OoYQpVccJsK8WSSsT7LSeSWHxfIV59HLwxUrKJGvi5CTarSemQA-ekkNag
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 15:14:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 95E5 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 30 Jun 2023 15:14:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 95E5 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BgO9KKBrbuU0hCVPm2Xtn0MoxqCSlcPiovKp3E3FQvCwlmvuke3uaD4r1bhAbnb5_CuMwkOxlcNdCE3cuGx2NjlT42PRUc6hBZ8Sgcno9kEDNo5Nw
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 95E5 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4758400822838787476&x=1&ct=76
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 95E5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 09:07:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
22010
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Jul 2023 09:07:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 95E5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 17:49:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
77054
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8312
x-xss-protection
0
server
cafe
etag
5477749917372345267
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Jul 2023 17:49:58 GMT
l
www.google.com/ads/measurement/ Frame 95E5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQT5B-x-RoXzSTuID29BVoJZdikpP3lgihjvrVr3VqICfmDdAayksywOGKRmpMtmfaio-_L0OlYq3jW3hvFVivRwztPzA
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 95E5 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57260
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687952195399670"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Jun 2023 15:14:12 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E033 		624 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0Y_67w5QEwAQ&v=APEucNUfK12kc0NCQVY24MrAmcscAla6C1JtcRDEvt__MgT7iucX1RPWfd56_zV5ZgLS78raY2U0WQPQORmYJ7JCaKGBY575Eg
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 15:14:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 2291 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 30 Jun 2023 15:14:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2291 		42 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BYtysIZ6JJyypcpCs8gwfKSHIdk9tEZP8jrDNxxYtNpH5v0VkW5c-8CHcF0yvoPlv2H82-OZeUC9PPb3vLPrBXs2G8l56rJoY2yWwWhlGmYwWNn4s
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2291 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15290982360135528341&x=1&ct=76
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 2291 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 09:07:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
22010
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Jul 2023 09:07:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 2291 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 17:49:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
77054
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8312
x-xss-protection
0
server
cafe
etag
5477749917372345267
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Jul 2023 17:49:58 GMT
l
www.google.com/ads/measurement/ Frame 2291 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQnOzDD6hbA3asmNLw7eY74mddH557xL6D3F2uKCQdVNznr0Av4Q97gLEv2bk-LmDckYH0sqVg6lyOeBh2Fo1wWwbOKJg
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2291 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57260
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687952195399670"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Jun 2023 15:14:12 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EB38 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 09:07:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
22018
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 29 Jun 2024 09:07:14 GMT
a1510406.js
js.mediams.mb.softbank.jp/t/510/406/ Frame EB38 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.mediams.mb.softbank.jp/t/510/406/a1510406.js
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.129 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:12 GMT
cache-control
private
content-encoding
gzip
cross-origin-resource-policy
cross-origin
server
nginx
content-type
application/javascript
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EB38 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57260
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687952195399670"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Jun 2023 15:14:12 GMT
rum
dsum-sec.casalemedia.com/ Frame E033
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsjS3kB2r8flA9uiVNs3qc&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsjS3kB2r8flA9uiVNs3qc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0Y_67w5QEwAQ&v=APEucNUfK12kc0NCQVY24MrAmcscAla6C1JtcRDEvt__MgT7iucX1RPWfd56_zV5ZgLS78raY2U0WQPQORmYJ7JCaKGBY575Eg
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsjS3kB2r8flA9uiVNs3qc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E033
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJ7xQk02Xe7iQfYlVmIdzwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsjS3kB2r8flA9uiVNs3qc&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsjS3kB2r8flA9uiVNs3qc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0Y_67w5QEwAQ&v=APEucNUfK12kc0NCQVY24MrAmcscAla6C1JtcRDEvt__MgT7iucX1RPWfd56_zV5ZgLS78raY2U0WQPQORmYJ7JCaKGBY575Eg
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsjS3kB2r8flA9uiVNs3qc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame E033
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJVTTIFZiPBpPGBw9igZR2I&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJVTTIFZiPBpPGBw9igZR2I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0Y_67w5QEwAQ&v=APEucNUfK12kc0NCQVY24MrAmcscAla6C1JtcRDEvt__MgT7iucX1RPWfd56_zV5ZgLS78raY2U0WQPQORmYJ7JCaKGBY575Eg
Protocol
HTTP/1.1
Server
68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:12 GMT
AN-X-Request-Uuid
85b8ac60-4390-4b80-9332-5cc9587b83ce
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJVTTIFZiPBpPGBw9igZR2I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E033
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzEzMjQ1Mjc0OTAwNjUwMzc0MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzEzMjQ1Mjc0OTAwNjUwMzc0MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0Y_67w5QEwAQ&v=APEucNUfK12kc0NCQVY24MrAmcscAla6C1JtcRDEvt__MgT7iucX1RPWfd56_zV5ZgLS78raY2U0WQPQORmYJ7JCaKGBY575Eg
Protocol
H3
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 30 Jun 2023 15:14:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
102b07bb-c523-4417-a45b-39aa94849d8b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzEzMjQ1Mjc0OTAwNjUwMzc0MA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CD9B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsjS3kB2r8flA9uiVNs3qc&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsjS3kB2r8flA9uiVNs3qc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0Y09ah5gEwAQ&v=APEucNWdsVFAxDTYST7gefavQZbiAQt9pgq_CYw-OoYQpVccJsK8WSSsT7LSeSWHxfIV59HLwxUrKJGvi5CTarSemQA-ekkNag
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsjS3kB2r8flA9uiVNs3qc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CD9B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJ7xQk02Xe7iQfYlVmIdzwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsjS3kB2r8flA9uiVNs3qc&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsjS3kB2r8flA9uiVNs3qc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0Y09ah5gEwAQ&v=APEucNWdsVFAxDTYST7gefavQZbiAQt9pgq_CYw-OoYQpVccJsK8WSSsT7LSeSWHxfIV59HLwxUrKJGvi5CTarSemQA-ekkNag
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsjS3kB2r8flA9uiVNs3qc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame CD9B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJVTTIFZiPBpPGBw9igZR2I&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJVTTIFZiPBpPGBw9igZR2I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0Y09ah5gEwAQ&v=APEucNWdsVFAxDTYST7gefavQZbiAQt9pgq_CYw-OoYQpVccJsK8WSSsT7LSeSWHxfIV59HLwxUrKJGvi5CTarSemQA-ekkNag
Protocol
HTTP/1.1
Server
68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:12 GMT
AN-X-Request-Uuid
d47cc124-dcbd-4085-bbe8-8e9a58f37414
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJVTTIFZiPBpPGBw9igZR2I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CD9B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzEzMjQ1Mjc0OTAwNjUwMzc0MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzEzMjQ1Mjc0OTAwNjUwMzc0MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0Y09ah5gEwAQ&v=APEucNWdsVFAxDTYST7gefavQZbiAQt9pgq_CYw-OoYQpVccJsK8WSSsT7LSeSWHxfIV59HLwxUrKJGvi5CTarSemQA-ekkNag
Protocol
H3
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 30 Jun 2023 15:14:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
39afd209-3d48-4f34-9915-de3ad6f85ecb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzEzMjQ1Mjc0OTAwNjUwMzc0MA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 95E5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3141059600920&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 95E5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3141059600920&version=m202301230201&ct=76&x=1&cor=4758400822838787000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 95E5 		88 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8NYlQrwsyZuLELESg8g-3_k7RVrOTzPAYR1-QLn99bC520d6zWvoZ8F3HCQrvq10wqTcPB6nctuq89Yl5CYCTHdpbsw&cry=1&dbm_d=AKAmf-C6yF4UFDmQ90ZD8zle-JkN8R8wWo78J3UR-me7GdlTT_tuYyBSKaVaHcaLlRGy72SAVnsaR_FOK5AaNhXft0qeOlrIy99isFmCF0OkWHgVzltIdLznp1DcHcLXZOFbzdpyPhWJk7GQANjDC7y0vbjNmA9VRDcKIzBnj1mrnzeyZ9kKYl-MRX6zqsUK2MX8yWtA7OBNnAFAU6UV_L_MM5hazltJGLAIJj71zlSBG1cWVYqkDNguFZWnl--45CTGrhEom6QQVAMInaVqkwFO3p6glgFv2sPBi9rSJId1GSAhfIR3vMqOIxvK17xFJREyEFRMdILSPONhWTQ09KSRTCLOk_Zeoi1JfBEclds79CuYP1xBz8wIHWqIrfnNea77GL2IwtxeUX2UOEiP2NsBfIRvx41k-M7laxTXFr2XTdR4BfDMsTnFXor5471-fij6NjlyZqyfNw-eHcystdbakZp_ooU7MysImGxrnu0myIY_hhFtDFDLCbycY4lEhXt47bc76VJTTaxUuM3OT-_a1KH4IoOMhmX9aR8Iuguyl4kHrAh6selrSHznSrE_v1uL4fHYEqWNDN5pEfteBBtgaaRWVhyWQ9dWiJqWdbCAt0hP2iQr1Es6leYuYdfIYQRPWJsBNbOf_665JiVhb2C6GOhay0A4d5O7PL99K3GWsaaqNmftmyVIIYjw3hDDs-7aRD4ofPytmhRWxCQmSdxb6f3HANB6O5j_uMGeyAh9HjobTJJNB8KeiPNrVyNkqmPUBegDgLw80n8BvnGtPvo8p6cntAeI381TmfbtiVKnJv8C2y8FbA_alU09zCK5M0r_6U2aScdgr9XeeXxZ_H24wiGKYXTqhPaNkEsVz4LGf8hEVqJ5g5bjtnftHTDqhocOH2bpXuFJDOQc5PhAHfsNIgU7K4YVTRBK3uRaLFzAoDxYm0JXHm9KilphzC4VZ_7S9FwlkHH0l5hLX-EMgQkdTmLtbiv7udwiDEhn7V5V7lnsCWefkoX29qWlEZfLEw8B3gnL7Q44h1T5pTop-OptO0-GblIHVd_Q3Kc1Q73biAXvtfTdzTnf0nQHC2GL7IDsnAArS2_aKh0AJE5ZAFwzLG1YHXwLZkTppuYZZ6B13vV2W5dr2OYTqRqaD7S1M-wId-y_FLjtAuOwNgqRteZ_ipemkQCSL5dqD5nxYfMtUBTPKrV1-_Wcs95oR1t0h6Iq9bCCkcejzA1gYjN4CNlZoS7EN74jlUBzfXCrZdmRGa-cIpiItzmOsDdYC1MgV5_Q2CLWlVCPxT2neyOM8_lsTkjAQI1bbIwnWWAnSdt0D3xORbvSeUVTc7xi4S3NQ-j-7Uh0fIlGYxf43gAHMQl59-QelgVai6PmL3NhUXQDQehKF3j5rCu3P9h0aOLWSq-Y6vfQplmN05fG5HHtY2n82Av43UD-4_RmTNakeCkweJkHfytfz2rHV652pigFR7A9M_gzoJeBR4go0rAEE5S_IQhXDgiizvZrzYWxT4ohynsogD7ErSx3Qmm7zAYLxiPaH8HpeVkNU1WlObMoskqhDrhQb_zq12Aoa4uc9bCcYVCfRr-RUnoiuIWTfqb1-hlL5DUZtFCCcct73xh94Pa5I2qpbBBPx96LneUrWcoj46wwqFd2_U2dLIT9OwZluUdsX8TtyN18yY901wF1cUf3KDdEIjjpiAJnn5sfZwM1I25Hu9qi7gK_q0AayjpOQK-I8zZ9YmanbiItnPRCppOgXqzv7yi1kGhaJlkVEAZv5a3zPPdpbhfe0b23-fzfQgf9aqntK_r2dYxDmGHuhkHohiz4V6-Uk_p0uFTMlDg1KEIo3lCSflze5YTBKDwopGFN0KmJJlPUJ8Y58uqiqqb6Dd-FlRsHOAA9yhLSravsk_vx9l09B-UMP_KaZrgEFgjvYTHOVuBkOk0khyxIfO7oKc7MBdTJNIPonjx61YxtvRxrKu7sHv_lXFlIXbqb_tAKwbaBKf5VXpGcu3nzGykFm5wS_2xxmjrVNZpNb71x-JikcXwsihbcBq97Mj6t_rgNGIaZ0q94NypwgUpR2bFUKlmEK7cO7J7E3RyRyH-lKsJ38-MFcJW2ytGDWAjr85Ngvszm41D8TFD8o08obMRJikdBgHhUE8SxItoL3KZargSi7SzrPvu-srBVvjLQV4ogKXoZY6DGTC0xlaox2m3ri3lVDRtNlcedThlqImR2PtlOa6K2vXw1nolWavI0hopqg6LQmRq4c3wfa7b0MGvgiNtFpgjL8bgrfK90vJqVBjA5CmjKtIG4TwBfnxv5WFE6X0UNB2Bj15HfpIC7AkaMAmbHUn0qy2NxMQtbhkAKoMK79Egt47lvkl8VDyPuGrCjAtrjZKuOC1tWzAQcixqUA7ZPBiSqXAmavwgriS4zvTe8RMN_xBDDOwH_ERvFAW2bycsW9La6kVlXVZW394qP7rJ5qKpesVflDIyzxuL-WyKyaE14bT5lvJ57DnA09UVeH-yOZrhf_UJnXIqpzV1QM3Eq6FS2oQZISQQbr9cblj2P3sK7Ap2BPB2mnmJXoxMwAXLIe-gdAMPCdUvS1TclZOIQdFh9XylWuHK7pZoyRWjJgczv8pAeQCGwlQzgRVDx6dB2O2kX7VCG8zLJLoGy_scrBQxcxE9W1LbLF1LHjqPLCK-hbm3_rFSwPgzhMyZVYUR1k8f9AlhTOjDl7yQGpYnvORKQXZBoy_qEkn9Z4FksLDcopNKV1ETNBq9dvaEOfwkMLnuzoF5tC6U1FZbGLqrKCd2s5FhdPSnPmPBu6rZF_ChV_DZsrweO5RGGY6cQr4SSYRLvwN4IiQeteq1E0wq290_GqvlDSuvF-D_cFN3tFitLIkEn5B0RWtV5npS-DUN3Jw6rLkxFXsYd76Drd5CCXngKUMBz1SksyYNfH4IResONqdcpIM2BlxtZtMWmYIPr77jRbOStyW1gPPGNBcN-_eEXdwZPt7dfxtAejm5WQNjnCcBLnsP8Iean3riu5Mi8Mw_qSLAR0cMwsnUJ91OKSU9SI8-CPPru1CcUL0CKZuPq2sjgV_OetwnFRE2StceVHOvo8ya2bd0c-jrg-cfgEc_ajoorxbkQx4ZuHX251AGt871pb4T3KX1MOU6ZauGhH4XZBKU4bENKknjHLZbKtu9FIJuSMMARfOIx5fanSAvxTUOAngkreOjitHTMevwbbmY7h5zk9aWjSH4ixVQ9TcRNkeeFRrior1fgXJFQrxx4TffxGDvwWmbk4eQDDCp-vSjSW1TaBBFrbjnwL79Pw9hXKcaPTXmn082NX8r6aIWesgohgH47Uz5W-sjmcrcszisTEz6JCxC_2EQGgy815BjJDW_74czDbxypdafYxvlJHsSwTngJ8oPbxSDDPyMJ9r1rdMk_WkFmtLIhJNtmi-PORZfhvHKQMbUe3SQwJsWk5s8xcuZxPH-2q2qogglk8EUTyW1Po9kTJhKzoQ70auFL8yfWaSu1p6wduXYOJs-Vgzeg1tHkrTg_TULWAZoa7zZuaALR7kyMjTt_f0D8qYrDXrOCmAVc0vhBzhutVw3U-G_-hn5mnyUpweD7466BGltjyqRN8du3ef4LyU6ytG04Mw9hKUgcZ6_LIeAwr2Srjm1tsHv7rS3cUAP30TFKOhrD3kRGeJo2T7gwKkoldvVMOg&cid=CAQSOwBygQiDFqGs8NAaf0_KEeBV_THx_HNgEoxhOuDw-d2WJpOqvsb_g66MYkAgw4j96jxdTLaR5RnhCTZxGAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fchatdemaison.jugem.jp%2F&ds=l&xdt=1&iif=1&cor=4758400822838787000&adk=792902355&idt=148&cac=0&dtd=229
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37115
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 414F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032306202201000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 15:40:45 GMT
x-content-type-options
nosniff
server
cafe
age
84807
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2982
x-xss-protection
0
expires
Fri, 30 Jun 2023 15:40:45 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 414F 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032306202201000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:06:22 GMT
x-content-type-options
nosniff
server
cafe
age
11270
