tsuredurediary.com Open in urlscan Pro
183.181.90.31 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Submission: On July 20 via api (July 20th 2023, 5:12:24 pm UTC) from US — Scanned from JP

Summary HTTP 474 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 125 IPs in 18 countries across 118 domains to perform 474 HTTP transactions. The main IP is 183.181.90.31, located in Ichikawa, Japan and belongs to XSERVER Xserver Inc., JP. The main domain is tsuredurediary.com.
TLS certificate: Issued by R3 on May 23rd 2023. Valid for: 3 months.

This is the only time tsuredurediary.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	183.181.90.31 183.181.90.31	131965 (XSERVER X...) (XSERVER Xserver Inc.)
2	2404:6800:400... 2404:6800:4004:821::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4004:811::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:208... 2600:9000:208e:800:18:82c:9d80:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2a02:6ea0:d30... 2a02:6ea0:d300::13	60068 (CDN77 ^_^) (CDN77 ^_^)
1	3.114.88.99 3.114.88.99	16509 (AMAZON-02) (AMAZON-02)
3	35.75.249.253 35.75.249.253	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4004:823::200e	15169 (GOOGLE) (GOOGLE)
4	2606:2800:248... 2606:2800:248:2f:1d8a:787:dc7:17df	15133 (EDGECAST) (EDGECAST)
2	35.75.137.85 35.75.137.85	16509 (AMAZON-02) (AMAZON-02)
4	153.120.49.89 153.120.49.89	7684 (SAKURA-A ...) (SAKURA-A SAKURA Internet Inc.)
2 10	2404:6800:400... 2404:6800:4004:80c::2004	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
22	2404:6800:400... 2404:6800:4004:825::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21e... 2600:9000:21ee:7600:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
5	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
1	23.49.98.204 23.49.98.204	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	2406:2600:4::b 2406:2600:4::b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	145.239.193.51 145.239.193.51	16276 (OVH) (OVH)
5	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1 3	2620:116:800e... 2620:116:800e:21:36b5:1576:d999:6e52	16509 (AMAZON-02) (AMAZON-02)
1	34.248.128.167 34.248.128.167	16509 (AMAZON-02) (AMAZON-02)
1	99.84.59.217 99.84.59.217	16509 (AMAZON-02) (AMAZON-02)
1	54.178.169.33 54.178.169.33	16509 (AMAZON-02) (AMAZON-02)
3	2404:6800:400... 2404:6800:4004:81f::200e	15169 (GOOGLE) (GOOGLE)
2	182.161.74.11 182.161.74.11	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
21 26	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2404:6800:400... 2404:6800:4004:808::2003	15169 (GOOGLE) (GOOGLE)
1	2600:140b:1a0... 2600:140b:1a00:3b0::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	51.158.29.12 51.158.29.12	12876 (Online SAS) (Online SAS)
18	2404:6800:400... 2404:6800:4004:810::2002	15169 (GOOGLE) (GOOGLE)
1	52.193.196.125 52.193.196.125	16509 (AMAZON-02) (AMAZON-02)
13 14	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
4 4	103.229.205.242 103.229.205.242	30419 (MEDIAMATH...) (MEDIAMATH-INC)
6 8	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
15 18	103.43.90.179 103.43.90.179	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	54.251.17.22 54.251.17.22	16509 (AMAZON-02) (AMAZON-02)
3 3	18.182.162.20 18.182.162.20	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4004:826::200e	15169 (GOOGLE) (GOOGLE)
1	52.31.38.175 52.31.38.175	16509 (AMAZON-02) (AMAZON-02)
2	210.140.225.92 210.140.225.92	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1	13.227.62.60 13.227.62.60	16509 (AMAZON-02) (AMAZON-02)
1	13.227.62.70 13.227.62.70	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	2600:9000:21e... 2600:9000:21ee:9600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4004:826::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:821::2002	15169 (GOOGLE) (GOOGLE)
1	210.140.225.181 210.140.225.181	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
5	2404:6800:400... 2404:6800:4004:813::2003	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4004:812::200a	15169 (GOOGLE) (GOOGLE)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
30	2404:6800:400... 2404:6800:4004:81e::2001	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4004:801::2002	15169 (GOOGLE) (GOOGLE)
4	13.250.173.68 13.250.173.68	16509 (AMAZON-02) (AMAZON-02)
1 2	13.251.73.116 13.251.73.116	16509 (AMAZON-02) (AMAZON-02)
1	13.213.165.210 13.213.165.210	16509 (AMAZON-02) (AMAZON-02)
2	103.253.24.71 103.253.24.71	6939 (HURRICANE) (HURRICANE)
1 3	50.31.142.95 50.31.142.95	23352 (SERVERCEN...) (SERVERCENTRAL)
2	2406:2600:4::12 2406:2600:4::12	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3 16	131.153.206.101 131.153.206.101	59210 (PHOENIXNA...) (PHOENIXNAP-AS-SG1 PhoenixNAP)
1	52.192.11.98 52.192.11.98	16509 (AMAZON-02) (AMAZON-02)
1 15	104.22.68.131 104.22.68.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	212.36.83.246 212.36.83.246	15699 (AS_ADAM A...) (AS_ADAM Adam Datacenter)
1 2	44.237.73.107 44.237.73.107	16509 (AMAZON-02) (AMAZON-02)
1	2602:803:c006... 2602:803:c006:158::65	26667 (RUBICONPR...) (RUBICONPROJECT)
1	13.115.8.252 13.115.8.252	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
1	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.211.251.134 52.211.251.134	16509 (AMAZON-02) (AMAZON-02)
1 5	23.106.127.53 23.106.127.53	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
2 3	119.9.108.211 119.9.108.211	45187 (RACKSPACE...) (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong)
2 2	18.178.232.34 18.178.232.34	16509 (AMAZON-02) (AMAZON-02)
7	23.44.52.240 23.44.52.240	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	103.231.99.243 103.231.99.243	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	99.84.50.61 99.84.50.61	16509 (AMAZON-02) (AMAZON-02)
1 22	103.231.99.80 103.231.99.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 3	182.161.74.16 182.161.74.16	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 1	54.238.65.52 54.238.65.52	16509 (AMAZON-02) (AMAZON-02)
4 4	220.150.223.50 220.150.223.50	4686 (BEKKOAME ...) (BEKKOAME BEKKOAME INTERNET INC.)
1 1	220.150.223.52 220.150.223.52	4686 (BEKKOAME ...) (BEKKOAME BEKKOAME INTERNET INC.)
3 4	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	52.220.229.2 52.220.229.2	16509 (AMAZON-02) (AMAZON-02)
1	54.238.235.241 54.238.235.241	16509 (AMAZON-02) (AMAZON-02)
1 1	172.105.221.29 172.105.221.29	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	54.235.195.83 54.235.195.83	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.214.247.17 35.214.247.17	15169 (GOOGLE) (GOOGLE)
1 1	198.8.71.130 198.8.71.130	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	13.228.115.104 13.228.115.104	16509 (AMAZON-02) (AMAZON-02)
2 3	34.124.209.251 34.124.209.251	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	34.149.40.38 34.149.40.38	15169 (GOOGLE) (GOOGLE)
14 28	142.250.199.98 142.250.199.98	15169 (GOOGLE) (GOOGLE)
15 15	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
2 2	52.197.0.12 52.197.0.12	16509 (AMAZON-02) (AMAZON-02)
3 3	202.241.208.56 202.241.208.56	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
4 4	185.84.60.30 185.84.60.30	198622 (ADFORM) (ADFORM)
2 7	2406:da18:929... 2406:da18:929:5a03:6501:163c:2f11:2df9	16509 (AMAZON-02) (AMAZON-02)
11 16	13.228.126.19 13.228.126.19	16509 (AMAZON-02) (AMAZON-02)
1 3	103.231.99.81 103.231.99.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	2001:df2:a300... 2001:df2:a300:bbbb::135	6336 (TURN-US-ASN) (TURN-US-ASN)
4 4	2a02:fa8:c411... 2a02:fa8:c411:12::1050	399104 (CNVR-APAC) (CNVR-APAC)
1	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
1 1	175.41.237.238 175.41.237.238	16509 (AMAZON-02) (AMAZON-02)
1 1	20.85.134.6 20.85.134.6	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	18.177.11.95 18.177.11.95	16509 (AMAZON-02) (AMAZON-02)
1 1	31.220.27.135 31.220.27.135	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3 3	188.42.105.220 188.42.105.220	7979 (SERVERS-COM) (SERVERS-COM)
2	2404:6800:400... 2404:6800:4004:801::2006	15169 (GOOGLE) (GOOGLE)
4 11	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	23.215.255.183 23.215.255.183	16625 (AKAMAI-AS) (AKAMAI-AS)
8	23.60.110.42 23.60.110.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
8 11	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	67.220.224.144 67.220.224.144	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
4	185.86.138.122 185.86.138.122	201081 (SMARTADSE...) (SMARTADSERVER)
8	2406:2600:4::1 2406:2600:4::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3 3	23.90.68.235 23.90.68.235	27381 (CASALE-MEDIA) (CASALE-MEDIA)
8	23.44.53.234 23.44.53.234	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.136.165.102 18.136.165.102	16509 (AMAZON-02) (AMAZON-02)
1	2406:2000:a4:... 2406:2000:a4:807::	10230 (YAHOO-SG ...) (YAHOO-SG internet content provider)
2	2600:140b:a00... 2600:140b:a00:8::b81a:2b4f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.250.85.75 13.250.85.75	16509 (AMAZON-02) (AMAZON-02)
1	2406:2600:4::22 2406:2600:4::22	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2600:140b:a00... 2600:140b:a00:8::b81a:2b47	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	185.86.138.121 185.86.138.121	201081 (SMARTADSE...) (SMARTADSERVER)
1	182.161.74.13 182.161.74.13	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	2406:2600:4::7 2406:2600:4::7	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 1	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
1	52.192.201.178 52.192.201.178	16509 (AMAZON-02) (AMAZON-02)
1 2	2406:2600:4::1b 2406:2600:4::1b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3 3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	52.221.136.13 52.221.136.13	16509 (AMAZON-02) (AMAZON-02)
1 2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.251.42.130 142.251.42.130	15169 (GOOGLE) (GOOGLE)
7	23.45.57.234 23.45.57.234	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7 7	67.202.105.24 67.202.105.24	32748 (STEADFAST) (STEADFAST)
1 2	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
7	13.112.54.241 13.112.54.241	16509 (AMAZON-02) (AMAZON-02)
1 1	80.77.87.163 80.77.87.163	46636 (NATCOWEB) (NATCOWEB)
12	54.168.247.123 54.168.247.123	16509 (AMAZON-02) (AMAZON-02)
2 9	162.55.233.28 162.55.233.28	24940 (HETZNER-AS) (HETZNER-AS)
3 11	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
3 4	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2	212.36.83.245 212.36.83.245	15699 (AS_ADAM A...) (AS_ADAM Adam Datacenter)
4 4	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
2	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1	2606:4700::68... 2606:4700::6813:9e13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	213.19.162.80 213.19.162.80	3356 (LEVEL3) (LEVEL3)
2 2	23.106.127.165 23.106.127.165	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1 1	2606:4700:303... 2606:4700:3037::ac43:9a47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 7	63.251.14.60 63.251.14.60	14744 (INTERNAP-...) (INTERNAP-BLOCK-4)
1 1	103.231.99.242 103.231.99.242	62713 (AS-PUBMATIC) (AS-PUBMATIC)
7 7	74.118.186.107 74.118.186.107	6336 (TURN-US-ASN) (TURN-US-ASN)
2 2	203.195.121.141 203.195.121.141	7979 (SERVERS-COM) (SERVERS-COM)
2 2	35.213.93.179 35.213.93.179	15169 (GOOGLE) (GOOGLE)
2 2	50.31.142.63 50.31.142.63	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	23.44.52.187 23.44.52.187	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	8.2.108.194 8.2.108.194	46636 (NATCOWEB) (NATCOWEB)
6	34.117.239.71 34.117.239.71	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	54.151.157.69 54.151.157.69	16509 (AMAZON-02) (AMAZON-02)
2 2	13.230.134.59 13.230.134.59	16509 (AMAZON-02) (AMAZON-02)
1 1	67.202.105.22 67.202.105.22	32748 (STEADFAST) (STEADFAST)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	23.195.119.85 23.195.119.85	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	54.179.191.168 54.179.191.168	16509 (AMAZON-02) (AMAZON-02)
1 1	18.172.31.60 18.172.31.60	() ()
1 1	54.168.128.49 54.168.128.49	16509 (AMAZON-02) (AMAZON-02)
1	23.106.127.38 23.106.127.38	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1 1	74.214.196.131 74.214.196.131	19189 (PULSEPOINT) (PULSEPOINT)
474	125

17 183.181.90.31 (Ichikawa, Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv8350.xserver.jp

tsuredurediary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:821::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:811::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:208e:800:18:82c:9d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

aml.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6ea0:d300::13 (Tokyo, Japan)

ASN60068 (CDN77 ^_^, GB)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.114.88.99 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-88-99.ap-northeast-1.compute.amazonaws.com

www28.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.75.249.253 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-249-253.ap-northeast-1.compute.amazonaws.com

www13.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www22.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:823::200e (Australia)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:248:2f:1d8a:787:dc7:17df (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.75.137.85 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-137-85.ap-northeast-1.compute.amazonaws.com

blogparts.blogmura.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 153.120.49.89 (Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)
PTR: www35.with2.net

blog.with2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4004:80c::2004 (Australia) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2404:6800:4004:825::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21ee:7600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.49.98.204 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-49-98-204.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2406:2600:4::b (Japan) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.51 (Valence, France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800e:21:36b5:1576:d999:6e52 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.128.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-128-167.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.59.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-59-217.nrt20.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.178.169.33 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-178-169-33.ap-northeast-1.compute.amazonaws.com

blogmura.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:81f::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 162.19.138.119 (Frankfurt am Main, Germany) 21 redirects

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2404:6800:4004:808::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:1a00:3b0::1931 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.158.29.12 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: kube-rr.sirdata.fr

kvt.sddan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2404:6800:4004:810::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.193.196.125 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-196-125.ap-northeast-1.compute.amazonaws.com

a.imgvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 35.71.131.137 (United States) 13 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.229.205.242 (Singapore) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.111.113.62 (Kansas City, United States) 6 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 103.43.90.179 (Singapore) 15 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.251.17.22 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-17-22.ap-southeast-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.182.162.20 (Tokyo, Japan) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-162-20.ap-northeast-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:826::200e (Australia)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.38.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-38-175.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.140.225.92 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
PTR: 210-140-225-92.newton.jp-east.compute.idcfcloud.net

dalc.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.62.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-62-60.nrt20.r.cloudfront.net

static.blogmura.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.62.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-62-70.nrt20.r.cloudfront.net

b.blogmura.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ee:9600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:826::2002 (Australia)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:821::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.140.225.181 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
PTR: 210-140-225-181.newton.jp-east.compute.idcfcloud.net

dalb.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:813::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:812::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2404:6800:4004:81e::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:801::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.250.173.68 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.251.73.116 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-73-116.ap-southeast-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.213.165.210 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-165-210.ap-southeast-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.253.24.71 (Indonesia)

ASN6939 (HURRICANE, US)

shb.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 50.31.142.95 (Itasca, United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1h.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:4::12 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 131.153.206.101 (United States) 3 redirects

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.192.11.98 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-11-98.ap-northeast-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.22.68.131 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

prebid.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csync.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.36.83.246 (Terrassa, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: lb2.vdmy.dtic.es

d.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a-prebid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.237.73.107 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-73-107.us-west-2.compute.amazonaws.com

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c006:158::65 (Singapore)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.115.8.252 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-8-252.ap-northeast-1.compute.amazonaws.com

bid.missena.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.211.251.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-251-134.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.106.127.53 (Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.9.108.211 (Hong Kong) 2 redirects

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.178.232.34 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-232-34.ap-northeast-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.44.52.240 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-52-240.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.231.99.243 (Japan)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.50.61 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-50-61.nrt20.r.cloudfront.net

cr-p10.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 103.231.99.80 (Japan) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.150 (United States) 2 redirects

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 182.161.74.16 (Singapore) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

widget.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.jp2.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.238.65.52 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-65-52.ap-northeast-1.compute.amazonaws.com

ds.uncn.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 220.150.223.50 (Japan) 4 redirects

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa

sync-dsp.ad-m.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 220.150.223.52 (Japan) 1 redirects

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 52.223.150.220.in-addr.arpa

sync-tapi.admatrix.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.2.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.220.229.2 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com

cm-supply-web.gammaplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.238.235.241 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-235-241.ap-northeast-1.compute.amazonaws.com

dps.jp.cinarra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.221.29 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1875-29.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (South Africa)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.235.195.83 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-195-83.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.247.17 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 17.247.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.8.71.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.228.115.104 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-115-104.ap-southeast-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.124.209.251 (Singapore) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.209.124.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com

u.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 142.250.199.98 (United States) 14 redirects

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 35.213.12.39 (Tokyo, Japan) 15 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.197.0.12 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-0-12.ap-northeast-1.compute.amazonaws.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 202.241.208.56 (Japan) 3 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.84.60.30 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2406:da18:929:5a03:6501:163c:2f11:2df9 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 13.228.126.19 (Singapore) 11 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
service.idsync.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.231.99.81 (Japan) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:df2:a300:bbbb::135 (United States) 3 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:fa8:c411:12::1050 (Amsterdam, Netherlands) 4 redirects

ASN399104 (CNVR-APAC, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
inmobi-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 175.41.237.238 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-175-41-237-238.ap-northeast-1.compute.amazonaws.com

v9999.adv.admeme.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.85.134.6 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.177.11.95 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-11-95.ap-northeast-1.compute.amazonaws.com

cs.r-ad.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.135 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.105.220 (Luxembourg) 3 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:801::2006 (Australia)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.98.64.218 (Kansas City, United States) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.215.255.183 (Tokyo, Japan) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-255-183.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.60.110.42 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-60-110-42.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-apac.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 8.39.36.142 (United States) 8 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.220.224.144 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.155.104 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.90.68.235 (India) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.44.53.234 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-53-234.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.136.165.102 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-165-102.ap-southeast-1.compute.amazonaws.com

prod-m-node-2113.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2000:a4:807:: (Taiwan)

ASN10230 (YAHOO-SG internet content provider, SG)

cdn.js7k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:140b:a00:8::b81a:2b4f (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.250.85.75 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-85-75.ap-southeast-1.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:4::22 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

ads.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:a00:8::b81a:2b47 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

apps.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)

itx5.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.13 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

cat.jp2.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:4::7 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

csm.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.8 (Japan) 1 redirects

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.192.201.178 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-201-178.ap-northeast-1.compute.amazonaws.com

cs.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:4::1b (Japan) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

ssp-sync.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands) 3 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.221.136.13 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-136-13.ap-southeast-1.compute.amazonaws.com

onevideosync.uplynk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.42.130 (Marriottsville, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.45.57.234 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-57-234.deploy.static.akamaitechnologies.com

millennialnexageinapp768429046591.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.202.105.24 (Palos Park, United States) 7 redirects

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.33 (Palos Park, United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hde.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.112.54.241 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.163 (Clifton, United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.168.247.123 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-168-247-123.ap-northeast-1.compute.amazonaws.com

sync.missena.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 162.55.233.28 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.28.233.55.162.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 35.71.139.29 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.252.103 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.36.83.245 (Terrassa, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: lb1.vdmy.dtic.es

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.243 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9e13 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.80 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.106.127.165 (Singapore) 2 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:9a47 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

id.a-mx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 63.251.14.60 (United States) 7 redirects

ASN14744 (INTERNAP-BLOCK-4, US)
PTR: 60.14.251.63.unassigned.ord.singlehop.net

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.231.99.242 (Japan) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 74.118.186.107 (Singapore) 7 redirects

ASN6336 (TURN-US-ASN, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.195.121.141 (Singapore) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.93.179 (Tokyo, Japan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.31.142.63 (Itasca, United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.44.52.187 (Tokyo, Japan) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-52-187.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.2.108.194 (United States) 2 redirects

ASN46636 (NATCOWEB, US)

us.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com

events-ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.151.157.69 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-151-157-69.ap-southeast-1.compute.amazonaws.com

map.go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.230.134.59 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-230-134-59.ap-northeast-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.22 (Palos Park, United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net

dp1.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.195.119.85 (Tokyo, Japan) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-195-119-85.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.179.191.168 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-191-168.ap-southeast-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.31.60 (United States) 1 redirects

ASN- ()
PTR: server-18-172-31-60.nrt20.r.cloudfront.net

cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.168.128.49 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-168-128-49.ap-northeast-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.127.38 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.196.131 (Sunnyvale, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 132 tpc.googlesyndication.com — Cisco Umbrella Rank: 153	604 KB
48	doubleclick.net 14 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 243 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 355	245 KB
35	pubmatic.com 3 redirects ads.pubmatic.com — Cisco Umbrella Rank: 558 image6.pubmatic.com — Cisco Umbrella Rank: 764 simage2.pubmatic.com — Cisco Umbrella Rank: 740 image2.pubmatic.com — Cisco Umbrella Rank: 916 image4.pubmatic.com — Cisco Umbrella Rank: 1216 simage4.pubmatic.com — Cisco Umbrella Rank: 1266 image8.pubmatic.com — Cisco Umbrella Rank: 676	57 KB
27	yahoo.com 12 redirects c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1435 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 461 ups.analytics.yahoo.com — Cisco Umbrella Rank: 321 prod-m-node-2113.ssp.yahoo.com — Cisco Umbrella Rank: 166158 service.idsync.analytics.yahoo.com — Cisco Umbrella Rank: 1437	19 KB
26	rubiconproject.com 14 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 567 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1142 eus.rubiconproject.com — Cisco Umbrella Rank: 631 pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 32175 token.rubiconproject.com — Cisco Umbrella Rank: 626 pixel.rubiconproject.com — Cisco Umbrella Rank: 382 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2303 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1196	54 KB
26	id5-sync.com 21 redirects id5-sync.com — Cisco Umbrella Rank: 426	38 KB
18	adnxs.com 15 redirects ib.adnxs.com — Cisco Umbrella Rank: 245 secure.adnxs.com — Cisco Umbrella Rank: 447	13 KB
18	gstatic.com www.gstatic.com fonts.gstatic.com	530 KB
17	a-mo.net 3 redirects prebid.a-mo.net — Cisco Umbrella Rank: 934 assets.a-mo.net — Cisco Umbrella Rank: 2062	7 KB
17	tsuredurediary.com tsuredurediary.com	782 KB
16	criteo.com 5 redirects gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2424 bidder.criteo.com — Cisco Umbrella Rank: 727 dis.criteo.com — Cisco Umbrella Rank: 588 widget.as.criteo.com — Cisco Umbrella Rank: 39736 ads.as.criteo.com — Cisco Umbrella Rank: 12595 cat.jp2.as.criteo.com — Cisco Umbrella Rank: 32010 widget.jp2.as.criteo.com — Cisco Umbrella Rank: 133381 ssp-sync.criteo.com — Cisco Umbrella Rank: 1182	23 KB
15	openx.net 7 redirects u.openx.net — Cisco Umbrella Rank: 733 us-u.openx.net — Cisco Umbrella Rank: 475 rtb.openx.net — Cisco Umbrella Rank: 827 jp-u.openx.net — Cisco Umbrella Rank: 10777	2 KB
15	bidswitch.net 15 redirects x.bidswitch.net — Cisco Umbrella Rank: 346	7 KB
15	smilewanted.com 1 redirects prebid.smilewanted.com — Cisco Umbrella Rank: 6423 csync.smilewanted.com — Cisco Umbrella Rank: 3104 static.smilewanted.com — Cisco Umbrella Rank: 10916	20 KB
15	google.com 2 redirects cse.google.com — Cisco Umbrella Rank: 3513 www.google.com — Cisco Umbrella Rank: 3 clients1.google.com — Cisco Umbrella Rank: 675 adservice.google.com — Cisco Umbrella Rank: 117	201 KB
14	33across.com 8 redirects ssc-cms.33across.com — Cisco Umbrella Rank: 1175 events-ssc.33across.com — Cisco Umbrella Rank: 2479 dp1.33across.com — Cisco Umbrella Rank: 8627	5 KB
14	adsrvr.org 13 redirects match.adsrvr.org — Cisco Umbrella Rank: 386	8 KB
14	4dex.io script.4dex.io — Cisco Umbrella Rank: 1532 mp.4dex.io — Cisco Umbrella Rank: 2871 u.4dex.io — Cisco Umbrella Rank: 4651	29 KB
13	smartadserver.com 3 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 615 ww1097.smartadserver.com — Cisco Umbrella Rank: 38958 itx5.smartadserver.com — Cisco Umbrella Rank: 20267 sync.smartadserver.com — Cisco Umbrella Rank: 1442 ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1689 ssbsync.smartadserver.com — Cisco Umbrella Rank: 828	15 KB
13	missena.io bid.missena.io — Cisco Umbrella Rank: 66798 sync.missena.io — Cisco Umbrella Rank: 83379	13 KB
12	3lift.com 3 redirects tlx.3lift.com — Cisco Umbrella Rank: 644 eb2.3lift.com — Cisco Umbrella Rank: 405	5 KB
11	richaudience.com 2 redirects shb.richaudience.com — Cisco Umbrella Rank: 3254 sync.richaudience.com — Cisco Umbrella Rank: 1828	5 KB
10	moatads.com z.moatads.com — Cisco Umbrella Rank: 670 geo.moatads.com — Cisco Umbrella Rank: 785 px.moatads.com — Cisco Umbrella Rank: 580 mb.moatads.com — Cisco Umbrella Rank: 871	114 KB
10	criteo.net static.criteo.net — Cisco Umbrella Rank: 595 csm.as.criteo.net — Cisco Umbrella Rank: 12925	169 KB
10	themoneytizer.com ads.themoneytizer.com — Cisco Umbrella Rank: 36405	228 KB
9	adform.net 8 redirects adx.adform.net — Cisco Umbrella Rank: 4255 c1.adform.net — Cisco Umbrella Rank: 601 cm.adform.net — Cisco Umbrella Rank: 1228	4 KB
9	gumgum.com 1 redirects g2.gumgum.com — Cisco Umbrella Rank: 1801 usersync.gumgum.com — Cisco Umbrella Rank: 1962 rtb.gumgum.com — Cisco Umbrella Rank: 1676	4 KB
9	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 406 fonts.googleapis.com — Cisco Umbrella Rank: 74	65 KB
8	tapad.com 6 redirects pixel.tapad.com — Cisco Umbrella Rank: 507	1 KB
7	lijit.com 7 redirects ap.lijit.com — Cisco Umbrella Rank: 728	4 KB
7	moatpixel.com millennialnexageinapp768429046591.s.moatpixel.com — Cisco Umbrella Rank: 4281	2 KB
6	vidoomy.com d.vidoomy.com — Cisco Umbrella Rank: 10647 a-prebid.vidoomy.com — Cisco Umbrella Rank: 14349 a.vidoomy.com — Cisco Umbrella Rank: 2686	3 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 211	337 KB
6	cpx.to p.cpx.to — Cisco Umbrella Rank: 10220 s.cpx.to — Cisco Umbrella Rank: 7145	4 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 904 syndication.twitter.com — Cisco Umbrella Rank: 1165	151 KB
5	1rx.io 5 redirects sync.1rx.io — Cisco Umbrella Rank: 613	3 KB
5	amazon-adsystem.com 3 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1078 s.amazon-adsystem.com — Cisco Umbrella Rank: 320	4 KB
5	zemanta.com 3 redirects b1h.zemanta.com — Cisco Umbrella Rank: 6305 b1sync.zemanta.com — Cisco Umbrella Rank: 551	2 KB
5	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 784	4 KB
5	tmyzer.com c.tmyzer.com — Cisco Umbrella Rank: 33071	1 KB
5	blogmura.com blogparts.blogmura.com — Cisco Umbrella Rank: 738884 blogmura.com — Cisco Umbrella Rank: 291158 static.blogmura.com b.blogmura.com — Cisco Umbrella Rank: 347901	9 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 372	2 KB
4	dotomi.com 4 redirects pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4176 inmobi-match.dotomi.com — Cisco Umbrella Rank: 11151	1 KB
4	everesttech.net 3 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 726	1 KB
4	ad-m.asia 4 redirects sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2948	2 KB
4	mathtag.com 4 redirects sync.mathtag.com — Cisco Umbrella Rank: 900	2 KB
4	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 10269 ced-ns.sascdn.com — Cisco Umbrella Rank: 2680 apps.sascdn.com — Cisco Umbrella Rank: 7908	49 KB
4	with2.net blog.with2.net — Cisco Umbrella Rank: 403353	42 KB
4	a8.net www28.a8.net www13.a8.net www22.a8.net	204 KB
4	valuecommerce.com aml.valuecommerce.com — Cisco Umbrella Rank: 178582 dalc.valuecommerce.com — Cisco Umbrella Rank: 156473 dalb.valuecommerce.com — Cisco Umbrella Rank: 158050	40 KB
3	affec.tv 2 redirects map.go.affec.tv — Cisco Umbrella Rank: 8229	2 KB
3	creativecdn.com 3 redirects creativecdn.com — Cisco Umbrella Rank: 517	1 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 476 ssum.casalemedia.com — Cisco Umbrella Rank: 1392	2 KB
3	gonet-ads.com 3 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 27397	1 KB
3	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 892	1 KB
3	socdm.com 3 redirects tg.socdm.com — Cisco Umbrella Rank: 1096	3 KB
3	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 865	2 KB
3	ladsp.com 3 redirects cr-p10.ladsp.com cr-p3.ladsp.com — Cisco Umbrella Rank: 20173	2 KB
3	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1267	2 KB
3	eyeota.net 3 redirects ps.eyeota.net — Cisco Umbrella Rank: 1114	2 KB
3	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 868	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 56	21 KB
3	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 1226 pixel.quantserve.com — Cisco Umbrella Rank: 919 cms.quantserve.com — Cisco Umbrella Rank: 818	10 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 210	2 KB
2	ck-ie.com 2 redirects us.ck-ie.com — Cisco Umbrella Rank: 3204	992 B
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2769	971 B
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1681	1 KB
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1326	944 B
2	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 731	374 B
2	tynt.com 1 redirects de.tynt.com — Cisco Umbrella Rank: 1717 hde.tynt.com — Cisco Umbrella Rank: 4289	4 KB
2	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 214	835 B
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 322	43 KB
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 5997	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 910	1 KB
2	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 6494	666 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 592	1 KB
2	omnitagjs.com 1 redirects hb-api.omnitagjs.com — Cisco Umbrella Rank: 3795 visitor.omnitagjs.com — Cisco Umbrella Rank: 874	1 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 651	568 B
2	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 3576 log.pinterest.com — Cisco Umbrella Rank: 4608	19 KB
2	quantcast.com cmp.quantcast.com — Cisco Umbrella Rank: 3462	45 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2550 pixel.wp.com — Cisco Umbrella Rank: 2452	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 69	129 KB
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 594	727 B
1	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 1471	280 B
1	sharethrough.com 1 redirects match.sharethrough.com — Cisco Umbrella Rank: 570	565 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 554	613 B
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 584	752 B
1	a-mx.com 1 redirects id.a-mx.com — Cisco Umbrella Rank: 2159	469 B
1	admanmedia.com 1 redirects cs.admanmedia.com — Cisco Umbrella Rank: 1082	660 B
1	uplynk.com onevideosync.uplynk.com — Cisco Umbrella Rank: 4145	195 B
1	adingo.jp cs.adingo.jp — Cisco Umbrella Rank: 3517	398 B
1	microad.jp 1 redirects s-cs.send.microad.jp — Cisco Umbrella Rank: 25723	515 B
1	js7k.com cdn.js7k.com — Cisco Umbrella Rank: 1331	17 KB
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 11748	337 B
1	r-ad.ne.jp 1 redirects cs.r-ad.ne.jp — Cisco Umbrella Rank: 71374	739 B
1	inmobi.com 1 redirects mweb.ck.inmobi.com — Cisco Umbrella Rank: 4636	508 B
1	admeme.net 1 redirects v9999.adv.admeme.net — Cisco Umbrella Rank: 18938	359 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 825	795 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 969	226 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 766	1 KB
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 2241	417 B
1	appier.net 1 redirects gocm.c.appier.net — Cisco Umbrella Rank: 2524	436 B
1	cinarra.com dps.jp.cinarra.com — Cisco Umbrella Rank: 16470	38 B
1	gammaplatform.com 1 redirects cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3371	641 B
1	admatrix.jp 1 redirects sync-tapi.admatrix.jp — Cisco Umbrella Rank: 78831	622 B
1	uncn.jp 1 redirects ds.uncn.jp — Cisco Umbrella Rank: 24045	455 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1091	405 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1150	605 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1160	1 KB
1	adleadevent.com adtrack.adleadevent.com — Cisco Umbrella Rank: 39782	924 B
1	imgvc.com a.imgvc.com — Cisco Umbrella Rank: 176122	319 B
1	sddan.com kvt.sddan.com — Cisco Umbrella Rank: 39552	659 B
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	leadplace.fr tag.leadplace.fr — Cisco Umbrella Rank: 39565	6 KB
1	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 3148	20 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 255	4 KB
0	nex8.net Failed cs.nex8.net Failed
0	ignore.me Failed ignore.me Failed
474	118