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sat, 01 Jul 2023 12:06:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2291 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=506689814735&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2291 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=506689814735&version=m202301230201&ct=76&x=1&cor=15290982360135528000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2291 		88 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADPdaKZYTPm78bv3ZvH7nzh2MPknr-rCXTgwu0HtO8vkkvTtUR2NywzfAptuV0cGzukqqGuzDn5tmN-HeNcxTtVAsUxw&cry=1&dbm_d=AKAmf-CkLcTuiP2ESbZX46nHOK53D6VsAyLZ1o78FpndJGpDbJ-jnOtzWOivPVv89aD0FAyI3sUm4kb28vz4S52D6tKFiNpOWn7032fQLMHG3jVPovlzi_zALqnmHyNlT80Wnm5bHxncTtZIphQggqcMhoj86sGDYigdm_sXLJqOEs_xZdwsmghyRymmzOZ_uteRvtEppZhfVBNFThee8KINgWts7hA1CDmE9M4kNSH4zpPmenleaJACkG2H5wDkYFN26QwudZFXvOUdyLhW4CjxYL8ikk64kG7_GipzVyt8buWEMNuoMDIR8EL_YE1CJm0crPOOY1rQqDYCZVanxMLnKNXhGg1yRXbfgESlW05fYzUNq2qbOeFQPmocguvH4hfHPKrlHp7WY1e7P_BoyL086uT32ARN0G_s7y4nan4EYTUPfrnIEqfotPdyUaKLK8motcVmAFXYbiLpTFApgbOBsexAJwMfl61eoYxdVFpnkO14RV04f1qWrqDAgdusfhlyeqAjAcQYbPbXNAt2eDBwneEsOc-hctB6tR9ecWNxc8RBegttosYak6vpu9o554sMQePSNS5XxPJTEMzyxDyxN7yr4aTN94V1cFVWixz0frdl8Uhq2zlWww-fGYFtyNPiE7HsEDLxEc95T1U65GihLO8NOh7ZcEYETTtesjGqY8kdaxvgQkh4BbA3SmPeSzA6PaKqt4wdfvpvGqR8MVMkWDDj5WuzDLdCuVBK0nkoqUCK339i7QQiGK6GphA5Sn1pGxknfUM87ZasD51P8hDajk_XKH7oD0EA6IAYswVDpQvKfwQzRpArdHo4jq5b3uo7ZYya7hzrmrw4ew0yq2YF4zloa9T_ftF-fyKjMyXjzE9VdvO2ns6stXrhazKIC4MEMM4Mkid1WGeMeuzUezGM8WIa381OFmZ4od55j-Pys9zPOpB5z3uGju1bTihWxyvi0jE-mMdwyvsMC7onCOEJGX-YlA4Ah1jY-0xkpusV_cPjggV8stCBSUcKXVxL99zoThJNvKiftW-HwDwn1jT9zlgyNBqCzd0QUHO7tNdZg3GdfJ48CvfzuTeGgxUr8Xqc-CVs56ya6_GKqrEKo8URaK__nTSgA4O8r1whr2wFW6sQ3wHkEqWSt8ZM3NPoilIj9wWVOU59QEBJeBEpoAI99mHcEOL_9-GUXixeRI-qfM8tbGmXscoSIFe1WdG0tOzJ_6ELkCtpqGOaITZnSCejh0Tqmxug4oK6Shjbwso4rtGu4po1UZYG18X_N-3kW3w2IeWoPtdilYClqvBx0lAAeJPpqzIsumv3iaaWuUouLX6zL7NAlYDAyWzgkYIac8RHMDEPyPJP2rx8OSlu1JG4udAb8p_CbRylaOf3rxqdYlEYqNsUNtwU-Ns0NSrTaUZDs9u3cl8e1gTIKyQvVhHPq8AKovKiQ2_aYpYMs6l9s8UCtf6M5imlM-FPg-7sOAOVVyjcsXIEbYycCiVdxZQCut-IMw4qq_8X6Nw2Fr5sh-1ZFMXoOWBaCkpoZu9tEOl8WlTOn-PEY24OCvMlQ6K7PMJuSGgc0FVpBNL8LcJvGAxLk_HJ7cLTvqy-VX-6VLKoMAnJDHrV-KWJRNO1WtBfuTF3mCKJ_Dj2l8EYpmFIq8EE0bsbC1eW-ZiiQUjMSxMxg4oKCRh9--_88HEJWO3lznfoNBHfp2k4RN2fSVoEbujIi-ox8kgdHOuLHIabnNThVanx4ew2J7drhPlJMwwraOWh7SJ2fF9UD8twbQThJ36MzgIjSCQYGoq11a8kBwNhAL6x0IAiw-jaPj5Y9VWkTH7T3LWv7ym6S0Y8oJN2ndWUvBOjk3LqiPZpMJ0m9ue2F_bQcKrotS-D5KkPzYPyExx-EfIWBoKbvoBfN8_eWKAd17W7hZSb5oRpxf9JJxVXtOW2Pg47CEAZCp2qt97TA8UvjUVaWKSx9PTy8cqvGnd1yLgIOcFgKpz-yli-OHMFjOv2T7sa7qBzTLJYTatuqhn_ibOy7ymRq2g-jXEAgv6bnWOE-a6qKgxifbED7nvRYq9EsxNmnUIKo6hTs4zxCMaYDRJoe_Se92-Aej5HOCiugT7jEHvQ--S05SRJ0hs4JZ_VZSa4iwPaOaOR0-mu4dDtbSrwFK5PAxo2pfP89Z5YjJAWabTEgAaM8u_kmYi9opGeuKkQh5W9az-0fyFuIA9wyn0H_Ug6iMkq9HUIyUHhXAdCvlpORA41jnGEdT6gm-1DZlioDKJOuKGfPpzewGHID-x3kUsdNzjSFDVz2aUczSGuJ3MQVtlbpjcO8uvgXY_Gd4rJWrUK-cyG-Lbd94z0zJZAKaFB8T8epXOWAhSXTQHzoLp6VfPXfOwfhrB5aQ9YbrWKf5UjWv8quk3dX2jBzbUQBz2D7wTSx4eqkBUz115XU3HDfCijXqbwZKobnpn1dIgOSBsBla5ow-_8U3ZW_-jtrERH4GO-soJ5lP-Otsg3QCvBL8ArS1cpAC-2kVdu5XrC8_6Iboe7flSco8FHH51J62xfgr29DAuvZbDmqqL0eVy8UJ4Jb8EmfBNHkE10Szz0snj5KJIguFcT9yXsYnweP0T_sfnn1R90Ri84gQR9EUfM6D075_swYQzaxXsgwnky58yS-yqPAOjR6ZLeYwdUtdyDEv1uxGKFHbJ122Sv8141RbBR5AqXLBkZBZ3oSgILezushrfmd3dvW_x2dnjhnBOByjmC8ovOtut48Fgz8VQUp23VkXmOadYD0kzFgTab-3iDMslDHbstUEn0nNaaJjQUikilGQN8NtBSG6lClUt8Zk8yWlkRuLIV7DicHYVtPK48cPu_kpOGKKsq9vnVC2qF0Q4_2AeZpiqN1kda7yd8ajMBK9fAOfbR6N6zon-jnvcU7v5fFxhLFfEVI7te700O_L4OSEeQUtqbHTRfx_GHBodL1fwdF5d3Ma2Ozr83Cv1RmyO_i3oosiZSlETD0zoT__6yFFMSUHwtnmY6URarm4mg7iKo2uUhZqaTy1Liw5E06sxdHLdKkW6TmG3rwj6YPoDFqKdUogUuh-zcUPf6Kt8ZylSfLHSlMKO2BfJOMLN79yluz8iI03PbkL3kMqLsxunH1KgiJASjjbmUA6tt8Q1yTu0qTRIxdezIOYDZ6_RUpl0V7s4W_9rUdFZ9VhGN2fs3CpRz3T8LvysCk5uenA1JGjb0IPtRajCT8O50t4urCEy_8QkB8UHfRVS4BXIwP4lre6FmtZ6X9DASH-PoURzvafPISnBslNeP2fQSvFhqHD_7Az1RZh75rvKK4NueQbCoihx4n0Qqf0CCCgbzBpbuPcjSLfuTDmHiifgsobC6RuJBJXVjGKWfiujHvoyukUPpmGMUO03eHlaGZaitzUvZiTDJbF-tV-hf5BQsmiNNJYhVfdst43YkLwr_GcYSNsB-axlLiHjsrsmLulaZWXdQ4ZbpPM-JblUqt5SD3Qcmsxmv3f29BELrm1f4iZuAmg59vPLU7LiZDj6T5Its8jO-LlQANFObCqW3ojOI&cid=CAQSOwBygQiDFqGs8NAaf0_KEeBV_THx_HNgEoxhOuDw-d2WJpOqvsb_g66MYkAgw4j96jxdTLaR5RnhCTZxGAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fchatdemaison.jugem.jp%2F&ds=l&xdt=1&iif=1&cor=15290982360135528000&adk=3661671305&idt=125&cac=0&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37063
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EB38 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-iUpQ_Gf2BgUHUxGJg-qmMk5PcP8nicQp_kqQICY8C6JLtiXui2y5qG8QcZDCyOok0Vbj8FCaY0xhEDV2bEMbst_LhK9Pen2r-AyF4RPZkRnolrwhFgWKgcRIbuM4awdCoFJ4Bi74tNC63hNnel-11pYN4Ch0RBnU_jPcpIprl7ac3Ec9mA-APN28JN-i_rW7fi3lOzGGdzWuT5B1UwWsZcKGypHHH-p5gzAnmlqjDSBjNw0_ha1NQ3BugFAWhCWqhJXwLyJwdqV0WBUAOin2dGTyUfAuRUAl2sgsX9FRvN368PVPI1F-xCggbY89Mw5QvimcdBmRLT_AvA4MMXQACqkKoTmxFy5ibKiAExrVNKK27iEPZAs9xqji&sai=AMfl-YQ8rf_wliPMLGMV9IsK_T4u0uoMWHoi6glLS70_RQxBSySjktA2DZzvOVmhEYhZ4M43syPskvS6_1-Z_MurjxCmGqrICQaG-DPnPl8q1SYNRUtvz2XdS5S11c-Mtw&sig=Cg0ArKJSzNq6hdlLbo06EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
SPug
simage4.pubmatic.com/AdServer/ Frame E8F2 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:58:20 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
u.4dex.io/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=ZJ7xQk02Xe7iQfYlVmIdzwAABScAAAIB
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=indexexchange&uid=ZJ7xQk02Xe7iQfYlVmIdzwAABScAAAIB
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:13 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://u.4dex.io/setuid?bidder=indexexchange&uid=ZJ7xQk02Xe7iQfYlVmIdzwAABScAAAIB
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 2291 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
Origin
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 09:12:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 01 Jul 2023 09:12:23 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame 2291 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADPdaKZYTPm78bv3ZvH7nzh2MPknr-rCXTgwu0HtO8vkkvTtUR2NywzfAptuV0cGzukqqGuzDn5tmN-HeNcxTtVAsUxw&cry=1&dbm_d=AKAmf-CkLcTuiP2ESbZX46nHOK53D6VsAyLZ1o78FpndJGpDbJ-jnOtzWOivPVv89aD0FAyI3sUm4kb28vz4S52D6tKFiNpOWn7032fQLMHG3jVPovlzi_zALqnmHyNlT80Wnm5bHxncTtZIphQggqcMhoj86sGDYigdm_sXLJqOEs_xZdwsmghyRymmzOZ_uteRvtEppZhfVBNFThee8KINgWts7hA1CDmE9M4kNSH4zpPmenleaJACkG2H5wDkYFN26QwudZFXvOUdyLhW4CjxYL8ikk64kG7_GipzVyt8buWEMNuoMDIR8EL_YE1CJm0crPOOY1rQqDYCZVanxMLnKNXhGg1yRXbfgESlW05fYzUNq2qbOeFQPmocguvH4hfHPKrlHp7WY1e7P_BoyL086uT32ARN0G_s7y4nan4EYTUPfrnIEqfotPdyUaKLK8motcVmAFXYbiLpTFApgbOBsexAJwMfl61eoYxdVFpnkO14RV04f1qWrqDAgdusfhlyeqAjAcQYbPbXNAt2eDBwneEsOc-hctB6tR9ecWNxc8RBegttosYak6vpu9o554sMQePSNS5XxPJTEMzyxDyxN7yr4aTN94V1cFVWixz0frdl8Uhq2zlWww-fGYFtyNPiE7HsEDLxEc95T1U65GihLO8NOh7ZcEYETTtesjGqY8kdaxvgQkh4BbA3SmPeSzA6PaKqt4wdfvpvGqR8MVMkWDDj5WuzDLdCuVBK0nkoqUCK339i7QQiGK6GphA5Sn1pGxknfUM87ZasD51P8hDajk_XKH7oD0EA6IAYswVDpQvKfwQzRpArdHo4jq5b3uo7ZYya7hzrmrw4ew0yq2YF4zloa9T_ftF-fyKjMyXjzE9VdvO2ns6stXrhazKIC4MEMM4Mkid1WGeMeuzUezGM8WIa381OFmZ4od55j-Pys9zPOpB5z3uGju1bTihWxyvi0jE-mMdwyvsMC7onCOEJGX-YlA4Ah1jY-0xkpusV_cPjggV8stCBSUcKXVxL99zoThJNvKiftW-HwDwn1jT9zlgyNBqCzd0QUHO7tNdZg3GdfJ48CvfzuTeGgxUr8Xqc-CVs56ya6_GKqrEKo8URaK__nTSgA4O8r1whr2wFW6sQ3wHkEqWSt8ZM3NPoilIj9wWVOU59QEBJeBEpoAI99mHcEOL_9-GUXixeRI-qfM8tbGmXscoSIFe1WdG0tOzJ_6ELkCtpqGOaITZnSCejh0Tqmxug4oK6Shjbwso4rtGu4po1UZYG18X_N-3kW3w2IeWoPtdilYClqvBx0lAAeJPpqzIsumv3iaaWuUouLX6zL7NAlYDAyWzgkYIac8RHMDEPyPJP2rx8OSlu1JG4udAb8p_CbRylaOf3rxqdYlEYqNsUNtwU-Ns0NSrTaUZDs9u3cl8e1gTIKyQvVhHPq8AKovKiQ2_aYpYMs6l9s8UCtf6M5imlM-FPg-7sOAOVVyjcsXIEbYycCiVdxZQCut-IMw4qq_8X6Nw2Fr5sh-1ZFMXoOWBaCkpoZu9tEOl8WlTOn-PEY24OCvMlQ6K7PMJuSGgc0FVpBNL8LcJvGAxLk_HJ7cLTvqy-VX-6VLKoMAnJDHrV-KWJRNO1WtBfuTF3mCKJ_Dj2l8EYpmFIq8EE0bsbC1eW-ZiiQUjMSxMxg4oKCRh9--_88HEJWO3lznfoNBHfp2k4RN2fSVoEbujIi-ox8kgdHOuLHIabnNThVanx4ew2J7drhPlJMwwraOWh7SJ2fF9UD8twbQThJ36MzgIjSCQYGoq11a8kBwNhAL6x0IAiw-jaPj5Y9VWkTH7T3LWv7ym6S0Y8oJN2ndWUvBOjk3LqiPZpMJ0m9ue2F_bQcKrotS-D5KkPzYPyExx-EfIWBoKbvoBfN8_eWKAd17W7hZSb5oRpxf9JJxVXtOW2Pg47CEAZCp2qt97TA8UvjUVaWKSx9PTy8cqvGnd1yLgIOcFgKpz-yli-OHMFjOv2T7sa7qBzTLJYTatuqhn_ibOy7ymRq2g-jXEAgv6bnWOE-a6qKgxifbED7nvRYq9EsxNmnUIKo6hTs4zxCMaYDRJoe_Se92-Aej5HOCiugT7jEHvQ--S05SRJ0hs4JZ_VZSa4iwPaOaOR0-mu4dDtbSrwFK5PAxo2pfP89Z5YjJAWabTEgAaM8u_kmYi9opGeuKkQh5W9az-0fyFuIA9wyn0H_Ug6iMkq9HUIyUHhXAdCvlpORA41jnGEdT6gm-1DZlioDKJOuKGfPpzewGHID-x3kUsdNzjSFDVz2aUczSGuJ3MQVtlbpjcO8uvgXY_Gd4rJWrUK-cyG-Lbd94z0zJZAKaFB8T8epXOWAhSXTQHzoLp6VfPXfOwfhrB5aQ9YbrWKf5UjWv8quk3dX2jBzbUQBz2D7wTSx4eqkBUz115XU3HDfCijXqbwZKobnpn1dIgOSBsBla5ow-_8U3ZW_-jtrERH4GO-soJ5lP-Otsg3QCvBL8ArS1cpAC-2kVdu5XrC8_6Iboe7flSco8FHH51J62xfgr29DAuvZbDmqqL0eVy8UJ4Jb8EmfBNHkE10Szz0snj5KJIguFcT9yXsYnweP0T_sfnn1R90Ri84gQR9EUfM6D075_swYQzaxXsgwnky58yS-yqPAOjR6ZLeYwdUtdyDEv1uxGKFHbJ122Sv8141RbBR5AqXLBkZBZ3oSgILezushrfmd3dvW_x2dnjhnBOByjmC8ovOtut48Fgz8VQUp23VkXmOadYD0kzFgTab-3iDMslDHbstUEn0nNaaJjQUikilGQN8NtBSG6lClUt8Zk8yWlkRuLIV7DicHYVtPK48cPu_kpOGKKsq9vnVC2qF0Q4_2AeZpiqN1kda7yd8ajMBK9fAOfbR6N6zon-jnvcU7v5fFxhLFfEVI7te700O_L4OSEeQUtqbHTRfx_GHBodL1fwdF5d3Ma2Ozr83Cv1RmyO_i3oosiZSlETD0zoT__6yFFMSUHwtnmY6URarm4mg7iKo2uUhZqaTy1Liw5E06sxdHLdKkW6TmG3rwj6YPoDFqKdUogUuh-zcUPf6Kt8ZylSfLHSlMKO2BfJOMLN79yluz8iI03PbkL3kMqLsxunH1KgiJASjjbmUA6tt8Q1yTu0qTRIxdezIOYDZ6_RUpl0V7s4W_9rUdFZ9VhGN2fs3CpRz3T8LvysCk5uenA1JGjb0IPtRajCT8O50t4urCEy_8QkB8UHfRVS4BXIwP4lre6FmtZ6X9DASH-PoURzvafPISnBslNeP2fQSvFhqHD_7Az1RZh75rvKK4NueQbCoihx4n0Qqf0CCCgbzBpbuPcjSLfuTDmHiifgsobC6RuJBJXVjGKWfiujHvoyukUPpmGMUO03eHlaGZaitzUvZiTDJbF-tV-hf5BQsmiNNJYhVfdst43YkLwr_GcYSNsB-axlLiHjsrsmLulaZWXdQ4ZbpPM-JblUqt5SD3Qcmsxmv3f29BELrm1f4iZuAmg59vPLU7LiZDj6T5Its8jO-LlQANFObCqW3ojOI&cid=CAQSOwBygQiDFqGs8NAaf0_KEeBV_THx_HNgEoxhOuDw-d2WJpOqvsb_g66MYkAgw4j96jxdTLaR5RnhCTZxGAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fchatdemaison.jugem.jp%2F&ds=l&xdt=1&iif=1&cor=15290982360135528000&adk=3661671305&idt=125&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 17:50:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
77026
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Jul 2023 17:50:26 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 2291 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADPdaKZYTPm78bv3ZvH7nzh2MPknr-rCXTgwu0HtO8vkkvTtUR2NywzfAptuV0cGzukqqGuzDn5tmN-HeNcxTtVAsUxw&cry=1&dbm_d=AKAmf-CkLcTuiP2ESbZX46nHOK53D6VsAyLZ1o78FpndJGpDbJ-jnOtzWOivPVv89aD0FAyI3sUm4kb28vz4S52D6tKFiNpOWn7032fQLMHG3jVPovlzi_zALqnmHyNlT80Wnm5bHxncTtZIphQggqcMhoj86sGDYigdm_sXLJqOEs_xZdwsmghyRymmzOZ_uteRvtEppZhfVBNFThee8KINgWts7hA1CDmE9M4kNSH4zpPmenleaJACkG2H5wDkYFN26QwudZFXvOUdyLhW4CjxYL8ikk64kG7_GipzVyt8buWEMNuoMDIR8EL_YE1CJm0crPOOY1rQqDYCZVanxMLnKNXhGg1yRXbfgESlW05fYzUNq2qbOeFQPmocguvH4hfHPKrlHp7WY1e7P_BoyL086uT32ARN0G_s7y4nan4EYTUPfrnIEqfotPdyUaKLK8motcVmAFXYbiLpTFApgbOBsexAJwMfl61eoYxdVFpnkO14RV04f1qWrqDAgdusfhlyeqAjAcQYbPbXNAt2eDBwneEsOc-hctB6tR9ecWNxc8RBegttosYak6vpu9o554sMQePSNS5XxPJTEMzyxDyxN7yr4aTN94V1cFVWixz0frdl8Uhq2zlWww-fGYFtyNPiE7HsEDLxEc95T1U65GihLO8NOh7ZcEYETTtesjGqY8kdaxvgQkh4BbA3SmPeSzA6PaKqt4wdfvpvGqR8MVMkWDDj5WuzDLdCuVBK0nkoqUCK339i7QQiGK6GphA5Sn1pGxknfUM87ZasD51P8hDajk_XKH7oD0EA6IAYswVDpQvKfwQzRpArdHo4jq5b3uo7ZYya7hzrmrw4ew0yq2YF4zloa9T_ftF-fyKjMyXjzE9VdvO2ns6stXrhazKIC4MEMM4Mkid1WGeMeuzUezGM8WIa381OFmZ4od55j-Pys9zPOpB5z3uGju1bTihWxyvi0jE-mMdwyvsMC7onCOEJGX-YlA4Ah1jY-0xkpusV_cPjggV8stCBSUcKXVxL99zoThJNvKiftW-HwDwn1jT9zlgyNBqCzd0QUHO7tNdZg3GdfJ48CvfzuTeGgxUr8Xqc-CVs56ya6_GKqrEKo8URaK__nTSgA4O8r1whr2wFW6sQ3wHkEqWSt8ZM3NPoilIj9wWVOU59QEBJeBEpoAI99mHcEOL_9-GUXixeRI-qfM8tbGmXscoSIFe1WdG0tOzJ_6ELkCtpqGOaITZnSCejh0Tqmxug4oK6Shjbwso4rtGu4po1UZYG18X_N-3kW3w2IeWoPtdilYClqvBx0lAAeJPpqzIsumv3iaaWuUouLX6zL7NAlYDAyWzgkYIac8RHMDEPyPJP2rx8OSlu1JG4udAb8p_CbRylaOf3rxqdYlEYqNsUNtwU-Ns0NSrTaUZDs9u3cl8e1gTIKyQvVhHPq8AKovKiQ2_aYpYMs6l9s8UCtf6M5imlM-FPg-7sOAOVVyjcsXIEbYycCiVdxZQCut-IMw4qq_8X6Nw2Fr5sh-1ZFMXoOWBaCkpoZu9tEOl8WlTOn-PEY24OCvMlQ6K7PMJuSGgc0FVpBNL8LcJvGAxLk_HJ7cLTvqy-VX-6VLKoMAnJDHrV-KWJRNO1WtBfuTF3mCKJ_Dj2l8EYpmFIq8EE0bsbC1eW-ZiiQUjMSxMxg4oKCRh9--_88HEJWO3lznfoNBHfp2k4RN2fSVoEbujIi-ox8kgdHOuLHIabnNThVanx4ew2J7drhPlJMwwraOWh7SJ2fF9UD8twbQThJ36MzgIjSCQYGoq11a8kBwNhAL6x0IAiw-jaPj5Y9VWkTH7T3LWv7ym6S0Y8oJN2ndWUvBOjk3LqiPZpMJ0m9ue2F_bQcKrotS-D5KkPzYPyExx-EfIWBoKbvoBfN8_eWKAd17W7hZSb5oRpxf9JJxVXtOW2Pg47CEAZCp2qt97TA8UvjUVaWKSx9PTy8cqvGnd1yLgIOcFgKpz-yli-OHMFjOv2T7sa7qBzTLJYTatuqhn_ibOy7ymRq2g-jXEAgv6bnWOE-a6qKgxifbED7nvRYq9EsxNmnUIKo6hTs4zxCMaYDRJoe_Se92-Aej5HOCiugT7jEHvQ--S05SRJ0hs4JZ_VZSa4iwPaOaOR0-mu4dDtbSrwFK5PAxo2pfP89Z5YjJAWabTEgAaM8u_kmYi9opGeuKkQh5W9az-0fyFuIA9wyn0H_Ug6iMkq9HUIyUHhXAdCvlpORA41jnGEdT6gm-1DZlioDKJOuKGfPpzewGHID-x3kUsdNzjSFDVz2aUczSGuJ3MQVtlbpjcO8uvgXY_Gd4rJWrUK-cyG-Lbd94z0zJZAKaFB8T8epXOWAhSXTQHzoLp6VfPXfOwfhrB5aQ9YbrWKf5UjWv8quk3dX2jBzbUQBz2D7wTSx4eqkBUz115XU3HDfCijXqbwZKobnpn1dIgOSBsBla5ow-_8U3ZW_-jtrERH4GO-soJ5lP-Otsg3QCvBL8ArS1cpAC-2kVdu5XrC8_6Iboe7flSco8FHH51J62xfgr29DAuvZbDmqqL0eVy8UJ4Jb8EmfBNHkE10Szz0snj5KJIguFcT9yXsYnweP0T_sfnn1R90Ri84gQR9EUfM6D075_swYQzaxXsgwnky58yS-yqPAOjR6ZLeYwdUtdyDEv1uxGKFHbJ122Sv8141RbBR5AqXLBkZBZ3oSgILezushrfmd3dvW_x2dnjhnBOByjmC8ovOtut48Fgz8VQUp23VkXmOadYD0kzFgTab-3iDMslDHbstUEn0nNaaJjQUikilGQN8NtBSG6lClUt8Zk8yWlkRuLIV7DicHYVtPK48cPu_kpOGKKsq9vnVC2qF0Q4_2AeZpiqN1kda7yd8ajMBK9fAOfbR6N6zon-jnvcU7v5fFxhLFfEVI7te700O_L4OSEeQUtqbHTRfx_GHBodL1fwdF5d3Ma2Ozr83Cv1RmyO_i3oosiZSlETD0zoT__6yFFMSUHwtnmY6URarm4mg7iKo2uUhZqaTy1Liw5E06sxdHLdKkW6TmG3rwj6YPoDFqKdUogUuh-zcUPf6Kt8ZylSfLHSlMKO2BfJOMLN79yluz8iI03PbkL3kMqLsxunH1KgiJASjjbmUA6tt8Q1yTu0qTRIxdezIOYDZ6_RUpl0V7s4W_9rUdFZ9VhGN2fs3CpRz3T8LvysCk5uenA1JGjb0IPtRajCT8O50t4urCEy_8QkB8UHfRVS4BXIwP4lre6FmtZ6X9DASH-PoURzvafPISnBslNeP2fQSvFhqHD_7Az1RZh75rvKK4NueQbCoihx4n0Qqf0CCCgbzBpbuPcjSLfuTDmHiifgsobC6RuJBJXVjGKWfiujHvoyukUPpmGMUO03eHlaGZaitzUvZiTDJbF-tV-hf5BQsmiNNJYhVfdst43YkLwr_GcYSNsB-axlLiHjsrsmLulaZWXdQ4ZbpPM-JblUqt5SD3Qcmsxmv3f29BELrm1f4iZuAmg59vPLU7LiZDj6T5Its8jO-LlQANFObCqW3ojOI&cid=CAQSOwBygQiDFqGs8NAaf0_KEeBV_THx_HNgEoxhOuDw-d2WJpOqvsb_g66MYkAgw4j96jxdTLaR5RnhCTZxGAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fchatdemaison.jugem.jp%2F&ds=l&xdt=1&iif=1&cor=15290982360135528000&adk=3661671305&idt=125&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 17:50:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
77026
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11545
x-xss-protection
0
server
cafe
etag
12064860844701496540
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Jul 2023 17:50:26 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2291 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 09:07:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
21986
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Jun 2024 09:07:46 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 95E5 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
Origin
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 09:12:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 01 Jul 2023 09:12:23 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame 95E5 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8NYlQrwsyZuLELESg8g-3_k7RVrOTzPAYR1-QLn99bC520d6zWvoZ8F3HCQrvq10wqTcPB6nctuq89Yl5CYCTHdpbsw&cry=1&dbm_d=AKAmf-C6yF4UFDmQ90ZD8zle-JkN8R8wWo78J3UR-me7GdlTT_tuYyBSKaVaHcaLlRGy72SAVnsaR_FOK5AaNhXft0qeOlrIy99isFmCF0OkWHgVzltIdLznp1DcHcLXZOFbzdpyPhWJk7GQANjDC7y0vbjNmA9VRDcKIzBnj1mrnzeyZ9kKYl-MRX6zqsUK2MX8yWtA7OBNnAFAU6UV_L_MM5hazltJGLAIJj71zlSBG1cWVYqkDNguFZWnl--45CTGrhEom6QQVAMInaVqkwFO3p6glgFv2sPBi9rSJId1GSAhfIR3vMqOIxvK17xFJREyEFRMdILSPONhWTQ09KSRTCLOk_Zeoi1JfBEclds79CuYP1xBz8wIHWqIrfnNea77GL2IwtxeUX2UOEiP2NsBfIRvx41k-M7laxTXFr2XTdR4BfDMsTnFXor5471-fij6NjlyZqyfNw-eHcystdbakZp_ooU7MysImGxrnu0myIY_hhFtDFDLCbycY4lEhXt47bc76VJTTaxUuM3OT-_a1KH4IoOMhmX9aR8Iuguyl4kHrAh6selrSHznSrE_v1uL4fHYEqWNDN5pEfteBBtgaaRWVhyWQ9dWiJqWdbCAt0hP2iQr1Es6leYuYdfIYQRPWJsBNbOf_665JiVhb2C6GOhay0A4d5O7PL99K3GWsaaqNmftmyVIIYjw3hDDs-7aRD4ofPytmhRWxCQmSdxb6f3HANB6O5j_uMGeyAh9HjobTJJNB8KeiPNrVyNkqmPUBegDgLw80n8BvnGtPvo8p6cntAeI381TmfbtiVKnJv8C2y8FbA_alU09zCK5M0r_6U2aScdgr9XeeXxZ_H24wiGKYXTqhPaNkEsVz4LGf8hEVqJ5g5bjtnftHTDqhocOH2bpXuFJDOQc5PhAHfsNIgU7K4YVTRBK3uRaLFzAoDxYm0JXHm9KilphzC4VZ_7S9FwlkHH0l5hLX-EMgQkdTmLtbiv7udwiDEhn7V5V7lnsCWefkoX29qWlEZfLEw8B3gnL7Q44h1T5pTop-OptO0-GblIHVd_Q3Kc1Q73biAXvtfTdzTnf0nQHC2GL7IDsnAArS2_aKh0AJE5ZAFwzLG1YHXwLZkTppuYZZ6B13vV2W5dr2OYTqRqaD7S1M-wId-y_FLjtAuOwNgqRteZ_ipemkQCSL5dqD5nxYfMtUBTPKrV1-_Wcs95oR1t0h6Iq9bCCkcejzA1gYjN4CNlZoS7EN74jlUBzfXCrZdmRGa-cIpiItzmOsDdYC1MgV5_Q2CLWlVCPxT2neyOM8_lsTkjAQI1bbIwnWWAnSdt0D3xORbvSeUVTc7xi4S3NQ-j-7Uh0fIlGYxf43gAHMQl59-QelgVai6PmL3NhUXQDQehKF3j5rCu3P9h0aOLWSq-Y6vfQplmN05fG5HHtY2n82Av43UD-4_RmTNakeCkweJkHfytfz2rHV652pigFR7A9M_gzoJeBR4go0rAEE5S_IQhXDgiizvZrzYWxT4ohynsogD7ErSx3Qmm7zAYLxiPaH8HpeVkNU1WlObMoskqhDrhQb_zq12Aoa4uc9bCcYVCfRr-RUnoiuIWTfqb1-hlL5DUZtFCCcct73xh94Pa5I2qpbBBPx96LneUrWcoj46wwqFd2_U2dLIT9OwZluUdsX8TtyN18yY901wF1cUf3KDdEIjjpiAJnn5sfZwM1I25Hu9qi7gK_q0AayjpOQK-I8zZ9YmanbiItnPRCppOgXqzv7yi1kGhaJlkVEAZv5a3zPPdpbhfe0b23-fzfQgf9aqntK_r2dYxDmGHuhkHohiz4V6-Uk_p0uFTMlDg1KEIo3lCSflze5YTBKDwopGFN0KmJJlPUJ8Y58uqiqqb6Dd-FlRsHOAA9yhLSravsk_vx9l09B-UMP_KaZrgEFgjvYTHOVuBkOk0khyxIfO7oKc7MBdTJNIPonjx61YxtvRxrKu7sHv_lXFlIXbqb_tAKwbaBKf5VXpGcu3nzGykFm5wS_2xxmjrVNZpNb71x-JikcXwsihbcBq97Mj6t_rgNGIaZ0q94NypwgUpR2bFUKlmEK7cO7J7E3RyRyH-lKsJ38-MFcJW2ytGDWAjr85Ngvszm41D8TFD8o08obMRJikdBgHhUE8SxItoL3KZargSi7SzrPvu-srBVvjLQV4ogKXoZY6DGTC0xlaox2m3ri3lVDRtNlcedThlqImR2PtlOa6K2vXw1nolWavI0hopqg6LQmRq4c3wfa7b0MGvgiNtFpgjL8bgrfK90vJqVBjA5CmjKtIG4TwBfnxv5WFE6X0UNB2Bj15HfpIC7AkaMAmbHUn0qy2NxMQtbhkAKoMK79Egt47lvkl8VDyPuGrCjAtrjZKuOC1tWzAQcixqUA7ZPBiSqXAmavwgriS4zvTe8RMN_xBDDOwH_ERvFAW2bycsW9La6kVlXVZW394qP7rJ5qKpesVflDIyzxuL-WyKyaE14bT5lvJ57DnA09UVeH-yOZrhf_UJnXIqpzV1QM3Eq6FS2oQZISQQbr9cblj2P3sK7Ap2BPB2mnmJXoxMwAXLIe-gdAMPCdUvS1TclZOIQdFh9XylWuHK7pZoyRWjJgczv8pAeQCGwlQzgRVDx6dB2O2kX7VCG8zLJLoGy_scrBQxcxE9W1LbLF1LHjqPLCK-hbm3_rFSwPgzhMyZVYUR1k8f9AlhTOjDl7yQGpYnvORKQXZBoy_qEkn9Z4FksLDcopNKV1ETNBq9dvaEOfwkMLnuzoF5tC6U1FZbGLqrKCd2s5FhdPSnPmPBu6rZF_ChV_DZsrweO5RGGY6cQr4SSYRLvwN4IiQeteq1E0wq290_GqvlDSuvF-D_cFN3tFitLIkEn5B0RWtV5npS-DUN3Jw6rLkxFXsYd76Drd5CCXngKUMBz1SksyYNfH4IResONqdcpIM2BlxtZtMWmYIPr77jRbOStyW1gPPGNBcN-_eEXdwZPt7dfxtAejm5WQNjnCcBLnsP8Iean3riu5Mi8Mw_qSLAR0cMwsnUJ91OKSU9SI8-CPPru1CcUL0CKZuPq2sjgV_OetwnFRE2StceVHOvo8ya2bd0c-jrg-cfgEc_ajoorxbkQx4ZuHX251AGt871pb4T3KX1MOU6ZauGhH4XZBKU4bENKknjHLZbKtu9FIJuSMMARfOIx5fanSAvxTUOAngkreOjitHTMevwbbmY7h5zk9aWjSH4ixVQ9TcRNkeeFRrior1fgXJFQrxx4TffxGDvwWmbk4eQDDCp-vSjSW1TaBBFrbjnwL79Pw9hXKcaPTXmn082NX8r6aIWesgohgH47Uz5W-sjmcrcszisTEz6JCxC_2EQGgy815BjJDW_74czDbxypdafYxvlJHsSwTngJ8oPbxSDDPyMJ9r1rdMk_WkFmtLIhJNtmi-PORZfhvHKQMbUe3SQwJsWk5s8xcuZxPH-2q2qogglk8EUTyW1Po9kTJhKzoQ70auFL8yfWaSu1p6wduXYOJs-Vgzeg1tHkrTg_TULWAZoa7zZuaALR7kyMjTt_f0D8qYrDXrOCmAVc0vhBzhutVw3U-G_-hn5mnyUpweD7466BGltjyqRN8du3ef4LyU6ytG04Mw9hKUgcZ6_LIeAwr2Srjm1tsHv7rS3cUAP30TFKOhrD3kRGeJo2T7gwKkoldvVMOg&cid=CAQSOwBygQiDFqGs8NAaf0_KEeBV_THx_HNgEoxhOuDw-d2WJpOqvsb_g66MYkAgw4j96jxdTLaR5RnhCTZxGAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fchatdemaison.jugem.jp%2F&ds=l&xdt=1&iif=1&cor=4758400822838787000&adk=792902355&idt=148&cac=0&dtd=229