	Domain	Requested by
30	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com
28	cm.g.doubleclick.net	14 redirects tsuredurediary.com googleads.g.doubleclick.net eus.rubiconproject.com ads.themoneytizer.com eb2.3lift.com us-u.openx.net
26	id5-sync.com	21 redirects ads.themoneytizer.com tsuredurediary.com ced.sascdn.com
22	pagead2.googlesyndication.com	tsuredurediary.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com ced-ns.sascdn.com tpc.googlesyndication.com
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com tsuredurediary.com googleads.g.doubleclick.net ced-ns.sascdn.com
17	tsuredurediary.com	tsuredurediary.com
16	prebid.a-mo.net	3 redirects ads.themoneytizer.com tsuredurediary.com
15	x.bidswitch.net	15 redirects
15	simage2.pubmatic.com	ads.pubmatic.com tsuredurediary.com
14	ups.analytics.yahoo.com	10 redirects tsuredurediary.com
14	match.adsrvr.org	13 redirects p.cpx.to
13	ib.adnxs.com	11 redirects p.cpx.to tsuredurediary.com
13	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
12	sync.missena.io	ads.themoneytizer.com sync.missena.io eus.rubiconproject.com ads.pubmatic.com
12	csync.smilewanted.com	1 redirects ads.themoneytizer.com csync.smilewanted.com
11	eb2.3lift.com	3 redirects ads.themoneytizer.com eb2.3lift.com
11	u.4dex.io	ads.pubmatic.com eus.rubiconproject.com tsuredurediary.com hde.tynt.com ssbsync.smartadserver.com
10	www.google.com	2 redirects tsuredurediary.com cse.google.com www.google.com www.gstatic.com
10	ads.themoneytizer.com	tsuredurediary.com ads.themoneytizer.com
9	sync.richaudience.com	2 redirects ads.themoneytizer.com sync.richaudience.com ads.pubmatic.com
8	static.criteo.net	ads.themoneytizer.com static.criteo.net ads.as.criteo.com
8	eus.rubiconproject.com	tsuredurediary.com eus.rubiconproject.com ads.themoneytizer.com sync.missena.io hde.tynt.com
8	pixel.tapad.com	6 redirects tsuredurediary.com hde.tynt.com
7	ap.lijit.com	7 redirects
7	usersync.gumgum.com	ads.themoneytizer.com ads.pubmatic.com
7	ssc-cms.33across.com	7 redirects
7	millennialnexageinapp768429046591.s.moatpixel.com	tsuredurediary.com
7	px.moatads.com	tsuredurediary.com
7	pixel.rubiconproject.com	4 redirects eus.rubiconproject.com
7	pr-bh.ybp.yahoo.com	2 redirects tsuredurediary.com us-u.openx.net
7	image2.pubmatic.com	1 redirects ads.pubmatic.com tsuredurediary.com
7	ads.pubmatic.com	tsuredurediary.com ads.themoneytizer.com sync.missena.io hde.tynt.com sync.richaudience.com
7	fonts.googleapis.com	googleads.g.doubleclick.net
6	events-ssc.33across.com	hde.tynt.com eus.rubiconproject.com ads.pubmatic.com us-u.openx.net
6	www.googletagservices.com	googleads.g.doubleclick.net
5	sync.1rx.io	5 redirects
5	us-u.openx.net	1 redirects hde.tynt.com us-u.openx.net
5	secure.adnxs.com	4 redirects hde.tynt.com
5	rtb-csync.smartadserver.com	1 redirects ssbsync.smartadserver.com
5	s.cpx.to	p.cpx.to tsuredurediary.com
5	fonts.gstatic.com	www.google.com fonts.googleapis.com
5	onetag-sys.com	ads.themoneytizer.com csync.smilewanted.com tsuredurediary.com
5	c.tmyzer.com	ads.themoneytizer.com
4	cm.adform.net	4 redirects
4	rtb.openx.net	3 redirects us-u.openx.net
4	ww1097.smartadserver.com	ced.sascdn.com
4	px.ads.linkedin.com	1 redirects eus.rubiconproject.com eb2.3lift.com hde.tynt.com
4	token.rubiconproject.com	4 redirects
4	c1.adform.net	4 redirects
4	sync-tm.everesttech.net	3 redirects ads.pubmatic.com
4	sync-dsp.ad-m.asia	4 redirects
4	c2shb.pubgw.yahoo.com	ads.themoneytizer.com
4	sync.mathtag.com	4 redirects
4	blog.with2.net	tsuredurediary.com blog.with2.net
4	platform.twitter.com	tsuredurediary.com platform.twitter.com
3	jp-u.openx.net	us-u.openx.net
3	map.go.affec.tv	2 redirects hde.tynt.com
3	creativecdn.com	3 redirects
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	secure-assets.rubiconproject.com	3 redirects
3	u.openx.net	3 redirects
3	sync.gonet-ads.com	3 redirects
3	ad.turn.com	3 redirects
3	tg.socdm.com	3 redirects
3	um.simpli.fi	2 redirects tsuredurediary.com
3	uipglob.semasio.net	2 redirects tsuredurediary.com
3	b1h.zemanta.com	1 redirects ads.themoneytizer.com tsuredurediary.com
3	ps.eyeota.net	3 redirects
3	sync.crwdcntrl.net	2 redirects tsuredurediary.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	gum.criteo.com	1 redirects ads.themoneytizer.com
2	inmobi-match.dotomi.com	2 redirects
2	dpm.demdex.net	2 redirects
2	us.ck-ie.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	a.sportradarserving.com	2 redirects
2	ads.betweendigital.com	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	pixel-sync.sitescout.com	tsuredurediary.com sync.richaudience.com
2	a.vidoomy.com	tsuredurediary.com
2	a-prebid.vidoomy.com	tsuredurediary.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	c.bing.com	1 redirects eb2.3lift.com
2	ssp-sync.criteo.com	1 redirects tsuredurediary.com
2	csm.as.criteo.net	ads.as.criteo.com
2	ced-ns.sascdn.com	tsuredurediary.com
2	ssum-sec.casalemedia.com	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects eus.rubiconproject.com
2	s0.2mdn.net	tsuredurediary.com
2	pubmatic-match.dotomi.com	2 redirects
2	image4.pubmatic.com	1 redirects tsuredurediary.com
2	pool.admedo.com	2 redirects
2	pm.w55c.net	2 redirects
2	ipac.ctnsnet.com	1 redirects ads.pubmatic.com
2	widget.as.criteo.com	1 redirects ads.pubmatic.com
2	dis.criteo.com	2 redirects
2	cr-p10.ladsp.com	2 redirects
2	image6.pubmatic.com	ads.pubmatic.com
2	match.prod.bidr.io	2 redirects
2	d.vidoomy.com	ads.themoneytizer.com
2	prebid.smilewanted.com	ads.themoneytizer.com
2	bidder.criteo.com	ads.themoneytizer.com
2	shb.richaudience.com	ads.themoneytizer.com
2	ad.360yield.com	1 redirects ads.themoneytizer.com
2	adservice.google.com	pagead2.googlesyndication.com
2	syndication.twitter.com	platform.twitter.com tsuredurediary.com
2	dalc.valuecommerce.com	aml.valuecommerce.com
2	script.4dex.io	ads.themoneytizer.com script.4dex.io
2	mug.criteo.com	tsuredurediary.com
2	cmp.quantcast.com	tsuredurediary.com cmp.quantcast.com
2	blogparts.blogmura.com	tsuredurediary.com
2	cse.google.com	tsuredurediary.com www.google.com
2	www13.a8.net	tsuredurediary.com
2	www.googletagmanager.com	tsuredurediary.com www.googletagmanager.com
2	ajax.googleapis.com	tsuredurediary.com d2zur9cc2gf1tx.cloudfront.net
1	bh.contextweb.com	1 redirects
1	ssbsync.smartadserver.com	tsuredurediary.com
1	rtb.gumgum.com	1 redirects
1	pixel.advertising.com	1 redirects
1	cr-p3.ladsp.com	1 redirects
1	match.sharethrough.com	1 redirects
1	ads.stickyadstv.com	1 redirects
1	pixel-us-east.rubiconproject.com	1 redirects
1	dp1.33across.com	1 redirects
1	stags.bluekai.com	1 redirects
1	static.smilewanted.com	csync.smilewanted.com
1	ssum.casalemedia.com	1 redirects
1	image8.pubmatic.com	1 redirects
1	ssbsync-global.smartadserver.com	1 redirects
1	id.a-mx.com	1 redirects
1	visitor.omnitagjs.com	1 redirects
1	sync.smartadserver.com	1 redirects
1	pixel-eu.rubiconproject.com	1 redirects
1	assets.a-mo.net	prebid.a-mo.net
1	cs.admanmedia.com	1 redirects
1	hde.tynt.com	tsuredurediary.com
1	de.tynt.com	1 redirects
1	mb.moatads.com	z.moatads.com
1	onevideosync.uplynk.com	tsuredurediary.com
1	cs.adingo.jp	googleads.g.doubleclick.net
1	s-cs.send.microad.jp	1 redirects
1	widget.jp2.as.criteo.com	ads.as.criteo.com
1	cat.jp2.as.criteo.com	ads.as.criteo.com
1	itx5.smartadserver.com	ced-ns.sascdn.com
1	apps.sascdn.com	ced-ns.sascdn.com
1	ads.as.criteo.com	tsuredurediary.com
1	geo.moatads.com	z.moatads.com
1	cdn.js7k.com	tsuredurediary.com
1	service.idsync.analytics.yahoo.com	tsuredurediary.com
1	prod-m-node-2113.ssp.yahoo.com	tsuredurediary.com
1	z.moatads.com	tsuredurediary.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	pixel-apac.rubiconproject.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	cs.r-ad.ne.jp	1 redirects
1	mweb.ck.inmobi.com	1 redirects
1	v9999.adv.admeme.net	1 redirects
1	log.pinterest.com	tsuredurediary.com
1	p.rfihub.com	1 redirects
1	csync.loopme.me	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	t.adx.opera.com	ads.pubmatic.com
1	gocm.c.appier.net	1 redirects
1	dps.jp.cinarra.com	ads.pubmatic.com
1	cm-supply-web.gammaplatform.com	1 redirects
1	sync-tapi.admatrix.jp	1 redirects
1	cms.quantserve.com	1 redirects
1	ds.uncn.jp	1 redirects
1	mp.4dex.io	ads.themoneytizer.com
1	adx.adform.net	ads.themoneytizer.com
1	bid.missena.io	ads.themoneytizer.com
1	fastlane.rubiconproject.com	ads.themoneytizer.com
1	hb-api.omnitagjs.com	ads.themoneytizer.com
1	g2.gumgum.com	ads.themoneytizer.com
1	tlx.3lift.com	ads.themoneytizer.com
1	lb.eu-1-id5-sync.com	ads.themoneytizer.com
1	pixel.quantserve.com	tsuredurediary.com
1	dalb.valuecommerce.com	tsuredurediary.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	rules.quantcount.com	secure.quantserve.com
1	b.blogmura.com	blogmura.com
1	static.blogmura.com	blogmura.com
1	adtrack.adleadevent.com	ajax.googleapis.com
1	clients1.google.com	tsuredurediary.com
1	a.imgvc.com	tsuredurediary.com
1	pixel.wp.com	tsuredurediary.com
1	kvt.sddan.com	ads.themoneytizer.com
1	assets.pinterest.com	tsuredurediary.com
1	blogmura.com	blogparts.blogmura.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	tag.leadplace.fr	ads.themoneytizer.com
1	spl.zeotap.com	ads.themoneytizer.com spl.zeotap.com
1	ced.sascdn.com	ads.themoneytizer.com
1	stats.wp.com	tsuredurediary.com
1	www22.a8.net	tsuredurediary.com
1	www28.a8.net	tsuredurediary.com
1	aml.valuecommerce.com	tsuredurediary.com
1	cdnjs.cloudflare.com	tsuredurediary.com
0	cs.nex8.net Failed	us-u.openx.net
0	ignore.me Failed	tsuredurediary.com
474	202

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
b.hatena.ne.jp
getpocket.com
timeline.line.me
www.pinterest.jp
feedly.com
px.a8.net
blog.with2.net

Subject Issuer	Validity	Valid
www.tsuredurediary.com R3	`2023-05-23` - `2023-08-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.valuecommerce.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-24` - `2023-09-24`	a year	crt.sh
1266287590.rsc.cdn77.org R3	`2023-07-19` - `2023-10-17`	3 months	crt.sh
*.a8.net GlobalSign GCC R3 DV TLS CA 2020	`2023-06-01` - `2024-07-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.blogmura.com Amazon RSA 2048 M01	`2023-01-12` - `2024-02-11`	a year	crt.sh
blog.with2.net RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-12-07` - `2023-12-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
cmp.quantcast.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
c.tmyzer.com R3	`2023-05-25` - `2023-08-23`	3 months	crt.sh
*.sascdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-14` - `2024-07-17`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2022-09-13` - `2023-09-13`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2023-01-12` - `2024-01-13`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
kvt.sddan.com R3	`2023-06-16` - `2023-09-14`	3 months	crt.sh
*.imgvc.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-31` - `2023-10-01`	a year	crt.sh
*.adleadevent.com Amazon RSA 2048 M01	`2023-06-27` - `2024-07-25`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-25` - `2023-12-25`	a year	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-23` - `2023-11-15`	6 months	crt.sh
*.360yield.com Amazon RSA 2048 M02	`2023-02-02` - `2023-11-06`	9 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.richaudience.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
*.zemanta.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-09-06`	a year	crt.sh
*.a-mo.net R3	`2023-07-12` - `2023-10-10`	3 months	crt.sh
gumgum.com Amazon RSA 2048 M01	`2023-02-14` - `2023-10-05`	8 months	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
*.omnitagjs.com Amazon RSA 2048 M01	`2023-04-17` - `2024-05-16`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.missena.io Amazon RSA 2048 M02	`2023-02-28` - `2024-03-28`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2023-01-12` - `2024-01-17`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-10` - `2023-10-07`	3 months	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-07` - `2023-12-09`	a year	crt.sh
*.jp.cinarra.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-17` - `2024-06-16`	a year	crt.sh
*.adx.opera.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-22` - `2024-06-20`	a year	crt.sh
*.ctnsnet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-04` - `2023-11-06`	10 months	crt.sh
u.4dex.io GTS CA 1D4	`2023-06-29` - `2023-09-27`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-10` - `2023-08-09`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-18` - `2024-01-10`	6 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
*.jp2.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-11`	3 months	crt.sh
*.as.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-05` - `2023-09-03`	3 months	crt.sh
onevideosync.uplynk.com DigiCert SHA2 High Assurance Server CA	`2023-05-10` - `2023-08-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh
*.ad-server.k8s.jp.ggops.com Amazon RSA 2048 M02	`2023-02-13` - `2024-02-15`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-06-02` - `2023-12-02`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
events-ssc.33across.com GTS CA 1D4	`2023-07-02` - `2023-09-30`	3 months	crt.sh

This page contains 102 frames:

Primary Page: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Frame ID: C01657A516B8AA29A81AFAAE03151CAE
Requests: 166 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1689873132020
Frame ID: 906A6F51C88715492C49ABD7A66A1A59
Requests: 1 HTTP requests in this frame

Frame: https://blogmura.com/blogmura_parts.html?chid=11052663&oldCatId=&oldSubCatId=&type=out&catId=9762
Frame ID: 7AA103C44FD67207F409A0EDE7E41AE8
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20190131/zrt_lookup.html
Frame ID: 0F22434AA24F317C4DA55313340F40C7
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Ftsuredurediary.com
Frame ID: 91D4EE142065C7798172E1B6ECCA7D5C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeHF-cUAAAAAMF_P2xuphXtDMO_2kHFmDBj1Ah9&co=aHR0cHM6Ly90c3VyZWR1cmVkaWFyeS5jb206NDQz&hl=en&v=iRvKkcsnpNcOYYwhqaQxPITz&size=invisible&badge=inline&cb=eht2vxh1wrio
Frame ID: 14FEAE9AF3F2512B6BC3F87AAF458751
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&adk=1812271804&adf=3025194257&lmt=1689873132&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873132304&bpp=7&bdt=403&idt=226&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8005487011791&frm=20&pv=2&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=248
Frame ID: A9020093580E2221151F0B36A8DC397A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&slotname=5999777542&adk=2441125790&adf=337528958&pi=t.ma~as.5999777542&w=800&fwrn=4&fwrnh=100&lmt=1689873132&rafmt=1&format=800x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873132311&bpp=2&bdt=410&idt=249&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=290&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4ayBZk0gYE&p=https%3A//tsuredurediary.com&dtd=252
Frame ID: C6659D959B1F902BC52DD60C9FCF09E8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&slotname=5999777542&adk=2441125790&adf=1309820814&pi=t.ma~as.5999777542&w=800&fwrn=4&fwrnh=100&lmt=1689873132&rafmt=3&format=800x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873132313&bpp=1&bdt=413&idt=278&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280&nras=1&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3c86yLlhXQ&p=https%3A//tsuredurediary.com&dtd=282
Frame ID: D7AC323DC70BB5D8B36DEC1727D0414A
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=600&slotname=5999777542&adk=3248931287&adf=2872259201&pi=t.ma~as.5999777542&w=300&fwrn=4&fwrnh=100&lmt=1689873132&rafmt=4&format=300x600&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873132315&bpp=1&bdt=415&idt=305&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280%2C800x280&nras=1&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1090&ady=3619&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=9sysdy3cCQ&p=https%3A//tsuredurediary.com&dtd=307
Frame ID: 02A4EEE968B3207A396851C084EA1B2C
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Frame ID: 00F5F9A36F15C71E325631C5AFF8D9B6
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: 85734EDDBA616C7E13439AAB1F5C9A7F
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js
Frame ID: 2DF1AC014197F392C5535AA05A885A96
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js
Frame ID: 31FA18FCCCB097A9B8EB9BC66641F692
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AYoTlKzp21W-ks8AD7Il6q7Bq88AAAGJdEmvJA
Frame ID: 2593EEDC0CF1E1B5253E3F852EBD8696
Requests: 1 HTTP requests in this frame

Frame: https://widget.as.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 7A9EF4EF9EAFC0D33BFD42DAB9997B81
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_5658c150-8c00-43d9-b3d8-6b6d2a26192d
Frame ID: 96C750E9684BA87B93F7390D2305596A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6041145649349111353&gdpr=0&gdpr_consent=
Frame ID: 9D0C6E5743F24373EA12F8AFBE521933
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9_SI5_ehj73s-di99_bH5_L3iOzsoo649vEL7hku
Frame ID: 984F040DD69B5F6BFF206603D2853499
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=4HbfRsk3Npa
Frame ID: F48E59B5019A8EA3AA06BAD0939A101C
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLlq7QACT-5HnwAb
Frame ID: BA3855CE0B6CAF714C868513AF662326
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1gr33lfnudym
Frame ID: DB38EE840AA180B62E1BFE9729ED8953
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Frame ID: 56065BB8CA31C237BD8711B1D0DF0369
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Z-6RwqVFAfaFWVix7Wq5ZA
Frame ID: 4C88252429674DFD81604328F7426638
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Frame ID: 792BF062AF34E78C91FC55A94B16CF0E
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 867279B1F9364D0E66E7DFFEAA452D14
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=984cd8456f0a4da39379f665f1780ba8
Frame ID: 62E867D1FBBA4660B8414128F514D5EE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=u31--8ulUF5HijUyqD3e2tmK_MQ&gdpr=0&gdpr_consent=
Frame ID: FEF4D457DD8B89ED7CB0F9E96EB0E99D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: A770F2FE6D35B3337CFB6C1509E04F83
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1921700048958853607
Frame ID: 9BBEFE3E4EB383AE00A2DE0F56E2EB3D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:awC87B491Qmxch5&gdpr=0&gdpr_consent=
Frame ID: AC24C46758A65ECAFC6C4276D4933107
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:930797E15C284B6292CEEAA5D2302F07&gdpr=0&gdpr_consent=
Frame ID: F61430C68B12C806ECE9FC965388CF61
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Frame ID: 4556D3E2ED3A1765BA17DEEF544F085D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&adk=3656351597&adf=1343128910&pi=t.aa~a.477068230~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1689873133&rafmt=1&to=qs&pwprc=4950149482&format=336x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873133348&bpp=1&bdt=1447&idt=1&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfbbe5f0852cd7e7b-2230ce25d3e200c9%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Maie3MooXG0W5Uj-LMNFsdmsIg_3w&gpic=UID%3D00000cddfbd74712%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Ma17UJosvDs5R7im-gWjN_IXtQNiA&prev_fmts=0x0%2C800x280%2C800x280%2C300x600&nras=2&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&psts=ABnkTfCr-Fvq5U58DXYKYuN0Eksw-dFmAofElGoU0PpxSMA2sdR-FWfFW9sPYtmoX6-xvhVVag5RzBm-HJzBhv3QhL9ZmSbk%2CABnkTfCsafCApQUQwfX645wk5qI9x_wLzALHHQdN-2NmPoe6RVmbz_uLRvcLn4RCFZIqWncHptndtZdIhccFRJP_78v82H1G&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=Xs9fN1PNHu&p=https%3A//tsuredurediary.com&dtd=18
Frame ID: 99FC2E158CE1699497489F7A062FBBF0
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5AF67B138E021569595B552AD6C8727D
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0011C8893A578E425910A2A2DB9B8976
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 16E4BB225A1CB7EF4D78D3B4340F6B65
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%88%E8%A6%8B%E9%80%81%E3%80%8C%E5%8F%AF%E3%83%87%E8%A9%B1%E5%A0%B4%E6%9F%BB%E3%82%B9%E3%82%B0%E3%83%AB%E3%81%84%E5%8B%95%E8%A6%96%E6%94%B9%E3%81%99%E3%81%AB%E3%83%9B%E3%83%83%E9%96%89%E3%82%84%E9%96%8B%E9%9B%BB%E3%83%BB%E4%BC%9A%E3%83%A0%E3%80%81%E8%AA%BF%E3%83%97%E3%80%8D%E6%B4%BB%E3%82%BF%E3%82%A4%E3%82%92%E7%94%A8%E3%83%BC%E3%83%B3%E3%83%88%E3%81%97%E3%83%93%E3%83%A5%E3%82%8B%E3%83%8D%E3%81%AA%E5%96%84%E5%8C%96%E9%83%B5%E5%88%A9%E3%83%A6%E3%83%86%E3%80%82%E3%81%98%E3%81%8F
Frame ID: 4B40EF2C8EDED2FF6A057E4BE2ED31DB
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 87FBF4682616242827B0FB5FFCD1847F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2FF709B324ECC8E4D90822AD50AD581A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js
Frame ID: 33CA2751BB44BCBFC65DDA8124A11CED
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js
Frame ID: 367EA4C8FFE88A59A9B5027712A93C0A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Frame ID: F70696B13C82ED5DF24400528C4ECC7D
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js
Frame ID: 37D5DD9CD39A5B73FBAB11AB6F4B94EA
Requests: 1 HTTP requests in this frame

Frame: https://z.moatads.com/millennialnexageinapp768429046591/moatad.js
Frame ID: 5E2DBD3E1B8BCB77842595A46EC941B2
Requests: 16 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=3FP_sppoDV1NPx8Oe3xTOgGglJmNZIChq0kbAsinve8&u=%7C2YqaqKNOByh%2FzIMi6mkCMxppnTsPd9rPsXlnSrw9qRs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4ITGua8zXVFPAvqyeWDAeT4nPFYwrkA-eMofrmuuMlhwTnoJmGkYrrnd_KUwOFcD03miaaTet8ZXVPGe56pDihowbQnA7QtWj6JGFNQTyT3NDneWP13iGB_zMVkekTf9DqBuZDiJ8oBMKJB9vzT4cDtJU85xwOPEqJy1YCbQgYe2QpC6j47BXGbzgVMynkCE3rVGJow2zeJ5Sw607NCq2WlAoFSyvXncxfIx2SDx15IBHj18rk6cBVCFKqiEZpg4hl7U4D8VWgsNYMiG_6dwmAAcT_SU3ylPFHNxQlDpnURtsl9gG-Ont4zOCsstE-U2Z-09yOlJGt8iiEc_OGcrxuxObY15b6t9_EE9FcokqJeLxCcmNDxulIO0nrS7cAEVHa_0E9UmwIGkgdAMhs8LNwC6ihSswqqrbvbhXlfpHK9Pjs5bq6Zmfm7EIAvRjGwQi-G-AhhlI0kxqupO9VZdvxLgCrJY3B6-AFY6eSi27qwccwTBJpshhSkUEdALb92jf8k3uWAg6TethCQF4lCD2t9C_lWSsS1IIuwf0iYm56rtTYzf42AjVO8Uwoj9bpp71X6pMdcElSqMNkftb8v87jB
Frame ID: 31CEBD0B97E799424A1EBB55377CBA20
Requests: 10 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%229b5cea4f-0215-4c87-8a19-1cbd676dd8a9%22%2c%22adomain%22%3a%22autodesk.com%22%2c%22page%22%3a%221698012%22%2c%22format%22%3a%2226706%22%2c%22crid%22%3a%22501682956%22%2c%22dsp%22%3a%2276%22%2c%22buyer%22%3a%224744%22%2c%22cid%22%3a%2220315471271%22%2c%22adid%22%3a%22501682956%22%2c%22hash%22%3a%22555810315835713401%22%7d
Frame ID: 9F7751EB547F4A5C953CBD70BC1D21E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DELH6yK4EGIymnO8BMAE&v=APEucNWlu3yTAYLR3ik_BJ-YbsogvJnRTQwWHTxygumplDZoc8WMu7GaKv4TCxsXOHSdNUwyH_xMUuKPo_4_tgYwkiMRHZRkrrlTVdq2Cq3zufJMjiVogvI
Frame ID: 87D61F2BF37928776FE770EE4F6E7D91
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 49866A3063AC63BF7D347F37E88BD810
Requests: 15 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Frame ID: A45D9F538496452E85DD1A2E9F0B9495
Requests: 1 HTTP requests in this frame