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 17:50:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
77027
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Jul 2023 17:50:26 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 95E5 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8NYlQrwsyZuLELESg8g-3_k7RVrOTzPAYR1-QLn99bC520d6zWvoZ8F3HCQrvq10wqTcPB6nctuq89Yl5CYCTHdpbsw&cry=1&dbm_d=AKAmf-C6yF4UFDmQ90ZD8zle-JkN8R8wWo78J3UR-me7GdlTT_tuYyBSKaVaHcaLlRGy72SAVnsaR_FOK5AaNhXft0qeOlrIy99isFmCF0OkWHgVzltIdLznp1DcHcLXZOFbzdpyPhWJk7GQANjDC7y0vbjNmA9VRDcKIzBnj1mrnzeyZ9kKYl-MRX6zqsUK2MX8yWtA7OBNnAFAU6UV_L_MM5hazltJGLAIJj71zlSBG1cWVYqkDNguFZWnl--45CTGrhEom6QQVAMInaVqkwFO3p6glgFv2sPBi9rSJId1GSAhfIR3vMqOIxvK17xFJREyEFRMdILSPONhWTQ09KSRTCLOk_Zeoi1JfBEclds79CuYP1xBz8wIHWqIrfnNea77GL2IwtxeUX2UOEiP2NsBfIRvx41k-M7laxTXFr2XTdR4BfDMsTnFXor5471-fij6NjlyZqyfNw-eHcystdbakZp_ooU7MysImGxrnu0myIY_hhFtDFDLCbycY4lEhXt47bc76VJTTaxUuM3OT-_a1KH4IoOMhmX9aR8Iuguyl4kHrAh6selrSHznSrE_v1uL4fHYEqWNDN5pEfteBBtgaaRWVhyWQ9dWiJqWdbCAt0hP2iQr1Es6leYuYdfIYQRPWJsBNbOf_665JiVhb2C6GOhay0A4d5O7PL99K3GWsaaqNmftmyVIIYjw3hDDs-7aRD4ofPytmhRWxCQmSdxb6f3HANB6O5j_uMGeyAh9HjobTJJNB8KeiPNrVyNkqmPUBegDgLw80n8BvnGtPvo8p6cntAeI381TmfbtiVKnJv8C2y8FbA_alU09zCK5M0r_6U2aScdgr9XeeXxZ_H24wiGKYXTqhPaNkEsVz4LGf8hEVqJ5g5bjtnftHTDqhocOH2bpXuFJDOQc5PhAHfsNIgU7K4YVTRBK3uRaLFzAoDxYm0JXHm9KilphzC4VZ_7S9FwlkHH0l5hLX-EMgQkdTmLtbiv7udwiDEhn7V5V7lnsCWefkoX29qWlEZfLEw8B3gnL7Q44h1T5pTop-OptO0-GblIHVd_Q3Kc1Q73biAXvtfTdzTnf0nQHC2GL7IDsnAArS2_aKh0AJE5ZAFwzLG1YHXwLZkTppuYZZ6B13vV2W5dr2OYTqRqaD7S1M-wId-y_FLjtAuOwNgqRteZ_ipemkQCSL5dqD5nxYfMtUBTPKrV1-_Wcs95oR1t0h6Iq9bCCkcejzA1gYjN4CNlZoS7EN74jlUBzfXCrZdmRGa-cIpiItzmOsDdYC1MgV5_Q2CLWlVCPxT2neyOM8_lsTkjAQI1bbIwnWWAnSdt0D3xORbvSeUVTc7xi4S3NQ-j-7Uh0fIlGYxf43gAHMQl59-QelgVai6PmL3NhUXQDQehKF3j5rCu3P9h0aOLWSq-Y6vfQplmN05fG5HHtY2n82Av43UD-4_RmTNakeCkweJkHfytfz2rHV652pigFR7A9M_gzoJeBR4go0rAEE5S_IQhXDgiizvZrzYWxT4ohynsogD7ErSx3Qmm7zAYLxiPaH8HpeVkNU1WlObMoskqhDrhQb_zq12Aoa4uc9bCcYVCfRr-RUnoiuIWTfqb1-hlL5DUZtFCCcct73xh94Pa5I2qpbBBPx96LneUrWcoj46wwqFd2_U2dLIT9OwZluUdsX8TtyN18yY901wF1cUf3KDdEIjjpiAJnn5sfZwM1I25Hu9qi7gK_q0AayjpOQK-I8zZ9YmanbiItnPRCppOgXqzv7yi1kGhaJlkVEAZv5a3zPPdpbhfe0b23-fzfQgf9aqntK_r2dYxDmGHuhkHohiz4V6-Uk_p0uFTMlDg1KEIo3lCSflze5YTBKDwopGFN0KmJJlPUJ8Y58uqiqqb6Dd-FlRsHOAA9yhLSravsk_vx9l09B-UMP_KaZrgEFgjvYTHOVuBkOk0khyxIfO7oKc7MBdTJNIPonjx61YxtvRxrKu7sHv_lXFlIXbqb_tAKwbaBKf5VXpGcu3nzGykFm5wS_2xxmjrVNZpNb71x-JikcXwsihbcBq97Mj6t_rgNGIaZ0q94NypwgUpR2bFUKlmEK7cO7J7E3RyRyH-lKsJ38-MFcJW2ytGDWAjr85Ngvszm41D8TFD8o08obMRJikdBgHhUE8SxItoL3KZargSi7SzrPvu-srBVvjLQV4ogKXoZY6DGTC0xlaox2m3ri3lVDRtNlcedThlqImR2PtlOa6K2vXw1nolWavI0hopqg6LQmRq4c3wfa7b0MGvgiNtFpgjL8bgrfK90vJqVBjA5CmjKtIG4TwBfnxv5WFE6X0UNB2Bj15HfpIC7AkaMAmbHUn0qy2NxMQtbhkAKoMK79Egt47lvkl8VDyPuGrCjAtrjZKuOC1tWzAQcixqUA7ZPBiSqXAmavwgriS4zvTe8RMN_xBDDOwH_ERvFAW2bycsW9La6kVlXVZW394qP7rJ5qKpesVflDIyzxuL-WyKyaE14bT5lvJ57DnA09UVeH-yOZrhf_UJnXIqpzV1QM3Eq6FS2oQZISQQbr9cblj2P3sK7Ap2BPB2mnmJXoxMwAXLIe-gdAMPCdUvS1TclZOIQdFh9XylWuHK7pZoyRWjJgczv8pAeQCGwlQzgRVDx6dB2O2kX7VCG8zLJLoGy_scrBQxcxE9W1LbLF1LHjqPLCK-hbm3_rFSwPgzhMyZVYUR1k8f9AlhTOjDl7yQGpYnvORKQXZBoy_qEkn9Z4FksLDcopNKV1ETNBq9dvaEOfwkMLnuzoF5tC6U1FZbGLqrKCd2s5FhdPSnPmPBu6rZF_ChV_DZsrweO5RGGY6cQr4SSYRLvwN4IiQeteq1E0wq290_GqvlDSuvF-D_cFN3tFitLIkEn5B0RWtV5npS-DUN3Jw6rLkxFXsYd76Drd5CCXngKUMBz1SksyYNfH4IResONqdcpIM2BlxtZtMWmYIPr77jRbOStyW1gPPGNBcN-_eEXdwZPt7dfxtAejm5WQNjnCcBLnsP8Iean3riu5Mi8Mw_qSLAR0cMwsnUJ91OKSU9SI8-CPPru1CcUL0CKZuPq2sjgV_OetwnFRE2StceVHOvo8ya2bd0c-jrg-cfgEc_ajoorxbkQx4ZuHX251AGt871pb4T3KX1MOU6ZauGhH4XZBKU4bENKknjHLZbKtu9FIJuSMMARfOIx5fanSAvxTUOAngkreOjitHTMevwbbmY7h5zk9aWjSH4ixVQ9TcRNkeeFRrior1fgXJFQrxx4TffxGDvwWmbk4eQDDCp-vSjSW1TaBBFrbjnwL79Pw9hXKcaPTXmn082NX8r6aIWesgohgH47Uz5W-sjmcrcszisTEz6JCxC_2EQGgy815BjJDW_74czDbxypdafYxvlJHsSwTngJ8oPbxSDDPyMJ9r1rdMk_WkFmtLIhJNtmi-PORZfhvHKQMbUe3SQwJsWk5s8xcuZxPH-2q2qogglk8EUTyW1Po9kTJhKzoQ70auFL8yfWaSu1p6wduXYOJs-Vgzeg1tHkrTg_TULWAZoa7zZuaALR7kyMjTt_f0D8qYrDXrOCmAVc0vhBzhutVw3U-G_-hn5mnyUpweD7466BGltjyqRN8du3ef4LyU6ytG04Mw9hKUgcZ6_LIeAwr2Srjm1tsHv7rS3cUAP30TFKOhrD3kRGeJo2T7gwKkoldvVMOg&cid=CAQSOwBygQiDFqGs8NAaf0_KEeBV_THx_HNgEoxhOuDw-d2WJpOqvsb_g66MYkAgw4j96jxdTLaR5RnhCTZxGAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fchatdemaison.jugem.jp%2F&ds=l&xdt=1&iif=1&cor=4758400822838787000&adk=792902355&idt=148&cac=0&dtd=229
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 17:50:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
77027
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11545
x-xss-protection
0
server
cafe
etag
12064860844701496540
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Jul 2023 17:50:26 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 95E5 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 09:07:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
21987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Jun 2024 09:07:46 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F20C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
83081
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Jun 2023 16:09:32 GMT
etag
48472445140208031
expires
Fri, 30 Jun 2023 16:09:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DACD 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
83081
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Jun 2023 16:09:32 GMT
etag
48472445140208031
expires
Fri, 30 Jun 2023 16:09:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2291 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
jsk
mediamsmbsoftbank.genieesspv.jp/yie/ld/ Frame EB38 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mediamsmbsoftbank.genieesspv.jp/yie/ld/jsk?zoneid=1510406&cb=98460271207&charset=UTF-8&loc=http%3A%2F%2Fchatdemaison.jugem.jp%2F&referer=http%3A%2F%2Fchatdemaison.jugem.jp%2F&sw=1200&sh=1600&topframe=0
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.130 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:13 GMT
content-encoding
gzip
content-type
text/javascript; charset=UTF-8
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
expires
Mon, 26 Jul 1997 05:00:00 GMT
im-uid-hook.js
dmp.im-apps.net/scripts/ Frame EB38 		633 B
681 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by
Host: js.mediams.mb.softbank.jp
URL: https://js.mediams.mb.softbank.jp/t/510/406/a1510406.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:38::17c6:d654 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 15:14:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Content-Type
text/javascript
Cache-Control
private, no-store
Connection
keep-alive
Content-Length
445
truncated
/ Frame 95E5 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
i.match
a.tribalfusion.com/ Frame F20C 		43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEBdIq7Gh4MzZRo6F-eE9ev0&google_cver=1&google_push=AaAOQGFZN9iN0F2YfDQec9pZBf4bVBR22LisuTRYQwbyZW5u1QOkzutSr0E8WUEsP2xhGHI-QPx8vka5Y0rBq7_2ulW4TzmuwwQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFZN9iN0F2YfDQec9pZBf4bVBR22LisuTRYQwbyZW5u1QOkzutSr0E8WUEsP2xhGHI-QPx8vka5Y0rBq7_2ulW4TzmuwwQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:13 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7df75b91ecc5d163-BUF
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F20C
Redirect Chain
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEENlR4-apw2f36qP2WG0YvE&google_cver=1&google_push=AaAOQGFJQaXbjmeWjmbHV5-XCTRa8ZcA5MunJTsRr_u5PiiQoasi3o8uPwNQJ5ypRvc7VzWfdEknYuLw8L1U-PaXoqwfjJ9MCsXf
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AaAOQGFJQaXbjmeWjmbHV5-XCTRa8ZcA5MunJTsRr_u5PiiQoasi3o8uPwNQJ5ypRvc7VzWfdEknYuLw8L1U-PaXoqwfjJ9MCsXf&google_hm=UjMzNjQ2XzEwNTE1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AaAOQGFJQaXbjmeWjmbHV5-XCTRa8ZcA5MunJTsRr_u5PiiQoasi3o8uPwNQJ5ypRvc7VzWfdEknYuLw8L1U-PaXoqwfjJ9MCsXf&google_hm=UjMzNjQ2XzEwNTE1QjFGOV81OTEzNjk1Mg%3D%3D
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AaAOQGFJQaXbjmeWjmbHV5-XCTRa8ZcA5MunJTsRr_u5PiiQoasi3o8uPwNQJ5ypRvc7VzWfdEknYuLw8L1U-PaXoqwfjJ9MCsXf&google_hm=UjMzNjQ2XzEwNTE1QjFGOV81OTEzNjk1Mg%3D%3D
Date
Fri, 30 Jun 2023 15:14:13 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-371142853; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
346
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame F20C
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAaAOQGGmYwl6oM-T33jh242xJBJgbgeWriCWP1Db_409CcWFfb8Cmt-6Budl4wfiHkpqqGPAbhb-z9J0kM...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AaAOQGGmYwl6oM-T33jh242xJBJgbgeWriCWP1Db_409CcWFfb8Cmt-6Budl4wfiHkpqqGPAbhb-z9J0kMi3MSbQ9DQHAsVXn9oW&google_hm=2623dc68-b067-487f-b6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AaAOQGGmYwl6oM-T33jh242xJBJgbgeWriCWP1Db_409CcWFfb8Cmt-6Budl4wfiHkpqqGPAbhb-z9J0kMi3MSbQ9DQHAsVXn9oW&google_hm=2623dc68-b067-487f-b61b-7ed856e821c4
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:13 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-88
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AaAOQGGmYwl6oM-T33jh242xJBJgbgeWriCWP1Db_409CcWFfb8Cmt-6Budl4wfiHkpqqGPAbhb-z9J0kMi3MSbQ9DQHAsVXn9oW&google_hm=2623dc68-b067-487f-b61b-7ed856e821c4
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F20C
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEFS9ifJRLhQdhYrQW451JFs&google_cver=1&google_push=AaAOQGENgw8rya8B5keMUbw9I92KO68gWbqFuCg8TfzGMTpkU4ZJUKWA_acPfjKeiNJOkX8irFZlfMyTKUTgEG_6amPtLO...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEFS9ifJRLhQdhYrQW451JFs&google_cver=1&google_push=AaAOQGENgw8rya8B5keMUbw9I92KO68gWbqFuCg8TfzGMTpkU4ZJUKWA_acPfjKeiNJOkX8irFZlfMyTKUTgEG_6...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=_k_rorS8TDWyCUiyfnDDiQ&google_push=AaAOQGENgw8rya8B5keMUbw9I92KO68gWbqFuCg8TfzGMTpkU4ZJUKWA_acPfjKeiNJOkX8irFZlfMyTKUTgEG_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=_k_rorS8TDWyCUiyfnDDiQ&google_push=AaAOQGENgw8rya8B5keMUbw9I92KO68gWbqFuCg8TfzGMTpkU4ZJUKWA_acPfjKeiNJOkX8irFZlfMyTKUTgEG_6amPtLOqsY94
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=_k_rorS8TDWyCUiyfnDDiQ&google_push=AaAOQGENgw8rya8B5keMUbw9I92KO68gWbqFuCg8TfzGMTpkU4ZJUKWA_acPfjKeiNJOkX8irFZlfMyTKUTgEG_6amPtLOqsY94
access-control-allow-origin
*
date
Fri, 30 Jun 2023 15:14:13 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame F20C
Redirect Chain
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEEKfYEUAtLAgqhU7UaAvR-4&google_cver=1&google_push=AaAOQGGDcNJFXrTv8nMsYtUIqqM0GZS0Xy6ec15HaW2WTCpwkLW10ALQzlokG9v067i-qyGqZk6DmLstPXOB1u...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=&google_push=AaAOQGGDcNJFXrTv8nMsYtUIqqM0GZS0Xy6ec15HaW2WTCpwkLW10ALQzlokG9v067i-qyGqZk6DmLstPXOB1u8a5eSXNcgTgGzK
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=&google_push=AaAOQGGDcNJFXrTv8nMsYtUIqqM0GZS0Xy6ec15HaW2WTCpwkLW10ALQzlokG9v067i-qyGqZk6DmLstPXOB1u8a5eSXNcgTgGzK
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H3
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=&google_push=AaAOQGGDcNJFXrTv8nMsYtUIqqM0GZS0Xy6ec15HaW2WTCpwkLW10ALQzlokG9v067i-qyGqZk6DmLstPXOB1u8a5eSXNcgTgGzK
date
Fri, 30 Jun 2023 15:14:13 GMT
server
CookieSync Server
content-length
0
pixel
cm.g.doubleclick.net/ Frame F20C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEHRZi766kQ-vn360pDKbxOE&google_cver=1&google_push=AaAOQGGjwSa7RbVExgHD6BjiHh4FejG7RsXAPQT9lY2em2Wq7NYZZTHNa8-j758LwlBQQkVeWppDP...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AaAOQGGjwSa7RbVExgHD6BjiHh4FejG7RsXAPQT9lY2em2Wq7NYZZTHNa8-j758LwlBQQkVeWppDPyVAqpb7p7gkK-mu7dGaDMSKkA&google_hm=RldVT2gyeXhKQn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AaAOQGGjwSa7RbVExgHD6BjiHh4FejG7RsXAPQT9lY2em2Wq7NYZZTHNa8-j758LwlBQQkVeWppDPyVAqpb7p7gkK-mu7dGaDMSKkA&google_hm=RldVT2gyeXhKQnFReTY0V0hjR2g=
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:13 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AaAOQGGjwSa7RbVExgHD6BjiHh4FejG7RsXAPQT9lY2em2Wq7NYZZTHNa8-j758LwlBQQkVeWppDPyVAqpb7p7gkK-mu7dGaDMSKkA&google_hm=RldVT2gyeXhKQnFReTY0V0hjR2g=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
242
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F20C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJ1QLAfruQw9JPYPWKn9fx0&google_cver=1&google_push=AaAOQGHVk0eF0j-hW...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzEzMjQ1Mjc0OTAwNjUwMzc0MA%3D%3D&google_gid=CAESEJ1QLAfruQw9JPYPWKn9fx0&google_cver=1&google_push=AaAOQGHVk0eF0j-hWUxktTt1Cg0hVjlvmd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzEzMjQ1Mjc0OTAwNjUwMzc0MA%3D%3D&google_gid=CAESEJ1QLAfruQw9JPYPWKn9fx0&google_cver=1&google_push=AaAOQGHVk0eF0j-hWUxktTt1Cg0hVjlvmdFHXFfR2-_d5zk_Y4v8_qzXTUccEhUGeDJLsffxS_O9qP2EyvE0uPFgkoQA2uMt_1VY
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 30 Jun 2023 15:14:13 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2a7a468a-d8e0-456d-9201-ea9cf296ffa1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzEzMjQ1Mjc0OTAwNjUwMzc0MA%3D%3D&google_gid=CAESEJ1QLAfruQw9JPYPWKn9fx0&google_cver=1&google_push=AaAOQGHVk0eF0j-hWUxktTt1Cg0hVjlvmdFHXFfR2-_d5zk_Y4v8_qzXTUccEhUGeDJLsffxS_O9qP2EyvE0uPFgkoQA2uMt_1VY
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame F20C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LIL-joBbAMjLcAyxZR997fWuW_PwMgMH4FgCTHcZPVwXCURw49FxLSR724sQbilR0y8lyD5Ew
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:13 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame DACD
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESELlUElM9H-blsYlr5Rlnyik&google_cver=1&google_push=AaAOQGEfzuD_SXxMhHClaHOk3mplVPnmibawSZapmXv8fND-YlOamVwjvjeyg7Uxey9Fvel4uNxxKp9L3dIAkCM4JOnCQzMbF8E
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUYzRjZDNEM0MDk1QURBMA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUYzRjZDNEM0MDk1QURBMA==
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUYzRjZDNEM0MDk1QURBMA==
date
Fri, 30 Jun 2023 15:14:13 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame DACD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPEMCAcLTkygVqx_MF2tpV4&google_cver=1&google_push=AaAOQGGXqbcxr9aP0H7sbtD92-VyCs-Wjon_ymmmU5OVjR0zxQ20g7DKiBPfnYNy-lC9hNkigcqS5LJnvdOqiSJjCyrz...
  • https://t.pswec.com/bsw_sync?ssp=google&bsw_user_id=dbd0bf58-358f-461b-a20a-84d8457d6734
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=google&bsw_user_id=dbd0bf58-358f-461b-a20a-84d8457d6734
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=e2c9856e-2b0c-41eb-88fc-6a7224c7a5d8&expires=3&user_group=1&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGXqbcxr9aP0H7sbtD92-VyCs-Wjon_ymmmU5OVjR0zxQ20g7DKiBPfnYNy-lC9hNkigcqS5LJnvdOqiSJjCyrz3UpPC_t1&google_hm=29C_WDWPRhuiCoTYRX1nNA==
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGXqbcxr9aP0H7sbtD92-VyCs-Wjon_ymmmU5OVjR0zxQ20g7DKiBPfnYNy-lC9hNkigcqS5LJnvdOqiSJjCyrz3UpPC_t1&google_hm=29C_WDWPRhuiCoTYRX1nNA==
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H3
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGXqbcxr9aP0H7sbtD92-VyCs-Wjon_ymmmU5OVjR0zxQ20g7DKiBPfnYNy-lC9hNkigcqS5LJnvdOqiSJjCyrz3UpPC_t1&google_hm=29C_WDWPRhuiCoTYRX1nNA==
Date
Fri, 30 Jun 2023 15:14:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame DACD
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAdAm0dfv8F7qy3Nr_Vr7wg&google_cver=1&google_push=AaAOQGEJ8SOsMluKB28I6gjpByZLg82NkDQRziAi_raNKXgYHXvbeBu0dlVjDZN0ynMDbJ9Dh4QgzmmIb4gkyD8HNkICKoCoY9c
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUzMjQzNTIzNjI4OTI0ODk0NDMzNA%3D%3D&google_push=AaAOQGEJ8SOsMluKB28I6gjpByZLg82NkDQRziAi_raNKXgYHXvbeBu0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUzMjQzNTIzNjI4OTI0ODk0NDMzNA%3D%3D&google_push=AaAOQGEJ8SOsMluKB28I6gjpByZLg82NkDQRziAi_raNKXgYHXvbeBu0dlVjDZN0ynMDbJ9Dh4QgzmmIb4gkyD8HNkICKoCoY9c
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUzMjQzNTIzNjI4OTI0ODk0NDMzNA%3D%3D&google_push=AaAOQGEJ8SOsMluKB28I6gjpByZLg82NkDQRziAi_raNKXgYHXvbeBu0dlVjDZN0ynMDbJ9Dh4QgzmmIb4gkyD8HNkICKoCoY9c
date
Fri, 30 Jun 2023 15:14:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame DACD
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEL0mPs_0p5Pc7Mz44NDSIqs&google_cver=1&google_push=AaAOQGH2NnrsspnYvYjFB3j87YTjkwIsh8xZyKT6PUIwto-ZYBzpQjBNgKtoCOxBWAh0djOCU5mdU0ThnQ_DRNcyWBnfvoT83dk
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMxMTM5NjUzNjYzNDY2MjAwMFYxMA%3d%3d&mn_hm=MzMxMTM5NjUzNjYzNDY2MjAwMFYxMA%3d%3d&google_sc=1&google_push=AaAOQGH2NnrsspnYvYjFB3j87YTjkwI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMxMTM5NjUzNjYzNDY2MjAwMFYxMA%3d%3d&mn_hm=MzMxMTM5NjUzNjYzNDY2MjAwMFYxMA%3d%3d&google_sc=1&google_push=AaAOQGH2NnrsspnYvYjFB3j87YTjkwIsh8xZyKT6PUIwto-ZYBzpQjBNgKtoCOxBWAh0djOCU5mdU0ThnQ_DRNcyWBnfvoT83dk&gdpr=&gdpr_consent=
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:13 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMxMTM5NjUzNjYzNDY2MjAwMFYxMA%3d%3d&mn_hm=MzMxMTM5NjUzNjYzNDY2MjAwMFYxMA%3d%3d&google_sc=1&google_push=AaAOQGH2NnrsspnYvYjFB3j87YTjkwIsh8xZyKT6PUIwto-ZYBzpQjBNgKtoCOxBWAh0djOCU5mdU0ThnQ_DRNcyWBnfvoT83dk&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Fri, 30 Jun 2023 15:14:13 GMT
pixel
cm.g.doubleclick.net/ Frame DACD
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEAAl8yyydDhE3I9ZykoZwIY&google_cver=1&google_push=AaAOQGGeihPlQ4p9bpfKiy4lV4xLlA5-Q8PuEsFstxUiDeXTWuhvLzmP8M3MmQPqRl1dhyBOk27u2f...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AaAOQGGeihPlQ4p9bpfKiy4lV4xLlA5-Q8PuEsFstxUiDeXTWuhvLzmP8M3MmQPqRl1dhyBOk27u2fpQzpFrUuNyrnlNUXRgPIM&google_hm=MTk3MjQzNjY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AaAOQGGeihPlQ4p9bpfKiy4lV4xLlA5-Q8PuEsFstxUiDeXTWuhvLzmP8M3MmQPqRl1dhyBOk27u2fpQzpFrUuNyrnlNUXRgPIM&google_hm=MTk3MjQzNjYyOTkxNDk4MDk5Nw%3D%3D
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AaAOQGGeihPlQ4p9bpfKiy4lV4xLlA5-Q8PuEsFstxUiDeXTWuhvLzmP8M3MmQPqRl1dhyBOk27u2fpQzpFrUuNyrnlNUXRgPIM&google_hm=MTk3MjQzNjYyOTkxNDk4MDk5Nw%3D%3D
date
Fri, 30 Jun 2023 15:14:13 GMT
content-length
0
/
onetag-sys.com/match/ Frame DACD
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEP7ceb2SeGayb7VZgrLEhmY&google_cver=1&google_push=AaAOQGFqXNhs-nkTMBvP-69z_r3lyeGichRQsRP1Ch8SzxbUZQR9w8Wk5zPfGLMeg3FN6pb_S3SekfvQQdg...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiQzed9f8nG2Z9NCbwXiHu1CfJ40g5VNe8w&google_push=AaAOQGFqXNhs-nkTMBvP-69z_r3lyeGichRQsRP1Ch8SzxbUZQR9w8Wk5zPfGLMeg3FN6pb_S3SekfvQQd...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.222.239.230 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DACD
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJ1QLAfruQw9JPYPWKn9fx0&google_cver=1&google_push=AaAOQGE7Mqb7zcHI2...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzEzMjQ1Mjc0OTAwNjUwMzc0MA%3D%3D&google_gid=CAESEJ1QLAfruQw9JPYPWKn9fx0&google_cver=1&google_push=AaAOQGE7Mqb7zcHI21MegtQ3Ee6XnakY8C...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzEzMjQ1Mjc0OTAwNjUwMzc0MA%3D%3D&google_gid=CAESEJ1QLAfruQw9JPYPWKn9fx0&google_cver=1&google_push=AaAOQGE7Mqb7zcHI21MegtQ3Ee6XnakY8CMWTcqkBSzjMp2XTg_r16RviC2dR7N91Bt3Gpyvyerv6wDb0skyGm-YEODV_VvPNqGKGQ
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 30 Jun 2023 15:14:13 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2d9b335a-0785-4301-984a-30568e31b422
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzEzMjQ1Mjc0OTAwNjUwMzc0MA%3D%3D&google_gid=CAESEJ1QLAfruQw9JPYPWKn9fx0&google_cver=1&google_push=AaAOQGE7Mqb7zcHI21MegtQ3Ee6XnakY8CMWTcqkBSzjMp2XTg_r16RviC2dR7N91Bt3Gpyvyerv6wDb0skyGm-YEODV_VvPNqGKGQ
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame DACD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LOLg0KnCkqXpDFRnR2-_hGvJuTl2gun6vIdTcISptYVXdgsvCdVALUkR79EcUxcCRl42of3Vs
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:13 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/17403406530319944925/35978-1_PG_BRD_HADA_300x250_PR_LM_4_04-2023/ Frame 22C0 		75 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17403406530319944925/35978-1_PG_BRD_HADA_300x250_PR_LM_4_04-2023/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
148383
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20216
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 22:01:10 GMT
expires
Thu, 27 Jun 2024 22:01:10 GMT
last-modified
Wed, 05 Apr 2023 14:09:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 2291 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuU1VhWCdiyJIYzHBtyvOBY7NY8P0POCNW9HXMJXMj4lbIY6fLBETXmzPprP_Ul6ZTkl7b3D8ZrwvDbpf7c6FsEYAIAX9i9Z5l-OUbcAugrnZSEWtGHFMsqoYBPEikNd89WxvllPBBrbbFi-J0TSCxQlaQNsS8mI6BzvcjGB5ldbHjqAxKyYskkc2RQ1VwEN1Svl51r0iP9_AWdkRJ8g2jpkPNS3yQ9L3MN9ZtmhbqaPx24RD5y_Mj2MYPjwj4l-Tg9o_7gZzNC6JmSM5ikt1tNycxGvZlcc0RtBLF1oTnPbtgvjnGeCcqNZGS6YL-oIunMXStxREPPrCHuWeqOcobA0jx_0uE5NSn06PfB_6rGZEdwL6xgsgf3PX_NIYTEPkCShsVAHS-_lLjqyWmqzYG9LLneWOH31vOSG0Qz8I6ko7o2sYa81a--a3eW6e3QqkW48KCc8IZinE1NWpl3moqZ3KTfgAiEuASsKfWux1TWMg8ej1yLZsd1vocJM4-8-yi_IjrHhEiQT5zIGgmU6yAOoskbUTGlc0ZmDV7u6eaSq2LNW3fd8nN-bs1k1At7Dt0DQLLoiWkVa99AZEKu15sSFd5ocu9LAZ9sjNvPh7nZx6-ILqpOS-swASVgqmVM05UQ0lkySmkPlG-uhIm7leCJq3ib5YHzSYAjSa6d_ge_uBcZb-6LUVRAeukUFQ_wyshVzwgeNPXZXHW3dKzF2kniFIXnVKeJKDL8QFHGba78WrV3U0UdHmerIPvsqNfW34-3uw2aEn6F-QylykJ56c3FC8OmIxExw3FafWPc4Fsm0-2WDk0K4PVV0q-98scLVq9vOma-Gx5j5Ros2VfbLA92hqJKuUjUhkUj-Fki82yA2JlGYIminDJR4nL94GtP1-MJCaIl08s5-zIuscUeNwfE9d6uA1_pkCJpRq-Osi-uN4luMGmMbEJl5J9qJmxEZlB-NxdNDeBiCvGv3pQvRZf-r3Ao2WcmqrE99lPE-zf2AHNNxViLYRBnevsQhuFVP1z6oo2X28Oy5TVVSQq5pLafIXYttNM9UouY78OqGX1EwVp5QZcOAD0qjd84GQ7bLxViGDpGrSkeotSbZHh_SzukGvVeacO3M2yDOt_JmGEvubAs-99k_oOu_BjbZwNdDaxD2FITiwys3pVgvJ5n6RhiAEBApEWwuNQNC5scM4S8LGbL7t9viz96f0pA2N3FtJGaPi91GkXbTNRfFMA43aDtKkl3abET5HtSWkR7qUXQ3M3UeCpPH43jm6OyXn3Yz0YF8anq7y6j5PvNeLsb9PnMwmMC&sai=AMfl-YRieudD6yD4eyGhOEt8oiFd2YzOOuv1FjYB-aDOTDjgNRXbmDROFP_qeHTYJ-QkvJKQPr0NAjbCQFxCU5Xfytjcb1-Y4UxEQiiMR-Qr67WkbU47Ww7u1yQzDWJg7ZXC8B-Yzg4uVp4rM1MaHBhgkxy_LEmOX2QpLjVDCsiBar9bL0v0dS422FwiWGkwZ2iqRmZpuld6Evk6LDpS0UjI6LTeRDv2gibr3Cv0bw4r55b59DjyLShq5t0XwmAjoCipckZ7&sig=Cg0ArKJSzLohWANo5om6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=509&cbvp=1&cstd=493&cisv=r20230627.54957&arae=0&ftch=1&adurl=
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 30 Jun 2023 15:14:13 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 30 Jun 2023 15:14:13 GMT
index.html
s0.2mdn.net/sadbundle/828958424189773656/35978-6%20PG%20_BRD%20_PG%20Rebrand%20_%20IT_%20300x250_LM_2__04-2023%20/ Frame B045 		74 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/828958424189773656/35978-6%20PG%20_BRD%20_PG%20Rebrand%20_%20IT_%20300x250_LM_2__04-2023%20/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
285976
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20104
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Jun 2023 07:47:57 GMT
expires
Wed, 26 Jun 2024 07:47:57 GMT
last-modified
Thu, 20 Apr 2023 15:40:08 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 95E5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssjL-LOO4w5aSQEpHnD9L48GNv-fkC7Zj7H1HH3MgyQyrg3ZKJlOsvkzh2S1-rf4V7nYtpProq4UcwgHnX6Gi2by-fcMYc6dvh5ce1P1j7m4sel5Qwc0AwuZB3t0PsKCIEnAVSB5D76y2ToTaRxrMFxiSP0rY53TWAaC6X_ECTyh8KBT4HYBDH02Yw8G3ZeavzDeojs5jR0tW2vrglS2RyvsNAXNCpWl4Kng_x12Z3wSJ-rIYcXt67narEKrcQLcTrljzfC7VAB-F6AvBFfRU0A7TVnp-tNr47e0qc5OLkgsSBiDqBdpZ5bFitKh0Zy75v-nj5HctKwtcNnJGjBkDzC5PH1DbZKcB59eJJnu7L9rx5NSjQPYKD-UhbIpgmR2zC4ehlmvpxJYnSy1Xh4zG2qNFDuIwyQNzYix2UxZiJchrSrHii1XlhngM6y_72UVOXe4xnk-sqSLv2816hqdNNuogVCzdv0jhlV4lBUgV6gKukRIZjvvbVUEH1TERB95qO1wSCuq05So6SxVKxUBw38jSwzYQubQuoVXLAA-EflAJYe0x3BxsHnYuxHK6gZn5iMk2uHNZSsIdi1hhJW1OIgzAbFR3eCRbIpqrweDgzUr12jZF-7KimlGG1uQSS-aZW80uI0IWyIVDONOeCuGI-upCI_4nh-6YmmCmTKdzK_2La_AWxxzM4_KaODXyrewDja_-_qV11cNf9mgGzqCHtEwcbQUr26G22dLyEDSflsa7wWVMJPGcjeBzkCDg9qdDfcRA2GOZoi6rAv_lNbbx2XlHvrQNNENmxoPMpQF2u6TJ0hul1jnF4leNJwwxXJ-ADimn3yRKfw_uNGSXA9R1iZoHgU_Tv4v1oEmyK2j_ifT7OnEI6U1C-tTkYHxUSGwKgkTU1Qtob5d9Da2N-vmFIwWVDlKA0TiqqUt8po9Aayyyov2FOauu2epHCCrHhE4vpeFQoYjEiGgrOXeVnw8URpCR5JcBljeznlH8QLRKYd1U5Oqhp9Au4u3s3YTIp-8fmYMCijqRNlGeSj12p3BVo86hnkJQd0xB4Ewj7TZJ7DWo6FrezHPzScjnM7IvabjxA03wXZKB5_iMaw_K824BLql9ql3VphQuEvSnyEqCNP086eoWCIZd6HydVeEHn95RW1RRqs8auvCKM1iphncq-scEJcl9aAoayY82jkzoWDKJiLjDbvXi7rnG2A8ZKM8b4wUdsdsKNIiwrKeCTHj4zWMtJ673V2A3U4Zt8iT3OwYyZgGA52nQpVnosLl437HRH3BLsvHEoLWKl3DxS1lv4&sai=AMfl-YReH2AjxWMfG1qJKacEvYMaUXdQE_XQ6TA0dfMvKx4jPzSYBTkva-J8f83RCLEmHxWQ8et6IPw6_aG2bm5HDqXlpUWmJYBfz-HKcLXkoUXq41GTICt2BTuLb_48EgZRVv56UAzqilRT2rd7cLDHbU4Hls-0VM1i9LZ3lwQc2r-LiWmWI7kv20WHks2RR79nfe6Cl7zzHXnEFqbkkJyjOrFrwtrvK4NSUzzy4p9jrQ_jJP-NQKxqwPmJn9fP7q9mp9VT&sig=Cg0ArKJSzG5dfuuKC1ycEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=501&cbvp=1&cstd=472&cisv=r20230627.71665&arae=0&ftch=1&adurl=
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 30 Jun 2023 15:14:13 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 30 Jun 2023 15:14:13 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3A1D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
21985
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 09:07:48 GMT
expires
Sat, 29 Jun 2024 09:07:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E735 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
21985
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 09:07:48 GMT
expires
Sat, 29 Jun 2024 09:07:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
im-uid.js
dmp.im-apps.net/sdk/ Frame EB38 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:38::17c6:d654 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
Content-Encoding
gzip
Date
Fri, 30 Jun 2023 15:14:13 GMT
Last-Modified
Fri, 21 Apr 2023 06:05:08 GMT
ETag
"14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
CP="NOI PSD OTR"
Cache-Control
max-age=10800
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2434
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fchatdemaison.jugem.jp%2F&domain=chatdemaison.jugem.jp&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://chatdemaison.jugem.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
http://chatdemaison.jugem.jp
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 30 Jun 2023 15:14:13 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
179167
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fchatdemaison.jugem.jp%2F&domain=chatdemaison.jugem.jp&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=mSwNOHx3TjZhRFZnekg2WFo3OEMyZ1R0NGJKVWQwRTcwZ2pvYThKWlUwZlJwaGg2cU1Ic3JhVUhPOFEvVWluTHBMdzI5OG1MWlFEclFQYjRVaUMvT2NDVEt6VHJHd1AzSklsUjJGT01GR1RGcDFnT2hDaWtLZmd5cWR4TS...
354 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=mSwNOHx3TjZhRFZnekg2WFo3OEMyZ1R0NGJKVWQwRTcwZ2pvYThKWlUwZlJwaGg2cU1Ic3JhVUhPOFEvVWluTHBMdzI5OG1MWlFEclFQYjRVaUMvT2NDVEt6VHJHd1AzSklsUjJGT01GR1RGcDFnT2hDaWtLZmd5cWR4TStONzBRNXViUjYyelNZQlFSR29wRW1laCtRTjQ1WS9IRy85YVFiTmJqOFJyNEcxUWtWS0ZyaFRwVkpyemVkMWZHcGlNTlEvNno5eEh2YlExTFdBcERncTl0Qit4MG5BTVF4ejNnZkVIelpuK3N5elZvQmZSMFJpRTdGYWZyM3lta1NkWUt5NGRBfA&cppv=2
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H2
Server
74.119.119.139 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:13 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
549993
expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:13 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
http://chatdemaison.jugem.jp
location
https://mug.criteo.com/sid?cpp=mSwNOHx3TjZhRFZnekg2WFo3OEMyZ1R0NGJKVWQwRTcwZ2pvYThKWlUwZlJwaGg2cU1Ic3JhVUhPOFEvVWluTHBMdzI5OG1MWlFEclFQYjRVaUMvT2NDVEt6VHJHd1AzSklsUjJGT01GR1RGcDFnT2hDaWtLZmd5cWR4TStONzBRNXViUjYyelNZQlFSR29wRW1laCtRTjQ1WS9IRy85YVFiTmJqOFJyNEcxUWtWS0ZyaFRwVkpyemVkMWZHcGlNTlEvNno5eEh2YlExTFdBcERncTl0Qit4MG5BTVF4ejNnZkVIelpuK3N5elZvQmZSMFJpRTdGYWZyM3lta1NkWUt5NGRBfA&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
531014
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://chatdemaison.jugem.jp
date
Fri, 30 Jun 2023 15:14:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
pid
sync6.im-apps.net/1008852/ 		70 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync6.im-apps.net/1008852/pid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d::1721:eea8 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
http://chatdemaison.jugem.jp
Date
Fri, 30 Jun 2023 15:14:13 GMT
Cache-Control
private, max-age=1800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
70
Content-Type
application/json
usync.html
eus.rubiconproject.com/ Frame 12A3 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 30 Jun 2023 15:14:13 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 95C7 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1114
content-type
text/html; charset=utf-8
date
Fri, 30 Jun 2023 15:14:13 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
actualizar
penta.a.one.impact-ad.jp/psm/1.0/ Frame 5616
Redirect Chain
  • https://y.one.impact-ad.jp/push_sync
  • https://x.bidswitch.net/sync?ssp=yieldone&bsw=85ec7d62-0f7d-4ad9-ab9c-dda930d08817
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=yieldone&bsw_custom_parameter=dbd0bf58-358f-461b-a20a-84d8457d6734
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=dbd0bf58-358f-461b-a20a-84d8457d6734&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D7ff2cb5c-a4b8-416a-ba9c-bccf9df3df25%252Chttps%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3132452749006503740&pt=7ff2cb5c-a4b8-416a-ba9c-bccf9df3df25%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=yieldone&bsw_param=dbd0bf58-358f-461b-a20a-84d8457d6734
  • https://y.one.impact-ad.jp/cs?d=105&uid=dbd0bf58-358f-461b-a20a-84d8457d6734&tg=1&et=30&r=no&bsw_dsp_id=&bsw_dsp_uuid=
  • https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
42 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.96 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
content-length
42
content-type
image/gif
date
Fri, 30 Jun 2023 15:14:15 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains;
via
1.1 google

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 30 Jun 2023 15:14:15 GMT
Location
https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Server
nginx
ixmatch.html
js-sec.indexww.com/um/ Frame 5945 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
843
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7df75b948a5a54a9-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Jun 2023 15:14:13 GMT
expires
Fri, 30 Jun 2023 19:14:13 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CCDE 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.173.8 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-173-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=96009
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 30 Jun 2023 15:14:13 GMT
expires
Sat, 01 Jul 2023 17:54:22 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame B9FF 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.241.5 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 30 Jun 2023 15:14:13 GMT
ETag
"623de86a-cf34"
Expires
Sat, 01 Jul 2023 15:14:15 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
31
cr-p31.ladsp.com/cookiesender/
Redirect Chain
  • https://cr-p31.ladsp.com/cookiesender/31
  • https://cr-p31.ladsp.com/cookiesender/31?cr=true
43 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr-p31.ladsp.com/cookiesender/31?cr=true
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H2
Server
13.225.63.2 -, , ASN (),
Reverse DNS
Software
Logicad /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:14 GMT
via
1.1 c9fc8eca0b2b3a083a77fd1cf662c1a8.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
EWR53-C1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
cache-control
no-cache
content-length
43
x-amz-cf-id
HdqCywMBLDtx54n_eKINb7Y_MRVFq5lW-PEGMWHD1WuUIYwOC3xDqw==
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:13 GMT
via
1.1 c9fc8eca0b2b3a083a77fd1cf662c1a8.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
EWR53-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://cr-p31.ladsp.com/cookiesender/31?cr=true
content-type
text/html;charset=utf-8
cache-control
no-cache
content-length
0
x-amz-cf-id
ZCvbQlPe9bycYp4jbV-B1vg2LY1RJHVrt2X9hJU6cTN2Ix97JQ4Hkg==
expires
-1
9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
pagead2.googlesyndication.com/bg/ Frame 3A1D 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 17:55:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
249551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jun 2024 17:55:02 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 22C0 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17403406530319944925/35978-1_PG_BRD_HADA_300x250_PR_LM_4_04-2023/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17403406530319944925/35978-1_PG_BRD_HADA_300x250_PR_LM_4_04-2023/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 17:55:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76707
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 30 Jun 2023 17:55:46 GMT
get
audiencedata.im-apps.net/imuid/ Frame EB38 		10 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audiencedata.im-apps.net/imuid/get?cid=3929&vid=01H46DWY21HV2T7CWV85MKNNRD
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e207:: -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
date
Fri, 30 Jun 2023 15:14:14 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10
content-type
application/json
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame B045 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/828958424189773656/35978-6%20PG%20_BRD%20_PG%20Rebrand%20_%20IT_%20300x250_LM_2__04-2023%20/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/828958424189773656/35978-6%20PG%20_BRD%20_PG%20Rebrand%20_%20IT_%20300x250_LM_2__04-2023%20/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 17:55:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76707
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 30 Jun 2023 17:55:46 GMT
xuid
eb2.3lift.com/ Frame 95C7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=f1d34261-a1bf-4d8c-944a-92124c8c5995&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=f1d34261-a1bf-4d8c-944a-92124c8c5995&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 30 Jun 2023 15:14:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:13 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=f1d34261-a1bf-4d8c-944a-92124c8c5995&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame 95C7
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUzMjQzNTIzNjI4OTI0ODk0NDMzNA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 95C7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBBEvxlq0VZetFY9b83OU5M&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBBEvxlq0VZetFY9b83OU5M&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 30 Jun 2023 15:14:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBBEvxlq0VZetFY9b83OU5M&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 95C7
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUzMjQzNTIzNjI4OTI0ODk0NDMzNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUzMjQzNTIzNjI4OTI0ODk0NDMzNA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUzMjQzNTIzNjI4OTI0ODk0NDMzNA%3D%3D
date
Fri, 30 Jun 2023 15:14:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 95C7 		0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4532435236289248944334&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:13 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 460C8F1769204B558E1E4FDA0BD45946 Ref B: NYCEDGE1416 Ref C: 2023-06-30T15:14:13Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX/WkUISgmhiZPr4Vmrlw==
xuid