Frame: https://widget.jp2.as.criteo.com/dis/dis.aspx?pu=193968&cb=64b96af0499b7a1d5c45c416698bb48d&r=https%3a%2f%2ftsuredurediary.com%2farchives%2fwindows-file-collective-acquisition.html&crossorigin=false
Frame ID: BF15225DCB4820755908E9981854A822
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2ABCAF11AD97863C5C692C0BC1204C9C
Requests: 3 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Frame ID: 4F1634F57E9E26D84286F02E7C53D626
Requests: 8 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 4614E0FABE36D13DA20B92F545671954
Requests: 13 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=jrwlP7uJsVbHhNsmKEft&pi=gumgum
Frame ID: 8B46E8D1E6D411C7A328DB9F53CD18ED
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV84N2IxYjZjZS1jNDdmLTRiYmUtYTZiZS0yMDM2YmEwNThjYTc=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: ACE447D1B6D3BDAFC88C42D87FB46328
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZLlq7QACT-5HnwAb&gdpr=0&gdpr_consent=
Frame ID: 95431AF961CC5440DE2AF775080E76BC
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 19C19D12CE8F817CA5DF84D2F815BBC0
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZLlq8cCo5ucAAOz0akIAAAAA
Frame ID: 04F89E11FA046084F6D45CCD0BE402C2
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1689873133435&gdpr=0
Frame ID: 0A5701E1C8212F6E5109CF4A500DB567
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=9fa15752-811e-4e1a-9968-2f6499bac335
Frame ID: A6B4AB1FB30F4BCE5C457AD32FA56A7A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 6040CBB4F0E0EDC0D0F750DEC54D85E0
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=4b2bfb3d-f39a-4a9e-8cb5-1df8887658e7
Frame ID: E76F2EE3B38AB6F6DF140838C89F0145
Requests: 1 HTTP requests in this frame

Frame: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Frame ID: 6291076A242EFC36A520E00E35ABAAC6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 80EC747B7C00C5387FAAD474DF604A4A
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=8429213012
Frame ID: 6B12D6CDAE585F4AE590C2DF96901144
Requests: 6 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 984768A3563F3CCD24D4C628200E7D5C
Requests: 11 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Frame ID: 5D7720003740951F6EC2A6C1A9DB6BBF
Requests: 1 HTTP requests in this frame

Frame: https://sync.missena.io/missena?gdpr=0&gdpr_consent=undefined
Frame ID: 4DF114E85372BBFDC338E811099BA77A
Requests: 1 HTTP requests in this frame

Frame: https://sync.missena.io/improvedigital/de1353e2-9a29-450f-b39f-f321b37d86d5
Frame ID: BF7E7C3B52F4AEB3F55C2A0D31EB8531
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined
Frame ID: FCA547FD81125F6F6AD6B7D50B290606
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=undefined&p=20156578&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.missena.io%2Fpubmatic%2FPM_UID
Frame ID: 947A2FE56BF5DC79772BE8233BA7D6C9
Requests: 1 HTTP requests in this frame

Frame: https://sync.missena.io/richaudience/ab3b7a1c-1d30-4f54-9e6d-0zz1689873133
Frame ID: 2B4884E9F1ED3918F6CEA8BFF663ADB1
Requests: 1 HTTP requests in this frame

Frame: https://sync.missena.io/pubmatic/141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Frame ID: B1382BA722CE0D3EAEFD1E874980C462
Requests: 1 HTTP requests in this frame

Frame: https://sync.missena.io/smart/161175378474174537
Frame ID: C3AF3676928EEC4954868998588DAFBB
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Frame ID: A75FE6FDF32261AD7941D24BB5CF5602
Requests: 1 HTTP requests in this frame

Frame: https://sync.missena.io/smilewanted/8847e0255600dd0b501c75630d89e04c
Frame ID: 45E2BE67EF7656095583B9EB9A9532CD
Requests: 1 HTTP requests in this frame

Frame: https://sync.missena.io/xandr/6041145649349111353?fu&gdpr=0&gdpr_consent=undefined
Frame ID: 39E2796C11D0AF36B44AE6B2509AFAC1
Requests: 1 HTTP requests in this frame

Frame: https://sync.missena.io/yahoo/y-Ww01GGRE2uFUYqN0cDFBYSmwMhIDKhv_lK7plws-~A?gdpr=0
Frame ID: D23DFCE93E7E28310AB7DF53A5AFF612
Requests: 1 HTTP requests in this frame

Frame: https://sync.missena.io/adyoulike/ac6e6a84c0129ea84e5c28d0518b8bf8
Frame ID: 2315FD669EFC847503C7B3A923B3C778
Requests: 1 HTTP requests in this frame

Frame: https://sync.missena.io/pubmatic/141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Frame ID: ADB49CBFDA6619B41B6BC76116C149C0
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 9509AF8352345A843EC0DDED13EE5FE5
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 7C7757D3BDDDE4499B73E26550526A6D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/sovrn/HA2ILLZHmvMw19H-Sm2BLY-g
Frame ID: A4B93140E9FF8945DB1352CF2027726D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/richaudience/ab3b7a1c-1d30-4f54-9e6d-0zz1689873133
Frame ID: AA16E78217AC1A00B038B2DC53233366
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-423f4343-3912-4957-943a-469617546e0d-004
Frame ID: 307B5D7383425C5C5DDD180495A81C86
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/9731948c-e92e-54c9-a64a-22bfc2f3484d
Frame ID: 0DB434715E0CF949A5532AE51D03F100
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/7bfd7373ddb330b07b9a9d9bc9363b48c078e9ae1d321c806ec86393abf5297f
Frame ID: CDCAEEC353108647BA2B214D44F07088
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: A7935FC6E239499D6848DBDAF48A71EA
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: 068337F865326143C3EF10920A8F4F50
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: 580187AB2BB7CC881C9BD656B7D94872
Requests: 12 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/4931925723668045182
Frame ID: 9C12B3BD92F8C827BE52CEDB1690D251
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/add0c06fe74706fc111c7542e4227ee?gdpr_consent=&gdpr=0
Frame ID: 328960D866A3CF0137E22EA1200B3EEA
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/sharethrough/%7BSTX_USER_ID%7D?gdpr=0
Frame ID: 7A6C4C86D32EDE68BD5268EE1E926633
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smartyads/0caf2e976c1d8df391e6406e7fe82730402b87e436ef4d2c08c0ad117b27a31a
Frame ID: 126135A24B81F1918B194ACE3B89A83F
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Frame ID: 13E6E262ECD24478CDE78F99C465C120
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Frame ID: C289FB70345120F5EF2E0349A1EBF4F6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Frame ID: 9BBFF72AFE6B8761D6482CB516D7AD4C
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?pmUserId=141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Frame ID: 0D5FFF9DB286EB9363A2949FE2B4BABF
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?pmUserId=141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Frame ID: FCF55E088FE62A5C19E69BD3275CD616
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: 92EAE8B692D5572D727B7E748D84C5B1
Requests: 6 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: D579F438E7DDBE8DCCD5F48C591DABF5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ファイルやフォルダー名を一覧で一括取得する方法 | とあるオタクの徒然日記検索

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Highlight.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.])+/)?highlight(?:\.min)?\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

474
Requests

78 %
HTTPS

25 %
IPv6

118
Domains

202
Subdomains

125
IPs

18
Countries

4384 kB
Transfer

10536 kB
Size

232
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/intent/tweet?text=%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB%E3%82%84%E3%83%95%E3%82%A9%E3%83%AB%E3%83%80%E3%83%BC%E5%90%8D%E3%82%92%E4%B8%80%E8%A6%A7%E3%81%A7%E4%B8%80%E6%8B%AC%E5%8F%96%E5%BE%97%E3%81%99%E3%82%8B%E6%96%B9%E6%B3%95&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&related=syo65932553
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&t=%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB%E3%82%84%E3%83%95%E3%82%A9%E3%83%AB%E3%83%80%E3%83%BC%E5%90%8D%E3%82%92%E4%B8%80%E8%A6%A7%E3%81%A7%E4%B8%80%E6%8B%AC%E5%8F%96%E5%BE%97%E3%81%99%E3%82%8B%E6%96%B9%E6%B3%95
Title: Facebook

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/s/tsuredurediary.com/archives/windows-file-collective-acquisition.html
Title: はてブ

Search URL Search Domain Scan URL

URL: https://getpocket.com/edit?url=https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Title: Pocket

Search URL Search Domain Scan URL

URL: https://timeline.line.me/social-plugin/share?url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html
Title: LINE

Search URL Search Domain Scan URL

URL: https://twitter.com/syo65932553/

Search URL Search Domain Scan URL

URL: https://www.pinterest.jp/syo_tsuredurediary/

Search URL Search Domain Scan URL

URL: https://feedly.com/i/discover/sources/search/feed/https%3A%2F%2Ftsuredurediary.com

Search URL Search Domain Scan URL

URL: https://px.a8.net/svt/ejp?a8mat=3BHW6K+987WC2+1WP2+6D4GH

Search URL Search Domain Scan URL

URL: https://blog.with2.net/link.php?2040419:top

Search URL Search Domain Scan URL

URL: https://blog.with2.net/welcome/?parts=y
Title: 参加する

Search URL Search Domain Scan URL

URL: https://blog.with2.net/link.php?2040419
Title: このブログに投票する

Search URL Search Domain Scan URL

URL: https://px.a8.net/svt/ejp?a8mat=3NJ3GY+1823JM+1MWA+1TNGVL

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftsuredurediary.com%2F&domain=tsuredurediary.com&cw=1&lsw=1&gdpr=0 HTTP 302
https://mug.criteo.com/sid?cpp=VM0R13xmaWJnT2QwZ1RjeW10b3FUM2FuajJ4Z0pXbm9Neis3QU1NeERVczRiN013cjA4MWI1MlUySXJTZk5JTG9OZE1uRVFnOEttR0hiZDlSd2VLV0ZxOWlrUTZIMGJYOEZiUDV0R254S1gvRVl3dGl1NnRMNkJ1ZGpFTndQb0lvVHJFTDgwMTl2N1lMOFVzU1VPd0h4S0U4SVY1NUVUSk8wTmtYS2xDbHBYWmZVMHNmbThld3NiU3hDUm8wTDNTWFlQVlZLZ2xEblpjMkd6WmxYb2pmVDNJRHFFbTBkS1dpVlRxd2xkWldLcVhYUVUwPXw&cppv=2

Request Chain 75

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=9fa15752-811e-4e1a-9968-2f6499bac335&ttl=%%TTL%% HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-f184ot-DU2rnurZTXtE28tvqZpTA5VjwgE7tMLkXzQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/3/7/3.gif?puid=74a464b9-6aed-4200-8735-dcc69b1c41c3&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F6%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/108/6/4.gif?puid=eb972ec4-bd73-4a82-b320-6f31bc0f5988&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/5/5.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/2/5/5.gif?puid=6041145649349111353&gdpr=0&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-f184ot-DU2rnurZTXtE28tvqZpTA5VjwgE7tMLkXzQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F4%2F6.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/3/4/6.gif?puid=74a464b9-6aed-4200-8735-dcc69b1c41c3&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/108/3/7.gif?puid=eb972ec4-bd73-4a82-b320-6f31bc0f5988&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/12/19/2/8.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/19/2/8.gif?puid=4426a39f9efef60f1e7e12323d1f6fb3&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F1%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/108/1/9.gif?puid=eb972ec4-bd73-4a82-b320-6f31bc0f5988&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F123%2F0%2F10.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/123/0/10.gif?puid=1897449b7fb-43610000010e5c10&gdpr=0&gdpr_consent=

Request Chain 160

https://id5-sync.com/i/102/8.gif?id5id=ID5*msg6IF4mgUeWHriir6fTIg4i6HJoOedMDHlM-cxAFdlWgWrrdOZZD32uhCi60BojVoKm5SIq0Ympo-3wR1yWVQ&o=api&gdpr_consent=undefined&gdpr=0 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-f184ot-DU2rnurZTXtE28tvqZpTA5VjwgE7tMLkXzQ&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/102/102/7/2.gif?puid=161175378474174537&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/102/2/6/3.gif?puid=6041145649349111353&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=9fa15752-811e-4e1a-9968-2f6499bac335&ttl=%%TTL%% HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-f184ot-DU2rnurZTXtE28tvqZpTA5VjwgE7tMLkXzQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F4%2F5.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/102/3/4/5.gif?puid=74a464b9-6aed-4200-8735-dcc69b1c41c3&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/102/112/3/6.gif?puid=EAF3B0128A112051&gdpr=0&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-f184ot-DU2rnurZTXtE28tvqZpTA5VjwgE7tMLkXzQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F2%2F7.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/102/3/2/7.gif?puid=74a464b9-6aed-4200-8735-dcc69b1c41c3&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F1%2F8.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F1%2F8.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/102/123/1/8.gif?puid=1897449b7fb-43610000010e5c10&gdpr=0&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1 HTTP 303
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAFqhE7JctYAACRPCBZydQ

Request Chain 170

https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://cr-p10.ladsp.com/cookiesender/10?cr=true&https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AYoTlKzp21W-ks8AD7Il6q7Bq88AAAGJdEmvJA

Request Chain 171

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://widget.as.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Request Chain 172

https://ds.uncn.jp/pm/0/sync HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_5658c150-8c00-43d9-b3d8-6b6d2a26192d

Request Chain 173

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6041145649349111353&gdpr=0&gdpr_consent=

Request Chain 174

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9_SI5_ehj73s-di99_bH5_L3iOzsoo649vEL7hku

Request Chain 175

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D&uid-set=1 HTTP 302
https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dpubmatic%26rd%3Dhttps%253A%2F%2Fsimage2%2Epubmatic%2Ecom%2FAdServer%2FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%2526piggybackCookie%253D%26uid%2Dset%3D1%26auid%3D HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D&uid-set=1&auid=afa9b411-6baf-44df-9f19-634aef9d85e2 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=4HbfRsk3Npa

Request Chain 176

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLlq7QACT-5HnwAb

Request Chain 177

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1gr33lfnudym

Request Chain 179

https://gocm.c.appier.net/pubmatic HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Z-6RwqVFAfaFWVix7Wq5ZA

Request Chain 182

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=984cd8456f0a4da39379f665f1780ba8

Request Chain 183

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=u31--8ulUF5HijUyqD3e2tmK_MQ&gdpr=0&gdpr_consent=

Request Chain 184

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 185

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1921700048958853607

Request Chain 186

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:awC87B491Qmxch5&gdpr=0&gdpr_consent=

Request Chain 187

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:930797E15C284B6292CEEAA5D2302F07&gdpr=0&gdpr_consent=

Request Chain 189

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FBx0pbUPTP-FdZYNncptww%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 190

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=141C74A5-B50F-4CFF-8575-960D9DCA6DC3 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=141C74A5-B50F-4CFF-8575-960D9DCA6DC3 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=eb972ec4-bd73-4a82-b320-6f31bc0f5988%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9fa15752-811e-4e1a-9968-2f6499bac335&ttd_puid=eb972ec4-bd73-4a82-b320-6f31bc0f5988%2C%2C

Request Chain 191

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&gdpr=0&gdpr_consent=&ct=y

Request Chain 192

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 193

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTQxQzc0QTUtQjUwRi00Q0ZGLTg1NzUtOTYwRDlEQ0E2REMz&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 194

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPtUxZDCHGRLwUw9Vd7jfA4&google_cver=1

Request Chain 196

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=817c9144-d961-4726-86a6-7595c6e4d090 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=817c9144-d961-4726-86a6-7595c6e4d090 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=d077fd57-1eb8-42ea-9b12-bd732beeeb74&user_group=1&ssp=pubmatic&bsw_param=817c9144-d961-4726-86a6-7595c6e4d090 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=817c9144-d961-4726-86a6-7595c6e4d090&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 197

https://tg.socdm.com/rtb/sync?proto=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZLlq7cCo5ucAAOz0ZqoAAAAA

Request Chain 198

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9fa15752-811e-4e1a-9968-2f6499bac335&gdpr=0&gdpr_consent=

Request Chain 199

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4931925723668045182

Request Chain 201

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Kqubv1dE2uUgTWJcIEs8EKzKUKXRtCA-~A&gdpr=0

Request Chain 202

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4123746814959108888&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 203

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=11956bd557aa1b35&is_secure=true&networkId=17100&version=1&nuid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAANO-SkUHCh_wMSegWYAAAAAAA&expiration=1689959534&nuid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 234

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 235

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 248

https://um.simpli.fi/gp_match?google_gid=CAESEJiei-PdiytkBUoyY5aPfVc&google_cver=1&google_push=AaAOQGEB9Dq_WZLMLeNKy8PnNz1qyW-5vcCF86r2-lbrbqZIMVyoOLQZsuWjRyuF3_Wz62-6rJxFkDHhZ3b0xGEdmg-00SZsKHCWi7XZZoO5HltNSGlTSzev33u2hodnx31ah69wK1sTdWPDFJd1jy1LBmTP8g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B9BEF7920C67422A9995A618CFDA3C16&google_push=AaAOQGEB9Dq_WZLMLeNKy8PnNz1qyW-5vcCF86r2-lbrbqZIMVyoOLQZsuWjRyuF3_Wz62-6rJxFkDHhZ3b0xGEdmg-00SZsKHCWi7XZZoO5HltNSGlTSzev33u2hodnx31ah69wK1sTdWPDFJd1jy1LBmTP8g

Request Chain 249

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEObqvA6V7EHlJHglF3QUo1k&google_cver=1&google_push=AaAOQGHf_qGqOL52sgZ4gyZk7GyhpAVFmuLq1DC3SwrCuYFxZCnFKcNz0zYLVa_EsSFoDsslcRicbHcj_iSs3Ri5cmx0XCHRcCBkkljR-WcHqsfkh1Pe52qf-JmbCo7QNdVf8r_cTKMz_VSvpF2QDDxYnbOT5Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OWZhMTU3NTItODExZS00ZTFhLTk5NjgtMmY2NDk5YmFjMzM1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=9fa15752-811e-4e1a-9968-2f6499bac335

Request Chain 250

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEDTPuffbUwLoyUvhFR4XES0&google_cver=1&google_push=AaAOQGF7VOlxF20adW5A-CEY2Ipv13B37Z7-VoXt6jWV3hSd3rfCN-gnu1eqqCEnm6gAOpozk6qyjT-U7fiRwjXRAc8moSG3G6MTgQjUQdMf2NoWfG18FjIYRJsSu7Ful8xSp-p4Hgzl15AkgeM4JDTeBDpO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AaAOQGF7VOlxF20adW5A-CEY2Ipv13B37Z7-VoXt6jWV3hSd3rfCN-gnu1eqqCEnm6gAOpozk6qyjT-U7fiRwjXRAc8moSG3G6MTgQjUQdMf2NoWfG18FjIYRJsSu7Ful8xSp-p4Hgzl15AkgeM4JDTeBDpO

Request Chain 251

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEJcZo2IWYnQ9gWf1jdANSWY&google_cver=1&google_push=AaAOQGGPygbFG01dpH-rb2wrW3qfXUK__YxiaWlMSUAyogTDEOEI4o9QayF-wyT5Epz0ri3eI-RinhbuedYz1MuoUJZS4bczd9cpv1v9h6ALhBXfpedFxM4wjZsdghhlJM9KpG1mfJFJGqkxYbLuZgKkUlS4Bg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Njk3OTU1YWUtOWVlOC00OTg5LTk3MDQtNDkyNWU3ZDNmOTRm&google_gid=CAESEJcZo2IWYnQ9gWf1jdANSWY&google_cver=1&google_push=AaAOQGGPygbFG01dpH-rb2wrW3qfXUK__YxiaWlMSUAyogTDEOEI4o9QayF-wyT5Epz0ri3eI-RinhbuedYz1MuoUJZS4bczd9cpv1v9h6ALhBXfpedFxM4wjZsdghhlJM9KpG1mfJFJGqkxYbLuZgKkUlS4Bg

Request Chain 252

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEKe7rBkcw8PLieMb7PtWAGI&google_cver=1&google_push=AaAOQGF7CnlOxNbZWeuahCHZa98s-9G1N5pzcbI4W5ggUMWkebzGkz0t1uqVwkFY1MYgu6ALkPE16lxj6nPcLcTKE-Ysd4pPzFX-AOpIMY1XI9OxOMIU0feT1vXU-ojtc_KDHlQPqiZRQ4a2eghmNfpx1pfBNw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AaAOQGF7CnlOxNbZWeuahCHZa98s-9G1N5pzcbI4W5ggUMWkebzGkz0t1uqVwkFY1MYgu6ALkPE16lxj6nPcLcTKE-Ysd4pPzFX-AOpIMY1XI9OxOMIU0feT1vXU-ojtc_KDHlQPqiZRQ4a2eghmNfpx1pfBNw&google_hm=NTVTSENEMDFCQkRITjAwNjVSejM

Request Chain 253

https://s.uuidksinc.net/match/47/?remote_uid=CAESEJC-SoEWwDBDuQ7AArP0-KE&c_param1=AaAOQGGNYHZAYNnpSj0QRNZFLQyclptPJEfJLYXI-MkzD8lh_vPPkjigaSlFQxF2Lg11Pa45sFkQBtlHphk26atqW989LJ4FUD5GsE10nr8IHLzZJDykApPd5bFCUHQqPvXyC-1G5-0OCO7BS36n0IPoURcpHg&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AaAOQGGNYHZAYNnpSj0QRNZFLQyclptPJEfJLYXI-MkzD8lh_vPPkjigaSlFQxF2Lg11Pa45sFkQBtlHphk26atqW989LJ4FUD5GsE10nr8IHLzZJDykApPd5bFCUHQqPvXyC-1G5-0OCO7BS36n0IPoURcpHg

Request Chain 254

https://sync.gonet-ads.com/match/google?google_gid=CAESEDOhgANCdU51YL9Ge-E07TY&google_cver=1&google_push=AaAOQGE7jXd86_rbroJ9FFJFMGYYsCrwrpr8Zsv0jTU2ipR3CqJAOxfNYAjfimY1qlW6ZSiGl9d9zBdccMsL6SQfrwtFJ1azWRIy8d5BGewlCJXi0jmsUnRTmLIlyROyf89IBgdoNNGkHDK4mKEQ1fXEcmMUh2I HTTP 302
https://sync.gonet-ads.com/match/google?google_gid=CAESEDOhgANCdU51YL9Ge-E07TY&google_cver=1&google_push=AaAOQGE7jXd86_rbroJ9FFJFMGYYsCrwrpr8Zsv0jTU2ipR3CqJAOxfNYAjfimY1qlW6ZSiGl9d9zBdccMsL6SQfrwtFJ1azWRIy8d5BGewlCJXi0jmsUnRTmLIlyROyf89IBgdoNNGkHDK4mKEQ1fXEcmMUh2I&chk=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=MzBkNjM1ODVlNDViYThhYw&google_push=AaAOQGE7jXd86_rbroJ9FFJFMGYYsCrwrpr8Zsv0jTU2ipR3CqJAOxfNYAjfimY1qlW6ZSiGl9d9zBdccMsL6SQfrwtFJ1azWRIy8d5BGewlCJXi0jmsUnRTmLIlyROyf89IBgdoNNGkHDK4mKEQ1fXEcmMUh2I HTTP 302
https://sync.gonet-ads.com/match/google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=MzBkNjM1ODVlNDViYThhYw&google_push= HTTP 302
https://s0.2mdn.net/dot.gif?google_error=5

Request Chain 262

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm HTTP 302
https://s.cpx.to/sync?dsp_uid=CAESECfNb70x8Hcr7tP-xh6KyqI&dsp=dbm&google_cver=1

Request Chain 263

https://u.openx.net/w/1.0/cm?id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D HTTP 302
https://s.cpx.to/sync?dsp=OPENX&dsp_uid=06b6cd20-867c-49d2-b212-859d1bc04ccd

Request Chain 264

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D12770%26url%3Dhttps%253A%252F%252Ftsuredurediary.com%252Farchives%252Fwindows-file-collective-acquisition.html%26hn_ver%3D57%26fid%3D2be12d53-a2c2-41bb-826a-3416fe93dfec%26dsp%3Dpub_common%26dsp_uid%3D426f4570-4ea7-45c7-8a1c-41e36db9c37d%26dsp%3DTTD%26dsp_uid%3D9fa15752-811e-4e1a-9968-2f6499bac335 HTTP 302
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=6041145649349111353&pid=12770&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&hn_ver=57&fid=2be12d53-a2c2-41bb-826a-3416fe93dfec&dsp=pub_common&dsp_uid=426f4570-4ea7-45c7-8a1c-41e36db9c37d&dsp=TTD&dsp_uid=9fa15752-811e-4e1a-9968-2f6499bac335

Request Chain 265

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3

Request Chain 267

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac

Request Chain 270

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=onfocus&gdpr_consent=undefined&gdpr=0&khaos=LKBETYXU-I-KVDD HTTP 302
https://u.4dex.io/setuid?bidder=rubicon&uid=LKBETYXU-I-KVDD&gdpr=0&gdpr_consent=undefined

Request Chain 273

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjA0MmQ3NGM5YTk1OTQ2MDM3NTBmYzcwNDFlZGVkODRiYmNiNTA5Yg&gdpr=0

Request Chain 274

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9fa15752-811e-4e1a-9968-2f6499bac335&gdpr=0&gdpr_consent=&expires=30

Request Chain 275

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t

Request Chain 276

https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtCRVRZWFUtSS1LVkRE&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEKiI2oZJooWRHGmEAiWRo9o&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtCRVRZWFUtSS1LVkRE&google_push=&gdpr=0

Request Chain 277

https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKBETYXU-I-KVDD&gdpr=0

Request Chain 278

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELyKcTg3Ah9MwW3gktEkOFA&google_cver=1

Request Chain 279

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/e4rWe_dOEShaqlRL0ImCmg?csrc=&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tQaaoBlE2oLghTOolAXDr7HAoU_IruUthb66JA--~A

Request Chain 280

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=jPQSPzArRSS2F5Au3ZBEfA&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jPQSPzArRSS2F5Au3ZBEfA&gdpr=0

Request Chain 288

https://ups.analytics.yahoo.com/ups/58675/occ?gdpr=0&gdpr_consent= HTTP 302
https://u.4dex.io/setuid?bidder=yahoo&uid=y-Ww01GGRE2uFUYqN0cDFBYSmwMhIDKhv_lK7plws-~A&gdpr=0

Request Chain 292

https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D&s=194558&C=1 HTTP 302
https://u.4dex.io/setuid?bidder=indexexchange&uid=ZLlq8Cem3U2ac0ecaHH2TQAAFRcAAAAB

Request Chain 321

https://s-cs.send.microad.jp/cs?key=google_1&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Request Chain 322

https://cm.g.doubleclick.net/pixel?google_nid=adingo_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://cs.adingo.jp/sync/?from=dbm&id=CAESELxKisSwbzm5wmqtKBG2q1A&google_cver=1&gdpr=0