eb2.3lift.com/ Frame 95C7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4532435236289248944334&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=dbd0bf58-358f-461b-a20a-84d8457d6734&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10609777035710782546&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2409&xuid=dbd0bf58-358f-461b-a20a-84d8457d6734&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=dbd0bf58-358f-461b-a20a-84d8457d6734&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 30 Jun 2023 15:14:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=dbd0bf58-358f-461b-a20a-84d8457d6734&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Fri, 30 Jun 2023 15:14:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 95C7 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=4532435236289248944334&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:13 GMT
last-modified
Tue, 06 Jun 2023 17:31:18 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7533486D67844B63A6761DF209ED109C Ref B: NYCEDGE1412 Ref C: 2023-06-30T15:14:14Z
etag
"7cd81bb49c98d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 95C7
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4532435236289248944334?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-8.jwEEdE2oSOM6eFo4bXhln70C03bw1.sQJcEgFXhg--~A&dongle=0883
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-8.jwEEdE2oSOM6eFo4bXhln70C03bw1.sQJcEgFXhg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 30 Jun 2023 15:14:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 30 Jun 2023 15:14:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-8.jwEEdE2oSOM6eFo4bXhln70C03bw1.sQJcEgFXhg--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 95C7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=FWUOh2yxJBqQy64WHcGh&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5IZLVKT3IGJ4XQ...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=FWUOh2yxJBqQy64WHcGh
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=FWUOh2yxJBqQy64WHcGh
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 30 Jun 2023 15:14:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:14 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=FWUOh2yxJBqQy64WHcGh
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 95C7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3132452749006503740&dongle=4d58&gdpr=0&gdpr_consent=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=3132452749006503740&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 30 Jun 2023 15:14:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Fri, 30 Jun 2023 15:14:13 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ee99be1a-1167-428d-a62a-8e5c9ca479a7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=3132452749006503740&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 12A3 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 15:14:13 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Jun 2023 06:29:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54914
Connection
keep-alive
Content-Length
10113
Expires
Sat, 01 Jul 2023 06:29:27 GMT
9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
pagead2.googlesyndication.com/bg/ Frame E735 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 17:55:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
249551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jun 2024 17:55:02 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame CCDE 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=76716772&p=158977&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 30 Jun 2023 15:14:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
view
googleads4.g.doubleclick.net/pcs/ Frame 2291 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuU1VhWCdiyJIYzHBtyvOBY7NY8P0POCNW9HXMJXMj4lbIY6fLBETXmzPprP_Ul6ZTkl7b3D8ZrwvDbpf7c6FsEYAIAX9i9Z5l-OUbcAugrnZSEWtGHFMsqoYBPEikNd89WxvllPBBrbbFi-J0TSCxQlaQNsS8mI6BzvcjGB5ldbHjqAxKyYskkc2RQ1VwEN1Svl51r0iP9_AWdkRJ8g2jpkPNS3yQ9L3MN9ZtmhbqaPx24RD5y_Mj2MYPjwj4l-Tg9o_7gZzNC6JmSM5ikt1tNycxGvZlcc0RtBLF1oTnPbtgvjnGeCcqNZGS6YL-oIunMXStxREPPrCHuWeqOcobA0jx_0uE5NSn06PfB_6rGZEdwL6xgsgf3PX_NIYTEPkCShsVAHS-_lLjqyWmqzYG9LLneWOH31vOSG0Qz8I6ko7o2sYa81a--a3eW6e3QqkW48KCc8IZinE1NWpl3moqZ3KTfgAiEuASsKfWux1TWMg8ej1yLZsd1vocJM4-8-yi_IjrHhEiQT5zIGgmU6yAOoskbUTGlc0ZmDV7u6eaSq2LNW3fd8nN-bs1k1At7Dt0DQLLoiWkVa99AZEKu15sSFd5ocu9LAZ9sjNvPh7nZx6-ILqpOS-swASVgqmVM05UQ0lkySmkPlG-uhIm7leCJq3ib5YHzSYAjSa6d_ge_uBcZb-6LUVRAeukUFQ_wyshVzwgeNPXZXHW3dKzF2kniFIXnVKeJKDL8QFHGba78WrV3U0UdHmerIPvsqNfW34-3uw2aEn6F-QylykJ56c3FC8OmIxExw3FafWPc4Fsm0-2WDk0K4PVV0q-98scLVq9vOma-Gx5j5Ros2VfbLA92hqJKuUjUhkUj-Fki82yA2JlGYIminDJR4nL94GtP1-MJCaIl08s5-zIuscUeNwfE9d6uA1_pkCJpRq-Osi-uN4luMGmMbEJl5J9qJmxEZlB-NxdNDeBiCvGv3pQvRZf-r3Ao2WcmqrE99lPE-zf2AHNNxViLYRBnevsQhuFVP1z6oo2X28Oy5TVVSQq5pLafIXYttNM9UouY78OqGX1EwVp5QZcOAD0qjd84GQ7bLxViGDpGrSkeotSbZHh_SzukGvVeacO3M2yDOt_JmGEvubAs-99k_oOu_BjbZwNdDaxD2FITiwys3pVgvJ5n6RhiAEBApEWwuNQNC5scM4S8LGbL7t9viz96f0pA2N3FtJGaPi91GkXbTNRfFMA43aDtKkl3abET5HtSWkR7qUXQ3M3UeCpPH43jm6OyXn3Yz0YF8anq7y6j5PvNeLsb9PnMwmMC&sai=AMfl-YRieudD6yD4eyGhOEt8oiFd2YzOOuv1FjYB-aDOTDjgNRXbmDROFP_qeHTYJ-QkvJKQPr0NAjbCQFxCU5Xfytjcb1-Y4UxEQiiMR-Qr67WkbU47Ww7u1yQzDWJg7ZXC8B-Yzg4uVp4rM1MaHBhgkxy_LEmOX2QpLjVDCsiBar9bL0v0dS422FwiWGkwZ2iqRmZpuld6Evk6LDpS0UjI6LTeRDv2gibr3Cv0bw4r55b59DjyLShq5t0XwmAjoCipckZ7&sig=Cg0ArKJSzLohWANo5om6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=968&vt=11&dtpt=459&dett=3&cstd=493&cisv=r20230627.54957&arae=0&ftch=1&adurl=
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 30 Jun 2023 15:14:13 GMT
inview.20190130.min.js
js.mediams.mb.softbank.jp/j/ Frame EB38 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.mediams.mb.softbank.jp/j/inview.20190130.min.js
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.129 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:14 GMT
content-encoding
gzip
last-modified
Thu, 14 Feb 2019 06:15:01 GMT
server
nginx
etag
W/"5c650765-13cd"
content-type
application/javascript
cache-control
max-age=31536000, private
cross-origin-resource-policy
cross-origin
expires
Sat, 29 Jun 2024 15:14:14 GMT
cs
cs.gssprt.jp/yie/ld/ Frame EB38
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=16
  • https://rt.gsspat.jp/lcs?lamp_sc=aladdin
  • https://cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=8aaf305a6270e969fa9405517091a44a
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=8aaf305a6270e969fa9405517091a44a
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
133.186.12.12 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:15 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=8aaf305a6270e969fa9405517091a44a
date
Fri, 30 Jun 2023 15:14:15 GMT
content-type
text/html; charset=ISO-8859-1
server
nginx
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sync
sync.fout.jp/ Frame EB38
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=freakout&format=gif&vid=16
  • https://sync.fout.jp/sync?xid=geniee
43 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.fout.jp/sync?xid=geniee
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
202.232.238.37 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:15 GMT
Strict-Transport-Security
max-age=15768000
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="ADM NOI OUR"
Content-Type
image/gif
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive

Redirect headers

location
https://sync.fout.jp/sync?xid=geniee
date
Fri, 30 Jun 2023 15:14:14 GMT
content-type
application/octet-stream
cross-origin-resource-policy
cross-origin
server
nginx
p3p
CUR ADM OUR NOR STA NID
cs
cs.gssprt.jp/yie/ld/ Frame EB38
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=motionbeat2&format=gif&vid=16
  • https://bypass.ad-stir.com/push_sync?xid=12345
  • https://cs.gssprt.jp/yie/ld/cs?dspid=motionbeat2&uid=49e6e190-868e-49e8-afd9-a3ca55e41138
43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.gssprt.jp/yie/ld/cs?dspid=motionbeat2&uid=49e6e190-868e-49e8-afd9-a3ca55e41138
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
133.186.12.12 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:15 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://cs.gssprt.jp/yie/ld/cs?dspid=motionbeat2&uid=49e6e190-868e-49e8-afd9-a3ca55e41138
date
Fri, 30 Jun 2023 15:14:15 GMT
content-length
1
content-type
text/html; charset=utf-8
cs
cs.gssprt.jp/yie/ld/ Frame EB38
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=16
  • https://g.c.appier.net/ge
  • https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=k9oo0n3-DfaP3WoQR_GeZA
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=k9oo0n3-DfaP3WoQR_GeZA
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
133.186.12.12 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:15 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 30 Jun 2023 15:14:15 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=k9oo0n3-DfaP3WoQR_GeZA
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
97
sync
x.bidswitch.net/ Frame EB38
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=bswit&format=gif&vid=16
  • https://x.bidswitch.net/sync?ssp=geniee
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=geniee
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 15:14:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?ssp=geniee
date
Fri, 30 Jun 2023 15:14:14 GMT
content-type
application/octet-stream
cross-origin-resource-policy
cross-origin
server
nginx
p3p
CUR ADM OUR NOR STA NID
acs
mediamsmbsoftbank.genieesspv.jp/yie/ld/ Frame EB38
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=rtbhouse&format=gif&vid=16
  • https://mediamsmbsoftbank.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybA6z4S6T72ja2yR0ekeWTHtZRkngG5B5z_8x9OBGWlYFRMomzINXNCR8jzoL-mFuuzg&format=gif
43 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediamsmbsoftbank.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybA6z4S6T72ja2yR0ekeWTHtZRkngG5B5z_8x9OBGWlYFRMomzINXNCR8jzoL-mFuuzg&format=gif
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
222.230.178.130 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 30 Jun 2023 15:14:14 GMT
cross-origin-resource-policy
cross-origin
server
nginx
content-length
43
p3p
CUR ADM OUR NOR STA NID

Redirect headers

location
https://mediamsmbsoftbank.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybA6z4S6T72ja2yR0ekeWTHtZRkngG5B5z_8x9OBGWlYFRMomzINXNCR8jzoL-mFuuzg&format=gif
date
Fri, 30 Jun 2023 15:14:14 GMT
content-type
application/octet-stream
cross-origin-resource-policy
cross-origin
server
nginx
p3p
CUR ADM OUR NOR STA NID
cs
cs.gssprt.jp/yie/ld/ Frame EB38
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=unicorn&format=gif&vid=16
  • https://ds.uncn.jp/geniee/0/sync_push
  • https://cs.gssprt.jp/yie/ld/cs?dspid=unicorn&uid=v_9631e276-ba06-44f0-9eeb-259e61fd4ec7
43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.gssprt.jp/yie/ld/cs?dspid=unicorn&uid=v_9631e276-ba06-44f0-9eeb-259e61fd4ec7
Requested by
Host: ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
URL: https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
133.186.12.12 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:15 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://cs.gssprt.jp/yie/ld/cs?dspid=unicorn&uid=v_9631e276-ba06-44f0-9eeb-259e61fd4ec7
Date
Fri, 30 Jun 2023 15:14:15 GMT
Server
Apache
Connection
keep-alive
Content-Length
114
Content-Type
text/html; charset=utf-8
view
googleads4.g.doubleclick.net/pcs/ Frame 95E5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssjL-LOO4w5aSQEpHnD9L48GNv-fkC7Zj7H1HH3MgyQyrg3ZKJlOsvkzh2S1-rf4V7nYtpProq4UcwgHnX6Gi2by-fcMYc6dvh5ce1P1j7m4sel5Qwc0AwuZB3t0PsKCIEnAVSB5D76y2ToTaRxrMFxiSP0rY53TWAaC6X_ECTyh8KBT4HYBDH02Yw8G3ZeavzDeojs5jR0tW2vrglS2RyvsNAXNCpWl4Kng_x12Z3wSJ-rIYcXt67narEKrcQLcTrljzfC7VAB-F6AvBFfRU0A7TVnp-tNr47e0qc5OLkgsSBiDqBdpZ5bFitKh0Zy75v-nj5HctKwtcNnJGjBkDzC5PH1DbZKcB59eJJnu7L9rx5NSjQPYKD-UhbIpgmR2zC4ehlmvpxJYnSy1Xh4zG2qNFDuIwyQNzYix2UxZiJchrSrHii1XlhngM6y_72UVOXe4xnk-sqSLv2816hqdNNuogVCzdv0jhlV4lBUgV6gKukRIZjvvbVUEH1TERB95qO1wSCuq05So6SxVKxUBw38jSwzYQubQuoVXLAA-EflAJYe0x3BxsHnYuxHK6gZn5iMk2uHNZSsIdi1hhJW1OIgzAbFR3eCRbIpqrweDgzUr12jZF-7KimlGG1uQSS-aZW80uI0IWyIVDONOeCuGI-upCI_4nh-6YmmCmTKdzK_2La_AWxxzM4_KaODXyrewDja_-_qV11cNf9mgGzqCHtEwcbQUr26G22dLyEDSflsa7wWVMJPGcjeBzkCDg9qdDfcRA2GOZoi6rAv_lNbbx2XlHvrQNNENmxoPMpQF2u6TJ0hul1jnF4leNJwwxXJ-ADimn3yRKfw_uNGSXA9R1iZoHgU_Tv4v1oEmyK2j_ifT7OnEI6U1C-tTkYHxUSGwKgkTU1Qtob5d9Da2N-vmFIwWVDlKA0TiqqUt8po9Aayyyov2FOauu2epHCCrHhE4vpeFQoYjEiGgrOXeVnw8URpCR5JcBljeznlH8QLRKYd1U5Oqhp9Au4u3s3YTIp-8fmYMCijqRNlGeSj12p3BVo86hnkJQd0xB4Ewj7TZJ7DWo6FrezHPzScjnM7IvabjxA03wXZKB5_iMaw_K824BLql9ql3VphQuEvSnyEqCNP086eoWCIZd6HydVeEHn95RW1RRqs8auvCKM1iphncq-scEJcl9aAoayY82jkzoWDKJiLjDbvXi7rnG2A8ZKM8b4wUdsdsKNIiwrKeCTHj4zWMtJ673V2A3U4Zt8iT3OwYyZgGA52nQpVnosLl437HRH3BLsvHEoLWKl3DxS1lv4&sai=AMfl-YReH2AjxWMfG1qJKacEvYMaUXdQE_XQ6TA0dfMvKx4jPzSYBTkva-J8f83RCLEmHxWQ8et6IPw6_aG2bm5HDqXlpUWmJYBfz-HKcLXkoUXq41GTICt2BTuLb_48EgZRVv56UAzqilRT2rd7cLDHbU4Hls-0VM1i9LZ3lwQc2r-LiWmWI7kv20WHks2RR79nfe6Cl7zzHXnEFqbkkJyjOrFrwtrvK4NSUzzy4p9jrQ_jJP-NQKxqwPmJn9fP7q9mp9VT&sig=Cg0ArKJSzG5dfuuKC1ycEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1069&vt=11&dtpt=568&dett=3&cstd=472&cisv=r20230627.71665&arae=0&ftch=1&adurl=
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 30 Jun 2023 15:14:14 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=mSwNOHx3TjZhRFZnekg2WFo3OEMyZ1R0NGJKVWQwRTcwZ2pvYThKWlUwZlJwaGg2cU1Ic3JhVUhPOFEvVWluTHBMdzI5OG1MWlFEclFQYjRVaUMvT2NDVEt6VHJHd1AzSklsUjJGT01GR1RGcDFnT2hDaWtLZmd5cWR4TStONzBRNXViUjYyelNZQlFSR29wRW1laCtRTjQ1WS9IRy85YVFiTmJqOFJyNEcxUWtWS0ZyaFRwVkpyemVkMWZHcGlNTlEvNno5eEh2YlExTFdBcERncTl0Qit4MG5BTVF4ejNnZkVIelpuK3N5elZvQmZSMFJpRTdGYWZyM3lta1NkWUt5NGRBfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 30 Jun 2023 15:14:13 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
224743
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
Pug
simage2.pubmatic.com/AdServer/ Frame E345
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1688138054512
  • https://ad.turn.com/r/cs?pid=45&rndcb=6795769835
  • https://sync.1rx.io/usersync/turn/7427183075023782322?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-f600d383-9265-4771-896b-d6a2bf0ec9e4-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-f600d383-9265-4771-896b-d6a2bf0ec9e4-005
42 B
335 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-f600d383-9265-4771-896b-d6a2bf0ec9e4-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 30 Jun 2023 15:14:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Fri, 30 Jun 2023 15:14:15 GMT
ETag
RXf600d38392654771896bd6a2bf0ec9e4005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-f600d383-9265-4771-896b-d6a2bf0ec9e4-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Transfer-Encoding
chunked
Pug
simage2.pubmatic.com/AdServer/ Frame ED96
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=36D35827-2FE1-431A-862D-A6ACD80453C3&gdpr=0&gdpr_consent=
42 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=36D35827-2FE1-431A-862D-A6ACD80453C3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 30 Jun 2023 15:14:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 30 Jun 2023 15:14:13 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=36D35827-2FE1-431A-862D-A6ACD80453C3&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cm
ipac.ctnsnet.com/int/ Frame BA4B 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 30 Jun 2023 15:14:14 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 37CA
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=bbhyJtaZBsKo7u1YRvGeZA
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=bbhyJtaZBsKo7u1YRvGeZA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 30 Jun 2023 15:14:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Fri, 30 Jun 2023 15:14:14 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=bbhyJtaZBsKo7u1YRvGeZA
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 7813
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=a1e60451-1eab-4c47-aff2-ceb8e95707b5
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=a1e60451-1eab-4c47-aff2-ceb8e95707b5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 30 Jun 2023 15:14:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 30 Jun 2023 15:14:14 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=a1e60451-1eab-4c47-aff2-ceb8e95707b5
strict-transport-security
max-age=15724800; includeSubDomains
pub
matching.truffle.bid/sync/ Frame DB01 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 -, , ASN (),
Reverse DNS
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 30 Jun 2023 15:14:14 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame A4DD 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 30 Jun 2023 15:14:15 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-e9c32f721f70@version_1.559
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame F389
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7414244541546166342&uid=Q741424454154616...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7414244541546166342
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7414244541546166342
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 30 Jun 2023 12:58:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=44584
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Fri, 30 Jun 2023 15:14:14 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7414244541546166342
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame B99C
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0A77C99E046A4F0186A413477C1A3C36&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0A77C99E046A4F0186A413477C1A3C36&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 30 Jun 2023 12:58:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Fri, 30 Jun 2023 15:14:14 GMT
expires
Thu, 29 Jun 2023 15:14:14 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0A77C99E046A4F0186A413477C1A3C36&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame CCDE 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=36D35827-2FE1-431A-862D-A6ACD80453C3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame CCDE 		43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=36D35827-2FE1-431A-862D-A6ACD80453C3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.118.28 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:14 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame CCDE 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=36D35827-2FE1-431A-862D-A6ACD80453C3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.221.178 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 30 Jun 2023 15:14:13 GMT
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame CCDE 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=36D35827-2FE1-431A-862D-A6ACD80453C3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.135.187 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 15:14:14 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
c6861160-1758-11ee-8bb5-028adc089c07
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-0713acf7f3e875386
Pug
simage2.pubmatic.com/AdServer/ Frame CCDE
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3132452749006503740
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3132452749006503740
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 30 Jun 2023 12:58:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 30 Jun 2023 15:14:14 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
23f9e779-d66b-4fd3-894d-6a82e81d0031
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3132452749006503740
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cta.png
s0.2mdn.net/sadbundle/17403406530319944925/35978-1_PG_BRD_HADA_300x250_PR_LM_4_04-2023/ Frame 22C0 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17403406530319944925/35978-1_PG_BRD_HADA_300x250_PR_LM_4_04-2023/cta.png
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17403406530319944925/35978-1_PG_BRD_HADA_300x250_PR_LM_4_04-2023/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 11:00:58 GMT
x-content-type-options
nosniff
age
533596
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10361
x-xss-protection
0
last-modified
Wed, 05 Apr 2023 14:09:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 23 Jun 2024 11:00:58 GMT
copy1.png
s0.2mdn.net/sadbundle/17403406530319944925/35978-1_PG_BRD_HADA_300x250_PR_LM_4_04-2023/ Frame 22C0 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17403406530319944925/35978-1_PG_BRD_HADA_300x250_PR_LM_4_04-2023/copy1.png
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17403406530319944925/35978-1_PG_BRD_HADA_300x250_PR_LM_4_04-2023/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 22:01:21 GMT
x-content-type-options
nosniff
age
148373
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25560
x-xss-protection
0
last-modified
Wed, 05 Apr 2023 14:09:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jun 2024 22:01:21 GMT
bg1.jpg
s0.2mdn.net/sadbundle/17403406530319944925/35978-1_PG_BRD_HADA_300x250_PR_LM_4_04-2023/ Frame 22C0 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17403406530319944925/35978-1_PG_BRD_HADA_300x250_PR_LM_4_04-2023/bg1.jpg
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17403406530319944925/35978-1_PG_BRD_HADA_300x250_PR_LM_4_04-2023/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 21:17:16 GMT
x-content-type-options
nosniff
age
496618
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77416
x-xss-protection
0
last-modified