Request Chain 326

https://ssp-sync.criteo.com/user-sync/redirect?profile=73&gdprapplies=0&gdpr=&gpp=&gpp_sid= HTTP 302
https://x.bidswitch.net/sync?ssp=criteo&custom_data=km8cBV9pOFdHRDhoWEJxVzR6eG41OGU0aWhHZGhJR3VUTFgxdVJVdk5HWGtidjlET1NWVmRnNG83VUpMMUd6M25jYXdNNGZ4WHVBemVwTXV0ZHVQTUlDUExKQmZtdkVOQUZrNFpOMVFlSWJBJTJGYXN6MTVQR0ZQTXdIZ1ZsTFRDWlhaVHRGZ2Vqd0tRdDdBSmgxbVFldmNNVUlrc2p4ciUyQjFGZVNRZWFmNWZBZU93YXhxMWNOcWwlMkJnTE5FSHFwdnNQTjVSbW8&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-wKFxrBMw5O7c9qz75LE3pmTytllrYasHG7Lz0w HTTP 302
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://widget.as.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-wKFxrBMw5O7c9qz75LE3pmTytllrYasHG7Lz0w&gdpr=&gdpr_consent= HTTP 302
https://ssp-sync.criteo.com/user-sync/match?p=&u=817c9144-d961-4726-86a6-7595c6e4d090

Request Chain 327

https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&tc=1 HTTP 302
https://ups.analytics.yahoo.com/ups/57926/sync?uid=jrwlP7uJsVbHhNsmKEft&pi=aol&_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&tc=1

Request Chain 328

https://ib.adnxs.com/getuid?https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55936%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26redir2%3Dtrue%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55936/sync?uid=6041145649349111353&_origin=0&redir2=true&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&gdpr=0&gdpr_consent= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/msft/csrc/3/6041145649349111353

Request Chain 329

https://c1.adform.net/serving/cookie/match/?CC=1&party=15&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&curl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55944%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3d0%26gdpr_consent%3d%26gpp_sid%3D%26gpp%3D HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=4931925723668045182&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=

Request Chain 330

https://x.bidswitch.net/sync?ssp=rmx&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=rmx HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=4931925723668045182&ssp=rmx HTTP 302
https://ups.analytics.yahoo.com/ups/55859/sync?uid=817c9144-d961-4726-86a6-7595c6e4d090&_origin=0&gdpr=&gdpr_consent=

Request Chain 331

https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&r=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58294%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3D%26gpp%3D%26uid%3D HTTP 302
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&uid=684f62ba-62be-4f94-83a3-bc3b8df4a726

Request Chain 334

https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gpp=&gpp_sid= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/y-Ndcirm5E2uL94S1lR35TFNaUUcioEy0-~A

Request Chain 335

https://c.bing.com/c.gif?Red3=OATHMS_pd&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/msn/23507AF097AB61D239CA69A496F6601E

Request Chain 337

https://ups.analytics.yahoo.com/ups/58230/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-oIFqeshE2uFt_uH6Jo4xUquJbwt3Ug--~A&gdpr=0

Request Chain 355

https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 307
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1

Request Chain 358

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=jrwlP7uJsVbHhNsmKEft&pi=gumgum

Request Chain 360

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=atm&i=ZLlq7QACT-5HnwAb&gdpr=0&gdpr_consent=

Request Chain 362

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZLlq8cCo5ucAAOz0akIAAAAA

Request Chain 364

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=ttd&i=9fa15752-811e-4e1a-9968-2f6499bac335

Request Chain 366

https://cs.admanmedia.com/sync/gumgum?puid=a_87b1b6ce-c47f-4bbe-a6be-2036ba058ca7&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa= HTTP 302
https://usersync.gumgum.com/usersync?b=aad&i=4b2bfb3d-f39a-4a9e-8cb5-1df8887658e7

Request Chain 370

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 371

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=undefined&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D$%7BUID%7D HTTP 302
https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=7f556efc-034b-4634-bb08-bd249b0c91c2

Request Chain 372

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=undefined&us_privacy= HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LKBETYXU-I-KVDD&gdpr=0&gdpr_consent=undefined

Request Chain 373

https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent= HTTP 302
https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&s=2

Request Chain 374

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID HTTP 303
https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=undefined&uid=4931925723668045182

Request Chain 377

https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=0&gdpr_consent=undefined&us_privacy= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=817c9144-d961-4726-86a6-7595c6e4d090&google_hm=ODE3YzkxNDQtZDk2MS00NzI2LTg2YTYtNzU5NWM2ZTRkMDkw HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFdX2gWhD0gPFDGDv6xuMNE&google_cver=1&ssp=vidoomy&bsw_param=817c9144-d961-4726-86a6-7595c6e4d090 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=817c9144-d961-4726-86a6-7595c6e4d090

Request Chain 382

https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=undefined&partner_id=2157&r=https%3A%2F%2Fsync.missena.io%2Fimprovedigital%2F%7BPUB_USER_ID%7D HTTP 302
https://sync.missena.io/improvedigital/de1353e2-9a29-450f-b39f-f321b37d86d5

Request Chain 383

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined HTTP 301
https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined

Request Chain 385

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=missena&gdpr=0&gdpr_consent=undefined&gdpr_consent=undefined&gdpr=0&khaos=LKBETYXU-I-KVDD HTTP 302
https://sync.missena.io/magnite/LKBETYXU-I-KVDD?gdpr=0&gdpr_consent=undefined

Request Chain 387

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=pbs&r=https://sync.missena.io/richaudience/%5BPDID%5D HTTP 302
https://sync.missena.io/richaudience/ab3b7a1c-1d30-4f54-9e6d-0zz1689873133

Request Chain 389

https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=undefined&nwid=3927&url=https%3A%2F%2Fsync.missena.io%2Fsmart%2F%5Bsas_uid%5D HTTP 302
https://sync.missena.io/smart/161175378474174537

Request Chain 391

https://csync.smilewanted.com/getuid?gdpr=0&gdpr_consent=undefined&pubid=3924&redirect=https%3A%2F%2Fsync.missena.io%2Fsmilewanted%2F%24UID&source=openrtb-via-prebid-server HTTP 302
https://sync.missena.io/smilewanted/8847e0255600dd0b501c75630d89e04c

Request Chain 392

https://secure.adnxs.com/getuid?https://sync.missena.io/xandr/$UID?fu&gdpr=0&gdpr_consent=undefined HTTP 302
https://sync.missena.io/xandr/6041145649349111353?fu&gdpr=0&gdpr_consent=undefined

Request Chain 393

https://ups.analytics.yahoo.com/ups/58673/occ?gdpr=0&gdpr_consent=undefined HTTP 302
https://sync.missena.io/yahoo/y-Ww01GGRE2uFUYqN0cDFBYSmwMhIDKhv_lK7plws-~A?gdpr=0

Request Chain 394

https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=undefined&uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&url=https%3A%2F%2Fsync.missena.io%2Fadyoulike%2F%7BuserId%7D HTTP 307
https://sync.missena.io/adyoulike/ac6e6a84c0129ea84e5c28d0518b8bf8

Request Chain 395

https://id.a-mx.com/usync?uid=&gdpr_consent= HTTP 302
https://prebid.a-mo.net/cchain/0 HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F2119%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D31956c23-248a-4996-9347-39b34a7ff92f%26bidder%3Dappnexus%26cbx%3D%26uid%3D%24UID HTTP 302
https://prebid.a-mo.net/cchain/0/2119?gdpr=&gdpr_consent=&us_privacy=&A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=appnexus&cbx=&uid=6041145649349111353 HTTP 302
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F2119%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D31956c23-248a-4996-9347-39b34a7ff92f%26bidder%3Dsovrn%26cbx%3D%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F2119%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D31956c23-248a-4996-9347-39b34a7ff92f%26bidder%3Dsovrn%26cbx%3D%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://prebid.a-mo.net/cchain/3/2119?gdpr=&gdpr_consent=&us_privacy=&A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=sovrn&cbx=&uid=HA2ILLZHTHEuzX5AQkus6IgK HTTP 302
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F2119%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D31956c23-248a-4996-9347-39b34a7ff92f%26bidder%3Dadform%26cbx%3D%26uid%3D%24UID HTTP 303
https://prebid.a-mo.net/cchain/5/2119?gdpr=&gdpr_consent=&us_privacy=&A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=adform&cbx=&uid=4931925723668045182

Request Chain 396

https://x.bidswitch.net/sync?ssp=adaptmx&user_id=31956c23-248a-4996-9347-39b34a7ff92f&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=817c9144-d961-4726-86a6-7595c6e4d090&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 397

https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=31956c23-248a-4996-9347-39b34a7ff92f HTTP 302
https://prebid.a-mo.net/setuid/yahoo?uid=y-Ww01GGRE2uFUYqN0cDFBYSmwMhIDKhv_lK7plws-~A&gdpr=0

Request Chain 398

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://prebid.a-mo.net/setuid/magnite?uid=LKBETYXU-I-KVDD&gdpr=0

Request Chain 399

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D31956c23-248a-4996-9347-39b34a7ff92f%26bidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=openx&uid=7f556efc-034b-4634-bb08-bd249b0c91c2

Request Chain 400

https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D31956c23-248a-4996-9347-39b34a7ff92f%26bidder%3Dadform%26uid%3D%24UID HTTP 303
https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=adform&uid=4931925723668045182

Request Chain 401

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D31956c23-248a-4996-9347-39b34a7ff92f%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=smartadserver&uid=161175378474174537

Request Chain 402

https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D31956c23-248a-4996-9347-39b34a7ff92f%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D31956c23-248a-4996-9347-39b34a7ff92f%26bidder%3Dpubmatic%26uid%3D141C74A5-B50F-4CFF-8575-960D9DCA6DC3 HTTP 302
https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=pubmatic&uid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3

Request Chain 403

https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D31956c23-248a-4996-9347-39b34a7ff92f%26bidder%3Dindex_rtb%26uid%3D HTTP 302
https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=index_rtb&uid=ZLlq8Cem3U2ac0ecaHH2TQAA%265399

Request Chain 404

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D31956c23-248a-4996-9347-39b34a7ff92f%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D31956c23-248a-4996-9347-39b34a7ff92f%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=sovrn&uid=HA2ILLZH6FpT3rGIQymTQGgm

Request Chain 405

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D31956c23-248a-4996-9347-39b34a7ff92f%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=appnexus&uid=6041145649349111353

Request Chain 414

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID HTTP 307
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID&sovrn_retry=true HTTP 307
https://csync.smilewanted.com/set_partner_userid_get/sovrn/HA2ILLZHmvMw19H-Sm2BLY-g

Request Chain 415

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/richaudience/ab3b7a1c-1d30-4f54-9e6d-0zz1689873133

Request Chain 417

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1689873138216 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=6146018267 HTTP 302
https://sync.1rx.io/usersync/turn/4123746814959108888?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-423f4343-3912-4957-943a-469617546e0d-004?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-423f4343-3912-4957-943a-469617546e0d-004 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-423f4343-3912-4957-943a-469617546e0d-004

Request Chain 418

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-421440300299332427 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/betweenx/9731948c-e92e-54c9-a64a-22bfc2f3484d

Request Chain 419

https://u.openx.net/w/1.0/cm?id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D HTTP 302
https://u.4dex.io/setuid?bidder=openx&uid=ca81e5a6-6dbc-4715-9c2d-4016c1d55aa7

Request Chain 421

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=9fa15752-811e-4e1a-9968-2f6499bac335&dongle=0cfd&gdpr=0&gdpr_consent=

Request Chain 422

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM3NTY2ODE3MzY3MTk4NzY4MTI5 HTTP 302
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

Request Chain 423

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDGCm89cznk1oxkNuNKY89U&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 424

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM3NTY2ODE3MzY3MTk4NzY4MTI5

Request Chain 426

https://x.bidswitch.net/sync?ssp=triplelift&user_id=237566817367198768129&gdpr=0&gdpr_consent= HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=60efbb57-2267-4652-b393-c2f0667b04c4&ssp=triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=817c9144-d961-4726-86a6-7595c6e4d090&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 428

https://pr-bh.ybp.yahoo.com/sync/triplelift/237566817367198768129?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-VScbk2dE2oQLIqBoQyT0b0R2uWaObUaAHqoJD14Lqg--~A&dongle=0883

Request Chain 429

https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
https://stags.bluekai.com/site/23178?id=5nyIHNHYatsdhuk_fBpQ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5GVXHSSKIJZEFSYLUONSGQ5LLL5TEE4CR&gdpr=0 HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5GVXHSSKIJZEFSYLUONSGQ5LLL5TEE4CR HTTP 302
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=5nyIHNHYatsdhuk_fBpQ

Request Chain 430

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=6041145649349111353&dongle=4d58&gdpr=0&gdpr_consent=

Request Chain 431

https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/7bfd7373ddb330b07b9a9d9bc9363b48c078e9ae1d321c806ec86393abf5297f

Request Chain 432

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Request Chain 433

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1689873138085.4&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D

Request Chain 434

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1689873138085.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D

Request Chain 435

https://ssc-cms.33across.com/ps/?_=1689873138085.&ri=0015a00002oUk4aAAC&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
https://u.4dex.io/setuid?bidder=33across&uid=212164344206024

Request Chain 436

https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=93&user_id=9fa15752-811e-4e1a-9968-2f6499bac335&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=817c9144-d961-4726-86a6-7595c6e4d090 HTTP 302
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=817c9144-d961-4726-86a6-7595c6e4d090&ts=1689873138&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 437

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1689873138085.6&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=6041145649349111353

Request Chain 438

https://px.ads.linkedin.com/db_sync?pid=15927&puuid=1yuPQ2S5avGDNq5xRuEGzQ%3D%3D&us_privacy=&_rand=1689873138085.7 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=1yuPQ2S5avGDNq5xRuEGzQ%3D%3D&us_privacy=&_rand=1689873138085.7&expected_cookie=e367e610-7947-4429-9f6e-12e27ee764ac

Request Chain 439

https://map.go.affec.tv/map/3a/?pid=1yuPQ2S5avGDNq5xRuEGzQ%3D%3D&us_privacy=&ts=1689873138085.8 HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D64b96af25d4b1a00017f5a71%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 302
https://map.go.affec.tv/map/an/6041145649349111353?ch=64b96af25d4b1a00017f5a71&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent= HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://map.go.affec.tv/map/ttd/9fa15752-811e-4e1a-9968-2f6499bac335?ttd_puid=&gdpr=0&gdpr_consent=

Request Chain 440

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=1yuPQ2S5avGDNq5xRuEGzQ%3D%3D&us_privacy=&random=1689873138085.9&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://dpm.demdex.net/ibs:dpid=540&dpuuid=eb972ec4-bd73-4a82-b320-6f31bc0f5988&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3Deb972ec4-bd73-4a82-b320-6f31bc0f5988%252C%252C HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=eb972ec4-bd73-4a82-b320-6f31bc0f5988&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3Deb972ec4-bd73-4a82-b320-6f31bc0f5988%252C%252C HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=02539039547372527444589749211747002383&pt=eb972ec4-bd73-4a82-b320-6f31bc0f5988%2C%2C

Request Chain 441

https://dp1.33across.com/ps/?pid=669&uid=1yuPQ2S5avGDNq5xRuEGzQ%3D%3D&us_privacy=&random=1689873138085.10&pu=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html HTTP 302
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212164344206024&seg_code=33x&random=1689873138

Request Chain 443

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
https://csync.smilewanted.com/set_partner_userid_get/adform/4931925723668045182

Request Chain 444

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&gdpr_consent=undefined&gdpr=0&khaos=LKBETYXU-I-KVDD HTTP 302
https://ssc-cms.33across.com/ps/?xi=1&xu=LKBETYXU-I-KVDD&gdpr=0&gdpr_consent=undefined HTTP 302
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LKBETYXU-I-KVDD&ts=1689873139&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 445

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/add0c06fe74706fc111c7542e4227ee?gdpr_consent=&gdpr=0

Request Chain 446

https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/sharethrough/%7BSTX_USER_ID%7D?gdpr=0

Request Chain 447

https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID} HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/smartyads/0caf2e976c1d8df391e6406e7fe82730402b87e436ef4d2c08c0ad117b27a31a

Request Chain 452

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=md1rDxNSzPM28DGGyU5p9Q==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 453

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072588&val=EbSD-EmNUez-l

Request Chain 454

https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4123746814959108888&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 455

https://match.adsrvr.org/track/cmf/openx?oxid=468be133-bad4-75dd-d084-7d311a57534f&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=9fa15752-811e-4e1a-9968-2f6499bac335&ttd_puid=468be133-bad4-75dd-d084-7d311a57534f&gdpr=0&gdpr_consent=

Request Chain 456

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZLlq8cCo5ucAAOz0akIAAAAA

Request Chain 457

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQmboG4ipd8wks8AD7Il6q7Bq88AAAGJdEnDKw

Request Chain 459

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJVCJDxHtPZEGTa95M46uHQ&google_cver=1

Request Chain 462

https://pixel.advertising.com/ups/58170/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true HTTP 301
https://ups.analytics.yahoo.com/ups/58170/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true HTTP 302
https://sync.richaudience.com/03635d2e5423be5c297a9b6f812b727e/?action=in&uid=y-1jz4B1lE2uHC1g9gO7eJPiaUBXbJacDO~A&gdpr=0

Request Chain 463

https://ups.analytics.yahoo.com/ups/58368/occ?gdpr=0&gdpr_consent= HTTP 302
https://sync.richaudience.com/1334b6ec0ff0dc970481738a2374448c/?uid=y-u1D.YDNE2uEkdBoyWpXjZf3lR8ZSpY1JPMXBcjQ-~A&gdpr=0

Request Chain 464

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=6041145649349111353&gdpr=0&gdpr_consent=

Request Chain 465

https://id5-sync.com/s/286/9.gif?puid=ab3b7a1c-1d30-4f54-9e6d-0zz1689873133&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fuid%3D%7BID5UID%7D HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F441%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/286/441/8/2.gif?puid=a_87b1b6ce-c47f-4bbe-a6be-2036ba058ca7&gdpr=0&gdpr_consent= HTTP 302
https://inmobi-match.dotomi.com/match/bounce/current?networkId=98193&version=1&gdpr=0&gdpr_consent= HTTP 302
https://inmobi-match.dotomi.com/match/bounce/current?DotomiTest=1c01eb56d7a41b46&is_secure=true&networkId=98193&version=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/822.gif?puid=AAANK4z3XDE7VwNOA-j8AAAAAAA&expiration=1689959539&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F826%2F6%2F4.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D

Request Chain 466

https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=ab3b7a1c-1d30-4f54-9e6d-0zz1689873133 HTTP 302
https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=817c9144-d961-4726-86a6-7595c6e4d090&gdpr=0&gdpr_consent=&us_ps=

Request Chain 469

https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1476273142 HTTP 302
https://sync.1rx.io/usersync/tradedesk/9fa15752-811e-4e1a-9968-2f6499bac335 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-423f4343-3912-4957-943a-469617546e0d-004?redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-423f4343-3912-4957-943a-469617546e0d-004 HTTP 302
https://u.4dex.io/setuid?bidder=unruly&uid=RX-423f4343-3912-4957-943a-469617546e0d-004

Request Chain 470

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://u.4dex.io/setuid?bidder=sovrn&uid=HA2ILLZHTHEuzX5AQkus6IgK

Request Chain 473

https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZLlq7QACT-5HnwAb&gdpr=0&gdpr_consent=

Request Chain 474

https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=zOB8ZESmyV2h&ev=1&pid=560288&gdpr_consent=&gdpr=0

Request Chain 475

https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6041145649349111353&gdpr=0&gdpr_consent=

Request Chain 476

https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=9fa15752-811e-4e1a-9968-2f6499bac335&gdpr=0&gdpr_consent=

Request Chain 479

https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://u.4dex.io/setuid?bidder=appnexus&uid=6041145649349111353

474 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request windows-file-collective-acquisition.html Show response
tsuredurediary.com/archives/ 806 KB
139 KB 429ms
381ms Document
text/html 183.181.90.31
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.90.31 Ichikawa, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv8350.xserver.jp
Software: nginx /
Resource Hash: ccf5f6c66040f32f554355fd79cb355d7b4d88bfa8514795cf41fac4e4162212

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: max-age=1
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 17:12:11 GMT
expires: Thu, 20 Jul 2023 17:12:12 GMT
link: <https://tsuredurediary.com/wp-json/>; rel="https://api.w.org/", <https://tsuredurediary.com/wp-json/wp/v2/posts/1897>; rel="alternate"; type="application/json", <https://tsuredurediary.com/?p=1897>; rel=shortlink
server: nginx
vary: Accept-Encoding Accept-Encoding

GET
H2 200 icomoon.woff
tsuredurediary.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/ 13 KB
13 KB 15ms
9ms Font
application/x-font-woff 183.181.90.31
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://tsuredurediary.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.woff
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.90.31 Ichikawa, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv8350.xserver.jp
Software: nginx /
Resource Hash: ef76f153d610c355de8f8aeb1fbe3c17c3f40927d999d2ad4fbf54a7034e43f0

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Origin: https://tsuredurediary.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:11 GMT
last-modified: Sun, 09 Jul 2023 06:16:28 GMT
server: nginx
content-type: application/x-font-woff
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 13000
expires: Fri, 19 Jul 2024 17:12:11 GMT

GET
H2 200 fontawesome-webfont.woff2
tsuredurediary.com/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/ 75 KB
76 KB 15ms
8ms Font
application/x-font-woff2 183.181.90.31
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://tsuredurediary.com/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.90.31 Ichikawa, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv8350.xserver.jp
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Origin: https://tsuredurediary.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:11 GMT
last-modified: Sun, 09 Jul 2023 06:16:28 GMT
server: nginx
content-type: application/x-font-woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 77160
expires: Fri, 19 Jul 2024 17:12:11 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 88 KB
31 KB 51ms
2ms Script
text/javascript 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js?ver=3.6.1

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 12:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31100
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jul 2024 12:49:27 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/ 11 KB
4 KB 28ms
12ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/jquery-migrate.min.js?ver=3.0.1

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 69297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3720
last-modified: Thu, 22 Jun 2023 11:06:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1a-e88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xg2Ra9XgPdQtchjBQqlO0HQpKqHd59mNnSJvAVX1eKw1S%2FSiydMBtv%2B%2FKc6rWh8kQBY37xoHQ4KcEFpwEPAzZ7jInZ3j5hSaLNZ%2BlFbY%2FoFJlCNebi5J6DhY1Jgq5yjGMP9xfhp1IylEJHVLthe3V8ma"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7e9cd3e289d61f93-NRT
expires: Tue, 09 Jul 2024 17:12:11 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 128 KB
49 KB 89ms
45ms Script
application/javascript 2404:6800:4004:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PW8KKZC

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17b1cfbbd03de405e509c545ceb770ba29bc8acc8b928e75209dad484bf85bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50181
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 16:37:13 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Jul 2023 17:12:12 GMT

GET
H2 200 vcdal.js Show response
aml.valuecommerce.com/ 34 KB
35 KB 64ms
3ms Script
application/javascript 2600:9000:208e:800:18:82c:9d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aml.valuecommerce.com/vcdal.js
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:208e:800:18:82c:9d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6c588aa6f9d444b6f2c7804c090846197f2d66280471c9677ee6779c90cd4a2b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:08:36 GMT
via: 1.1 7fafe95727fa18769b88335085d7b2d4.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT20-C3
age: 216
x-guploader-uploadid: ADPycduWFR0meP2u2B7Sj-G72D0UTb44XP0eoO5LK_61yd8GY6nlMNduwfLH9_0B8vFxZZkh_4dmNWzQEVp8d8P8VrgtRA
x-cache: Hit from cloudfront
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 35074
last-modified: Mon, 17 Jan 2022 07:06:41 GMT
server: UploadServer
etag: "681c1b1ecd9c2e0dd35da7c074214531"
vary: Accept-Encoding
x-goog-hash: crc32c=2VymBw==, md5=aBwbHs2cLg3TXafAdCFFMQ==
x-goog-generation: 1642403201413885
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Range, x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 35074
accept-ranges: bytes
x-amz-cf-id: DU6yN4aADCaZ_-oYCWj9NGT9jl0bCKxEvoteQxitIktzyufOp_7LiA==
expires: Thu, 20 Jul 2023 17:13:36 GMT

GET
H2 200 windows-file-collective-acquisition-01.jpg
tsuredurediary.com/wp-content/uploads/2020/04/ 87 KB
88 KB 12ms
10ms Image
image/jpeg 183.181.90.31
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsuredurediary.com/wp-content/uploads/2020/04/windows-file-collective-acquisition-01.jpg
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.90.31 Ichikawa, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv8350.xserver.jp
Software: nginx /
Resource Hash: 94101896d56c9102c285bcb3aaf24c9e7478f74d6bbbd398f20f531a8468a64c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
last-modified: Sun, 19 Apr 2020 07:46:48 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 89570
expires: Fri, 19 Jul 2024 17:12:12 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 5 KB
3 KB 17ms
1ms Script
text/html 2a02:6ea0:d300::13
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=6
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::13 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3bbf08f327af6d3ca639ab48e802f5dbde9140c72cb3dc161102c3b008c70eaa

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-77-nzt: AVm7oB3JyDX/FbkAAA
x-accel-expires: @1690430550
date: Thu, 20 Jul 2023 17:12:11 GMT
x-77-pop: tokyoJP
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: f5cf380c4d82cd5ceb6ab96405a1013a
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 47381
x-accel-date: 1689825750

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 103 KB
17 KB 3ms
3ms Script
text/html 2a02:6ea0:d300::13
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102422&formatId=6
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::13 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 35d7dfab4e8c7123458b1e4155616b68f1cfd1f102422a98745ae3c2c6784011

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-77-nzt: AVm7oB0G0kf/ibgAAA
x-accel-expires: @1690430690
date: Thu, 20 Jul 2023 17:12:11 GMT
x-77-pop: tokyoJP
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: f5cf380c4d82cd5ceb6ab964b6ec213a
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 47241
x-accel-date: 1689825890

GET
H2 200 no-amp-logo.png
tsuredurediary.com/wp-content/themes/cocoon-master/images/ 2 KB
3 KB 12ms
10ms Image
image/png 183.181.90.31
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsuredurediary.com/wp-content/themes/cocoon-master/images/no-amp-logo.png
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.90.31 Ichikawa, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv8350.xserver.jp
Software: nginx /
Resource Hash: 175c4fe3443878bf56533ef4f3911719314806ededecdf3417b75a3e39873316

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
last-modified: Sun, 09 Jul 2023 06:16:28 GMT
server: nginx
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2476
expires: Fri, 19 Jul 2024 17:12:12 GMT

GET
H/1.1 200
OK bgt
www28.a8.net/svt/ 90 KB
90 KB 27ms
7ms Image
image/gif 3.114.88.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www28.a8.net/svt/bgt?aid=200709164558&wid=001&eno=01&mid=s00000008903001069000&mc=1
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.88.99 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-88-99.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 4c504ccdfe7b04ce83f14728890b94cbaaaaacf4d69105c0adbc001d17e480d5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 17:12:12 GMT
Server: Apache
Connection: keep-alive
Content-Length: 92038
Content-Type: image/gif

GET
H/1.1 200
OK 0.gif
www13.a8.net/ 43 B
184 B 18ms
3ms Image
image/gif 35.75.249.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www13.a8.net/0.gif?a8mat=3BHW6K+987WC2+1WP2+6D4GH
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.75.249.253 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-75-249-253.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 17:12:12 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 cse.js Show response
cse.google.com/ 6 KB
3 KB 112ms
62ms Script
text/javascript 2404:6800:4004:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-3631427856212057:egnlnm6f2vr

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

59960f2cc2c46728b9bae8a7a7a843bce4c43e5f3af3a95012c8b277dc7c84b5

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-1Xh29i6dIrF0t013CtH9PQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-1Xh29i6dIrF0t013CtH9PQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Thu, 20 Jul 2023 17:12:12 GMT
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2432
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 16ms
2ms Script
application/javascript 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/7316) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 17:12:12 GMT
Content-Encoding: gzip
Age: 564
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (tkb/7316)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 5 KB
3 KB 2ms
2ms Script
text/html 2a02:6ea0:d300::13
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=20
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::13 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3bbf08f327af6d3ca639ab48e802f5dbde9140c72cb3dc161102c3b008c70eaa

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-77-nzt: AVm7oB0Jklv/DrkAAA
x-accel-expires: @1690430557
date: Thu, 20 Jul 2023 17:12:11 GMT
x-77-pop: tokyoJP
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: f5cf380c4d82cd5ceb6ab9642cd8423a
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 47374
x-accel-date: 1689825757

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 103 KB
17 KB 5ms
3ms Script
text/html 2a02:6ea0:d300::13
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102422&formatId=20
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::13 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6c3412b9fce9f497b1f1a5a20031ea70d6ecc0da6cbb98351248174161197a75

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-77-nzt: AVm7oB0EnEj/irgAAA
x-accel-expires: @1690430690
date: Thu, 20 Jul 2023 17:12:12 GMT
x-77-pop: tokyoJP
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: f5cf380c4d82cd5cec6ab9645bb46c00
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 47242
x-accel-date: 1689825890

GET
H2 200 parts_view.js Show response
blogparts.blogmura.com/js/ 3 KB
3 KB 18ms
4ms Script
application/javascript 35.75.137.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://blogparts.blogmura.com/js/parts_view.js
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.75.137.85 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-75-137-85.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: c9c88e8e5e3a54f5bf0694797b4eb8092cdc73260eb8a915d56917e5d160866d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
last-modified: Wed, 19 Jul 2023 02:16:03 GMT
accept-ranges: bytes
content-length: 2958
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript

GET
H/1.1 200
OK / Show response
blog.with2.net/parts/2.0/ 104 KB
37 KB 143ms
34ms Script
text/javascript 153.120.49.89
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.with2.net/parts/2.0/?id=2040419:E9b3cHvr/WM
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 153.120.49.89 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www35.with2.net
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c4a272a7bf5c8530717d5cc5797032154d66f321ebf8f17f4c24a55ff201e062

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 17:12:12 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript; charset=euc-jp
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 37089

GET
H/1.1 200
OK bgt
www22.a8.net/svt/ 114 KB
114 KB 25ms
5ms Image
image/gif 35.75.249.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www22.a8.net/svt/bgt?aid=220920658074&wid=001&eno=01&mid=s00000007633011027000&mc=1
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.75.249.253 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-75-249-253.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 7120af7d0980c2ed7cc7e422112b729397720397a5ee27099220bf3503705005

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 17:12:12 GMT
Server: Apache
Connection: keep-alive
Content-Length: 116351
Content-Type: image/gif

GET
H/1.1 200
OK 0.gif
www13.a8.net/ 43 B
184 B 18ms
4ms Image
image/gif 35.75.249.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www13.a8.net/0.gif?a8mat=3NJ3GY+1823JM+1MWA+1TNGVL
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.75.249.253 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-75-249-253.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 17:12:12 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 919 B
904 B 83ms
37ms Script
text/javascript 2404:6800:4004:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d7ebf7f6fa84a8b4df36bae2e933e4f1d34c70589649515c37b18c3d37bbc3cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 584
x-xss-protection: 1; mode=block
expires: Thu, 20 Jul 2023 17:12:12 GMT

GET
H2 200 highlight.min.js Show response
tsuredurediary.com/wp-content/themes/cocoon-master/plugins/highlight-js/ 69 KB
28 KB 13ms
11ms Script
application/javascript 183.181.90.31
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://tsuredurediary.com/wp-content/themes/cocoon-master/plugins/highlight-js/highlight.min.js?ver=6.2.2&fver=20230709061628
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.90.31 Ichikawa, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv8350.xserver.jp
Software: nginx /
Resource Hash: b2ae8517e81208ac6e60d7aa50524a409b21a3b45d8261d170171c7aacd8d851

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
content-encoding: br
last-modified: Sun, 09 Jul 2023 06:16:28 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 19 Jul 2024 17:12:12 GMT

GET
H2 200 e-202329.js Show response
stats.wp.com/ 7 KB
3 KB 12ms
2ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202329.js
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT nrt
date: Thu, 20 Jul 2023 17:12:12 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1684464930779.0781
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 15 Jul 2024 06:33:20 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
51 KB 102ms
52ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3631427856212057

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11630cb02fb0ee513f63c4dfe30a8dbd1a084b56d2e68f186dcaaaa4a5558f2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Origin: https://tsuredurediary.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51365
x-xss-protection: 0
server: cafe
etag: 13220625495405949275
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:12:12 GMT

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 3 KB
2 KB 56ms
4ms Script
application/javascript 2600:9000:21ee:7600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ee:7600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:11:25 GMT
content-encoding: gzip
via: 1.1 0bc155b40d887df7641ec94214c25e5c.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:53:56 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C4
age: 48
x-amz-server-side-encryption: AES256
etag: W/"c53bd785b1ee57b613221019d7d72626"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: vodKoUPprq6ZBkPj35ex7k8-jmFGbEaVU9L_iDKCDV9EcZTfnwaJ4Q==

GET
H2 200 access.php
tsuredurediary.com/wp-content/themes/cocoon-master/lib/analytics/ 0
146 B 130ms
130ms Image
text/html 183.181.90.31
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsuredurediary.com/wp-content/themes/cocoon-master/lib/analytics/access.php?post_id=1897&post_type=post
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.90.31 Ichikawa, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv8350.xserver.jp
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=1
accept-ranges: bytes
content-length: 0
expires: Thu, 20 Jul 2023 17:12:13 GMT

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
281 B 798ms
298ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=0&f=0&fi=666
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
server: nginx
x-iplb-request-id: D98AFCC4:B8EC_36264064:01BB_64B96AEC_C8410D2:2F08D
x-iplb-instance: 38439
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
281 B 860ms
298ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=102422&f=6&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102422&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
server: nginx
x-iplb-request-id: D98AFCC4:B8F6_36264064:01BB_64B96AEC_C85E7B0:2F089
x-iplb-instance: 38439
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

GET
H2 200 lib_fs_close.js Show response
ads.themoneytizer.com/ 667 B
795 B 9ms
4ms Script
application/javascript 2a02:6ea0:d300::13
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/lib_fs_close.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102422&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::13 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-77-pop: tokyoJP
date: Thu, 20 Jul 2023 17:12:12 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 47382
x-accel-date: 1689825750
x-77-nzt: AVm7oB3D5Sz/FrkAAA
pragma: public
x-accel-expires: @1689912150
last-modified: Thu, 19 Jan 2023 15:05:03 GMT
server: CDN77-Turbo
x-77-nzt-ray: f5cf380c4d82cd5cec6ab964301b8201
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Fri, 21 Jul 2023 04:02:30 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1097/ 104 KB
35 KB 31ms
3ms Script
application/javascript 23.49.98.204
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1097/smart.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102422&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.98.204 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-98-204.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3e40a8797f23fbf2d6f13be09a75eb47940235e948d6dc7de07e1e14187381b3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 17:12:12 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=7200
Connection: keep-alive
Content-Length: 35384
Expires: Thu, 20 Jul 2023 19:12:12 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
291 B 15ms
4ms Script
text/javascript 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102422&formatId=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 209553
expires: 60

GET
H2 200 mapper.js Show response
spl.zeotap.com/ 61 KB
20 KB 31ms
17ms Script
application/javascript 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102422&formatId=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=2592000; includeSubDomains; preload
age: 8677
cf-polished: origSize=62056
cf-bgj: minify
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.meiban-navi.net
cache-control: public, max-age=21600
access-control-allow-credentials: true
cf-ray: 7e9cd3e35d22b009-NRT
access-control-allow-headers: *
expires: Thu, 20 Jul 2023 20:47:35 GMT

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 5 KB
6 KB 941ms
235ms Script
application/javascript 145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102422&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.51 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 17:12:12 GMT
Last-Modified: Thu, 14 Oct 2021 07:27:53 GMT
Server: nginx/1.20.1
X-IPLB-Request-ID: D98AFCC4:D7FC_91EFC133:01BB_64B96AEC_17852536:DE7C
ETag: "6167dbf9-15ab"
X-IPLB-Instance: 29922
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5547

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 906A 2 KB
815 B 838ms
277ms Document
text/html 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1689873132020

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102422&formatId=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 226ms
68ms Script
application/javascript 2620:116:800e:21:36b5:1576:d999:6e52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102422&formatId=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800e:21:36b5:1576:d999:6e52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 27 Jul 2023 17:12:12 GMT

GET
H2 200 px.js Show response
p.cpx.to/p/12770/ 4 KB
2 KB 773ms
243ms Script
application/javascript 34.248.128.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12770/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102422&formatId=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.128.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-128-167.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9842fc9d0ab98b8220a7d168404aedf4edf3508e68bcb6f8eee9b8a0f1684347

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
content-encoding: gzip
cache-control: max-age=2419200, public
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 22ms
3ms Script
text/javascript 99.84.59.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102422&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.59.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-59-217.nrt20.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 00:11:11 GMT
Via: 1.1 4d1d94485bad1bf3835c40164ae90b1e.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
X-Amz-Cf-Pop: NRT20-C3
Age: 61261
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: aiXiKJMs5T1FPKKvKNupVi8PcYnoMNbk5VKJS_HNSa0cSwQ9fhAIhA==

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid7_52/build/dist/ 532 KB
179 KB 10ms
7ms Script
application/javascript 2a02:6ea0:d300::13
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102422&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::13 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1b771b41d696097963aa09cd10174219d563fa4de2f9a096d6f84f04902f29b1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-77-pop: tokyoJP
date: Thu, 20 Jul 2023 17:12:12 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 47383
x-accel-date: 1689825749
x-77-nzt: AVm7oB04kWT/F7kAAA
pragma: public
x-accel-expires: @1689912149
last-modified: Wed, 05 Jul 2023 19:42:33 GMT
server: CDN77-Turbo
x-77-nzt-ray: f5cf380c4d82cd5cec6ab964fe75ca01
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Fri, 21 Jul 2023 04:02:29 GMT

GET
H2 200 windows-file-collective-acquisition-02.jpg
tsuredurediary.com/wp-content/uploads/2020/04/ 105 KB
105 KB 12ms
10ms Image
image/jpeg 183.181.90.31
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsuredurediary.com/wp-content/uploads/2020/04/windows-file-collective-acquisition-02.jpg
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.90.31 Ichikawa, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv8350.xserver.jp
Software: nginx /
Resource Hash: 92a113885bb1c8a0c31ff0bcd3311327ed9f36a7f315c39d7c92df3cae7ff8a3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
last-modified: Sun, 19 Apr 2020 07:48:05 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 107418
expires: Fri, 19 Jul 2024 17:12:12 GMT

GET
H2 200 windows-file-collective-acquisition-03.jpg
tsuredurediary.com/wp-content/uploads/2020/04/ 138 KB
138 KB 13ms
11ms Image
image/jpeg 183.181.90.31
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsuredurediary.com/wp-content/uploads/2020/04/windows-file-collective-acquisition-03.jpg
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.90.31 Ichikawa, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv8350.xserver.jp
Software: nginx /
Resource Hash: da12d494a30f6c21fc9116f2ba1f02865d9a253c1ab6324462fd2e797f6c6417

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
last-modified: Sun, 19 Apr 2020 07:51:06 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 141073
expires: Fri, 19 Jul 2024 17:12:12 GMT

GET
H2 200 windows-file-collective-acquisition-04.jpg
tsuredurediary.com/wp-content/uploads/2020/04/ 32 KB
32 KB 13ms
11ms Image
image/jpeg 183.181.90.31
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsuredurediary.com/wp-content/uploads/2020/04/windows-file-collective-acquisition-04.jpg
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.90.31 Ichikawa, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv8350.xserver.jp
Software: nginx /
Resource Hash: c53cba920017c50d8298d932fffe983f5374aa5f52e5c205f2750042f2157e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
last-modified: Sun, 19 Apr 2020 07:58:26 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 33028
expires: Fri, 19 Jul 2024 17:12:12 GMT

GET
H2 200 windows-file-collective-acquisition-05.jpg
tsuredurediary.com/wp-content/uploads/2020/04/ 102 KB
102 KB 13ms
11ms Image
image/jpeg 183.181.90.31
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsuredurediary.com/wp-content/uploads/2020/04/windows-file-collective-acquisition-05.jpg
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.90.31 Ichikawa, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv8350.xserver.jp
Software: nginx /
Resource Hash: 8590eddc5b177d1da785c682690b091ffa7d41b8eb894bf67e7aeb0bb3057746

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
last-modified: Sun, 19 Apr 2020 07:58:57 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 104205
expires: Fri, 19 Jul 2024 17:12:12 GMT

GET
H2 200 windows-file-collective-acquisition-06.jpg
tsuredurediary.com/wp-content/uploads/2020/04/ 39 KB
39 KB 11ms
10ms Image
image/jpeg 183.181.90.31
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsuredurediary.com/wp-content/uploads/2020/04/windows-file-collective-acquisition-06.jpg
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.90.31 Ichikawa, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv8350.xserver.jp
Software: nginx /
Resource Hash: f53f5b8a754ccfab7a60a40db3263324730b8be57f14e8aaa6def61e5f169c4e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
last-modified: Sun, 19 Apr 2020 08:04:11 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 39472
expires: Fri, 19 Jul 2024 17:12:12 GMT

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
281 B 796ms
261ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=102422&f=20&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102422&formatId=20
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
server: nginx
x-iplb-request-id: D98AFCC4:B8F8_36264064:01BB_64B96AEC_C835B17:2F08E
x-iplb-instance: 38439
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

GET
H2 200 blogmura_parts.html Show response
blogmura.com/ Frame 7AA1 4 KB
1 KB 297ms
284ms Document
text/html 54.178.169.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blogmura.com/blogmura_parts.html?chid=11052663&oldCatId=&oldSubCatId=&type=out&catId=9762

Requested by

Host: blogparts.blogmura.com
URL: https://blogparts.blogmura.com/js/parts_view.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.178.169.33 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-178-169-33.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

649da8e138bcd23dabd44032438df87593e9b863bce79f2da5ec68f918ed0d1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-language: jp-JP
content-type: text/html;charset=UTF-8
date: Thu, 20 Jul 2023 17:12:12 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: accept-encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pvcount.GIF
blogparts.blogmura.com/pts/ 1 KB
1 KB 7ms
7ms Image
image/gif 35.75.137.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogparts.blogmura.com/pts/pvcount.GIF?chid=11052663
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.75.137.85 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-75-137-85.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: cab7cf5fdcaec5cef59c098589ba78acb18018f9dd7f1ca849a14c037a29aeb8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
accept-ranges: bytes
content-length: 1101
content-type: image/gif

GET /
spl.zeotap.com/ 0
0

GET
H2 200 cmp2.js Show response
cmp.quantcast.com/tcfv2/42/ 177 KB
44 KB 3ms
2ms Script
text/javascript 2600:9000:21ee:7600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ee:7600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b471e74cabe83bf8f3da8793666d55603e3d20a72350873e27f2c75b75d5cfc2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 15:21:36 GMT
content-encoding: br
via: 1.1 0bc155b40d887df7641ec94214c25e5c.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT20-C4
age: 93037
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Tue, 05 Jul 2022 18:40:23 GMT
server: AmazonS3
etag: W/"a18627a302da47ec97015f587007f1a6"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: 3YLqyizv3YJxr8WxYaodgFJvROGZl1D2a58VJpvpZ9Ef06nSQoNPFw==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 3ms
2ms Script
text/javascript 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 04:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 219321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jul 2024 04:16:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 44ms
2ms Script
text/javascript 2404:6800:4004:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PW8KKZC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Jul 2023 16:45:14 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1618
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 20 Jul 2023 18:45:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 52ms
51ms Script
application/javascript 2404:6800:4004:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-40R5EFEG1Q&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PW8KKZC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca847092475751f850b4b08d8480d08f75fdc4c090b7879f2082a3ad311d55a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81413
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Jul 2023 17:12:12 GMT

GET
H2 200 cse_element__ja.js Show response
www.google.com/cse/static/element/827890a761694e44/ 309 KB
103 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/827890a761694e44/cse_element__ja.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-3631427856212057:egnlnm6f2vr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e08f522739129390e819b160cd81ba623477e892ac3488c94a38b955dcc0ed72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 01:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105108
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 16:35:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 18 Jul 2024 01:06:36 GMT

GET
H2 200 default+ja.css
www.google.com/cse/static/element/827890a761694e44/ 41 KB
9 KB 6ms
6ms Stylesheet
text/css 2404:6800:4004:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/827890a761694e44/default+ja.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-3631427856212057:egnlnm6f2vr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 01:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9102
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 16:35:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 18 Jul 2024 01:06:36 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 7ms
6ms Stylesheet
text/css 2404:6800:4004:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-3631427856212057:egnlnm6f2vr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 20 Jul 2023 17:56:36 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 11ms
4ms Preflight
application/json 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftsuredurediary.com%2F&domain=tsuredurediary.com&cw=1&lsw=1&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://tsuredurediary.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://tsuredurediary.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 20 Jul 2023 17:12:12 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 187301
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftsuredurediary.com%2F&domain=tsuredurediary.com&cw=1&lsw=1&gdpr=0
https://mug.criteo.com/sid?cpp=VM0R13xmaWJnT2QwZ1RjeW10b3FUM2FuajJ4Z0pXbm9Neis3QU1NeERVczRiN013cjA4MWI1MlUySXJTZk5JTG9OZE1uRVFnOEttR0hiZDlSd2VLV0ZxOWlrUTZIMGJYOEZiUDV0R254S1gvRVl3dGl1NnRMNkJ1ZGpFTn...

351 B
642 B

8ms
3ms

XHR
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=VM0R13xmaWJnT2QwZ1RjeW10b3FUM2FuajJ4Z0pXbm9Neis3QU1NeERVczRiN013cjA4MWI1MlUySXJTZk5JTG9OZE1uRVFnOEttR0hiZDlSd2VLV0ZxOWlrUTZIMGJYOEZiUDV0R254S1gvRVl3dGl1NnRMNkJ1ZGpFTndQb0lvVHJFTDgwMTl2N1lMOFVzU1VPd0h4S0U4SVY1NUVUSk8wTmtYS2xDbHBYWmZVMHNmbThld3NiU3hDUm8wTDNTWFlQVlZLZ2xEblpjMkd6WmxYb2pmVDNJRHFFbTBkS1dpVlRxd2xkWldLcVhYUVUwPXw&cppv=2

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

f71859495a05cd60f5da0babbb281b31a5d33858502e7e24c815338ccdf30955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:12 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 592530
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
access-control-allow-origin: https://tsuredurediary.com
location: https://mug.criteo.com/sid?cpp=VM0R13xmaWJnT2QwZ1RjeW10b3FUM2FuajJ4Z0pXbm9Neis3QU1NeERVczRiN013cjA4MWI1MlUySXJTZk5JTG9OZE1uRVFnOEttR0hiZDlSd2VLV0ZxOWlrUTZIMGJYOEZiUDV0R254S1gvRVl3dGl1NnRMNkJ1ZGpFTndQb0lvVHJFTDgwMTl2N1lMOFVzU1VPd0h4S0U4SVY1NUVUSk8wTmtYS2xDbHBYWmZVMHNmbThld3NiU3hDUm8wTDNTWFlQVlZLZ2xEblpjMkd6WmxYb2pmVDNJRHFFbTBkS1dpVlRxd2xkWldLcVhYUVUwPXw&cppv=2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 235162
content-length: 0
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 134 B
546 B 732ms
242ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tsuredurediary.com
date: Thu, 20 Jul 2023 17:12:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1014 B 19ms
8ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 17:12:12 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Tue, 06 Jun 2023 12:52:55 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 585867
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMSBHhyrmZpxAMnGyT7hosSo3cwszW1b9MAiJhpHx7S2pQ2Mz738ThvrVjeptcxh6puflOmzr4tXUBjwZ%2FVDeVtgO56SELXqnYS8SLV7fv6yD6TDxwFyRUklr1MtQrowjbQI1cB3h5BAunlc"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7e9cd3e47b6f25e9-NRT

GET
H2 200 dxracer-summary-eyecatch-120x68.jpg
tsuredurediary.com/wp-content/uploads/2020/04/ 7 KB
7 KB 11ms
11ms Image
image/jpeg 183.181.90.31
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsuredurediary.com/wp-content/uploads/2020/04/dxracer-summary-eyecatch-120x68.jpg
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.90.31 Ichikawa, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv8350.xserver.jp
Software: nginx /
Resource Hash: a004ac904e3e2ed19c08508084f2dfbc60cfbb54a3f8e5a4ef55a24dc213dfe9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
last-modified: Sat, 11 Apr 2020 04:55:28 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 7127
expires: Fri, 19 Jul 2024 17:12:12 GMT

GET
H2 200 anime-vod-eyecatch-120x68.jpg
tsuredurediary.com/wp-content/uploads/2020/04/ 2 KB
3 KB 11ms
11ms Image
image/jpeg 183.181.90.31
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsuredurediary.com/wp-content/uploads/2020/04/anime-vod-eyecatch-120x68.jpg
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.90.31 Ichikawa, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv8350.xserver.jp
Software: nginx /
Resource Hash: ce0b0a955544e973f333d1de0b8c96fac4377fc43a2332bbbbbb18f283dc2116

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
last-modified: Fri, 10 Apr 2020 14:37:09 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2461
expires: Fri, 19 Jul 2024 17:12:12 GMT

GET
H2 200 sports-shojo-manga-complete-eyecatch-120x68.jpg
tsuredurediary.com/wp-content/uploads/2020/12/ 3 KB
3 KB 12ms
12ms Image
image/jpeg 183.181.90.31
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsuredurediary.com/wp-content/uploads/2020/12/sports-shojo-manga-complete-eyecatch-120x68.jpg
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.90.31 Ichikawa, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv8350.xserver.jp
Software: nginx /
Resource Hash: a27537e44079dbf5769ac40175ef0993adbe7bd036e9a68f948c8883d6ce70b2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
last-modified: Tue, 29 Dec 2020 15:16:58 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3208
expires: Fri, 19 Jul 2024 17:12:12 GMT

GET
H2 200 sports-shonen-manga-complete-eyecatch-120x68.jpg
tsuredurediary.com/wp-content/uploads/2020/12/ 3 KB
3 KB 12ms
11ms Image
image/jpeg 183.181.90.31
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsuredurediary.com/wp-content/uploads/2020/12/sports-shonen-manga-complete-eyecatch-120x68.jpg
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.90.31 Ichikawa, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv8350.xserver.jp
Software: nginx /
Resource Hash: bc41c1f428cd3c4a53a839610d11125851bff294352168746889b6323eee9b3b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
last-modified: Tue, 29 Dec 2020 15:16:45 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2658
expires: Fri, 19 Jul 2024 17:12:12 GMT

GET
H2 200 poicwater-eyecatch-120x68.jpg
tsuredurediary.com/wp-content/uploads/2019/08/ 2 KB
2 KB 12ms
11ms Image
image/jpeg 183.181.90.31
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsuredurediary.com/wp-content/uploads/2019/08/poicwater-eyecatch-120x68.jpg
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.90.31 Ichikawa, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv8350.xserver.jp
Software: nginx /
Resource Hash: debb78074e635121207620b4ac145d147eafdb99cf8aa5834b0ca7917c7a0762

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
last-modified: Mon, 05 Aug 2019 13:39:09 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2340
expires: Fri, 19 Jul 2024 17:12:12 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 16ms
2ms Preflight
application/json 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 20 Jul 2023 17:12:11 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 163897
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/ 429 KB
172 KB 45ms
3ms Script
text/javascript 2404:6800:4004:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:808::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd432513d3a681e07e07cf97654374c3e868e7269f16a8b126929b0f0b7b6894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Origin: https://tsuredurediary.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 16:13:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175963
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 01:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Jul 2024 16:13:36 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c605435cf38a1203dbe0d6df863d52ff200c0befe3858d1cdbef25e20ad1212

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 934 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cea95cc321529b0eb81568e6979b4aa0bc34676398340b25249703cbeba40675

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
19 KB 53ms
3ms Script
application/javascript 2600:140b:1a00:3b0::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1a00:3b0::1931 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "3725764cf05d1a0938de73d398772331"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=148
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 18679

GET
H/1.1 200
OK s Show response
kvt.sddan.com/api/v1/public/p/29567/d/50/ 507 B
659 B 760ms
257ms XHR
application/json 51.158.29.12
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.158.29.12 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

kube-rr.sirdata.fr

Software

nginx/1.20.2 /

Resource Hash

8390bd7de281c9f9f71e063b6f7ef73b02297c9fa9e971fd7b1bbbdee423048e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 20 Jul 2023 17:12:12 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tsuredurediary.com
Cache-Control: private, max-age=60
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: content-type

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
210 B 40ms
40ms XHR
text/plain 2404:6800:4004:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=371668149&t=pageview&_s=1&dl=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&ul=en-us&de=UTF-8&dt=%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB%E3%82%84%E3%83%95%E3%82%A9%E3%83%AB%E3%83%80%E3%83%BC%E5%90%8D%E3%82%92%E4%B8%80%E8%A6%A7%E3%81%A7%E4%B8%80%E6%8B%AC%E5%8F%96%E5%BE%97%E3%81%99%E3%82%8B%E6%96%B9%E6%B3%95%20%7C%20%E3%81%A8%E3%81%82%E3%82%8B%E3%82%AA%E3%82%BF%E3%82%AF%E3%81%AE%E5%BE%92%E7%84%B6%E6%97%A5%E8%A8%98&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=210307164&gjid=1320124839&cid=2071532570.1689873132&tid=UA-126525324-1&_gid=937606763.1689873132&_r=1&_slc=1&gtm=45He37h0n81PW8KKZC&z=1496350797

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tsuredurediary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/ 357 KB
123 KB 103ms
62ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076208

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3631427856212057

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7d3aeb288cc7eb5b232b5b7adaf3baa06c0a6d4d4eeec25d7de627591f0fa3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125684
x-xss-protection: 0
server: cafe
etag: 2148282086198110061
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:12:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230718/r20190131/ Frame 0F22 10 KB
5 KB 79ms
2ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230718/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3631427856212057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 24197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 10:28:55 GMT
etag: 12368291122986407432
expires: Thu, 03 Aug 2023 10:28:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 2ms
1ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=163170538&post=1897&tz=9&srv=tsuredurediary.com&j=1%3A12.3&host=tsuredurediary.com&ref=&fcp=622&rand=0.04817138547622846
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 20 Jul 2023 17:12:12 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 91D4 320 KB
104 KB 3ms
2ms Document
text/html 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Ftsuredurediary.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/7318) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 7155591
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Thu, 20 Jul 2023 17:12:12 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (tkb/7318)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 bf.png
a.imgvc.com/i/ 107 B
319 B 10ms
3ms Image
image/png 52.193.196.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.imgvc.com/i/bf.png?v=1
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.193.196.125 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-193-196-125.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 14eb4b5c219ce81f5010d833ee7048a18fbfd9aa8a38d0d2016bf2c74c15f48c

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Origin: https://tsuredurediary.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
last-modified: Wed, 09 May 2018 15:00:00 GMT
server: nginx
front-end-https: on
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=63072000, private
content-length: 107
expires: Sat, 19 Jul 2025 17:12:12 GMT

GET
H/1.1

200

10.gif
id5-sync.com/c/12/123/0/
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=9fa15752-811e-4e1a-9968-2f6499bac335&ttl=%%TTL%%
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-f184ot-DU2rnurZTXtE28tvqZpTA5VjwgE7tMLkXzQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gd...
https://id5-sync.com/c/12/3/7/3.gif?puid=74a464b9-6aed-4200-8735-dcc69b1c41c3&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F6%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_cons...
https://id5-sync.com/c/12/108/6/4.gif?puid=eb972ec4-bd73-4a82-b320-6f31bc0f5988&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/5/5.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/12/2/5/5.gif?puid=6041145649349111353&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-f184ot-DU2rnurZTXtE28tvqZpTA5VjwgE7tMLkXzQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F4%2F6.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gd...
https://id5-sync.com/c/12/3/4/6.gif?puid=74a464b9-6aed-4200-8735-dcc69b1c41c3&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_cons...
https://id5-sync.com/c/12/108/3/7.gif?puid=eb972ec4-bd73-4a82-b320-6f31bc0f5988&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/12/19/2/8.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
https://id5-sync.com/c/12/19/2/8.gif?puid=4426a39f9efef60f1e7e12323d1f6fb3&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F1%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_cons...
https://id5-sync.com/c/12/108/1/9.gif?puid=eb972ec4-bd73-4a82-b320-6f31bc0f5988&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F123%2F0%2F10.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/12/123/0/10.gif?puid=1897449b7fb-43610000010e5c10&gdpr=0&gdpr_consent=

43 B
2 KB

261ms
260ms

Image
image/gif

162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/12/123/0/10.gif?puid=1897449b7fb-43610000010e5c10&gdpr=0&gdpr_consent=

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

HTTP/1.1

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Thu, 20 Jul 2023 17:12:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/12/123/0/10.gif?puid=1897449b7fb-43610000010e5c10&gdpr=0&gdpr_consent=
Date: Thu, 20 Jul 2023 17:12:16 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1 200
OK parts.2.02.css
blog.with2.net/parts/2.0/css/ 7 KB
2 KB 21ms
21ms Stylesheet
text/css 153.120.49.89
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.with2.net/parts/2.0/css/parts.2.02.css
Requested by: Host: blog.with2.net
URL: https://blog.with2.net/parts/2.0/?id=2040419:E9b3cHvr/WM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 153.120.49.89 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www35.with2.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d0006a87f68b26d4775b6d118939f02cb694e787fe4e94cd1248bd46a17b3364

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 17:12:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Dec 2018 06:47:20 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "4c60f1-1d78-57d6e808aae00"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 1861

GET
H/1.1 200
OK logo_blogparts_26x130.png
blog.with2.net/parts/img/ 3 KB
3 KB 37ms
20ms Image
image/png 153.120.49.89
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.with2.net/parts/img/logo_blogparts_26x130.png
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 153.120.49.89 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www35.with2.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a6385fd389127baaf589b604b0573565a85e4c660e20a4e7307c964d5046da50

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 17:12:12 GMT
Last-Modified: Thu, 26 Jun 2014 09:25:12 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "4c6152-a61-4fcb9c50dae00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 2657

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 143 KB
53 KB 68ms
68ms Script
text/javascript 2404:6800:4004:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/827890a761694e44/cse_element__ja.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd777b6ebf16470ccc1864f87fc520fba71e00f5e0175f3c6d6ce223aba1b447