Wed, 05 Apr 2023 14:09:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 23 Jun 2024 21:17:16 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2291 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKgS8-VNB7Hi4_wjSgaOCKkYOhxF756yxT9ZLqF-bGzAKzoLxvX0mBhvwAbpyRsvk3Uuald0NsAxKAGn553cEaOsiux2RznWHK2wkIlB2rMsBV1ZoiqmHgGlJtLKdVN7uDe_vb0i5yuw&sai=AMfl-YTq9hIVc-T-JDXjBpbHYMKfvZcYHIfNCx87FVHGHux-1n3tF5GH-M6nipu-VLI6SMUYF5vu6Pagk2SeBjjGAnBi-mMaUznBoXqsQaZkPqWGr_6dsImE1fO5sNw&sig=Cg0ArKJSzBsEaRfQDINlEAE&cid=CAQSOwBygQiDFqGs8NAaf0_KEeBV_THx_HNgEoxhOuDw-d2WJpOqvsb_g66MYkAgw4j96jxdTLaR5RnhCTZxGAE&id=lidar2&mcvt=1089&p=579,618,829,918&mtos=1089,1089,1089,1089,1089&tos=1089,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1604814286&rs=4&la=0&cr=0&vs=4&r=v&rst=1688138051868&rpt=1313&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame EB38 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
usermatch
ssum-sec.casalemedia.com/ Frame 506C 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fchatdemaison.jugem.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1503
Content-Type
text/html
Date
Fri, 30 Jun 2023 15:14:14 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
async_usersync
ib.adnxs.com/ Frame B9FF 		0
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:14 GMT
AN-X-Request-Uuid
d3d22f93-4116-422b-b6ae-f3900451eee5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://chatdemaison.jugem.jp
date
Fri, 30 Jun 2023 15:14:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
cta.png
s0.2mdn.net/sadbundle/828958424189773656/35978-6%20PG%20_BRD%20_PG%20Rebrand%20_%20IT_%20300x250_LM_2__04-2023%20/ Frame B045 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/828958424189773656/35978-6%20PG%20_BRD%20_PG%20Rebrand%20_%20IT_%20300x250_LM_2__04-2023%20/cta.png
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/828958424189773656/35978-6%20PG%20_BRD%20_PG%20Rebrand%20_%20IT_%20300x250_LM_2__04-2023%20/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 02:09:39 GMT
x-content-type-options
nosniff
age
219875
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10423
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 15:40:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jun 2024 02:09:39 GMT
copy1.png
s0.2mdn.net/sadbundle/828958424189773656/35978-6%20PG%20_BRD%20_PG%20Rebrand%20_%20IT_%20300x250_LM_2__04-2023%20/ Frame B045 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/828958424189773656/35978-6%20PG%20_BRD%20_PG%20Rebrand%20_%20IT_%20300x250_LM_2__04-2023%20/copy1.png
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/828958424189773656/35978-6%20PG%20_BRD%20_PG%20Rebrand%20_%20IT_%20300x250_LM_2__04-2023%20/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 04:07:07 GMT
x-content-type-options
nosniff
age
558427
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32062
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 15:40:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 23 Jun 2024 04:07:07 GMT
bg1.jpg
s0.2mdn.net/sadbundle/828958424189773656/35978-6%20PG%20_BRD%20_PG%20Rebrand%20_%20IT_%20300x250_LM_2__04-2023%20/ Frame B045 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/828958424189773656/35978-6%20PG%20_BRD%20_PG%20Rebrand%20_%20IT_%20300x250_LM_2__04-2023%20/bg1.jpg
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/828958424189773656/35978-6%20PG%20_BRD%20_PG%20Rebrand%20_%20IT_%20300x250_LM_2__04-2023%20/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 05:10:26 GMT
x-content-type-options
nosniff
age
209028
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28596
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 15:40:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jun 2024 05:10:26 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 95E5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsui4_HXmkqBG-CtGN99M0cgvP1KuOeNAm4khGyTGcrRQ6r3F7lkYLPp8gtPB3-UuoWqlfeRR7_Dos97MyIvNkfmWkVMgYhwQFZD0BmUX_P_1QegUOqxAqjdyadIuKBc_MYxxIEnQrAA1A&sai=AMfl-YTKs2WkmcjzAGugC9X9tah-iMqr6XgWoIm1xvLXMI3-08yhES-yUrBXPWVOjlRsh0pdqYR_C1oETFD01AWKFqxpbC3Ill3Ps58G1ImzcKQ2_BwONumnYGVVI4I&sig=Cg0ArKJSzIADGgfFExBjEAE&cid=CAQSOwBygQiDFqGs8NAaf0_KEeBV_THx_HNgEoxhOuDw-d2WJpOqvsb_g66MYkAgw4j96jxdTLaR5RnhCTZxGAE&id=lidar2&mcvt=1084&p=579,314,829,614&mtos=1084,1084,1084,1084,1084&tos=1084,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3443175348&rs=4&la=0&cr=0&vs=4&r=v&rst=1688138051836&rpt=1446&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZJ7xQk02Xe7iQfYlVmIdzwAABScAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 506C 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZJ7xQk02Xe7iQfYlVmIdzwAABScAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fchatdemaison.jugem.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:2a9f:40df:c424:1e81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 506C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3132452749006503740
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3132452749006503740
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fchatdemaison.jugem.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 30 Jun 2023 15:14:14 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6c53475f-7767-4bab-96f5-2e4a8a2f82cd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3132452749006503740
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 506C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7427183075023782322
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7427183075023782322
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fchatdemaison.jugem.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7427183075023782322
pragma
no-cache
date
Fri, 30 Jun 2023 15:14:14 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 506C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZJ7xQgAVoRvEcgAn
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZJ7xQgAVoRvEcgAn
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fchatdemaison.jugem.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-yyz4581-YYZ
pragma
no-cache
date
Fri, 30 Jun 2023 15:14:14 GMT
via
1.1 varnish
server
Varnish
x-timer
S1688138055.691387,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZJ7xQgAVoRvEcgAn
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum.casalemedia.com/ Frame 506C
Redirect Chain
  • https://match.deepintent.com/usersync/113
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_e45526db2ada48ea80fba
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_e45526db2ada48ea80fba
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fchatdemaison.jugem.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_e45526db2ada48ea80fba
date
Fri, 30 Jun 2023 15:14:14 GMT
content-type
image/gif
server
c
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
crum
dsum-sec.casalemedia.com/ Frame 506C
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0A77C99E046A4F0186A413477C1A3C36
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0A77C99E046A4F0186A413477C1A3C36
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fchatdemaison.jugem.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Fri, 30 Jun 2023 15:14:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0A77C99E046A4F0186A413477C1A3C36
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 29 Jun 2023 15:14:14 GMT
crum
dsum.casalemedia.com/ Frame 506C
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=0cacf892-56f9-59ab-904318f8
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=0cacf892-56f9-59ab-904318f8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fchatdemaison.jugem.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Fri, 30 Jun 2023 15:14:14 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=0cacf892-56f9-59ab-904318f8
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
crum
dsum-sec.casalemedia.com/ Frame 506C
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=abcb76c9-4ae9-40b4-9643-05375f79b776&expiration=1719760454
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=abcb76c9-4ae9-40b4-9643-05375f79b776&expiration=1719760454
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fchatdemaison.jugem.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=abcb76c9-4ae9-40b4-9643-05375f79b776&expiration=1719760454
Date
Fri, 30 Jun 2023 15:14:14 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 506C 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZJ7xQk02Xe7iQfYlVmIdzwAA%261319
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fchatdemaison.jugem.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:14 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
6366
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7df75b9b1c4339c9-YYZ
content-length
43
expires
Sat, 01 Jul 2023 15:14:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2291 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=506689814735&version=m202301230201&ct=76&x=1&cor=15290982360135528000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
747.json
id5-sync.com/g/v2/ 		600 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/747.json
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://chatdemaison.jugem.jp/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Jun 2023 15:14:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://chatdemaison.jugem.jp
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame 95E5 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3141059600920&version=m202301230201&ct=76&x=1&cor=4758400822838787000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E735 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-APgRPGeZODVK-2toPwPt_CCoAoAAAAAOAHgBAI&bg=!8vGl8aXNAAb90kgr3dI7ADkAdvg8WusO18FZKVdwq6UUonfhrXXmpzAl9s0Z4OV0onROI5i5ZMQBApDf2RyNYgLluEPPy9zaguMCAAADrVIAAAAEaAEHmQL05cMrrGhfSUb22zX1JjPPT3Pxj4s02ggq3itdk4jJB0aYblJIF1qCQ9DaxVdG44__5E8CUhUq9wPZ8e0GWXbPqw2p2vkfzeZASUjYiqOscph0frGSqcxMxGrW02qE4RVsYNaBIzeDOVc9GKWdee3pwD7wHqAIcScYQqNog84UTLYwN6kSBh_Zz9ptDBqnn6RpKxt6x8pxbQBebsjGMZhOavgh5pa_YrA4NhtszEH3lPLXTulH1hY1UGkVb4PBdZ2amzPxTBEatsIDgyKrIag7IYMvmnZDv5sgw4El4nb_5L4OlotjIT_PSW5qqRiWu1Zqc4UFdlXHWB2jlvgo7dOk9AG_utA1fR6LLctBUgla1sa6Bjn10gyvQ8aWv53mG0TGO3TmoNQ4AsyVPfaEJMyTTrKdP7BYYfyESvj6gCfaj3EYP0DBHPnMuKysXIyuNrjueHLDGB9OrEE_g69Vku4FvSy4ATSIY_sd-Y5h_Y4VmQr4-wgNS0FMiP2s2P5KkR6rjsljJwtx8yGGiaZxe46bOUELH4O3QXLBGr5_1kqRUEODUYy6dbnB7Oiwll1TB5qTevFMyOaIEEjA0g5u69hazkB8K4_ecpOk4RxaJmpwziWzPs76RYY2JuLdUy8GD4PsFZ17rbAes9BOGwQTd7nHfzVe67P6k9NV9H-RSr2LJaCuAK_Os4jwjEVoKDlf2vlDcASAM_mM1cHUpZag_D9WIMhqbp16QYCp91hI_Id4MMLruLMzCR9dgOLrlm0-St131BgmZTS4w2lwN_5IDfBALzl85Akum_D3XWHM_5afnCfPLxUjryKpmvHbwS-ogspMTQNAu0pxxp4Emah5cph_FYGz-Tr-jRy5mT8dzxXVRs30u_pogsi9He7F4pPOyGaIP9RaGoEO9TR3CCNd4X4CpK0j9KhPUx0NOMSAXsKCSPQjzRxBpkG37rxYseIbm8WhWtgOS6wSrngFhRg5A83Jg5tSAUCwC5eOOaMYk74opkJibVLD
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A1D 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqepeRPGeZKPVLcvFzwWomYKwAQAAAAA4AeAEAg&bg=!3N-l34vNAAb90kgr3dI7ADkAdvg8Wi7UxezHUZyeGHjzc-7WaMU8YgorId1ve6RJRIBWz329cVSqSMQoYzwvvQXRHtLZ5J3RU2QCAAAEyVIAAAAEaAEHmQLyopqbsjsUSvcxu_jljOv4mNlLzw6WdLH2bo100thDaDyYzWQDQnpiVb-Fy2Kbg9vuBA3WAvmwLSpGRB5EotgtnFvGOCNahDcCDE49DgorMxRiI0MVrrzpBqnUDbDhQXQNTLx8lmwLbpsVkmwQmDuAVyk7NC6RbBDV9fDboX5mnwO011hj3TAt5w-kvCYOHf89hFpPSB57bfjakSi_JP_tGbhwO-bsYKr4SGYZLdZEUzGWsJkYWkv8V9nFMkNjGq0-GMw78mYcL_moJrjEx4BSv3hNtZ12J1d3Glgg5vJYJAU6rfsNW45BYjsiwcUj8RG_4v3yJjWS2NK_UwlYwyiEX3Du5DEafKXqQblx5830O1A_tJPB36CxLTKoWI6rtPrLi-uxs2uKy5v_GT7olxczhwdEDe7yL8ZkvTuQ3MnBnExL1lOQhafTJgErJBBhPsZL-N5oF45VV6mGVtUbOEyMrUyJO75eXqqka1wc2_TaqH8Zcax-CukMLpJpFwpoR2DWVjWvdE8S_wKbe6INrIDPM1b8k4zTR6NW4-U1STWCj19SFRXPSs-4_xjb58zhVt6S_WzooEQjIJ-73qN8iowCEyQ1PfkBxMekuXH_TpDff_wpgptXzp78l7LeXYZmbWW2tvZCPCqt877PVQp04bx1GMyT96QBQWGIo3N55xEK8T-jQUvSZFcopn1XKeDedneMB3Srm6Hw0tLmIYK2wkulMfkPhjFnDHCGRItlBIC26spamje1E7U9LZgWwjwAHjfifofw6bDXpMPlnX0wWLlFhfW0VjSkrNMR8QOz1FFDdvVpYk57186Rj7fjUc1TreE2lo4PpicZgOPO5i04cNDYQ6CQbC3t6sAac2jZGPT3VnS6eF_5Ezy6_SJa236DHVTbQQmHDQOmT7rk2X3s71vd4Bd65vRIa2FpgO3WRfWon4BxaIO05bwoe0SxnXfJr3S-syPjjOpDzTwQuO8Ly8jGW6vacJMFbfVGyY1ifD5cPDD7LA
Requested by
Host: chatdemaison.jugem.jp
URL: http://chatdemaison.jugem.jp/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame B9FF 		0
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jun 2023 15:14:15 GMT
AN-X-Request-Uuid
4905a4bc-457c-4f00-af93-95aba1513d83
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EB38 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQzDyLlt_1qbDaVCbFz0FpkrB5zOVXcKRYGZQlRlXKqZCPYh3GhJKcWxQGfoDeQV7HI322xGVpb3u18fDcbb72ACHmvGqu-lWX4xurnLWGziGUIzRkjwlwH4cao8L_5IGdqMG2mWGB67Kw1CKy4YR2IDSmdeEKuGMA8jYZg2UjcUjfBZJI8svCE9k6baL3sWaJ0Pkzw5eKllYyYTbrGJWRyx02DD7WE79T4mxe98n8-FyQIW4iBQIX_v6_mxq7rq1Zisi9rwu0_xLNTAxIqiej9Eix1D2rspAfdDcUgLIWo9wOg5aCb1WxvzYuVcqgd1Mdn4Yxc0r1zZn_k5yr3Ra8UIRsxLu-lBB7d6CEK8ZJbqtOnzxFp-d98yib7Wk&sai=AMfl-YSd6EmzuN89digHTTgamLiYtPPJyPi05-lVTgfa6aL-PMIGj41bqtEV8a6vRkiJZatrDzpdc4QkBuOrQeySxMfu1RxZbw8A65oGfxnIACgdHf8FuuD-ohUBbUeHEg&sig=Cg0ArKJSzFxI18FBsJ50EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 30 Jun 2023 15:14:16 GMT
share_button.php
www.facebook.com/v2.5/plugins/ Frame 9F3F 		40 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df8762405fb863%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D706&layout=button_count&locale=ja_JP&sdk=joey&width=110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js?hash=dc5e3e395e7b3395e7fee8133cdccd76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 15:14:16 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v11.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
SFqyEiLvvsnUyCvcsX6EuvFRSxKv+ARpulEQGhg8Cw4Y/l9VwzGNVr8hvhAFyT7kDedhrqIiFrNWjg2gBQebeQ==
x-xss-protection
0
share_button.php
www.facebook.com/v2.5/plugins/ Frame DC2A 		40 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df124239f2f12b24%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D705&layout=button_count&locale=ja_JP&sdk=joey&width=110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js?hash=dc5e3e395e7b3395e7fee8133cdccd76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 15:14:16 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v11.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
AqQrkatV096aqCwy1BqsARSiJ/LZ3/T84urCsMDv/3XWnYf1K/T907P4mlX+b9NlFs5qTuGh5iKzOvs0NJoFTw==
x-xss-protection
0
share_button.php
www.facebook.com/v2.5/plugins/ Frame 4B6D 		40 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1775fe570a7c%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D704&layout=button_count&locale=ja_JP&sdk=joey&width=110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js?hash=dc5e3e395e7b3395e7fee8133cdccd76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 15:14:16 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v11.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
GfRs7BFQNODSYWTyZwh25Jm2j/9yIBjfaXzst1iesRayD8WNkGdtK+2Ck8V94wTsNdSc5g8KUHm3cCZJV8ip0A==
x-xss-protection
0
share_button.php
www.facebook.com/v2.5/plugins/ Frame 1594 		40 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30d691bb07cc84%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D703&layout=button_count&locale=ja_JP&sdk=joey&width=110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js?hash=dc5e3e395e7b3395e7fee8133cdccd76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 15:14:16 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v11.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
gAAuN8Fp9EVYlWpHTlYlAVhCN12ISok13cmT6I/Rs8loZeNayKloK2nqV3Mi29/oSBS4Gtc1aw57bT0f+6nLcQ==
x-xss-protection
0
share_button.php
www.facebook.com/v2.5/plugins/ Frame 933D 		40 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ad93dd3a55c6c%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D702&layout=button_count&locale=ja_JP&sdk=joey&width=110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js?hash=dc5e3e395e7b3395e7fee8133cdccd76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 15:14:16 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v11.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
LM357l097YWLVtXnWcWLIso0HirMmIqz5QEVSBisYqUuciJ4Fw2dlBIgMGzPvVMbSQZCLEarcCvdp2ZrF09Fyg==
x-xss-protection
0
share_button.php
www.facebook.com/v2.5/plugins/ Frame 8305 		40 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36fb00686e192%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D701&layout=button_count&locale=ja_JP&sdk=joey&width=110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js?hash=dc5e3e395e7b3395e7fee8133cdccd76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 15:14:16 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v11.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
EwS+iJFQ4CNSo6VsKk0I9M4eBZ/ViWdOS3FFB4paum6GeN6CAPcr3i7JseMYGD77sa/9FUMBhh+lIC++ogPkqA==
x-xss-protection
0
share_button.php
www.facebook.com/v2.5/plugins/ Frame 670E 		40 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5d4a042aeaeac%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D700&layout=button_count&locale=ja_JP&sdk=joey&width=110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js?hash=dc5e3e395e7b3395e7fee8133cdccd76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 15:14:16 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v11.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
SzIES4AI5MlMdjC3PF0hZL1LX65vB5NtCWDAce5rYNKzRDDbXjAfzirH0DIkJEAKMSoL2+RhocLSIEhO2I08dQ==
x-xss-protection
0
share_button.php
www.facebook.com/v2.5/plugins/ Frame CFC7 		40 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b8482fc6d099%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D699&layout=button_count&locale=ja_JP&sdk=joey&width=110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js?hash=dc5e3e395e7b3395e7fee8133cdccd76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 15:14:16 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v11.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
nShXkq8SrdjuipQqPE7/spdGzq1pviH8M4D2VdeSF5PkfTUKYY2Sqqxox34pGHtzDgjf4uzPANrTi0FVyK498w==
x-xss-protection
0
share_button.php
www.facebook.com/v2.5/plugins/ Frame 44DF 		40 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28d5c168edc7e8%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D698&layout=button_count&locale=ja_JP&sdk=joey&width=110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js?hash=dc5e3e395e7b3395e7fee8133cdccd76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 15:14:16 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v11.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
QWZYzJHnD4Cm1hKHIL40mc87NdrN40nW45FcQEfWY9rKeqTklN0fXmG7Fr4nDXwFsjHgs0FPwJA3tPtt5pBNhw==
x-xss-protection
0
share_button.php
www.facebook.com/v2.5/plugins/ Frame FA80 		40 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df99c8b9299358%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D697&layout=button_count&locale=ja_JP&sdk=joey&width=110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js?hash=dc5e3e395e7b3395e7fee8133cdccd76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 15:14:16 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v11.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
floeHEyJ4huqHSbXrcH5jNqK6vPqEzt9iy//r39BFKdqAlxnXPlD4xsGyw/SmFCeTybAlhqsgmE8X7sIj/Nlnw==
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306280101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11122
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 5654 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=chatdemaison.jugem.jp
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 15:14:16 GMT
server
Kestrel
server-processing-duration-in-ticks
295254
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j101&a=1301269030&t=timing&_s=2&dl=http%3A%2F%2Fchatdemaison.jugem.jp%2F&ul=en-us&de=EUC-JP&dt=chocolat%20et%20cacao&sd=24-bit&sr=1600x1200&vp=1600x12...
  • https://www.google-analytics.com/collect?v=1&_v=j101&a=1301269030&t=timing&_s=2&dl=http%3A%2F%2Fchatdemaison.jugem.jp%2F&ul=en-us&de=EUC-JP&dt=chocolat%20et%20cacao&sd=24-bit&sr=1600x1200&vp=1600x1...
35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1301269030&t=timing&_s=2&dl=http%3A%2F%2Fchatdemaison.jugem.jp%2F&ul=en-us&de=EUC-JP&dt=chocolat%20et%20cacao&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=12469&pdt=184&dns=1591&rrt=13&srt=185&tcp=1512&dit=5208&clt=5208&_gst=3810&_gbt=5712&_u=YGBACAABBAAAAC~&jid=&gjid=&cid=516528138.1688138049&tid=UA-26106898-2&_gid=1075648414.1688138049&cd1=0&cd2=none&cd3=none&cd8=none&cd9=none&cd10=none&z=1743020275
Protocol
H3
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 11:49:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12316
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j101&a=1301269030&t=timing&_s=2&dl=http%3A%2F%2Fchatdemaison.jugem.jp%2F&ul=en-us&de=EUC-JP&dt=chocolat%20et%20cacao&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=12469&pdt=184&dns=1591&rrt=13&srt=185&tcp=1512&dit=5208&clt=5208&_gst=3810&_gbt=5712&_u=YGBACAABBAAAAC~&jid=&gjid=&cid=516528138.1688138049&tid=UA-26106898-2&_gid=1075648414.1688138049&cd1=0&cd2=none&cd3=none&cd8=none&cd9=none&cd10=none&z=1743020275
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
SPug
simage4.pubmatic.com/AdServer/ Frame CCDE 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158977&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:58:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Jun 2023 15:14:16 GMT
sid
mug.criteo.com/ Frame 5654
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=jugem.jp&sn=ChromeSyncframe&so=3&topUrl=chatdemaison.jugem.jp&bundle=x_Lpp19TJTJCallQT1JJamZFWjVic0V1NEUxZ290UnppM1ZialFjeFpSMlRWT2ZFVTRoW...
  • https://mug.criteo.com/sid?cpp=8FXYknxzQWVDQ3Q0MG1uMHlORUFjNFIzajdIdk50dXpSUU5hTUdhWDBVQ2RmTzFGMkpOTklhbmhjMkVkcmZuTjU1Umh4eUxvaFJtdDBMblRTQndMbnFjL3d4RGVONWIyaVkzSVRQcFlKWEdsR0dhVjdCbUVKU3hUcTBJak...