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "3757123202153902361"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Thu, 20 Jul 2023 17:12:12 GMT

GET
H3 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 3ms
2ms Image
image/png 2404:6800:4004:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/827890a761694e44/default+ja.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/cse/static/element/827890a761694e44/default+ja.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 05:51:49 GMT
x-content-type-options: nosniff
age: 472823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 14 Jul 2024 05:51:49 GMT

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/ja/ 1 KB
1 KB 2ms
2ms Image
image/png 2404:6800:4004:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/ja/branding.png

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6546570d77534cf5fdf2b983c4b5c4b82aee432543271aeb64be42b9eb928180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 09:18:18 GMT
x-content-type-options: nosniff
age: 460434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1283
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 17:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 14 Jul 2024 09:18:18 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
117 B 86ms
2ms Image
text/plain 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
23 KB 18ms
13ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 17:12:12 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1134543
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 12:52:54 GMT
Server: cloudflare
ETag: W/"845b176368f98c92daf7aa531dcbc491"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAYUw0edaN80LBFaDwKwZLGZpcCev3Ng7v%2Bop9%2BrF6JZXKAOuhWaC4JivaCmJyDGyLsTaT1SofXJ0vvjvQ6C4WQyAUM8qTNTyW7ycs9TIg1kwnpk%2Fsi9IcwRQkc14HNUQvAHNTV036gK57M1"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7e9cd3e56a852635-NRT

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
924 B 951ms
234ms XHR
application/x-javascript 52.31.38.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.38.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-38-175.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 17:12:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Jul 2023 17:12:13 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://tsuredurediary.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-cache="set-cookie"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 40ms
40ms Ping
text/plain 2404:6800:4004:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-40R5EFEG1Q&gtm=45je37h0&_p=371668149&cid=2071532570.1689873132&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689873132&sct=1&seg=0&dl=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&dt=%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB%E3%82%84%E3%83%95%E3%82%A9%E3%83%AB%E3%83%80%E3%83%BC%E5%90%8D%E3%82%92%E4%B8%80%E8%A6%A7%E3%81%A7%E4%B8%80%E6%8B%AC%E5%8F%96%E5%BE%97%E3%81%99%E3%82%8B%E6%96%B9%E6%B3%95%20%7C%20%E3%81%A8%E3%81%82%E3%82%8B%E3%82%AA%E3%82%BF%E3%82%AF%E3%81%AE%E5%BE%92%E7%84%B6%E6%97%A5%E8%A8%98&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-40R5EFEG1Q&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:81f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tsuredurediary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK app3 Show response
dalc.valuecommerce.com/ 2 KB
2 KB 32ms
5ms Script
application/javascript 210.140.225.92
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL

https://dalc.valuecommerce.com/app3?p=886427584&_s=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&vf=iVBORw0KGgoAAAANSUhEUgAAAAMAAAADCAYAAABWKLW%2FAAAAAXNSR0IArs4c6QAAADBJREFUGFdjZBRj%2BJ%2B8OIuhw302A2POu5v%2F5fheMzS02TAwPuZq%2Bi8bfIxh%2F%2BIdDAAZ%2BA89HivnHQAAAABJRU5ErkJggg%3D%3D

Requested by

Host: aml.valuecommerce.com
URL: https://aml.valuecommerce.com/vcdal.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.140.225.92 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),

Reverse DNS

210-140-225-92.newton.jp-east.compute.idcfcloud.net

Software

nginx /

Resource Hash

3ceae6ff9f106d9606903189b3834015d581b541bd91d8f877e857dc75029c50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
x-content-type-options: nosniff
server: nginx
front-end-https: on
p3p: CP="ALL DSP COR CURa OUR BUS"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8;
cache-control: private, max-age=0, no-cache
content-length: 1945

GET
H2 200 blogparts-bb5b9fff05c8cf02479d0d927c486145.css
static.blogmura.com/css/ Frame 7AA1 2 KB
1 KB 20ms
3ms Stylesheet
text/css 13.227.62.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.blogmura.com/css/blogparts-bb5b9fff05c8cf02479d0d927c486145.css

Requested by

Host: blogmura.com
URL: https://blogmura.com/blogmura_parts.html?chid=11052663&oldCatId=&oldSubCatId=&type=out&catId=9762

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.62.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-62-60.nrt20.r.cloudfront.net

Software

Resource Hash

b741ae83cb94d6035e40a0983a9f24708416585dbc00912daba74d1e0e4855a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blogmura.com/blogmura_parts.html?chid=11052663&oldCatId=&oldSubCatId=&type=out&catId=9762
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 10:27:19 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: NRT20-C4
age: 1406693
via: 1.1 37b615a846dba1c97d39060948e141ec.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 22 Jun 2023 00:55:42 GMT
etag: W/"bb5b9fff05c8cf02479d0d927c486145"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: dPErBMwZ3CiQ0W7uWcd6M9pAS5gDBl_Qx6SBjiqc41klZP01Za9mGw==

GET
H2 200 125_41_nf.gif
b.blogmura.com/ Frame 7AA1 1 KB
1 KB 37ms
19ms Image
image/gif 13.227.62.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.blogmura.com/125_41_nf.gif
Requested by: Host: blogmura.com
URL: https://blogmura.com/blogmura_parts.html?chid=11052663&oldCatId=&oldSubCatId=&type=out&catId=9762
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.62.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-62-70.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f210d8ce81c03f90460256b6a1e600814f02739e858ad2c0839d42fb458b4e94

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blogmura.com/blogmura_parts.html?chid=11052663&oldCatId=&oldSubCatId=&type=out&catId=9762
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:13 GMT
via: 1.1 7fbaa913bab65181c43baa72d85e3d8c.cloudfront.net (CloudFront)
last-modified: Thu, 28 Mar 2019 07:53:38 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C4
etag: "b500ba6b25a636fde3efe5aceb25319a"
x-cache: RefreshHit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 1088
x-amz-cf-id: ZsS50PGGdm9DscR5zlYvRTlBuL40YCgshV4WADuzr4WC99J_sQoBng==
expires: Sat, 28 Mar 2020 07:49:09 GMT

GET
H/1.1 200
OK icon_br_crown_18x14.png
blog.with2.net/parts/2.0/img/ 313 B
604 B 20ms
19ms Image
image/png 153.120.49.89
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.with2.net/parts/2.0/img/icon_br_crown_18x14.png
Requested by: Host: blog.with2.net
URL: https://blog.with2.net/parts/2.0/css/parts.2.02.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 153.120.49.89 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www35.with2.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8cf6b0ea38e65bd94401db5eebd6949b56fee5f488ce95bb36703e45755a6b62

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.with2.net/parts/2.0/css/parts.2.02.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 17:12:12 GMT
Last-Modified: Thu, 26 Jun 2014 07:50:30 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "4c6119-139-4fcb872613d80"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 313

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 91D4 870 B
659 B 110ms
103ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=eac0a2cdb81cf6d3cb47e4a72ac16a282afeb4ea

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Ftsuredurediary.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-response-time: 100
date: Thu, 20 Jul 2023 17:12:12 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Thu, 20 Jul 2023 17:12:12 GMT
server: tsa_m
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 28e5a4a959b05f6c
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 7de1592075e0bfe075034f8b2b76f176d64146c4486e21ca21704c1f4805e96f
content-length: 338

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
1 KB 34ms
2ms Script
application/javascript 2600:9000:21ee:9600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ee:9600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 16:51:19 GMT
content-encoding: gzip
via: 1.1 9a4e1846c6e75906d748bf1a4ae650c6.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT20-C4
age: 1253
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:35:53 GMT
server: AmazonS3
etag: W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: 0f2ZSqpo8_bNJ0V_eV7PDRTOprjyBlnFkv6l7p-0dYrBJtiD2jgT8Q==

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 14FE 50 KB
27 KB 89ms
89ms Document
text/html 2404:6800:4004:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeHF-cUAAAAAMF_P2xuphXtDMO_2kHFmDBj1Ah9&co=aHR0cHM6Ly90c3VyZWR1cmVkaWFyeS5jb206NDQz&hl=en&v=iRvKkcsnpNcOYYwhqaQxPITz&size=invisible&badge=inline&cb=eht2vxh1wrio

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

62fdc6b87090924749b6d2917626e9869afbdfd5e0e2724bdf23c727ad1e4cbb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CCz3_uXWhMv2KWDZ4v_MAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27911
content-security-policy: script-src 'report-sample' 'nonce-CCz3_uXWhMv2KWDZ4v_MAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 17:12:12 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
605 B 92ms
41ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tsuredurediary.com&callback=_gfp_s_&client=ca-pub-3631427856212057

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

868f72de62889d041137bc96fb5774b8b38d4c79cb161e1afd95d02b24f321a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 87ms
36ms Script
application/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tsuredurediary.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A902 346 KB
77 KB 588ms
588ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&adk=1812271804&adf=3025194257&lmt=1689873132&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873132304&bpp=7&bdt=403&idt=226&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8005487011791&frm=20&pv=2&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=248

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a9c7c5e3556471a142171bfeb8aea206db815dc71cb75dea6e4c9fd71e58980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 78730
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 17:12:13 GMT
expires: Thu, 20 Jul 2023 17:12:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK b3
dalb.valuecommerce.com/ 43 B
326 B 32ms
7ms Image
image/gif 210.140.225.181
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dalb.valuecommerce.com/b3?twitter.com%2Fintent=1&www.facebook.com%2Fsharer=1&b.hatena.ne.jp%2Fentry=1&getpocket.com%2Fedit=1&timeline.line.me%2Fsocial-plugin=1&twitter.com%2Fsyo65932553=2&www.pinterest.jp%2Fsyo_tsuredurediary=1&feedly.com%2Fi=1&px.a8.net%2Fsvt=2&blog.with2.net%2Flink.php=2&blog.with2.net%2Fwelcome=1&_p=886427584&_r=ZLlq7AAG_tLZivzEwKhvIsCob2RYow&_t=64b96aec&_du=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.140.225.181 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),

Reverse DNS

210-140-225-181.newton.jp-east.compute.idcfcloud.net

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
x-content-type-options: nosniff
server: nginx
front-end-https: on
p3p: CP="ALL DSP COR CURa OUR BUS"
access-control-allow-origin: *
content-type: image/gif
cache-control: private, max-age=0, no-cache
content-length: 43

GET
H2 200 pixel;r=149086549;labels=Categories.business;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html;uht=2;fpan=1;fpa=P0-749657837-16898731...
pixel.quantserve.com/ 35 B
371 B 76ms
70ms Image
image/gif 2620:116:800e:21:36b5:1576:d999:6e52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=149086549;labels=Categories.business;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html;uht=2;fpan=1;fpa=P0-749657837-1689873132465;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;us_privacy=1---;ref=;d=tsuredurediary.com;dst=0;et=1689873132557;tzo=0;ogl=type.article%2Cdescription.%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB%E3%81%AE%E5%90%8D%E5%89%8D%E3%82%92Excel%E7%AD%89%E3%81%A7%E4%B8%80%E8%A6%A7%E5%8C%96%E3%81%97%E3%81%9F%E3%81%84%E6%99%82%E3%81%AF%E3%81%82%E3%82%8A%E3%81%BE%E3%81%9B%E3%82%93%E3%81%8B%E3%80%82%E7%B0%A1%E5%8D%98%E3%81%AB%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB%E5%90%8D%E3%81%AE%E4%B8%80%E8%A6%A7%E3%82%92%E5%8F%96%E5%BE%97%E3%81%99%E3%82%8B%E6%96%B9%E6%B3%95%E3%82%92%E7%B4%B9%E4%BB%8B%E3%81%97%E3%81%BE%E3%81%99%E3%80%82%2Ctitle.%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB%E3%82%84%E3%83%95%E3%82%A9%E3%83%AB%E3%83%80%E3%83%BC%E5%90%8D%E3%82%92%E4%B8%80%E8%A6%A7%E3%81%A7%E4%B8%80%E6%8B%AC%E5%8F%96%E5%BE%97%E3%81%99%E3%82%8B%E6%96%B9%E6%B3%95%2Curl.https%3A%2F%2Ftsuredurediary%252Ecom%2Farchives%2Fwindows-file-collective-acquisition%252Ehtml%2Cimage.https%3A%2F%2Ftsuredurediary%252Ecom%2Fwp-content%2Fuploads%2F2020%2F04%2Fwindows-file-collective-ac%2Csite_name.%E3%81%A8%E3%81%82%E3%82%8B%E3%82%AA%E3%82%BF%E3%82%AF%E3%81%AE%E5%BE%92%E7%84%B6%E6%97%A5%E8%A8%98%2Clocale.ja_JP;ses=0f11178d-42f4-43ef-8399-02628fff2329;mdl=

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:36b5:1576:d999:6e52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C665 103 KB
37 KB 368ms
368ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&slotname=5999777542&adk=2441125790&adf=337528958&pi=t.ma~as.5999777542&w=800&fwrn=4&fwrnh=100&lmt=1689873132&rafmt=1&format=800x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873132311&bpp=2&bdt=410&idt=249&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=290&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4ayBZk0gYE&p=https%3A//tsuredurediary.com&dtd=252

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb9a7c6064d599210a9d4bef55ef2531d7ebd5798d0035aa21c692e67b7da907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37391
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 17:12:12 GMT
expires: Thu, 20 Jul 2023 17:12:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D7AC 102 KB
36 KB 371ms
370ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&slotname=5999777542&adk=2441125790&adf=1309820814&pi=t.ma~as.5999777542&w=800&fwrn=4&fwrnh=100&lmt=1689873132&rafmt=3&format=800x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873132313&bpp=1&bdt=413&idt=278&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280&nras=1&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3c86yLlhXQ&p=https%3A//tsuredurediary.com&dtd=282

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076208

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c0538742a93b69e01aab93de5501c31c1f4dcbf1e8ad7ba92363d05830ce6c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36913
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 17:12:12 GMT
expires: Thu, 20 Jul 2023 17:12:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200 102.json Show response
id5-sync.com/g/v2/ 600 B
1 KB 516ms
262ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/102.json

Requested by

Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

28dd0c47b8d9e386fcc8f7c4fc3a3b6c592263cb31e8adab65a1e65e3efb026e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://tsuredurediary.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/ Frame 14FE 55 KB
24 KB 44ms
3ms Stylesheet
text/css 2404:6800:4004:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeHF-cUAAAAAMF_P2xuphXtDMO_2kHFmDBj1Ah9&co=aHR0cHM6Ly90c3VyZWR1cmVkaWFyeS5jb206NDQz&hl=en&v=iRvKkcsnpNcOYYwhqaQxPITz&size=invisible&badge=inline&cb=eht2vxh1wrio

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 16:13:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 01:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Jul 2024 16:13:38 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/ Frame 14FE 429 KB
172 KB 45ms
4ms Script
text/javascript 2404:6800:4004:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd432513d3a681e07e07cf97654374c3e868e7269f16a8b126929b0f0b7b6894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 16:13:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175963
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 01:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Jul 2024 16:13:36 GMT

GET
H/1.1 200
OK button.e7f9415a2e000feaab02c86dd5802747.js Show response
platform.twitter.com/js/ 8 KB
3 KB 2ms
2ms Script
application/javascript 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/7316) /
Resource Hash: ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 17:12:12 GMT
Content-Encoding: gzip
Age: 7155592
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2618
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
Server: ECS (tkb/7316)
Etag: "506673dbdb9085e7201e137e893cc152+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 02A4 436 B
236 B 158ms
157ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=600&slotname=5999777542&adk=3248931287&adf=2872259201&pi=t.ma~as.5999777542&w=300&fwrn=4&fwrnh=100&lmt=1689873132&rafmt=4&format=300x600&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873132315&bpp=1&bdt=415&idt=305&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280%2C800x280&nras=1&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1090&ady=3619&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=9sysdy3cCQ&p=https%3A//tsuredurediary.com&dtd=307

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076208

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ae64c6c87ab85212ffd77a9c670f5b0a59b30e7bcf16721eef36a6c2a746547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 17:12:12 GMT
expires: Thu, 20 Jul 2023 17:12:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK follow_button.2b2d73daf636805223fb11d48f3e94f7.ja.html Show response
platform.twitter.com/widgets/ Frame 00F5 41 KB
16 KB 2ms
2ms Document
text/html 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/7316) /
Resource Hash: f58ff080a3ce16e8ee14cc35712c523e75d7921a2413592ba5c05445f48918e7

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 7155592
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 15386
Content-Type: text/html; charset=utf-8
Date: Thu, 20 Jul 2023 17:12:12 GMT
Etag: "cff8037c5e13eb5fc747773960832254+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:08 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (tkb/7316)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
104 B 109ms
109ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22syo65932553%22%2C%22widget_creator_screen_name%22%3A%22syo65932553%22%2C%22language%22%3A%22ja%22%2C%22message%22%3A%22l%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1689873132638%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=eac0a2cdb81cf6d3cb47e4a72ac16a282afeb4ea

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-response-time: 106
date: Thu, 20 Jul 2023 17:12:12 GMT
strict-transport-security: max-age=631138519
last-modified: Thu, 20 Jul 2023 17:12:12 GMT
server: tsa_m
vary: Origin
content-type: image/gif
x-transaction-id: 30beb6104b384cca
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 7de1592075e0bfe075034f8b2b76f176d64146c4486e21ca21704c1f4805e96f
content-length: 43

GET
DATA 200
OK truncated
/ Frame 00F5 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 14FE 2 KB
2 KB 3ms
3ms Image
image/png 2404:6800:4004:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 14:16:28 GMT
x-content-type-options: nosniff
age: 442544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 22 Jul 2023 14:16:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 14FE 15 KB
15 KB 45ms
3ms Font
font/woff2 2404:6800:4004:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 06:13:11 GMT
x-content-type-options: nosniff
age: 471541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 06:13:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 14FE 15 KB
16 KB 45ms
3ms Font
font/woff2 2404:6800:4004:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 00:17:05 GMT
x-content-type-options: nosniff
age: 233707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jul 2024 00:17:05 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 14FE 102 B
132 B 70ms
70ms Other
text/javascript 2404:6800:4004:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=iRvKkcsnpNcOYYwhqaQxPITz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ce580090d2befdbfe1545ca10b1f2a989634678929df7aa5490d63b3a06c6ba0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeHF-cUAAAAAMF_P2xuphXtDMO_2kHFmDBj1Ah9&co=aHR0cHM6Ly90c3VyZWR1cmVkaWFyeS5jb206NDQz&hl=en&v=iRvKkcsnpNcOYYwhqaQxPITz&size=invisible&badge=inline&cb=eht2vxh1wrio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 1; mode=block
expires: Thu, 20 Jul 2023 17:12:12 GMT

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
578 B 216ms
70ms XHR
application/json 103.43.90.179
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12770/px.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.179 , Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:13 GMT
an-x-request-uuid: 2aeeea9a-047a-4670-83bd-ecfb4cc48dc7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tsuredurediary.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.138.252.196; 217.138.252.196; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
545 B 20ms
6ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=0fkciot&fmt=json
Requested by: Host: p.cpx.to
URL: https://p.cpx.to/p/12770/px.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 201243ad2ec86a92e07c4dd5130ad33f2b270a1d8c3c0bce4fdf74fcb0cc3e00

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tsuredurediary.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sat, 19 Aug 2023 17:12:12 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C665 1 KB
413 B 96ms
46ms Stylesheet
text/css 2404:6800:4004:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%83%B3%E3%82%B5%E5%9E%8B%E3%83%AA%E4%BC%9A%E3%83%87%E3%82%B7%E3%82%AF%E8%B3%87%E6%A0%AA%E3%83%9C%E3%82%B9%E3%81%8F%E6%96%99%E5%88%B6%E3%83%A7%E9%96%8B%E3%83%96%E5%BC%8F%E3%83%97%E3%83%8E%E4%BD%9C%E7%A4%BE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&slotname=5999777542&adk=2441125790&adf=337528958&pi=t.ma~as.5999777542&w=800&fwrn=4&fwrnh=100&lmt=1689873132&rafmt=1&format=800x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873132311&bpp=2&bdt=410&idt=249&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=290&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4ayBZk0gYE&p=https%3A//tsuredurediary.com&dtd=252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb9b3110a0fe5d5e717e07d05d30ce3c871dd0f081ff3d48a2f15fd2881c59ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Jul 2023 17:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 17:12:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jul 2023 17:12:13 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
405 B 739ms
245ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

335c016fc016204d80dfb3e96283e4ac900db4fba0b99d3cbad589204d0349bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tsuredurediary.com
date: Thu, 20 Jul 2023 17:12:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ Frame D7AC 1 KB
772 B 55ms
42ms Stylesheet
text/css 2404:6800:4004:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%83%8E%E9%96%8B%E3%82%B5%E3%83%B3%E5%9E%8B%E3%83%AA%E4%BD%9C%E6%A0%AA%E3%82%B9%E3%83%87%E6%96%99%E3%82%B7%E3%82%AF%E5%88%B6%E8%B3%87%E3%83%A7%E5%BC%8F%E3%83%9C%E4%BC%9A%E3%81%8F%E7%A4%BE%E3%83%96%E3%83%97

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&slotname=5999777542&adk=2441125790&adf=1309820814&pi=t.ma~as.5999777542&w=800&fwrn=4&fwrnh=100&lmt=1689873132&rafmt=3&format=800x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873132313&bpp=1&bdt=413&idt=278&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280&nras=1&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3c86yLlhXQ&p=https%3A//tsuredurediary.com&dtd=282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb9b3110a0fe5d5e717e07d05d30ce3c871dd0f081ff3d48a2f15fd2881c59ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Jul 2023 17:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 17:12:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jul 2023 17:12:13 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame D7AC 2 KB
972 B 55ms
8ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&slotname=5999777542&adk=2441125790&adf=1309820814&pi=t.ma~as.5999777542&w=800&fwrn=4&fwrnh=100&lmt=1689873132&rafmt=3&format=800x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873132313&bpp=1&bdt=413&idt=278&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280&nras=1&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3c86yLlhXQ&p=https%3A//tsuredurediary.com&dtd=282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 14:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 14:56:41 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/ Frame D7AC 23 KB
9 KB 44ms
7ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&slotname=5999777542&adk=2441125790&adf=1309820814&pi=t.ma~as.5999777542&w=800&fwrn=4&fwrnh=100&lmt=1689873132&rafmt=3&format=800x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873132313&bpp=1&bdt=413&idt=278&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280&nras=1&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3c86yLlhXQ&p=https%3A//tsuredurediary.com&dtd=282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:29:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 02:29:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame D7AC 3 KB
1 KB 46ms
8ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&slotname=5999777542&adk=2441125790&adf=1309820814&pi=t.ma~as.5999777542&w=800&fwrn=4&fwrnh=100&lmt=1689873132&rafmt=3&format=800x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873132313&bpp=1&bdt=413&idt=278&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280&nras=1&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3c86yLlhXQ&p=https%3A//tsuredurediary.com&dtd=282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:29:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 02:29:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame D7AC 20 KB
9 KB 52ms
5ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&slotname=5999777542&adk=2441125790&adf=1309820814&pi=t.ma~as.5999777542&w=800&fwrn=4&fwrnh=100&lmt=1689873132&rafmt=3&format=800x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873132313&bpp=1&bdt=413&idt=278&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280&nras=1&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3c86yLlhXQ&p=https%3A//tsuredurediary.com&dtd=282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:29:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 02:29:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D7AC 179 KB
57 KB 92ms
45ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&slotname=5999777542&adk=2441125790&adf=1309820814&pi=t.ma~as.5999777542&w=800&fwrn=4&fwrnh=100&lmt=1689873132&rafmt=3&format=800x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873132313&bpp=1&bdt=413&idt=278&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280&nras=1&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3c86yLlhXQ&p=https%3A//tsuredurediary.com&dtd=282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:12:13 GMT

GET
H3 200 db0cdd5d6449829815370f69ba3f47bd.js Show response
www.gstatic.com/mysidia/ Frame D7AC 33 KB
14 KB 4ms
3ms Script
text/javascript 2404:6800:4004:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&slotname=5999777542&adk=2441125790&adf=1309820814&pi=t.ma~as.5999777542&w=800&fwrn=4&fwrnh=100&lmt=1689873132&rafmt=3&format=800x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873132313&bpp=1&bdt=413&idt=278&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280&nras=1&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3c86yLlhXQ&p=https%3A//tsuredurediary.com&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 08:08:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14165
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 20:37:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 08:08:53 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame C665 2 KB
926 B 41ms
9ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 14:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 14:56:41 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/ Frame C665 23 KB
9 KB 37ms
7ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:29:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 02:29:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame C665 3 KB
1 KB 36ms
6ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:29:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 02:29:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame C665 20 KB
8 KB 35ms
6ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:29:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 02:29:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C665 179 KB
56 KB 116ms
87ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:12:13 GMT

GET
H3 200 db0cdd5d6449829815370f69ba3f47bd.js Show response
www.gstatic.com/mysidia/ Frame C665 33 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4004:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 08:08:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14165
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 20:37:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 08:08:53 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10862774453803880271/ Frame C665 24 KB
24 KB 38ms
10ms Image
image/jpeg 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10862774453803880271/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86fb3f68d0a2c5156c64955419f8381e49641dee0108c075f82e6ceddcde712b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 22:39:04 GMT
x-content-type-options: nosniff
age: 585189
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24166
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 09:40:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 12 Jul 2024 22:39:04 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1934961443783810622/ Frame C665 2 KB
2 KB 37ms
9ms Image
image/png 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1934961443783810622/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb31e6a62a23afa4ca7c081323166028f7737ae96bd342c7748e234edd6c5954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 21:57:11 GMT
x-content-type-options: nosniff
age: 414902
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1774
x-xss-protection: 0
last-modified: Mon, 25 Jul 2022 02:14:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 14 Jul 2024 21:57:11 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10862774453803880271/ Frame D7AC 24 KB
24 KB 26ms
9ms Image
image/jpeg 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10862774453803880271/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&slotname=5999777542&adk=2441125790&adf=1309820814&pi=t.ma~as.5999777542&w=800&fwrn=4&fwrnh=100&lmt=1689873132&rafmt=3&format=800x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873132313&bpp=1&bdt=413&idt=278&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280&nras=1&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3c86yLlhXQ&p=https%3A//tsuredurediary.com&dtd=282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86fb3f68d0a2c5156c64955419f8381e49641dee0108c075f82e6ceddcde712b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 22:39:04 GMT
x-content-type-options: nosniff
age: 585189
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24166
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 09:40:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 12 Jul 2024 22:39:04 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1934961443783810622/ Frame D7AC 2 KB
2 KB 26ms
10ms Image
image/png 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1934961443783810622/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&slotname=5999777542&adk=2441125790&adf=1309820814&pi=t.ma~as.5999777542&w=800&fwrn=4&fwrnh=100&lmt=1689873132&rafmt=3&format=800x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873132313&bpp=1&bdt=413&idt=278&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280&nras=1&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3c86yLlhXQ&p=https%3A//tsuredurediary.com&dtd=282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb31e6a62a23afa4ca7c081323166028f7737ae96bd342c7748e234edd6c5954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 21:57:11 GMT
x-content-type-options: nosniff
age: 414902
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1774
x-xss-protection: 0
last-modified: Mon, 25 Jul 2022 02:14:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 14 Jul 2024 21:57:11 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 227ms
69ms Preflight 13.250.173.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.250.173.68 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://tsuredurediary.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://tsuredurediary.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 20 Jul 2023 17:12:13 GMT
server: ATS/9.1.10.57

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 226ms
68ms Preflight 13.250.173.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.250.173.68 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://tsuredurediary.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://tsuredurediary.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 20 Jul 2023 17:12:13 GMT
server: ATS/9.1.10.57

POST
H2 204 pb Show response
ad.360yield.com/1602/ 0
372 B 228ms
72ms XHR
text/plain 13.251.73.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/1602/pb
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.251.73.116 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-73-116.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tsuredurediary.com
date: Thu, 20 Jul 2023 17:12:13 GMT
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
365 B 278ms
278ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://tsuredurediary.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
529 B 350ms
210ms XHR
application/json 13.213.165.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.52.0&referrer=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&tmax=3000&gdpr=false

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.213.165.210 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-213-165-210.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:13 GMT
accept-ch: sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tsuredurediary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 / Show response
shb.richaudience.com/hb/ 0
346 B 225ms
87ms XHR
text/html 103.253.24.71
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.253.24.71 , Indonesia, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jul 2023 17:12:13 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://tsuredurediary.com
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 0
347 B 214ms
75ms XHR
text/html 103.253.24.71
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.253.24.71 , Indonesia, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jul 2023 17:12:13 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://tsuredurediary.com
access-control-allow-credentials: true