422 B
662 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=8FXYknxzQWVDQ3Q0MG1uMHlORUFjNFIzajdIdk50dXpSUU5hTUdhWDBVQ2RmTzFGMkpOTklhbmhjMkVkcmZuTjU1Umh4eUxvaFJtdDBMblRTQndMbnFjL3d4RGVONWIyaVkzSVRQcFlKWEdsR0dhVjdCbUVKU3hUcTBJakJyK0M1VlJ4WHdjMWxDUkxsemFOb2tQUDhxUXVmYkhmVTJMc2JLUllab2EwR0NvVHhQS3NCdWo0SURGcEVPaTdMNlprSVhvcGcwaTlDaFVGWStoejU2elV3ZzdweVlaMzlGVkVsMW1jcEFPM1ltelltYVpQWXg1bTlROEZMcEFqK1JBZEptZ2FhbGVYanAvZlJwQWpET3BDQ3YxQ3U1QT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:16 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1189442
expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:15 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=8FXYknxzQWVDQ3Q0MG1uMHlORUFjNFIzajdIdk50dXpSUU5hTUdhWDBVQ2RmTzFGMkpOTklhbmhjMkVkcmZuTjU1Umh4eUxvaFJtdDBMblRTQndMbnFjL3d4RGVONWIyaVkzSVRQcFlKWEdsR0dhVjdCbUVKU3hUcTBJakJyK0M1VlJ4WHdjMWxDUkxsemFOb2tQUDhxUXVmYkhmVTJMc2JLUllab2EwR0NvVHhQS3NCdWo0SURGcEVPaTdMNlprSVhvcGcwaTlDaFVGWStoejU2elV3ZzdweVlaMzlGVkVsMW1jcEFPM1ltelltYVpQWXg1bTlROEZMcEFqK1JBZEptZ2FhbGVYanAvZlJwQWpET3BDQ3YxQ3U1QT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
317464
content-length
0
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CEDF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
22003
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 09:07:33 GMT
expires
Sat, 29 Jun 2024 09:07:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 40B5 		783 B
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Uiec_umx8OzDFtf-RqT7ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://chatdemaison.jugem.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-Uiec_umx8OzDFtf-RqT7ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 15:14:16 GMT
expires
Fri, 30 Jun 2023 15:14:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 933D 		272 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ad93dd3a55c6c%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D702&layout=button_count&locale=ja_JP&sdk=joey&width=110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fb-debug
EYAbVDL+fy88mayEH2TAcEIH+s4p8ljiujt+xH+HDQNtWMeesdQ5fy7E5n/ISTNI8TBrWfv5Iz8eyhuPzGzuow==
date
Fri, 30 Jun 2023 15:14:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
lIjeC3eJAboxVqIOEs/Auw==
document-policy
force-load-at-top
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
272
expires
Sat, 29 Jun 2024 07:43:09 GMT
GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 9F3F 		272 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df8762405fb863%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D706&layout=button_count&locale=ja_JP&sdk=joey&width=110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fb-debug
EYAbVDL+fy88mayEH2TAcEIH+s4p8ljiujt+xH+HDQNtWMeesdQ5fy7E5n/ISTNI8TBrWfv5Iz8eyhuPzGzuow==
date
Fri, 30 Jun 2023 15:14:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
lIjeC3eJAboxVqIOEs/Auw==
document-policy
force-load-at-top
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
272
expires
Sat, 29 Jun 2024 07:43:09 GMT
OPf4zdzBOYr.js
static.xx.fbcdn.net/rsrc.php/v3irB34/yw/l/ja_JP/ Frame 933D 		519 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3irB34/yw/l/ja_JP/OPf4zdzBOYr.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ad93dd3a55c6c%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D702&layout=button_count&locale=ja_JP&sdk=joey&width=110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9LJVrYTLC1mAC24oFUSXVQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136881
x-fb-debug
yP+lyQnGAyy6gqfG/gMnqtPLbh2TLyDkA+2ZWR4VU8Y/1CnVCl6P8FcE6wdbezDTzMi9bIQ1ofEQ7RDY01AKBw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 29 Jun 2024 08:11:11 GMT
GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame CFC7 		272 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b8482fc6d099%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D699&layout=button_count&locale=ja_JP&sdk=joey&width=110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fb-debug
EYAbVDL+fy88mayEH2TAcEIH+s4p8ljiujt+xH+HDQNtWMeesdQ5fy7E5n/ISTNI8TBrWfv5Iz8eyhuPzGzuow==
date
Fri, 30 Jun 2023 15:14:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
lIjeC3eJAboxVqIOEs/Auw==
document-policy
force-load-at-top
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
272
expires
Sat, 29 Jun 2024 07:43:09 GMT
OPf4zdzBOYr.js
static.xx.fbcdn.net/rsrc.php/v3irB34/yw/l/ja_JP/ Frame 9F3F 		519 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3irB34/yw/l/ja_JP/OPf4zdzBOYr.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df8762405fb863%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D706&layout=button_count&locale=ja_JP&sdk=joey&width=110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9LJVrYTLC1mAC24oFUSXVQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136881
x-fb-debug
yP+lyQnGAyy6gqfG/gMnqtPLbh2TLyDkA+2ZWR4VU8Y/1CnVCl6P8FcE6wdbezDTzMi9bIQ1ofEQ7RDY01AKBw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 29 Jun 2024 08:11:11 GMT
GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 44DF 		272 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28d5c168edc7e8%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D698&layout=button_count&locale=ja_JP&sdk=joey&width=110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fb-debug
EYAbVDL+fy88mayEH2TAcEIH+s4p8ljiujt+xH+HDQNtWMeesdQ5fy7E5n/ISTNI8TBrWfv5Iz8eyhuPzGzuow==
date
Fri, 30 Jun 2023 15:14:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
lIjeC3eJAboxVqIOEs/Auw==
document-policy
force-load-at-top
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
272
expires
Sat, 29 Jun 2024 07:43:09 GMT
OPf4zdzBOYr.js
static.xx.fbcdn.net/rsrc.php/v3irB34/yw/l/ja_JP/ Frame CFC7 		519 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3irB34/yw/l/ja_JP/OPf4zdzBOYr.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b8482fc6d099%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D699&layout=button_count&locale=ja_JP&sdk=joey&width=110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9LJVrYTLC1mAC24oFUSXVQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136881
x-fb-debug
yP+lyQnGAyy6gqfG/gMnqtPLbh2TLyDkA+2ZWR4VU8Y/1CnVCl6P8FcE6wdbezDTzMi9bIQ1ofEQ7RDY01AKBw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 29 Jun 2024 08:11:11 GMT
GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 1594 		272 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30d691bb07cc84%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D703&layout=button_count&locale=ja_JP&sdk=joey&width=110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fb-debug
EYAbVDL+fy88mayEH2TAcEIH+s4p8ljiujt+xH+HDQNtWMeesdQ5fy7E5n/ISTNI8TBrWfv5Iz8eyhuPzGzuow==
date
Fri, 30 Jun 2023 15:14:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
lIjeC3eJAboxVqIOEs/Auw==
document-policy
force-load-at-top
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
272
expires
Sat, 29 Jun 2024 07:43:09 GMT
GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 8305 		272 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36fb00686e192%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D701&layout=button_count&locale=ja_JP&sdk=joey&width=110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fb-debug
EYAbVDL+fy88mayEH2TAcEIH+s4p8ljiujt+xH+HDQNtWMeesdQ5fy7E5n/ISTNI8TBrWfv5Iz8eyhuPzGzuow==
date
Fri, 30 Jun 2023 15:14:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
lIjeC3eJAboxVqIOEs/Auw==
document-policy
force-load-at-top
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
272
expires
Sat, 29 Jun 2024 07:43:09 GMT
GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame FA80 		272 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df99c8b9299358%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D697&layout=button_count&locale=ja_JP&sdk=joey&width=110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fb-debug
EYAbVDL+fy88mayEH2TAcEIH+s4p8ljiujt+xH+HDQNtWMeesdQ5fy7E5n/ISTNI8TBrWfv5Iz8eyhuPzGzuow==
date
Fri, 30 Jun 2023 15:14:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
lIjeC3eJAboxVqIOEs/Auw==
document-policy
force-load-at-top
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
272
expires
Sat, 29 Jun 2024 07:43:09 GMT
OPf4zdzBOYr.js
static.xx.fbcdn.net/rsrc.php/v3irB34/yw/l/ja_JP/ Frame 44DF 		519 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3irB34/yw/l/ja_JP/OPf4zdzBOYr.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28d5c168edc7e8%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D698&layout=button_count&locale=ja_JP&sdk=joey&width=110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9LJVrYTLC1mAC24oFUSXVQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136881
x-fb-debug
yP+lyQnGAyy6gqfG/gMnqtPLbh2TLyDkA+2ZWR4VU8Y/1CnVCl6P8FcE6wdbezDTzMi9bIQ1ofEQ7RDY01AKBw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 29 Jun 2024 08:11:11 GMT
GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 4B6D 		272 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1775fe570a7c%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D704&layout=button_count&locale=ja_JP&sdk=joey&width=110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fb-debug
EYAbVDL+fy88mayEH2TAcEIH+s4p8ljiujt+xH+HDQNtWMeesdQ5fy7E5n/ISTNI8TBrWfv5Iz8eyhuPzGzuow==
date
Fri, 30 Jun 2023 15:14:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
lIjeC3eJAboxVqIOEs/Auw==
document-policy
force-load-at-top
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
272
expires
Sat, 29 Jun 2024 07:43:09 GMT
GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 670E 		272 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5d4a042aeaeac%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D700&layout=button_count&locale=ja_JP&sdk=joey&width=110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:16 GMT
x-content-type-options
nosniff
content-md5
lIjeC3eJAboxVqIOEs/Auw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
272
x-fb-debug
2c3D1wJ19DQ4yoq6477sH8pLKvV4grEU6QmbkSv2cdACiazfMDh77Gin+nqEWQWqFlQ9vMR4tqrqQbB6dnpCdQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 21 Jun 2024 19:16:55 GMT
GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame DC2A 		272 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df124239f2f12b24%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D705&layout=button_count&locale=ja_JP&sdk=joey&width=110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:16 GMT
x-content-type-options
nosniff
content-md5
lIjeC3eJAboxVqIOEs/Auw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
272
x-fb-debug
2c3D1wJ19DQ4yoq6477sH8pLKvV4grEU6QmbkSv2cdACiazfMDh77Gin+nqEWQWqFlQ9vMR4tqrqQbB6dnpCdQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 21 Jun 2024 19:16:55 GMT
9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
pagead2.googlesyndication.com/bg/ Frame CEDF 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 17:55:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
249554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jun 2024 17:55:02 GMT
OPf4zdzBOYr.js
static.xx.fbcdn.net/rsrc.php/v3irB34/yw/l/ja_JP/ Frame 1594 		519 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3irB34/yw/l/ja_JP/OPf4zdzBOYr.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30d691bb07cc84%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D703&layout=button_count&locale=ja_JP&sdk=joey&width=110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9LJVrYTLC1mAC24oFUSXVQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136881
x-fb-debug
/DZ3lCBjetsgDa3SAfY7dTlCCYot6Oe0+zMm3IudEek7AeiQCa0MN32DVAUn4464OZNfJHyyzJqEmhmI/4wMtw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 28 Jun 2024 04:47:29 GMT
OPf4zdzBOYr.js
static.xx.fbcdn.net/rsrc.php/v3irB34/yw/l/ja_JP/ Frame 8305 		519 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3irB34/yw/l/ja_JP/OPf4zdzBOYr.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36fb00686e192%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D701&layout=button_count&locale=ja_JP&sdk=joey&width=110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9LJVrYTLC1mAC24oFUSXVQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136881
x-fb-debug
/DZ3lCBjetsgDa3SAfY7dTlCCYot6Oe0+zMm3IudEek7AeiQCa0MN32DVAUn4464OZNfJHyyzJqEmhmI/4wMtw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 28 Jun 2024 04:47:29 GMT
OPf4zdzBOYr.js
static.xx.fbcdn.net/rsrc.php/v3irB34/yw/l/ja_JP/ Frame FA80 		519 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3irB34/yw/l/ja_JP/OPf4zdzBOYr.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df99c8b9299358%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D697&layout=button_count&locale=ja_JP&sdk=joey&width=110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9LJVrYTLC1mAC24oFUSXVQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136881
x-fb-debug
/DZ3lCBjetsgDa3SAfY7dTlCCYot6Oe0+zMm3IudEek7AeiQCa0MN32DVAUn4464OZNfJHyyzJqEmhmI/4wMtw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 28 Jun 2024 04:47:29 GMT
OPf4zdzBOYr.js
static.xx.fbcdn.net/rsrc.php/v3irB34/yw/l/ja_JP/ Frame 4B6D 		519 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3irB34/yw/l/ja_JP/OPf4zdzBOYr.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1775fe570a7c%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D704&layout=button_count&locale=ja_JP&sdk=joey&width=110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9LJVrYTLC1mAC24oFUSXVQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136881
x-fb-debug
/DZ3lCBjetsgDa3SAfY7dTlCCYot6Oe0+zMm3IudEek7AeiQCa0MN32DVAUn4464OZNfJHyyzJqEmhmI/4wMtw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 28 Jun 2024 04:47:29 GMT
OPf4zdzBOYr.js
static.xx.fbcdn.net/rsrc.php/v3irB34/yw/l/ja_JP/ Frame 670E 		519 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3irB34/yw/l/ja_JP/OPf4zdzBOYr.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5d4a042aeaeac%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D700&layout=button_count&locale=ja_JP&sdk=joey&width=110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9LJVrYTLC1mAC24oFUSXVQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136881
x-fb-debug
/DZ3lCBjetsgDa3SAfY7dTlCCYot6Oe0+zMm3IudEek7AeiQCa0MN32DVAUn4464OZNfJHyyzJqEmhmI/4wMtw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 28 Jun 2024 04:47:29 GMT
OPf4zdzBOYr.js
static.xx.fbcdn.net/rsrc.php/v3irB34/yw/l/ja_JP/ Frame DC2A 		519 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3irB34/yw/l/ja_JP/OPf4zdzBOYr.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df124239f2f12b24%26domain%3Dchatdemaison.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fchatdemaison.jugem.jp%252Ffd89ef74ed74b4%26relation%3Dparent.parent&container_width=803&href=http%3A%2F%2Fchatdemaison.jugem.jp%2F%3Feid%3D705&layout=button_count&locale=ja_JP&sdk=joey&width=110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9LJVrYTLC1mAC24oFUSXVQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136881
x-fb-debug
/DZ3lCBjetsgDa3SAfY7dTlCCYot6Oe0+zMm3IudEek7AeiQCa0MN32DVAUn4464OZNfJHyyzJqEmhmI/4wMtw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 28 Jun 2024 04:47:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 40B5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306280101&jk=2989611238826799&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame CEDF 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?9-BspA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 15:14:17 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306280101&jk=2989611238826799&bg=!6-il6LzNAAb90kgr3dI7ADkAdvg8WhBeFpS3z_Lk7mvkkEWsgQzrlQYTYC62JthWtjxG0QfU99gBPQVPSQZ8u2966hN8SmBuUOwCAAABPVIAAAAFaAEHCgDaMV1xcnvP8tABM3lyi1XzR30V04RWQEHAwGAfhlNCNYJrZHdYpAWm0OmrNDYrGcb1aFjB33InY4CxUiQTPF6zIvTknZswmICcEhIg6NtPq8vVxkAa7MwCoXHvMypzxC29NfouqHz8r3rJKM6oDE6rl_HmLsV28vnaeGWIQqf5-J7UMbKGMQTWwO4DYROLBxFaLGoqTp7ZL4tdgV_M68XHHkcTTGUkn9K022UcctddoKiEqXU8MMfeGDt0AR0p8_EkfI3Ksj7gio-quVVyuK6lHcKKfdUD5TUT0YKZAqX1KBWdqCO6QClxZpuS1HSLcfwI6VaCoCbnVoTwpUXsH6BjYK4z_hCdDe-v-v9cBu5VWmXDMJ18C-VIqc4g6yBeSt0JvyiuAv9WGpvMg8q9CKgqDXY2FHY_FJia3rPzlOVVeenRHkvPfjWc7wjGler1H02qSfgAUvlmQv6j0lRgaL6dKGvEUrjvyyAaPPoshC2ikzElAcFmocz0p5wfNDNumzwDfIDk3fp7p7ddI6PIZceSa4w4rr5uCmFVyKh7flI4QDW7L2sqJ7hhnBXyHCVY5lRRDOoDJ7qIKmn4In9WV-P6LxvU-UVqduDCga-JLFAvUu0nKgdoHdKyhLKdeQ4jkC0ITMtl9FoZLsLuL_kkCKwgPgSeZzMtqNfNa7yvaGcXM0Gmg1eUum_2Otd5vZIg0gis7R7dmH-wXmG463KT3_vqVBYYVXcZ50etV_-5p9ryp7pFTKl48SWgjYIdEddRXdo0kM5Q1BaMWp20fNN4_l4sJMCuqMztiTqUzR_QU2bZRYn2yExKGy9rXXGafogs2OF47Q9TUms6QL3zYvx7Abc1Mu9rYxeyth9I5bvC2n-xpQBrrnAktdskFk31yI4vv77vsD1PHf858qUAa3cJZNDHxbAnkJZT4N9YfrP7w8Q9lu5Pxi5BNCojQWIR9NTX2s4sXSFxE4ZnRJ2QsyVvQGYGoD8YfwJ7r7yZnyclu-ToNlbq54K9m6Mekj-5FrdoI9q_bC3tE2s_VX5wvwr8TYi2UjUPB64PHSW7aABuI_JNKfXtdlLRe2BeUujlIyXBhSvz5NaF2ZISZhjzI1Kkl99dOG0G6_Z5gGDTAeNyilV5Qxx4wZ7y2tc8ezcznQp99jbAS6bWDad5RZzkuVPI2AkKiybEs4yyDJb2mTlQ1au95Pysog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://chatdemaison.jugem.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
dc_oe=ChMIo4fdp6Tr_wIVy-KzCh2ojAAWEAAYACCmn7ZaQhMI6tPYpqTr_wIVWOCzCh3RKwtz;met=1;&timestamp=1688138063952;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 2291 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIo4fdp6Tr_wIVy-KzCh2ojAAWEAAYACCmn7ZaQhMI6tPYpqTr_wIVWOCzCh3RKwtz;met=1;&timestamp=1688138063952;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.194 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI4Ifbp6Tr_wIV7RaICR03uACkEAAYACCU9olbQhMI6dPYpqTr_wIVWOCzCh3RKwtz;met=1;&timestamp=1688138064085;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 95E5 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4Ifbp6Tr_wIV7RaICR03uACkEAAYACCU9olbQhMI6dPYpqTr_wIVWOCzCh3RKwtz;met=1;&timestamp=1688138064085;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.194 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIo4fdp6Tr_wIVy-KzCh2ojAAWEAAYACCmn7ZaQhMI6tPYpqTr_wIVWOCzCh3RKwtz;met=1;&timestamp=1688138073952;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 2291 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIo4fdp6Tr_wIVy-KzCh2ojAAWEAAYACCmn7ZaQhMI6tPYpqTr_wIVWOCzCh3RKwtz;met=1;&timestamp=1688138073952;eid1=2;ecn1=0;etm1=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI4Ifbp6Tr_wIV7RaICR03uACkEAAYACCU9olbQhMI6dPYpqTr_wIVWOCzCh3RKwtz;met=1;&timestamp=1688138074085;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 95E5 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4Ifbp6Tr_wIV7RaICR03uACkEAAYACCU9olbQhMI6dPYpqTr_wIVWOCzCh3RKwtz;met=1;&timestamp=1688138074085;eid1=2;ecn1=0;etm1=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 15:14:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.j-league.or.jp
URL
http://www.j-league.or.jp/tool/2010/blogparts/js/fctokyo.js
Domain
hqzbjthk.com
URL
https://hqzbjthk.com/uflog.jpg
Domain
c.amazon-adsystem.com
URL
http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: JR East (Transportation)

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 boolean| credentialless object| onbeforetoggle object| onscrollend function| initval function| setval function| getCookie function| setCookie object| pbjs object| googletag object| fluxtag object| apstag string| dimensionValuePlanId string| dimensionValueInactive string| dimensionValueSmpTemplateId string| dimensionValuePromotionPlus string| dimensionValueTestPattern string| dimensionValueAuthority string| GoogleAnalyticsObject function| ga object| pbFlux function| prebidBidder object| $$PREBID_GLOBAL$$ object| _pbjsGlobals object| flux object| pbjsChunk object| ADAGIO object| ggeac object| google_js_reporting_queue number| google_num_ads string| google_last_ad_type function| google_ad_request_done function| jg_ads_Hover object| Jugem object| __twttrll object| twttr object| __twttr object| _aps boolean| apstagLOADED object| apscustom undefined| google_measure_js_timing object| Criteo object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| FB object| __buffer object| sas object| apntag object| _ADAGIO function| processGoogleToken object| googleToken object| googleIMState number| google_unique_id object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_132 object| Criteo_prebid_132 object| ONFOCUS object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| google_image_requests

196 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQhPD55pAxCgoI4gEQhPD55pAxCgoI5gEQhPD55pAxCgoIhwIQhPD55pAxCgkICRCE8PnmkDEKCQg6EITw-eaQMQoJCAsQhPD55pAxCgoIjAIQhPD55pAxCgkIXxCE8PnmkDEKCQgfEITw-eaQMQ==
www.eki-net.com/ Name: BIGipServer6Bqi/86iicjuoMaKcuiz7Q
Value: !bDX4e7t6BeZO3MXUTKmRgVn1ZDFbzAtNF1djELTwndZdMwPnPK6pvfVAFfyHPpa9WEUnw0kzF4I/Ty7S5xvAAJeOnikspAft8f+OcovTU2Qt
www.eki-net.com/ Name: TS019bbee6
Value: 0161d3a745177002d2c1fe36651caf3e63ff40a94597a21a83716f14b75fee3146c4366ef480db275e78352fc81efab68044adb66b201b98c32f2c49be6b577cefb8773cd1
chatdemaison.jugem.jp/ Name: _flux_dataharbor
Value: 1
chatdemaison.jugem.jp/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.jugem.jp/ Name: sharedid
Value: 872e23e9-e865-4482-aada-6351bff477c0
chatdemaison.jugem.jp/ Name: __mguid_
Value: 4622415c-a161-4cdf-b091-22103dbe07c4
chatdemaison.jugem.jp/ Name: _ss_pp_id
Value: 4622415c-a161-4cdf-b091-22103dbe07c4
.rubiconproject.com/ Name: khaos
Value: LJIPT34R-O-GL8V
.chatdemaison.jugem.jp/ Name: _ga
Value: GA1.3.516528138.1688138049
.chatdemaison.jugem.jp/ Name: _gid
Value: GA1.3.1075648414.1688138049
.chatdemaison.jugem.jp/ Name: _gat_jugemTracker
Value: 1
.impact-ad.jp/ Name: c
Value: 1688138049
.impact-ad.jp/ Name: tuuid
Value: 85ec7d62-0f7d-4ad9-ab9c-dda930d08817
.amazon-adsystem.com/ Name: ad-id
Value: A_DAgeTnz0gBoz8an60r628
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.socdm.com/ Name: SOC
Value: ZJ7xQcCo8YMAANUqqdYAAAAA
.smaato.net/ Name: SCM
Value: cfa09e45
.smaato.net/ Name: SCMaps
Value: cfa09e45
.casalemedia.com/ Name: CMID
Value: ZJ7xQk02Xe7iQfYlVmIdzwAA
.casalemedia.com/ Name: CMPS
Value: 1319
.casalemedia.com/ Name: CMPRO
Value: 1319
.zemanta.com/ Name: zuid
Value: FWUOh2yxJBqQy64WHcGh
.openx.net/ Name: i
Value: 282d8cf9-6ffa-0139-3d12-5490e9ec908e|1688138050
.openx.net/ Name: pd
Value: v2|1688138050|vMgavPkWgy
.smartadserver.com/ Name: pid
Value: 1972436629914980997
y.one.impact-ad.jp/ Name: nbdc2h
Value: !217,1,457380849!247,1,457380849!288,1,457380849!105,1,457380849
y.one.impact-ad.jp/ Name: nbdc
Value: !217,1!247,1!288,1!105,1
.yahoo.com/ Name: A3
Value: d=AQABBELxnmQCENl2tKY_1MjoR_TEf1GaSQsFEgEBAQFCoGSoZAAAAAAA_eMAAA&S=AQAAAq4L3UaswP18o1eJB8HhZpY
.doubleclick.net/ Name: IDE
Value: AHWqTUn9G5_E8D2O84fhcDpO4ihnhfddYCwC7o4NEVklQ4O8QjqtFM8v04ToAuWdxsk
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 36D35827-2FE1-431A-862D-A6ACD80453C3
.taboola.com/ Name: t_gid
Value: 8c327656-2dd3-47b5-8cb5-b56b175dbdc9-tuctb9876c2
.adsrvr.org/ Name: TDID
Value: f1d34261-a1bf-4d8c-944a-92124c8c5995
.adnxs.com/ Name: uuid2
Value: 3132452749006503740
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjQ3MDA2NjQzsTQ2NbQ0NTazEOIz1DUIz3D1zg4tjMgMywEAexdjuyQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFhaGxhYGpgYWkAALcIuDYQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjQ3MDA2NjQzsTQ2NbQ0NTazEOIz1DUIz3D1zg4tjMgMywEAexdjuyQAAAA
.mathtag.com/ Name: uuid
Value: e17a649e-f143-4100-97b0-c0acad47afda
.bidr.io/ Name: bitoIsSecure
Value: ok
.deepintent.com/ Name: CDIUSER
Value: di_e45526db2ada48ea80fba
.quantserve.com/ Name: d
Value: EMQBCwGtKfijAA
.quantserve.com/ Name: mc
Value: 649ef142-e12fd-fc0de-b5058
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZJ7xQgAVoRvEcgAn
.adgrx.com/ Name: ADGRX_UID
Value: c4141be8-1758-11ee-9144-2b12b7d9247e
.bidr.io/ Name: bito
Value: AABEfU7JPeMAAB_WMUhC8Q
.acuityplatform.com/ Name: auid
Value: 795479655190
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBREMbZm2emGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAURDG2Ztno90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-970033164935195368
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEMyPyxcUmY7JR4Fj0T-EUj0&KRTB&22987-CAESEMyPyxcUmY7JR4Fj0T-EUj0&KRTB&23025-CAESEMyPyxcUmY7JR4Fj0T-EUj0&KRTB&23386-CAESEMyPyxcUmY7JR4Fj0T-EUj0
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-Ved1qwXiePxOtn38BbdhqADjKKtOsXn-Vutq5KpM&KRTB&19420-Ved1qwXiePxOtn38BbdhqADjKKtOsXn-Vutq5KpM&KRTB&22979-Ved1qwXiePxOtn38BbdhqADjKKtOsXn-Vutq5KpM&KRTB&23403-Ved1qwXiePxOtn38BbdhqADjKKtOsXn-Vutq5KpM
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.sitescout.com/ Name: ssi
Value: 5f24a635-74e4-4a3c-8186-629336b9a86e#1688138050992
.tapad.com/ Name: TapAd_TS
Value: 1688138050995
.tapad.com/ Name: TapAd_DID
Value: 7ff2cb5c-a4b8-416a-ba9c-bccf9df3df25
.w55c.net/ Name: wfivefivec
Value: lIUq4eeT1QffP55
.openx.net/ Name: univ_id
Value: 537072971|f1d34261-a1bf-4d8c-944a-92124c8c5995|1688138050989502
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-bf1d78c1-6055-5148-4d68-ad66fce70329.OB%2BHvK2MR1qsWGkyqIq8JW916hac9NvbzDnMDoxU%2Fdc
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Avx14wWBVUUhNaK1m_OcDKWAJ-So.Bk1crIxweNSdtRRzAPwqHzkK7sPoeVPQF4swdB9%2Bkuw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Avx14wWBVUUhNaK1m_OcDKWAJ-So.Bk1crIxweNSdtRRzAPwqHzkK7sPoeVPQF4swdB9%2Bkuw
.simpli.fi/ Name: suid
Value: 0A77C99E046A4F0186A413477C1A3C36
.bidswitch.net/ Name: tuuid
Value: dbd0bf58-358f-461b-a20a-84d8457d6734
.bidswitch.net/ Name: c
Value: 1688138051
.bidswitch.net/ Name: tuuid_lu
Value: 1688138051
.turn.com/ Name: uid
Value: 7427183075023782322
.3lift.com/ Name: tluid
Value: 4532435236289248944334
.dotomi.com/ Name: DotomiTest
Value: 135bb40446ab04e5
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:e17a649e-f143-4100-97b0-c0acad47afda&KRTB&16736-uid:e17a649e-f143-4100-97b0-c0acad47afda&KRTB&23019-uid:e17a649e-f143-4100-97b0-c0acad47afda&KRTB&23114-uid:e17a649e-f143-4100-97b0-c0acad47afda
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-795479655190&KRTB&23428-795479655190
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-f1d34261-a1bf-4d8c-944a-92124c8c5995&KRTB&22918-f1d34261-a1bf-4d8c-944a-92124c8c5995&KRTB&22926-f1d34261-a1bf-4d8c-944a-92124c8c5995&KRTB&23031-f1d34261-a1bf-4d8c-944a-92124c8c5995
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3132452749006503740&KRTB&23339-3132452749006503740
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-vx14wWBVUUhNaK1m_OcDKWAJ-So&KRTB&23334-vx14wWBVUUhNaK1m_OcDKWAJ-So&KRTB&23417-vx14wWBVUUhNaK1m_OcDKWAJ-So&KRTB&23426-vx14wWBVUUhNaK1m_OcDKWAJ-So
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-c4141be8-1758-11ee-9144-2b12b7d9247e&KRTB&23275-c4141be8-1758-11ee-9144-2b12b7d9247e
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-14745fb5-8602-49c8-9ed0-f91e533d12b1&KRTB&23340-14745fb5-8602-49c8-9ed0-f91e533d12b1&KRTB&23498-14745fb5-8602-49c8-9ed0-f91e533d12b1
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7427183075023782322&KRTB&23150-7427183075023782322
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:0A77C99E046A4F0186A413477C1A3C36&KRTB&23489-uid:0A77C99E046A4F0186A413477C1A3C36
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY4ODEzODA1MTEwN30
.ipredictive.com/ Name: cu
Value: 1bb623d7-9252-403a-b591-03c55dc5a4e5|1688138051114
.w55c.net/ Name: matchpubmatic
Value: 5
.thrtle.com/ Name: mc
Value: eyJpZCI6ImQ1MTFlYjNiLWNlMWItNGFhZi04NzE1LTRhYmY0YjY1YWJhYSIsImwiOjE2ODgxMzgwNTExMjQsInQiOjF9
.linkedin.com/ Name: bcookie
Value: "v=2&28f45beb-8f6b-4aad-81fd-73dd573edafa"
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2933:u=1:x=1:i=1688138051:t=1688224451:v=2:sig=AQGwI_OLmcLrQtNeotV65mu_VWNl0XpI"
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-5f24a635-74e4-4a3c-8186-629336b9a86e-649ef142-5553&KRTB&23418-5f24a635-74e4-4a3c-8186-629336b9a86e-649ef142-5553
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-1bb623d7-9252-403a-b591-03c55dc5a4e5&KRTB&23011-1bb623d7-9252-403a-b591-03c55dc5a4e5&KRTB&23355-1bb623d7-9252-403a-b591-03c55dc5a4e5
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:lIUq4eeT1QffP55&KRTB&23421-uid:lIUq4eeT1QffP55
beacon.lynx.cognitivlabs.com/ Name: UID
Value: abcb76c9-4ae9-40b4-9643-05375f79b776
.csync.loopme.me/ Name: viewer_token
Value: 18181737-73de-478a-b53b-329e74bc7d1c
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAHs8gHBOXKUgNl1DwqAAAAAAA&KRTB&22713-AAAHs8gHBOXKUgNl1DwqAAAAAAA&KRTB&22715-AAAHs8gHBOXKUgNl1DwqAAAAAAA
.adform.net/ Name: C
Value: 1
.technoratimedia.com/ Name: tads_uidp_88
Value: 3944853853175584152498
.technoratimedia.com/ Name: tads_uidp_77
Value: PYPUjY3btY6pj8vfBJHMN8S__aLPSxEtHE4RRHF1UN8
.technoratimedia.com/ Name: tads_uidp_44
Value: LJIMA5B8-1G-BXB1
.technoratimedia.com/ Name: tads_uidp_46
Value: 3979656610076561723
.technoratimedia.com/ Name: tads_uidp_79
Value: 8c89f462-2727-45a8-95f5-8cc78e747c09
.technoratimedia.com/ Name: tads_uidp_37
Value: c298c91a-e167-33ed-bae8-bc0618d66ae6
.technoratimedia.com/ Name: tads_uidp_48
Value: 05bd7970-60a3-42e5-b875-ad172b166784
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAL9WYNZ08ibQNKB7lFAAAAAAA
.technoratimedia.com/ Name: tads_uidp_7
Value: a06c5228-37d6-4578-8122-ec4397575b57
.technoratimedia.com/ Name: tads_uidp_80
Value: y-K.pec5ZE2uEA6csKndkU9ram3FnprnXI~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZJ7aHmXUKE5NU9JJXZZRMwAA&1228
.technoratimedia.com/ Name: tads_uidp_50
Value: f7b9bdf9-f81c-4801-99e9-6b1325c1c82c
.technoratimedia.com/ Name: tads_uidp_61
Value: 212152821793116
.technoratimedia.com/ Name: tads_uidp_62
Value: 3311337266634625000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: 6KyqdVAyebkfCzln77EgHOIUiFTvqMas
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-714366ba-d00f-444e-860f-b65357d78cc5-005
.technoratimedia.com/ Name: tads_uid
Value: A42684DA40694E48B36D7397BF65523E
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230604073159+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33646_10515B1F9_59136952&KRTB&23092-R33646_10515B1F9_59136952
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_303ff47e-f082-42f1-af5e-823041c8a5b0
.adform.net/ Name: uid
Value: 6024546099386426311
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6024546099386426311&KRTB&23263-6024546099386426311&KRTB&23481-6024546099386426311
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-dbd0bf58-358f-461b-a20a-84d8457d6734
.contextweb.com/ Name: V
Value: phtVbM0Wvcb3
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1lga|7dN.0.AABEfU7JPeMAAB_WMUhC8Q
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: d581de0f35aa9f0f
.rubiconproject.com/ Name: audit
Value: 1|L/AtSncKfSI41G1TJ/7pXcr3mwC2aS8DdqjCmtSuE3R+xL8LlrcUaMCW9SMWiNOPukXdpzumiunyUhTWCqUS/Ek4PZsAbGW4LEwEx31w6pBWArGI6KDc7PKeEOazMA84
.jugem.jp/ Name: __gads
Value: ID=55d46f3be6bc4353:T=1688138050:RT=1688138050:S=ALNI_MZqasyl0Pqke_wOaDG3oF91DdhvrA
.jugem.jp/ Name: __gpi
Value: UID=00000c7cd1994e24:T=1688138050:RT=1688138050:S=ALNI_MZ0MB-c1zG-RU9Xp8KoE_QuNCOgaQ
.smartadserver.com/ Name: csync
Value: 127:AABEfU7JPeMAAB_WMUhC8Q
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABEfU7JPeMAAB_WMUhC8Q
.analytics.yahoo.com/ Name: IDSYNC
Value: "175w~2cif:18z8~2cif:199v~2cif"
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2HaMtdZ6%!@wnfH8K6pQK`!5=E<*L5?%K323w3d2PnUq[CF#7[WF9g7^#St?wKeqmg5XM*bpRz*qF1`*b`2J*:B1(
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyJpbmRleGV4Y2hhbmdlIjoiMjAyMy0wNi0zMFQxNToxNDowOS4zMDk4MjExMDVaIiwicHVibWF0aWMiOiIyMDIzLTA2LTMwVDE1OjE0OjA5LjMwMzc2NjQ1M1oiLCJydWJpY29uIjoiMjAyMy0wNi0zMFQxNToxNDowOS4zMDUxMjE3NDJaIiwieWFob28iOiIyMDIzLTA2LTMwVDE1OjE0OjA5LjMwODE3MzA1NloifSwidWlkcyI6eyJhZGFnaW8iOnsidWlkIjoiNTRlZmM1YmYtOTRmYi00MWQ5LWE5NDUtNDYwN2JhNzJjMjJjIiwiZXhwaXJlcyI6IjIwMjMtMDgtMjlUMTU6MTQ6MDkuMTU5NjkxNDAyWiJ9LCJpbmRleGV4Y2hhbmdlIjp7InVpZCI6IlpKN3hRazAyWGU3aVFmWWxWbUlkendBQUJTY0FBQUlCIiwiZXhwaXJlcyI6IjIwMjMtMDgtMjlUMTU6MTQ6MTMuMTM3ODg5NDkzWiJ9LCJwdWJtYXRpYyI6eyJ1aWQiOiIzNkQzNTgyNy0yRkUxLTQzMUEtODYyRC1BNkFDRDgwNDUzQzMiLCJleHBpcmVzIjoiMjAyMy0wOC0yOVQxNToxNDoxMS4wMjcwOTI4MjFaIn0sInJ1Ymljb24iOnsidWlkIjoiTEpJUFQzNFItTy1HTDhWIiwiZXhwaXJlcyI6IjIwMjMtMDgtMjlUMTU6MTQ6MTIuMTI5NDQwMDU0WiJ9LCJ5YWhvbyI6eyJ1aWQiOiJ5LVFTNVd2TlpFMnVGRmhoYlJNSlIxRDFfdjlDcGNNMVpiQWZHYUt4MC1-QSIsImV4cGlyZXMiOiIyMDIzLTA4LTI5VDE1OjE0OjEyLjMyNzA4MTkzNloifX0sImJkYXkiOiIyMDIzLTA2LTMwVDE1OjE0OjA5LjE1OTYwOTI3NFoifQ==
.tribalfusion.com/ Name: ANON_ID
Value: amnu7qy4ZawFBA9MAJTngZdiAGMRfvy6n0DhCW9oBFgZbiZbrZctFuN8WrDa18O75hQZciudXVHMJcuOCZcZcYkieEFWZadZb87AWLK0YXrI830Mmf
fksnk.com/ Name: AWSALBCORS
Value: o1hW6xzjz9DJ56dTRkKttCjBrFnu4eY/bTzJWZQi2LuYQChmIkxMY+3/yZdbWoNgV5tgZrOAdYpeDxX2Y93SNZwMBdRwulNSVqnFTrV1LBkmzWUkGkDI1PbsA/qM
.fksnk.com/ Name: f_001
Value: EF3F6C4C4095ADA0
.fksnk.com/ Name: g_001
Value: 1
.media.net/ Name: visitor-id
Value: 3311396536634662000V10
.media.net/ Name: data-g
Value: CAESEL0mPs_0p5Pc7Mz44NDSIqs~~3
.onetag-sys.com/ Name: OTP
Value: BdXSUpPg365AKm_tkWL4EAbvM4K1I8YH0X3HjWQ7h-k
.go.sonobi.com/ Name: __uis
Value: 2623dc68-b067-487f-b61b-7ed856e821c4
.go.sonobi.com/ Name: HAPLB8S
Value: s8588|ZJ7xS
.360yield.com/ Name: tuuid
Value: fe4feba2-b4bc-4c35-b209-48b27e70c389
.360yield.com/ Name: tuuid_lu
Value: 1688138053
.mxptint.net/ Name: mxpim
Value: R33646_10515B1F9_59136952.1.649EF14500000000649EF143
.pswec.com/ Name: tuuid
Value: e2c9856e-2b0c-41eb-88fc-6a7224c7a5d8
.pswec.com/ Name: c
Value: 1688138053
.pswec.com/ Name: tuuid_lu
Value: 1688138053
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCLy59YjW4fw7EAUSFAoFdGFwYWQSCwjs9MeL1uH8OxAFEhYKB3N2eDl0NTASCwjc1ZKl1uH8OxAFGAEgASgCMgsI3M2V0uzh_DsQBTgBWgdzdng5dDUwYAI.
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 158977:3
.pubmatic.com/ Name: DPSync3
Value: 1689292800%3A258_201_263_262_261_260_259%7C1688688000%3A248
.pubmatic.com/ Name: SyncRTB3
Value: 1689292800%3A56_240_249_54_176_7_22_3_166_104_46_71_5_243_231_13_55_214_234_250_178_239_238_233_99_96_204_220_165_8_48_21%7C1689379200%3A35%7C1690675200%3A224%7C1688947200%3A63%7C1693267200%3A69%7C1688688000%3A2_15_38_223
.linkedin.com/ Name: li_sugr
Value: b5723a99-b3b9-484a-adc7-bf7b89bd7e43
cs.chocolateplatform.com/ Name: sp_cookie
Value: sp-4dd83e4022f74d9cab16a27690348c55
.ladsp.com/ Name: cr
Value: 1
.mookie1.com/ Name: id
Value: 10609777035710782546
.mookie1.com/ Name: mdata
Value: 1|10609777035710782546|1688138054350
.mookie1.com/ Name: ov
Value: cb5fdddc1a51726a515086e3644a0b7f
.bing.com/ Name: MUID
Value: 1DB07C17AB446FD83F1C6F57AACB6E90
.c.bing.com/ Name: MR
Value: 0
.bluekai.com/ Name: bku
Value: ikG99Wqh7ZEU0qAf
.bluekai.com/ Name: bkpa
Value: KJyWyBar3M9R9mY73j5bdWFNlJCkaPoSvPOSPIQ59okWjxTysUFb4jro7fLBTmlIdNF4coQfjN5R4iE2NLLrzccegbrhSdFhzJl78TEymyvsQatt6p/6b2drDx2pFVbIcQMRSIgsSHASOmh04lVlrA49ZFoIF2EBexaeZnD/C0ZaV9uCMDPo5MT8zkssc/5uKEQsazfEzNk3AAik268Q7Y7iIYkw/iVNN5v07OjmP6ZZina9xom0ikzIDuZpLj9tPADPHf7DAU4mKW3TQa9o071vp7CvCWXIECRnnGBuslw1ZYCBVohwJmvXysnNtEfcyfId9xOYlkSU
ads.playground.xyz/ Name: connect.sid
Value: s%3AJI1qTFZWO-3giCDhKmbXrELJuOdQ-Fp2.9mGc3ZMDG7GqmD6doBqC4y2kuYNSNPBiCOkUQhQxeUY
.kargo.com/ Name: ktcid
Value: cd06fd9e-f4b9-091b-542b-cfb3b6106ae7
.ctnsnet.com/ Name: cid_47bd147a8c76474398a840acc6e45b98
Value: 1
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7414244541546166342P
.owneriq.net/ Name: pmc
Value: 1
.ladsp.com/ Name: smn_uid
Value: vODWrUlbHlzUibnM7Wwyog-z94WWJtY
.bfmio.com/ Name: __187_cid
Value: 36D35827-2FE1-431A-862D-A6ACD80453C3
.bfmio.com/ Name: __io_cid
Value: 58f80b0e87dedff24a8b3aed0128f824712c98e2
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-36D35827-2FE1-431A-862D-A6ACD80453C3&KRTB&23413-36D35827-2FE1-431A-862D-A6ACD80453C3&KRTB&23479-36D35827-2FE1-431A-862D-A6ACD80453C3&KRTB&23505-36D35827-2FE1-431A-862D-A6ACD80453C3
.inmobi.com/ Name: idsp_c
Value: a1e60451-1eab-4c47-aff2-ceb8e95707b5
.jugem.jp/ Name: cto_bidid
Value: lsjedl90b05QbVg4emhVRlUxTnFTS1p0VGZjaU9YRW1LaWgxQ3FhWUlPaVhrJTJCRm5TYlB4VXpaTG1aSW9wd2Q5dkFsMTNWcVM2RGolMkJCTU1rajF4MWZPTTZLU1ElM0QlM0Q
.gssprt.jp/ Name: gid
Value: be9acdd40e3281af329546edee1105e6
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!4359-2!4359
beacon.lynx.cognitivlabs.com/ Name: ss
Value: ntkA0%2BBajF4qAJoC5ru4jUW969C8O1maNmEzoqK7D12gw%2BYb2w0Yypr600a0CA9sqbvY3NHq4cX4vTsWRXHGNg%3D%3D
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22113%22%3A%2220230630%22%7D
.genieesspv.jp/ Name: rtbhouse
Value: 0
.genieesspv.jp/ Name: gid
Value: be9acdd40e3281af329546edee1105e6
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f600d383-9265-4771-896b-d6a2bf0ec9e4-005%22%2C%22nxtrdr%22%3Afalse%7D
.brand-display.com/ Name: _knxq_
Value: 0cacf892-56f9-59ab-904318f8.1688138054.0.1688138054.1688138054
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f600d383-9265-4771-896b-d6a2bf0ec9e4-005%22%7D
.impact-ad.jp/ Name: tuuid_lu
Value: 1688138055
y.one.impact-ad.jp/ Name: cmt
Value: !105,dbd0bf58-358f-461b-a20a-84d8457d6734,1,459972855,457380855
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-bbhyJtaZBsKo7u1YRvGeZA
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-f600d383-9265-4771-896b-d6a2bf0ec9e4-005&KRTB&17107-RX-f600d383-9265-4771-896b-d6a2bf0ec9e4-005
.pubmatic.com/ Name: PugT
Value: 1688138055
.gsspat.jp/ Name: gid
Value: 8aaf305a6270e969fa9405517091a44a
.fout.jp/ Name: uid
Value: NzXivhFzNXFzIUMW1h7FC4cHZuA
.c.appier.net/ Name: _auid
Value: k9oo0n3-DfaP3WoQR_GeZA
.ad-stir.com/ Name: uid
Value: 49e6e190-868e-49e8-afd9-a3ca55e41138
.ad-stir.com/ Name: bpmkv
Value: 1
.ad-stir.com/ Name: bpgn
Value: 1
.gssprt.jp/ Name: lamp
Value: 8aaf305a6270e969fa9405517091a44a
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: id5
Value: 63042590-5378-7c60-a9b4-c1ff94494346#1688138055368#1
.impact-ad.jp/ Name: psm
Value: 0
.gssprt.jp/ Name: appier
Value: k9oo0n3-DfaP3WoQR_GeZA
.gssprt.jp/ Name: motionbeat2
Value: 49e6e190-868e-49e8-afd9-a3ca55e41138
.uncn.jp/ Name: t
Value: v_9631e276-ba06-44f0-9eeb-259e61fd4ec7
.gssprt.jp/ Name: unicorn
Value: v_9631e276-ba06-44f0-9eeb-259e61fd4ec7
.pubmatic.com/ Name: SPugT
Value: 1688129915
.criteo.com/ Name: uid
Value: e20bac6b-832f-438b-8b1b-0842273368be
.jugem.jp/ Name: cto_bundle
Value: 6KsjaV9TJTJCallQT1JJamZFWjVic0V1NEUxZ2pxa1NxMFVmYXdrOUhIZElYY0RPczllVmQxaEljenV2WHdMZXhMNGVDSDhKM0dEVFBUSTFMT216c2Q5VEQzdmxaeExDbG5xUmtUYVFHdHYxTlZKNk00OEltbmNacEZCNHRDekYzdEMlMkJKMjhaamJkQ1dBaWZ1MHdjY1lJakE3M0pBJTNEJTNE

28 Console Messages

Source Level URL
Text
network error URL: https://hqzbjthk.com/uflog.jpg
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.j-league.or.jp/tool/2010/blogparts/js/fctokyo.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: http://img-cdn.jg.jugem.jp/841/52797/20060509_177810.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://img-cdn.jg.jugem.jp/841/52797/20060422_166569.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://img-cdn.jg.jugem.jp/841/52797/20060419_164923.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://img-cdn.jg.jugem.jp/841/52797/20060423_167028.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript error URL: http://chatdemaison.jugem.jp/
Message:
Access to XMLHttpRequest at 'http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js' from origin 'http://chatdemaison.jugem.jp' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Message:
Failed to load resource: net::ERR_FAILED
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.flux.jp
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.as.amanad.adtdp.com
ad.mrtnsvr.com
ad.turn.com
ade.googlesyndication.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
aep.mxptint.net
audiencedata.im-apps.net
b1sync.zemanta.com
ba7f3317a10b400b79a96e090dc629c4.safeframe.googlesyndication.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bypass.ad-stir.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
cdn.ampproject.org
cdn.indexww.com
cdn.jsdelivr.net
chatdemaison.jugem.jp
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
core.iprom.net
corp.rakuten.co.jp
cr-p31.ladsp.com
crb.kargo.com
cs.chocolateplatform.com
cs.gssprt.jp
cs.media.net
csync.loopme.me
d.socdm.com
dis.criteo.com
dmp.brand-display.com
dmp.im-apps.net
ds.uncn.jp
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fksnk.com
flux-cdn.com
g.c.appier.net
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
hqzbjthk.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imaging.jugem.jp
img-cdn.jg.jugem.jp
ipac.ctnsnet.com
js-sec.indexww.com
js.mediams.mb.softbank.jp
lb.eu-1-id5-sync.com
match.360yield.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
matching.truffle.bid
mediamsmbsoftbank.genieesspv.jp
mp.4dex.io
mug.criteo.com
mweb.ck.inmobi.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pb.ladsp.com
penta.a.one.impact-ad.jp
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel-us-west.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
r.bidswitch.net
rt.gsspat.jp
rtb-csync.smartadserver.com
rtb-jp.mediago.io
rtb.adentifi.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.fout.jp
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync6.im-apps.net
synchroscript.deliveryengine.adswizz.com
syndication.twitter.com
t.pswec.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.4dex.io
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
www.eki-net.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.j-league.or.jp
x.bidswitch.net
y.one.impact-ad.jp
c.amazon-adsystem.com
hqzbjthk.com
www.j-league.or.jp
103.132.192.30
104.112.8.40
104.127.172.242
104.127.64.185
104.18.10.47
104.18.25.185
104.244.42.136
104.36.115.111
107.178.248.96
108.138.107.138
124.146.215.46
13.113.171.214
13.113.41.51
13.225.63.2
13.35.93.55
133.186.12.12
133.237.60.111
141.226.224.48
142.250.65.194
142.250.72.98
142.251.40.194
151.101.194.49
159.203.145.121
162.19.138.119
162.19.138.82
162.248.18.37
162.55.120.196
172.104.105.5
172.105.232.22
173.231.178.117
18.164.107.227
18.164.124.68
18.176.200.96
185.167.164.49
192.40.39.223
195.5.165.20
198.148.27.140
199.127.204.142
199.38.167.130
20.85.134.6
202.232.238.37
207.198.113.87
216.200.232.249
222.230.178.129
222.230.178.130
222.230.178.29
23.105.12.151
23.105.12.158
23.197.21.62
23.4.226.82
23.47.144.138
23.77.173.8
23.77.241.5
2600:1400:d::1721:eea8
2600:141b:e800:38::17c6:d654
2600:1901:0:e207::
2600:1f18:4e9:5a07:2a9f:40df:c424:1e81
2600:9000:202c:1000:13:9454:1700:93a1
2600:9000:202c:6e00:13:9454:1700:93a1
2600:9000:21ec:5e00:1d:8805:bd80:93a1
2600:9000:2209:fa00:1b:5138:8a40:93a1
2602:803:c002:200::41
2603:c020:400d:3000:7130:bb0b:d7e:bee2
2606:2800:220:de:468:2285:c1:4a3
2606:4700:20::ac43:4bf1
2606:4700::6812:18ad
2606:4700::6812:372
2606:ae80:1471:19::1080
2607:f8b0:4004:c08::9c
2607:f8b0:4006:807::2002
2607:f8b0:4006:809::2002
2607:f8b0:4006:80f::200e
2607:f8b0:4006:816::2001
2607:f8b0:4006:817::2001
2607:f8b0:4006:817::2004
2607:f8b0:4006:81d::2002
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::2006
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:600::485
3.215.195.177
3.225.186.40
3.225.218.10
3.91.118.28
34.102.163.6
34.102.253.54
34.111.113.62
34.111.151.213
34.133.71.175
34.149.40.38
34.160.89.38
34.196.240.12
34.230.233.1
34.237.98.178
34.251.135.187
35.153.221.178
35.186.193.173
35.190.90.30
35.211.118.13
35.211.178.172
35.213.109.249
35.213.115.3
35.214.209.26
35.244.159.8
38.68.201.140
38.91.45.7
38.98.69.175
51.222.239.230
52.0.248.85
52.192.19.90
52.202.52.98
52.203.174.216
52.223.22.214
52.223.40.198
52.23.63.120
52.46.143.56
52.95.125.22
54.156.165.4
54.211.72.252
54.90.39.207
68.67.160.75
69.166.1.10
69.173.151.100
69.90.254.78
70.42.32.95
74.119.119.139
74.119.119.150
8.28.7.81
8.28.7.83
8.28.7.84
8.39.36.141
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
096691dcaff77dd2e4582aabe5201ef4da8489b02392496e756bb7f3ab9658c7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
130eccd4d5ae996edc72799bd669fd98a916bb759c56d59079efe1cc5e6edb3d
17eedfbd6207c388a4455df3dca137785efc0be264f83985aed475e7e1df1a0c
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83
1f8e40bd3a36f2f63ab7297027275d974d62f836330f41fcce186f825ddfc9db
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be
29a649a9db89d50585a2e304665ff665622591fa60cfc2178e23e7c7450cb301
2e942f9d18da96e85cd7f9c23539c827e6352c98fccc555b2e56d13fc588592a
2efad216a389ee109fa490dadf6d650c083079a4870425b375b11c401cb84560
306d7e96e85f83f6286577ad4cf633fe5beef64ec287d93432beb3e97f72ddcf
30ed7c9732d5f9402663ff1718476a44e6fd416455e99ddda2bd3cc3a0b167b0
390241a579c77db57aa1ee8643977a27ecb49593dbdf6655b6575f5e34d05098
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3c8aa1c212afb95bbfea2c2cf112fc0d53a0cd6274c144a36378d606fcccf200
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f7c549cfacde11c4129c09b1908d106126d823682cc758f70fc046638d7746b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
439b43b7234d74128cdb70a2ad0e2528dc19232c0ec7449dd5601069da931484
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b632400c17708167150d64529b8d9a14c419dd7bb79a7875e3f84186051ac3
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a10364c63c733f5a35967eaec8f14d5f93caf2d2403ae09d997ece909e1e45a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
58dd325f10c6b3d5268245700e7449c733bcf119375a88d1de2a029d73a8d84f
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dc2e789c5bfb247704b0d1aab9006a3636cc34df648cd39ef1a749a6253f2c3
6dc5e7df6160c8fa979d97f7abee0c3ece1e78915cd01936b7938fb27997374a
6e1f1966467195c6c2a136ff31c5a7104becee6dfa792fdfa68e7a72983adeae
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
74f8eb7d67a652edd85f6135dbd1e34f98fba512937982a8f35d353396598736
7707c8373a222f4526c86d7da7cb35821cdfc73b7fbf32db5ef2a690a09182de
77aac0a0e4a673fec7bd62739e0343f40b4208f324095a558e9df03fccdc5bcf
83dd5a9512e50ec30c2a08621826980b7d9a59b2e40e2dfd42235e494eb4f456
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8a15bd5054ab1321865da9cf9c5ea5ae352cb7f813c8a9be82cffc58b4c00057
8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
9029e303c26e6ccb3953fd2993b36197dad29d2a7aaea45c1e5a736e9e33e125
94439c92d7b20cef4532243ed9ca2e30577d5ac192a09ea4f09fd94f079f6803
9447ce46358b5d7a2e7df181d55d3a59e294bba13ad55bcae4600c7183a3f0db
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a8049071870d7f1568c4a93ded757a4c90cf45669d03ca2720ca90f872fbe7c
9c8dfc8418f7c2ae54a0eca38c5c633ea887b3760f7ebd67a886b08d35fdeb76
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
adf5fb1d90811bfe8d6ab1a3fcbba6966c94215548bfa8217d2ed9644e5dc629
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5baa11b1c8d5149380a62d1be9081467b557b3e56377585937040cb168abf27
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
ba4924716ed0580ae30f974eebb97421a2c10c1e2cf61e8ad60fcd39d8fbca30
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c814c13eed5e77ede3bf8b0413478b343a303ee97ebb4fa9454db255b2e013fc
cafee63e1870198d0049531d3c87b3d6c184c36a59bd3ee5c523119406710663
cb7b3964261ff57bcdee07c33c22f07fe47ba6df8953553026c851c4f17d65e2
d4be49a1fb727d8504115ddecec10dba598d4bffb9060b22c5cf8a65c57796d3
d68b7045d258ac0326c68ef4b6646fc4a42e80b032b27ac11e4d3e55842e3149
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df5ae2cebd8313d7c521b06a45ba11abdbb7d7ce963e7cc8b2d6bdc5b3186fe1
e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ee8e81b6bf18276e5eb722cd68324a19f5ade5196fe8340546dcd30dcc8337c6
ef06f9e935d43147b5d5ff306f30530de69d2f73ad25ee539d9d7aef1109a844
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2ed3255e4f9cb5a5b40d643224fd6bbc9c76c4e288f49d6eac3f09151e5f297