POST
H/1.1 204
No Content / Show response
b1h.zemanta.com/api/bidder/prebid/bid/ 0
124 B 591ms
144ms XHR
text/plain 50.31.142.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.142.95 Itasca, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://tsuredurediary.com
Access-Control-Allow-Credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
196 B 144ms
128ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.52.0&cb=66971718451&lsavail=1&bundle=GKuwn19FTzgyMEpZczZtOCUyQmpGcFR0ZmVIbzJvaURxJTJCdGFoNk5FdFB1R2Z4c1pmMTV1MWZLbEtWMHVCMmNVazNsNFlxVENLc1dlU010Zm9xajBDRTZUZmhRTGFUeHMyblZaaFVNa2hEckhCb0dtSlE3a2t5TEwySEdvU2s2eTV2T2FjYWs

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tsuredurediary.com
date: Thu, 20 Jul 2023 17:12:12 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
172 B 223ms
73ms XHR
text/plain 131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Thu, 20 Jul 2023 17:12:12 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://tsuredurediary.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 339 B
596 B 4ms
1ms XHR
text/html 2a02:6ea0:d300::13
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=102422&adid=6&formatid=26328&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::13 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c2b6805cadd71458bbf7a43c24c2017bf10ceee556c2858c8c61c43e94d8b991

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

x-77-nzt: AVm7oB0gKin/NrgAAA
x-accel-expires: @1690430775
date: Thu, 20 Jul 2023 17:12:13 GMT
x-77-pop: tokyoJP
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: f5cf380cfc695865ed6ab96437e52404
vary: Accept-Encoding, Origin
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://tsuredurediary.com
x-77-cache: HIT
cache-control: max-age=604800
x-age: 47158
x-accel-date: 1689825975

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 343 B
594 B 4ms
2ms XHR
text/html 2a02:6ea0:d300::13
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=102422&adid=20&formatid=26706&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::13 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4a8bcb16a7829b5ecdefcedbb3dbf5fb55309c0ee36a9f91260ff6c521978a68

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

x-77-nzt: AVm7oB1Ky67/NrgAAA
x-accel-expires: @1690430775
date: Thu, 20 Jul 2023 17:12:13 GMT
x-77-pop: tokyoJP
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: f5cf380cfc695865ed6ab9641fcf2d04
vary: Accept-Encoding, Origin
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://tsuredurediary.com
x-77-cache: HIT
cache-control: max-age=604800
x-age: 47158
x-accel-date: 1689825975

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 3 KB
2 KB 265ms
206ms XHR
application/json 52.192.11.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1689873133066&to=0&aun=26328&pubcid=49d5be61-bede-4a0b-9531-075282cf8c45&gpid=%2F102422%2Ftsuredurediary.com%2Fdesktop%2F26328&t=nesqfqzu&pi=2&gdprApplies=0&schain=1.0%2C1!themoneytizer.com%2C94643%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.52.0%22%7D&ogu=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&ns=9830
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.192.11.98 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-11-98.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548cb2df7afa0f02ed345690199d448e47e5d144ffb24a0c803220cff8552740

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:13 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://tsuredurediary.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
311 B 275ms
265ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jul 2023 17:12:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://tsuredurediary.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7e9cd3e9bcbf262a-NRT
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
59 B 1092ms
1082ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jul 2023 17:12:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://tsuredurediary.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7e9cd3e9bcc1262a-NRT
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
197 B 27ms
16ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.52.0&cb=72923131074&lsavail=1&bundle=GKuwn19FTzgyMEpZczZtOCUyQmpGcFR0ZmVIbzJvaURxJTJCdGFoNk5FdFB1R2Z4c1pmMTV1MWZLbEtWMHVCMmNVazNsNFlxVENLc1dlU010Zm9xajBDRTZUZmhRTGFUeHMyblZaaFVNa2hEckhCb0dtSlE3a2t5TEwySEdvU2s2eTV2T2FjYWs

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tsuredurediary.com
date: Thu, 20 Jul 2023 17:12:12 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H/1.1 204
No Content / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
368 B 956ms
308ms XHR
text/plain 212.36.83.246
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=47474&adtype=banner&auc=26328&w=1&h=1&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.98%20Safari%2F537.36&l=en&dt=1&pid=62169&requestId=3672fcf854bc701&schain=1.0%2C1!themoneytizer.com%2C94643%2C1%2C%2C%2C&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2249d5be61-bede-4a0b-9531-075282cf8c45%22%2C%22atype%22%3A1%7D%5D%7D%5D&bidfloor=0&d=tsuredurediary.com&sp=https%253A%252F%252Ftsuredurediary.com%252Farchives%252Fwindows-file-collective-acquisition.html&usp=&coppa=false&videoContext=&bcat=&badv=&bapp=&btype=&battr=&gdpr=false&gdprcs=undefined
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.246 Terrassa, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb2.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 20 Jul 2023 17:12:13 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://tsuredurediary.com
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 204
No Content / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
368 B 1022ms
374ms XHR
text/plain 212.36.83.246
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=47479&adtype=banner&auc=26706&w=160&h=600&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.98%20Safari%2F537.36&l=en&dt=1&pid=62169&requestId=376c213333eb776&schain=1.0%2C1!themoneytizer.com%2C94643%2C1%2C%2C%2C&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2249d5be61-bede-4a0b-9531-075282cf8c45%22%2C%22atype%22%3A1%7D%5D%7D%5D&bidfloor=0&d=tsuredurediary.com&sp=https%253A%252F%252Ftsuredurediary.com%252Farchives%252Fwindows-file-collective-acquisition.html&usp=&coppa=false&videoContext=&bcat=&badv=&bapp=&btype=&battr=&gdpr=false&gdprcs=undefined
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.246 Terrassa, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb2.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 20 Jul 2023 17:12:13 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://tsuredurediary.com
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 358 B
879 B 307ms
113ms XHR
application/json 44.237.73.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&PageUrl=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&PageReferrer=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&CanonicalUrl=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.73.107 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-73-107.us-west-2.compute.amazonaws.com

Software

Resource Hash

40bf1e94a82e82f15b91f26f6c055bd439be2cc4743048a28a5b1b44727a21d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jul 2023 17:12:13 GMT
via: kong/2.8.3
x-content-type-options: nosniff
x-kong-proxy-latency: 0
p3p: CP="CAO PSA OUR"
x-kong-upstream-latency: 18
content-length: 358
pragma: no-cache
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tsuredurediary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 5 KB
3 KB 334ms
194ms XHR
application/json 13.250.173.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.250.173.68 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: b0d6733ffb4ab218bc74da3f966496243c019d68c2dea3e08273b460ea9c1ce1

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
x-openrtb-version: 2.5
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Jul 2023 17:12:13 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://tsuredurediary.com
access-control-allow-credentials: true
content-length: 2416

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 13 KB
6 KB 343ms
203ms XHR
application/json 13.250.173.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.250.173.68 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: 350ea3ed363ab714a39b1d2d26d853a9a99a4207664f3550b7bba6333b1c38a5

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
x-openrtb-version: 2.5
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Jul 2023 17:12:13 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://tsuredurediary.com
access-control-allow-credentials: true
content-length: 5694

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 572 B
1 KB 657ms
167ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39532&zone_id=1124616%3B1078214&size_id=15%3B9&alt_size_ids=2%2C55%2C58%2C221%3B&p_pos=atf&gdpr=0&rp_schain=1.0,1!themoneytizer.com,94643,1,6cbd7e87-7e11-4689-bd5e-45522a3e8cd5,,&eid_pubcid.org=49d5be61-bede-4a0b-9531-075282cf8c45%5E1&rf=https%3A%2F%2Ftsuredurediary.com&kw=102422&tg_i.domain=tsuredurediary.com&tg_i.page=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&tg_i.name=tsuredurediary.com&tg_i.siteid=102422&tg_i.pbadslot=%2F102422%2Ftsuredurediary.com%2Fdesktop%2F26328%3B%2F102422%2Ftsuredurediary.com%2Fdesktop%2F26706&tk_flint=pbjs_lite_v7.52.0&x_source.tid=3eb2582b-0715-4197-b283-21fd98f3eb55%3B4034f746-f23f-48c1-8db5-9003a3a14c09&l_pb_bid_id=4563666ba7246da%3B46490eadecb33da&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&x_imp.ext.tid=3eb2582b-0715-4197-b283-21fd98f3eb55%3B4034f746-f23f-48c1-8db5-9003a3a14c09&rp_maxbids=1&p_gpid=%2F102422%2Ftsuredurediary.com%2Fdesktop%2F26328%3B%2F102422%2Ftsuredurediary.com%2Fdesktop%2F26706&slots=2&rand=0.06754863289577995
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: dcc1f6616511133c3ed41ada84063d299c0cbc2b7794fa571d915eecde333072

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:13 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://tsuredurediary.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 204
No Content / Show response
bid.missena.io/ 0
199 B 392ms
374ms XHR
text/plain 13.115.8.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.missena.io/?t=PA-65894534
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.115.8.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-115-8-252.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://tsuredurediary.com
Date: Thu, 20 Jul 2023 17:12:13 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Origin

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
534 B 1457ms
288ms XHR
text/plain 37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://tsuredurediary.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 prebid Show response
mp.4dex.io/ 4 KB
2 KB 25ms
13ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f823459d4c49111b6bfae9a984e8e91eb850aaf8ef5b02907f8fc7417ee1682

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-tyo
date: Thu, 20 Jul 2023 17:12:13 GMT
content-encoding: gzip
via: 1.1 google
x-err: Shapings: no adunits with size and seat and mapping
cf-cache-status: DYNAMIC
x-warn: Validating the Prebid Request adunits. Unable to parse native image.sizes, Validating the Prebid Request adunits. Unable to parse native image.sizes, Process Floors. 5 inventory rules not found for mediatype: banner and adUnitCode: 26328, Process Seats Booster. unable to get the seat booster engine for organization: 1015
content-length: 1025
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tsuredurediary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7e9cd3e9cf4af611-NRT
expires: 0

GET
DATA 200
OK truncated
/ Frame C665 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb8d6b8bb7b125763c47370cf2b5818647ab72058ae92236e40e4966801a4eff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D7AC 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ef2b213a4cea9c6a233b4cbf677ef7e1f7cfb0e8cc4d1be409546cc78b295e6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 37 B
444 B 956ms
239ms XHR
text/plain 52.211.251.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cpx.to/fire.js?pid=12770&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&hn_ver=57&fid=2be12d53-a2c2-41bb-826a-3416fe93dfec&dsp=pub_common&dsp_uid=426f4570-4ea7-45c7-8a1c-41e36db9c37d&dsp=TTD&dsp_uid=9fa15752-811e-4e1a-9968-2f6499bac335
Requested by: Host: p.cpx.to
URL: https://p.cpx.to/p/12770/px.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.251.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-251-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ee730cf3fadd910b3cb8b99c5ed6cc2fce33daaf987f204e35b3850dabf844c3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 17:12:13 GMT
vary: Origin
p3p: CP="NOI DEV ADM"
access-control-allow-origin: https://tsuredurediary.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 37
expires: Thu, 20 Jul 2023 17:12:13 GMT

GET
H/1.1

200

155.gif
id5-sync.com/k/
Redirect Chain

https://id5-sync.com/i/102/8.gif?id5id=ID5*msg6IF4mgUeWHriir6fTIg4i6HJoOedMDHlM-cxAFdlWgWrrdOZZD32uhCi60BojVoKm5SIq0Ympo-3wR1yWVQ&o=api&gdpr_consent=undefined&gdpr=0
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-f184ot-DU2rnurZTXtE28tvqZpTA5VjwgE7tMLkXzQ&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_...
https://id5-sync.com/c/102/102/7/2.gif?puid=161175378474174537&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/102/2/6/3.gif?puid=6041145649349111353&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=9fa15752-811e-4e1a-9968-2f6499bac335&ttl=%%TTL%%
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-f184ot-DU2rnurZTXtE28tvqZpTA5VjwgE7tMLkXzQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F4%2F5.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
https://id5-sync.com/c/102/3/4/5.gif?puid=74a464b9-6aed-4200-8735-dcc69b1c41c3&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/102/112/3/6.gif?puid=EAF3B0128A112051&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-f184ot-DU2rnurZTXtE28tvqZpTA5VjwgE7tMLkXzQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F2%2F7.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
https://id5-sync.com/c/102/3/2/7.gif?puid=74a464b9-6aed-4200-8735-dcc69b1c41c3&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F1%2F8.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F1%2F8.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/102/123/1/8.gif?puid=1897449b7fb-43610000010e5c10&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAFqhE7JctYAACRPCBZydQ

43 B
2 KB

262ms
261ms

Image
image/gif

162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAFqhE7JctYAACRPCBZydQ

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

HTTP/1.1

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Thu, 20 Jul 2023 17:12:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAFqhE7JctYAACRPCBZydQ
Date: Thu, 20 Jul 2023 17:12:15 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 8573 15 KB
6 KB 22ms
3ms Document
text/html 23.44.52.240
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-52-240.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=145968
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Thu, 20 Jul 2023 17:12:13 GMT
expires: Sat, 22 Jul 2023 09:45:01 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 font
fonts.gstatic.com/l/ Frame D7AC 15 KB
15 KB 4ms
3ms Font
text/html 2404:6800:4004:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxpsMdbqZGuF91v5LBloNTaQW0IngjzTpiX7w96nv-72HvmZJEPW7DzgXd7s6VrmthBWrcg-TX4lWDJc-aMOn8a-DPAE3thRolr8tSZ9pqphoGX45IMB-dAInutzB2V6VYZCzopKjcv5&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%83%8E%E9%96%8B%E3%82%B5%E3%83%B3%E5%9E%8B%E3%83%AA%E4%BD%9C%E6%A0%AA%E3%82%B9%E3%83%87%E6%96%99%E3%82%B7%E3%82%AF%E5%88%B6%E8%B3%87%E3%83%A7%E5%BC%8F%E3%83%9C%E4%BC%9A%E3%81%8F%E7%A4%BE%E3%83%96%E3%83%97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c5bb5102bc524ad49b896c308223e036974ef09dfcafc809fe428dbc44b68b1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 18:51:48 GMT
x-content-type-options: nosniff
age: 80425
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15252
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Wed, 19 Jul 2023 18:51:48 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D7AC 0
23 B 50ms
50ms Image
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4Mos7Gq5ZIvEJrOp29gPsKKWmA-CzbC0a-a1qrO2EGQQASDVlPU8YInzxYT0E6AB0OT4pSjIAQmpAuCzwE1JxT4-qAMByAPLBKoEmgJP0CGwms3EAC7HFihZUlXAGZHdAjA0bobHxsk5pKn4UxneXfvqROs_tQCcxzUmpCCPBdZyqXKVkBZIxATNUawjs5efvP3cTYmwyqZJs1zR8SDkuE_KcIHVP2cWRJFIfn9o4_mgelNnBNwIDF8EsqPYDCT4YWDfsZEboSuc6bJVlP6ciSib3MFyMlimkdJeQSAkxS2qIRQH1N2o4OnqOFM3FBhoO-BkEiPRp-scS6hIzaEXEFvmnqzHMxBrs-HqW0oqLsovuC4SYoQWc_pzHvzdnWcnaE75f9u8pd-k5tcKw4lQ8umTP4tErw96pz9A-zYNfPF6pN8qFq4JUL2Y3KVJRPdShebK8s9Ss_6Q5nehJdrEREXt9VMWsCLABKDH07KLBJIFBAgEGAGSBQQIBRgEoAYugAfQnMmFA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJHuB9IIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsBuBPkA9gTDYgUA9AVAYAXAbIXHAoaCAASFHB1Yi0zNjMxNDI3ODU2MjEyMDU3GAA&sigh=OCbBcyP5lmU&uach_m=[UACH]&cid=CAQSGwBpAlJW-l4MsD8PYfy4hMMpr8Kkpvwojv8VnhgB&template_id=484&cbvp=2&vis=1

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&slotname=5999777542&adk=2441125790&adf=1309820814&pi=t.ma~as.5999777542&w=800&fwrn=4&fwrnh=100&lmt=1689873132&rafmt=3&format=800x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873132313&bpp=1&bdt=413&idt=278&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280&nras=1&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3c86yLlhXQ&p=https%3A//tsuredurediary.com&dtd=282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 20 Jul 2023 17:12:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Jul 2023 17:12:13 GMT

GET
H3 200 z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 2DF1 37 KB
14 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&slotname=5999777542&adk=2441125790&adf=1309820814&pi=t.ma~as.5999777542&w=800&fwrn=4&fwrnh=100&lmt=1689873132&rafmt=3&format=800x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873132313&bpp=1&bdt=413&idt=278&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280&nras=1&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3c86yLlhXQ&p=https%3A//tsuredurediary.com&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 09:17:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jul 2024 09:17:24 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame C665 15 KB
15 KB 3ms
3ms Font
text/html 2404:6800:4004:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%83%B3%E3%82%B5%E5%9E%8B%E3%83%AA%E4%BC%9A%E3%83%87%E3%82%B7%E3%82%AF%E8%B3%87%E6%A0%AA%E3%83%9C%E3%82%B9%E3%81%8F%E6%96%99%E5%88%B6%E3%83%A7%E9%96%8B%E3%83%96%E5%BC%8F%E3%83%97%E3%83%8E%E4%BD%9C%E7%A4%BE

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c5bb5102bc524ad49b896c308223e036974ef09dfcafc809fe428dbc44b68b1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 18:51:48 GMT
x-content-type-options: nosniff
age: 80425
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15252
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Wed, 19 Jul 2023 18:51:48 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 8573 5 KB
6 KB 17ms
2ms Script
text/html 103.231.99.243
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=87984004&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 6ecdaa8134be17a38230235fdd9cc5464e022642efe293d8e93087db28ef46c4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 17:12:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C665 0
19 B 46ms
45ms Image
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBN6j7Gq5ZPjHJPOX29gP34OtiAiCzbC0a-a1qrO2EGQQASDVlPU8YInzxYT0E6AB0OT4pSjIAQmpAnF_L8T8sj4-qAMByAPLBKoEmgJP0BIXVoQb4daSAbYyLeoNM0ck32HE0WwS-eDjkL1R8XEyGuuFbHC1bJaWexd3D_-RjhCIbge0tGni07ubgx5U7GggF1aCG9VtPjMRPLeXShgwhrO-NsIx-5mjdQsuDCJOOxfm1We_MdKuH7bITNbrUMPTMacj9xRxaLlKTv9mAkoqR6f9LgPjijeBfXHqQxnPAEWcIqmObFS_pjrhW8CRYacU1jnCUpVUx_osL_gy9X3ngfmzeQJLhiEMi1x-3CjsViMuKaqAS4gorZOrzfewFx6Gl8LUh_rFHLpJmKrkUcEmzfa6C5RDR5K5L4QiNSTtL11bJXvrIyAN1ifnAr4EiV2SA4ZlvQHLP3LrIaom8GdZdi2NxmZHp0XABKDH07KLBJIFBAgEGAGSBQQIBRgEoAYugAfQnMmFA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIbBCdIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsBuBPkA9gTDYgUA9AVAYAXAbIXHAoaCAASFHB1Yi0zNjMxNDI3ODU2MjEyMDU3GAA&sigh=ikZXNJl0lmE&uach_m=[UACH]&cid=CAQSGwBpAlJWUYlxc2FJlk23L5iGNQVyuUyWJ-a__hgB&template_id=484&cbvp=2&vis=1

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&slotname=5999777542&adk=2441125790&adf=337528958&pi=t.ma~as.5999777542&w=800&fwrn=4&fwrnh=100&lmt=1689873132&rafmt=1&format=800x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873132311&bpp=2&bdt=410&idt=249&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=290&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4ayBZk0gYE&p=https%3A//tsuredurediary.com&dtd=252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 20 Jul 2023 17:12:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 31FA 37 KB
14 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 09:17:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jul 2024 09:17:24 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/ 154 KB
52 KB 49ms
49ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/reactive_library_fy2021.js?bust=31076208

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076208

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4eaaa0ec814e78000f26a82e9c795e5772987b9fea68ee1ac9ceace72aadbdf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53468
x-xss-protection: 0
server: cafe
etag: 16282959644254610970
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:12:13 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2593
Redirect Chain

https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
https://cr-p10.ladsp.com/cookiesender/10?cr=true&https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AYoTlKzp21W-ks8AD7Il6q7Bq88AAAGJdEmvJA

42 B
291 B

4ms
3ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AYoTlKzp21W-ks8AD7Il6q7Bq88AAAGJdEmvJA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 17:12:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
date: Thu, 20 Jul 2023 17:12:13 GMT
expires: -1
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AYoTlKzp21W-ks8AD7Il6q7Bq88AAAGJdEmvJA
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
pragma: no-cache
server: Logicad
via: 1.1 a49d1108e42858e6d1c36122e47a7db2.cloudfront.net (CloudFront)
x-amz-cf-id: IE19_YOWEBTyltMYlMM5uxdEjK3dMx9KRbMFvFR4R8a-R02E9OK97w==
x-amz-cf-pop: NRT20-C3
x-cache: Miss from cloudfront

GET
H2

200

usersync.aspx Show response
widget.as.criteo.com/dis/ Frame 7A9E
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://widget.as.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybac...

43 B
363 B

13ms
2ms

Document
image/gif

182.161.74.16
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.as.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 17:12:13 GMT
expires: Thu, 20 Jul 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 168787
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

Redirect headers

content-length: 0
date: Thu, 20 Jul 2023 17:12:13 GMT
location: https://widget.as.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
server: Kestrel
server-processing-duration-in-ticks: 64020
strict-transport-security: max-age=31536000; preload;

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 96C7
Redirect Chain

https://ds.uncn.jp/pm/0/sync
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_5658c150-8c00-43d9-b3d8-6b6d2a26192d

42 B
476 B

17ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_5658c150-8c00-43d9-b3d8-6b6d2a26192d
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 17:12:12 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 170
Content-Type: text/html; charset=utf-8
Date: Thu, 20 Jul 2023 17:12:13 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_5658c150-8c00-43d9-b3d8-6b6d2a26192d
Server: Apache

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9D0C
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6041145649349111353&gdpr=0&gdpr_consent=

42 B
218 B

2ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6041145649349111353&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 17:12:12 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: dda104f9-f6f0-4dfa-b822-7d6e0a497758
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 17:12:13 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6041145649349111353&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 217.138.252.196; 217.138.252.196; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 984F
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9_SI5_ehj73s-di99_bH5_L3iOzsoo649vEL7hku

42 B
333 B

12ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9_SI5_ehj73s-di99_bH5_L3iOzsoo649vEL7hku
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 17:12:12 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Thu, 20 Jul 2023 17:12:13 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9_SI5_ehj73s-di99_bH5_L3iOzsoo649vEL7hku
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F48E
Redirect Chain

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D&uid-set=1
https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dpubmatic%26rd%3Dhttps%253A%2F%2Fsimage2%2Epubmatic%2Ecom%2FAdServer%2FPug%253...
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D&uid-set=1&auid=afa9b41...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=4HbfRsk3Npa

42 B
208 B

2ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=4HbfRsk3Npa
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 17:12:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-store,no-cache
Connection: close
Content-Length: 0
Date: Thu, 20 Jul 2023 17:12:13 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=4HbfRsk3Npa
Pragma: no-cache
Server: nginx
expires: -1

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame BA38
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
237 B

344ms
343ms

Document
image/png

151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLlq7QACT-5HnwAb
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Thu, 20 Jul 2023 17:12:13 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-tyo11935-TYO
x-timer: S1689873134.560022,VS0,VE342

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Thu, 20 Jul 2023 17:12:13 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLlq7QACT-5HnwAb
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-tyo11935-TYO
x-timer: S1689873133.336704,VS0,VE221

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame DB38
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1gr33lfnudym

42 B
230 B

2ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1gr33lfnudym
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 17:12:12 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Thu, 20 Jul 2023 17:12:13 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1gr33lfnudym
lws: 222
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H2 200 pxd Show response
dps.jp.cinarra.com/ Frame 5606 0
38 B 23ms
2ms Document
text/plain 54.238.235.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.235.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-235-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-length: 0
date: Thu, 20 Jul 2023 17:12:13 GMT

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 4C88
Redirect Chain

https://gocm.c.appier.net/pubmatic
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Z-6RwqVFAfaFWVix7Wq5ZA

42 B
200 B

14ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Z-6RwqVFAfaFWVix7Wq5ZA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 17:12:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control: no-store
content-length: 153
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 17:12:13 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Z-6RwqVFAfaFWVix7Wq5ZA
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: nginx

GET
H2 417 sync Show response
t.adx.opera.com/pub/ Frame 792B 0
417 B 666ms
234ms Document
text/plain 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to

Full URL: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , South Africa, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Thu, 20 Jul 2023 17:12:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Tengine

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame 8672 43 B
205 B 53ms
41ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Thu, 20 Jul 2023 17:12:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 62E8
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=984cd8456f0a4da39379f665f1780ba8

42 B
305 B

2ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=984cd8456f0a4da39379f665f1780ba8
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 17:12:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html;charset=UTF-8
date: Thu, 20 Jul 2023 17:12:12 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=984cd8456f0a4da39379f665f1780ba8
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
status: 302
via: 1.1 google
x-xss-protection: 1; mode=block

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame FEF4
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=u31--8ulUF5HijUyqD3e2tmK_MQ&gdpr=0&gdpr_consent=

42 B
375 B

2ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=u31--8ulUF5HijUyqD3e2tmK_MQ&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 17:12:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Thu, 20 Jul 2023 17:12:13 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=u31--8ulUF5HijUyqD3e2tmK_MQ&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A770
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
74 B

2ms
2ms

Document
text/html

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 17:12:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Thu, 20 Jul 2023 17:12:13 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 9BBE
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1921700048958853607

42 B
194 B

3ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1921700048958853607
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 17:12:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Thu, 20 Jul 2023 17:12:14 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1921700048958853607
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame AC24
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:awC87B491Qmxch5&gdpr=0&gdpr_consent=

42 B
219 B

2ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:awC87B491Qmxch5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 17:12:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Thu, 20 Jul 2023 17:12:13 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:awC87B491Qmxch5&gdpr=0&gdpr_consent=
Pragma: no-cache
Server: PingMatch/v2.0.30-783-g46ba6fe#rel-ec2-master i-05469f6b68f1c168a@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F614
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:930797E15C284B6292CEEAA5D2302F07&gdpr=0&gdpr_consent=

1 B
72 B

2ms
2ms

Document
text/html

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:930797E15C284B6292CEEAA5D2302F07&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 17:12:12 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Thu, 20 Jul 2023 17:12:13 GMT
expires: Wed, 19 Jul 2023 17:12:13 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:930797E15C284B6292CEEAA5D2302F07&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2 200 setuid Show response
u.4dex.io/ Frame 4556 0
1 KB 17ms
5ms Document
text/plain 34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Thu, 20 Jul 2023 17:12:13 GMT
expires: 0
pragma: no-cache
vary: Origin Accept-Encoding
via: 1.1 google

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8573
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FBx0pbUPTP-FdZYNncptww%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

4ms
4ms

Image
text/html

23.44.52.240
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Server: 23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-52-240.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:13 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=145968
accept-ranges: bytes
content-length: 5606
expires: Sat, 22 Jul 2023 09:45:01 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 8573
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=141C74A5-B50F-4CFF-8575-960D9DCA6DC3
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=141C74A5-B50F-4CFF-8575-960D9DCA6DC3
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=eb972ec4-bd73-4a82-b320-6f31bc0f5988%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9fa15752-811e-4e1a-9968-2f6499bac335&ttd_puid=eb972ec4-bd73-4a82-b320-6f31bc0f5988%2C%2C

95 B
123 B

42ms
42ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9fa15752-811e-4e1a-9968-2f6499bac335&ttd_puid=eb972ec4-bd73-4a82-b320-6f31bc0f5988%2C%2C

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:13 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9fa15752-811e-4e1a-9968-2f6499bac335&ttd_puid=eb972ec4-bd73-4a82-b320-6f31bc0f5988%2C%2C
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 359

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 8573
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&gdpr=0&gdpr_consent=&ct=y

49 B
543 B

97ms
97ms

Image
image/gif

54.251.17.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&gdpr=0&gdpr_consent=&ct=y
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Server: 54.251.17.22 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-17-22.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:13 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.4.11
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:13 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&gdpr=0&gdpr_consent=&ct=y
cache-control: no-cache
x-server: 10.42.1.210
content-length: 0
expires: 0

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 8573
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&sInitiator=external&gdpr=0&gdpr_consent=

42 B
570 B

62ms
62ms

Image
image/gif

119.9.108.211
RACKSPACE-AP Rack...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: HTTP/1.1
Server: 119.9.108.211 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:11:44 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:11:44 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 8573
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTQxQzc0QTUtQjUwRi00Q0ZGLTg1NzUtOTYwRDlEQ0E2REMz&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

2ms
2ms

Image
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 17:12:12 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 8573
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPtUxZDCHGRLwUw9Vd7jfA4&google_cver=1

42 B
302 B

2ms
2ms

Image
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPtUxZDCHGRLwUw9Vd7jfA4&google_cver=1
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 17:12:13 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPtUxZDCHGRLwUw9Vd7jfA4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 8573 43 B
609 B 262ms
72ms Image
image/gif 34.124.209.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.124.209.251 , Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

251.209.124.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:13 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 19 Jul 2023 17:12:13 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8573
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=817c9144-d961-4726-86a6-7595c6e4d090
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=817c9144-d961-4726-86a6-7595c6e4d090
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=d077fd57-1eb8-42ea-9b12-bd732beeeb74&user_group=1&ssp=pubmatic&bsw_param=817c9144-d961-4726-86a6-7595c6e4d090
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=817c9144-d961-4726-86a6-7595c6e4d090&gdpr=&gdpr_consent=&gdpr_pd=

1 B
294 B

2ms
2ms

Image
text/html

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=817c9144-d961-4726-86a6-7595c6e4d090&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 17:12:13 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=817c9144-d961-4726-86a6-7595c6e4d090&gdpr=&gdpr_consent=&gdpr_pd=
Date: Thu, 20 Jul 2023 17:12:14 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8573
Redirect Chain

https://tg.socdm.com/rtb/sync?proto=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZLlq7cCo5ucAAOz0ZqoAAAAA

42 B
229 B

2ms
2ms

Image
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZLlq7cCo5ucAAOz0ZqoAAAAA
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 17:12:12 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

X-SO-Cluster-ID: 0
Date: Thu, 20 Jul 2023 17:12:13 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=pubmatic","cluster_id":0,"gdpr":false,"ipv4":"217.138.252.196","key":"ZLlq7cCo5ucAAOz0ZqoAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40048"}
X-SO-Key: ZLlq7cCo5ucAAOz0ZqoAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40048
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZLlq7cCo5ucAAOz0ZqoAAAAA
Cache-Control: private
X-SO-HostName: a-ad40048.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 2
Content-Length: 0
X-SO-LB-Hostname: a-tgng40016.dc2p.scaleout.jp
X-SO-IP: 217.138.252.196

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8573
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9fa15752-811e-4e1a-9968-2f6499bac335&gdpr=0&gdpr_consent=

42 B
278 B

3ms
2ms

Image
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9fa15752-811e-4e1a-9968-2f6499bac335&gdpr=0&gdpr_consent=
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 17:12:13 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:13 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9fa15752-811e-4e1a-9968-2f6499bac335&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 355

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8573
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4931925723668045182

42 B
242 B

3ms
2ms

Image
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4931925723668045182
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 17:12:13 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4931925723668045182
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 141C74A5-B50F-4CFF-8575-960D9DCA6DC3
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 8573 43 B
602 B 217ms
78ms Image
image/gif 2406:da18:929:5a03:6501:163c:2f11:2df9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/141C74A5-B50F-4CFF-8575-960D9DCA6DC3?gdpr=0&gdpr_consent=

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2406:da18:929:5a03:6501:163c:2f11:2df9 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 8573
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Kqubv1dE2uUgTWJcIEs8EKzKUKXRtCA-~A&gdpr=0

0
260 B

21ms
4ms

Image
text/plain

103.231.99.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Kqubv1dE2uUgTWJcIEs8EKzKUKXRtCA-~A&gdpr=0
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Server: 103.231.99.81 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:12 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Kqubv1dE2uUgTWJcIEs8EKzKUKXRtCA-~A&gdpr=0
date: Thu, 20 Jul 2023 17:12:13 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8573
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4123746814959108888&gdpr=0&gdpr_consent=&us_privacy=

1 B
175 B

2ms
2ms

Image
text/html

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4123746814959108888&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 17:12:13 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4123746814959108888&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:13 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8573
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=11956bd557aa1b35&is_secure=true&networkId=17100&version=1&nuid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAANO-SkUHCh_wMSegWYAAAAAAA&expiration=1689959534&nuid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&...

42 B
363 B

4ms
3ms

Image
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAANO-SkUHCh_wMSegWYAAAAAAA&expiration=1689959534&nuid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&is_secure=true&gdpr_consent=&gdpr=0
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 17:12:13 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:14 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAANO-SkUHCh_wMSegWYAAAAAAA&expiration=1689959534&nuid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 40ms
40ms Script
application/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tsuredurediary.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 99FC 111 KB
40 KB 409ms
409ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&adk=3656351597&adf=1343128910&pi=t.aa~a.477068230~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1689873133&rafmt=1&to=qs&pwprc=4950149482&format=336x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873133348&bpp=1&bdt=1447&idt=1&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfbbe5f0852cd7e7b-2230ce25d3e200c9%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Maie3MooXG0W5Uj-LMNFsdmsIg_3w&gpic=UID%3D00000cddfbd74712%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Ma17UJosvDs5R7im-gWjN_IXtQNiA&prev_fmts=0x0%2C800x280%2C800x280%2C300x600&nras=2&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&psts=ABnkTfCr-Fvq5U58DXYKYuN0Eksw-dFmAofElGoU0PpxSMA2sdR-FWfFW9sPYtmoX6-xvhVVag5RzBm-HJzBhv3QhL9ZmSbk%2CABnkTfCsafCApQUQwfX645wk5qI9x_wLzALHHQdN-2NmPoe6RVmbz_uLRvcLn4RCFZIqWncHptndtZdIhccFRJP_78v82H1G&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=Xs9fN1PNHu&p=https%3A//tsuredurediary.com&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076208

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b60e7654f1a22d88904f2c36fbd17b957e4d91ca3ed72f8fa0460e11990440f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 41255
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 17:12:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/ Frame 5AF6 10 KB
4 KB 4ms
3ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076208

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 24166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 10:29:27 GMT
etag: 12368291122986407432
expires: Thu, 03 Aug 2023 10:29:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/ Frame 0011 10 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076208

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 24166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 10:29:27 GMT
etag: 12368291122986407432
expires: Thu, 03 Aug 2023 10:29:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
log.pinterest.com/ 0
334 B 240ms
232ms Image
text/plain 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=eY9PiWf7nF6D&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&xload=1&lang=en&nvl=en-US&via=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&viaSrc=canonical
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 20 Jul 2023 17:12:13 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 4
x-pinterest-rid: 1067004597707394
content-length: 0
x-served-by: cache-tyo11971-TYO
pragma: no-cache
server: envoy
x-timer: S1689873134.511199,VS0,VE230
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 5AF6 4 KB
744 B 40ms
40ms Stylesheet
text/css 2404:6800:4004:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Jul 2023 17:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 17:12:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jul 2023 17:12:13 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5AF6 205 B
229 B 6ms
5ms Image
image/png 2404:6800:4004:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 14:32:55 GMT
x-content-type-options: nosniff
age: 95958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 18 Jul 2024 14:32:55 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5AF6 604 B
628 B 4ms
3ms Image
image/png 2404:6800:4004:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 19:50:44 GMT
x-content-type-options: nosniff
age: 76889
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 18 Jul 2024 19:50:44 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/elements/html/ Frame 5AF6 14 KB
6 KB 4ms
3ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fd428f7dd2d6b8d1c176b572055f463835f4fccf41286529c81cc8ee42ba170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 05:13:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6331
x-xss-protection: 0
server: cafe
etag: 1463633963343994842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 05:13:33 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/elements/html/ Frame 5AF6 20 KB
8 KB 5ms
4ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

faefc7d5cb22f0899412f91aa8fcabe5910c50cb6faee897413b62ac324c0f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 05:13:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8607
x-xss-protection: 0
server: cafe
etag: 1206383197409669553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 05:13:33 GMT

GET
H3 200 bd9dfbb5914ff58f8f53260c6898e03c.js Show response
www.gstatic.com/mysidia/ Frame 0011 9 KB
4 KB 4ms
4ms Script
text/javascript 2404:6800:4004:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bd9dfbb5914ff58f8f53260c6898e03c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26b4b8a7c7f8c6f3c35d50274738abf52351ddd9561b006002d80e6a48a7305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3957
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 20:37:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 03:48:03 GMT

GET
H3 200 be1c55307d155d15842552e1d6ad8a78.js Show response
www.gstatic.com/mysidia/ Frame 0011 10 KB
4 KB 4ms
4ms Script
text/javascript 2404:6800:4004:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/be1c55307d155d15842552e1d6ad8a78.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42497b8e4a8a73413b2216469321d125916e92b088a4542339bbb3ec17722ecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 18:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4199
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 17:15:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 18:50:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0011 1020 B
538 B 47ms
44ms Stylesheet
text/css 2404:6800:4004:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=j%E5%85%B1%E3%81%AF%E6%B3%95%E3%82%B7%E5%AD%98%E6%96%99%E4%BB%98%E3%81%84%E4%B8%8E%E3%81%AB%E3%81%99%E3%83%97t%E5%AF%BE%E9%9B%BB%E9%A1%8D%E5%B8%B3%E3%82%BF%E5%AE%9Ap%E3%83%9CSe%E5%BA%A6%E5%88%B6%E3%81%97%E4%BF%9D%E9%A1%8C%E3%81%8F%E3%82%A9%E3%81%BE%E6%9C%89O%E3%83%86as%E3%83%AB%20%E5%BF%9C%E3%81%94%E3%83%80o%E3%81%9F%E9%96%8B%E3%82%B9%E7%B0%BFK%E3%83%95%E9%99%90.5r%E3%83%A0%E3%81%BF%E3%81%AE%E3%83%B3%E7%94%A8%E6%94%BE%E3%82%A4g%E5%AD%90%E3%81%A7%E3%81%A0%E3%81%AA%E3%81%91-%E3%80%82%E5%88%A9

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b70bdd847f06a79a2fdadf5ffcb4f36b7dc0589ed34d9027a3ba619f05ea1ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Jul 2023 17:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 17:12:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jul 2023 17:12:13 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame 0011 2 KB
926 B 6ms
4ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 14:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 14:56:41 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/ Frame 0011 23 KB
9 KB 7ms
4ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:29:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 02:29:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame 0011 3 KB
1 KB 7ms
4ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:29:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 02:29:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame 0011 20 KB
8 KB 6ms
3ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:29:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 02:29:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0011 179 KB
56 KB 92ms
89ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:12:13 GMT

GET
H3 200 db0cdd5d6449829815370f69ba3f47bd.js Show response
www.gstatic.com/mysidia/ Frame 0011 33 KB
14 KB 4ms
2ms Script
text/javascript 2404:6800:4004:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 08:08:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14165
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 20:37:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 08:08:53 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 16E4 143 B
166 B 2ms
2ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 2599
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 16:28:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0011 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce71154389a9ac2bd1e1564a9f382a60d06de9d90378fe7a00b480cb33c13de9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 4B40 970 B
471 B 43ms
43ms Stylesheet
text/css 2404:6800:4004:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%88%E8%A6%8B%E9%80%81%E3%80%8C%E5%8F%AF%E3%83%87%E8%A9%B1%E5%A0%B4%E6%9F%BB%E3%82%B9%E3%82%B0%E3%83%AB%E3%81%84%E5%8B%95%E8%A6%96%E6%94%B9%E3%81%99%E3%81%AB%E3%83%9B%E3%83%83%E9%96%89%E3%82%84%E9%96%8B%E9%9B%BB%E3%83%BB%E4%BC%9A%E3%83%A0%E3%80%81%E8%AA%BF%E3%83%97%E3%80%8D%E6%B4%BB%E3%82%BF%E3%82%A4%E3%82%92%E7%94%A8%E3%83%BC%E3%83%B3%E3%83%88%E3%81%97%E3%83%93%E3%83%A5%E3%82%8B%E3%83%8D%E3%81%AA%E5%96%84%E5%8C%96%E9%83%B5%E5%88%A9%E3%83%A6%E3%83%86%E3%80%82%E3%81%98%E3%81%8F

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7b63a64d6dbd5386f935b67b02a1c9bfbaa0d2fa0ccc17dc572355ab481e0800

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Jul 2023 17:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 17:12:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jul 2023 17:12:13 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4B40 7 KB
1 KB 79ms
79ms Stylesheet
text/css 2404:6800:4004:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Jul 2023 17:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 16:12:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jul 2023 17:12:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame 4B40 2 KB
892 B 3ms
2ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 14:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 14:56:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/ Frame 4B40 23 KB
9 KB 3ms
2ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:29:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 02:29:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 87FB 143 B
166 B 2ms
2ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 2599
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 16:28:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame 4B40 3 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:29:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 02:29:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame 4B40 20 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:29:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 02:29:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4B40 179 KB
56 KB 63ms
62ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:12:13 GMT

GET
H3 200 db0cdd5d6449829815370f69ba3f47bd.js Show response
www.gstatic.com/mysidia/ Frame 4B40 33 KB
14 KB 4ms
3ms Script
text/javascript 2404:6800:4004:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 08:08:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14165
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 20:37:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 08:08:53 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 16E4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

76ms
76ms

Document
text/html

2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 17:12:13 GMT
expires: Thu, 20 Jul 2023 17:12:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 17:12:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 87FB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

104ms
103ms

Document
text/html

2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 17:12:14 GMT
expires: Thu, 20 Jul 2023 17:12:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 17:12:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200 12.json Show response
id5-sync.com/g/v2/ 595 B
1 KB 260ms
259ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/12.json

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

c9aa0bb0dc0fbfe87bcfb410da318a6dea0ef5c3d4912a69487f13ea20bdf48d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jul 2023 17:12:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://tsuredurediary.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H3 200 css
fonts.googleapis.com/ Frame 99FC 1 KB
384 B 44ms
44ms Stylesheet
text/css 2404:6800:4004:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%81%AB%E3%81%A7%E3%82%AF%E3%82%A6%E3%83%93%E3%82%B8%E3%81%AE%E6%8F%B4%E3%82%92%E3%83%BC%E6%8F%90%E3%82%A4%E3%83%88%E6%A1%88%E7%89%B9%E3%83%86%E5%8C%96%E6%94%AF%E9%81%A9%E3%81%AA%E3%83%8D%E3%83%89%E3%82%B9%E3%82%B5%E3%81%94%E6%9C%80%E3%80%81%E3%83%A9%E7%92%B0%E5%A2%83

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&adk=3656351597&adf=1343128910&pi=t.aa~a.477068230~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1689873133&rafmt=1&to=qs&pwprc=4950149482&format=336x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873133348&bpp=1&bdt=1447&idt=1&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfbbe5f0852cd7e7b-2230ce25d3e200c9%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Maie3MooXG0W5Uj-LMNFsdmsIg_3w&gpic=UID%3D00000cddfbd74712%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Ma17UJosvDs5R7im-gWjN_IXtQNiA&prev_fmts=0x0%2C800x280%2C800x280%2C300x600&nras=2&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&psts=ABnkTfCr-Fvq5U58DXYKYuN0Eksw-dFmAofElGoU0PpxSMA2sdR-FWfFW9sPYtmoX6-xvhVVag5RzBm-HJzBhv3QhL9ZmSbk%2CABnkTfCsafCApQUQwfX645wk5qI9x_wLzALHHQdN-2NmPoe6RVmbz_uLRvcLn4RCFZIqWncHptndtZdIhccFRJP_78v82H1G&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=Xs9fN1PNHu&p=https%3A//tsuredurediary.com&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ca8890ecba0d0fcce4c904f2ecf0131eff75b0c571f644e14a42041ee16c1a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Jul 2023 17:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 17:12:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jul 2023 17:12:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame 99FC 2 KB
892 B 3ms
2ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&adk=3656351597&adf=1343128910&pi=t.aa~a.477068230~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1689873133&rafmt=1&to=qs&pwprc=4950149482&format=336x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873133348&bpp=1&bdt=1447&idt=1&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfbbe5f0852cd7e7b-2230ce25d3e200c9%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Maie3MooXG0W5Uj-LMNFsdmsIg_3w&gpic=UID%3D00000cddfbd74712%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Ma17UJosvDs5R7im-gWjN_IXtQNiA&prev_fmts=0x0%2C800x280%2C800x280%2C300x600&nras=2&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&psts=ABnkTfCr-Fvq5U58DXYKYuN0Eksw-dFmAofElGoU0PpxSMA2sdR-FWfFW9sPYtmoX6-xvhVVag5RzBm-HJzBhv3QhL9ZmSbk%2CABnkTfCsafCApQUQwfX645wk5qI9x_wLzALHHQdN-2NmPoe6RVmbz_uLRvcLn4RCFZIqWncHptndtZdIhccFRJP_78v82H1G&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=Xs9fN1PNHu&p=https%3A//tsuredurediary.com&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 14:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 14:56:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/ Frame 99FC 23 KB
9 KB 3ms
3ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&adk=3656351597&adf=1343128910&pi=t.aa~a.477068230~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1689873133&rafmt=1&to=qs&pwprc=4950149482&format=336x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873133348&bpp=1&bdt=1447&idt=1&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfbbe5f0852cd7e7b-2230ce25d3e200c9%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Maie3MooXG0W5Uj-LMNFsdmsIg_3w&gpic=UID%3D00000cddfbd74712%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Ma17UJosvDs5R7im-gWjN_IXtQNiA&prev_fmts=0x0%2C800x280%2C800x280%2C300x600&nras=2&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&psts=ABnkTfCr-Fvq5U58DXYKYuN0Eksw-dFmAofElGoU0PpxSMA2sdR-FWfFW9sPYtmoX6-xvhVVag5RzBm-HJzBhv3QhL9ZmSbk%2CABnkTfCsafCApQUQwfX645wk5qI9x_wLzALHHQdN-2NmPoe6RVmbz_uLRvcLn4RCFZIqWncHptndtZdIhccFRJP_78v82H1G&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=Xs9fN1PNHu&p=https%3A//tsuredurediary.com&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:29:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 02:29:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame 99FC 3 KB
1 KB 4ms
4ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&adk=3656351597&adf=1343128910&pi=t.aa~a.477068230~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1689873133&rafmt=1&to=qs&pwprc=4950149482&format=336x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873133348&bpp=1&bdt=1447&idt=1&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfbbe5f0852cd7e7b-2230ce25d3e200c9%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Maie3MooXG0W5Uj-LMNFsdmsIg_3w&gpic=UID%3D00000cddfbd74712%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Ma17UJosvDs5R7im-gWjN_IXtQNiA&prev_fmts=0x0%2C800x280%2C800x280%2C300x600&nras=2&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&psts=ABnkTfCr-Fvq5U58DXYKYuN0Eksw-dFmAofElGoU0PpxSMA2sdR-FWfFW9sPYtmoX6-xvhVVag5RzBm-HJzBhv3QhL9ZmSbk%2CABnkTfCsafCApQUQwfX645wk5qI9x_wLzALHHQdN-2NmPoe6RVmbz_uLRvcLn4RCFZIqWncHptndtZdIhccFRJP_78v82H1G&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=Xs9fN1PNHu&p=https%3A//tsuredurediary.com&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:29:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 02:29:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame 99FC 20 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&adk=3656351597&adf=1343128910&pi=t.aa~a.477068230~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1689873133&rafmt=1&to=qs&pwprc=4950149482&format=336x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873133348&bpp=1&bdt=1447&idt=1&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfbbe5f0852cd7e7b-2230ce25d3e200c9%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Maie3MooXG0W5Uj-LMNFsdmsIg_3w&gpic=UID%3D00000cddfbd74712%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Ma17UJosvDs5R7im-gWjN_IXtQNiA&prev_fmts=0x0%2C800x280%2C800x280%2C300x600&nras=2&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&psts=ABnkTfCr-Fvq5U58DXYKYuN0Eksw-dFmAofElGoU0PpxSMA2sdR-FWfFW9sPYtmoX6-xvhVVag5RzBm-HJzBhv3QhL9ZmSbk%2CABnkTfCsafCApQUQwfX645wk5qI9x_wLzALHHQdN-2NmPoe6RVmbz_uLRvcLn4RCFZIqWncHptndtZdIhccFRJP_78v82H1G&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=Xs9fN1PNHu&p=https%3A//tsuredurediary.com&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:29:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 02:29:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 99FC 179 KB
56 KB 57ms
56ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&adk=3656351597&adf=1343128910&pi=t.aa~a.477068230~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1689873133&rafmt=1&to=qs&pwprc=4950149482&format=336x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873133348&bpp=1&bdt=1447&idt=1&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfbbe5f0852cd7e7b-2230ce25d3e200c9%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Maie3MooXG0W5Uj-LMNFsdmsIg_3w&gpic=UID%3D00000cddfbd74712%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Ma17UJosvDs5R7im-gWjN_IXtQNiA&prev_fmts=0x0%2C800x280%2C800x280%2C300x600&nras=2&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&psts=ABnkTfCr-Fvq5U58DXYKYuN0Eksw-dFmAofElGoU0PpxSMA2sdR-FWfFW9sPYtmoX6-xvhVVag5RzBm-HJzBhv3QhL9ZmSbk%2CABnkTfCsafCApQUQwfX645wk5qI9x_wLzALHHQdN-2NmPoe6RVmbz_uLRvcLn4RCFZIqWncHptndtZdIhccFRJP_78v82H1G&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=Xs9fN1PNHu&p=https%3A//tsuredurediary.com&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:12:13 GMT

GET
H3 200 db0cdd5d6449829815370f69ba3f47bd.js Show response
www.gstatic.com/mysidia/ Frame 99FC 33 KB
14 KB 5ms
4ms Script
text/javascript 2404:6800:4004:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&adk=3656351597&adf=1343128910&pi=t.aa~a.477068230~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1689873133&rafmt=1&to=qs&pwprc=4950149482&format=336x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873133348&bpp=1&bdt=1447&idt=1&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfbbe5f0852cd7e7b-2230ce25d3e200c9%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Maie3MooXG0W5Uj-LMNFsdmsIg_3w&gpic=UID%3D00000cddfbd74712%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Ma17UJosvDs5R7im-gWjN_IXtQNiA&prev_fmts=0x0%2C800x280%2C800x280%2C300x600&nras=2&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&psts=ABnkTfCr-Fvq5U58DXYKYuN0Eksw-dFmAofElGoU0PpxSMA2sdR-FWfFW9sPYtmoX6-xvhVVag5RzBm-HJzBhv3QhL9ZmSbk%2CABnkTfCsafCApQUQwfX645wk5qI9x_wLzALHHQdN-2NmPoe6RVmbz_uLRvcLn4RCFZIqWncHptndtZdIhccFRJP_78v82H1G&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=Xs9fN1PNHu&p=https%3A//tsuredurediary.com&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 08:08:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14165
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 20:37:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 08:08:53 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2FF7 1 KB
643 B 4ms
2ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&adk=3656351597&adf=1343128910&pi=t.aa~a.477068230~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1689873133&rafmt=1&to=qs&pwprc=4950149482&format=336x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873133348&bpp=1&bdt=1447&idt=1&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfbbe5f0852cd7e7b-2230ce25d3e200c9%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Maie3MooXG0W5Uj-LMNFsdmsIg_3w&gpic=UID%3D00000cddfbd74712%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Ma17UJosvDs5R7im-gWjN_IXtQNiA&prev_fmts=0x0%2C800x280%2C800x280%2C300x600&nras=2&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&psts=ABnkTfCr-Fvq5U58DXYKYuN0Eksw-dFmAofElGoU0PpxSMA2sdR-FWfFW9sPYtmoX6-xvhVVag5RzBm-HJzBhv3QhL9ZmSbk%2CABnkTfCsafCApQUQwfX645wk5qI9x_wLzALHHQdN-2NmPoe6RVmbz_uLRvcLn4RCFZIqWncHptndtZdIhccFRJP_78v82H1G&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=Xs9fN1PNHu&p=https%3A//tsuredurediary.com&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 56715
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 01:26:58 GMT
etag: 48472445140208031
expires: Fri, 21 Jul 2023 01:26:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/6243038401344859849/ Frame 99FC 58 KB
58 KB 6ms
4ms Image
image/jpeg 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6243038401344859849/2076313506083323656

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&adk=3656351597&adf=1343128910&pi=t.aa~a.477068230~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1689873133&rafmt=1&to=qs&pwprc=4950149482&format=336x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873133348&bpp=1&bdt=1447&idt=1&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfbbe5f0852cd7e7b-2230ce25d3e200c9%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Maie3MooXG0W5Uj-LMNFsdmsIg_3w&gpic=UID%3D00000cddfbd74712%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Ma17UJosvDs5R7im-gWjN_IXtQNiA&prev_fmts=0x0%2C800x280%2C800x280%2C300x600&nras=2&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&psts=ABnkTfCr-Fvq5U58DXYKYuN0Eksw-dFmAofElGoU0PpxSMA2sdR-FWfFW9sPYtmoX6-xvhVVag5RzBm-HJzBhv3QhL9ZmSbk%2CABnkTfCsafCApQUQwfX645wk5qI9x_wLzALHHQdN-2NmPoe6RVmbz_uLRvcLn4RCFZIqWncHptndtZdIhccFRJP_78v82H1G&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=Xs9fN1PNHu&p=https%3A//tsuredurediary.com&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0584a45059f8c6349943caed23e41cdfa447c59dd7660d88bf745700ab9ad2d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:10:52 GMT
x-content-type-options: nosniff
age: 126081
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59252
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 06:06:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 18 Jul 2024 06:10:52 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11921424971614373652/ Frame 99FC 4 KB
4 KB 5ms
4ms Image
image/png 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11921424971614373652/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&adk=3656351597&adf=1343128910&pi=t.aa~a.477068230~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1689873133&rafmt=1&to=qs&pwprc=4950149482&format=336x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873133348&bpp=1&bdt=1447&idt=1&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfbbe5f0852cd7e7b-2230ce25d3e200c9%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Maie3MooXG0W5Uj-LMNFsdmsIg_3w&gpic=UID%3D00000cddfbd74712%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Ma17UJosvDs5R7im-gWjN_IXtQNiA&prev_fmts=0x0%2C800x280%2C800x280%2C300x600&nras=2&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&psts=ABnkTfCr-Fvq5U58DXYKYuN0Eksw-dFmAofElGoU0PpxSMA2sdR-FWfFW9sPYtmoX6-xvhVVag5RzBm-HJzBhv3QhL9ZmSbk%2CABnkTfCsafCApQUQwfX645wk5qI9x_wLzALHHQdN-2NmPoe6RVmbz_uLRvcLn4RCFZIqWncHptndtZdIhccFRJP_78v82H1G&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=Xs9fN1PNHu&p=https%3A//tsuredurediary.com&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

155b4835cbf4934cb71065dd73ef8f30d38d5962ec9a510412e6e03bcc67bd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 06:56:36 GMT
x-content-type-options: nosniff
age: 209737
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3657
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 06:50:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Jul 2024 06:56:36 GMT

GET
DATA 200
OK truncated
/ Frame 99FC 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2FF7
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJiei-PdiytkBUoyY5aPfVc&google_cver=1&google_push=AaAOQGEB9Dq_WZLMLeNKy8PnNz1qyW-5vcCF86r2-lbrbqZIMVyoOLQZsuWjRyuF3_Wz62-6rJxFkDHhZ3b0xGEdmg-00SZsKHCWi7...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B9BEF7920C67422A9995A618CFDA3C16&google_push=AaAOQGEB9Dq_WZLMLeNKy8PnNz1qyW-5vcCF86r2-lbrbqZIMVyoOLQZsuWjRyuF3_Wz62-6rJxFkDHhZ3b0xGE...

170 B
188 B

44ms
44ms

Image
image/png

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B9BEF7920C67422A9995A618CFDA3C16&google_push=AaAOQGEB9Dq_WZLMLeNKy8PnNz1qyW-5vcCF86r2-lbrbqZIMVyoOLQZsuWjRyuF3_Wz62-6rJxFkDHhZ3b0xGEdmg-00SZsKHCWi7XZZoO5HltNSGlTSzev33u2hodnx31ah69wK1sTdWPDFJd1jy1LBmTP8g

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 20 Jul 2023 17:12:13 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B9BEF7920C67422A9995A618CFDA3C16&google_push=AaAOQGEB9Dq_WZLMLeNKy8PnNz1qyW-5vcCF86r2-lbrbqZIMVyoOLQZsuWjRyuF3_Wz62-6rJxFkDHhZ3b0xGEdmg-00SZsKHCWi7XZZoO5HltNSGlTSzev33u2hodnx31ah69wK1sTdWPDFJd1jy1LBmTP8g
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 19 Jul 2023 17:12:13 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2FF7
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEObqvA6V7EHlJHglF3QUo1k&google_cver=1&google_push=AaAOQGHf_qGqOL52sgZ4gyZk7GyhpAVFmuLq1DC3SwrCuYFxZCnFKcNz0zYLVa_EsSFoDsslcRicbHcj_iSs3Ri5cm...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OWZhMTU3NTItODExZS00ZTFhLTk5NjgtMmY2NDk5YmFjMzM1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=9fa15752-811e-4e1a-9968-2f6499bac335

170 B
243 B

44ms
44ms

Image
image/png

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OWZhMTU3NTItODExZS00ZTFhLTk5NjgtMmY2NDk5YmFjMzM1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=9fa15752-811e-4e1a-9968-2f6499bac335

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&adk=3656351597&adf=1343128910&pi=t.aa~a.477068230~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1689873133&rafmt=1&to=qs&pwprc=4950149482&format=336x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873133348&bpp=1&bdt=1447&idt=1&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfbbe5f0852cd7e7b-2230ce25d3e200c9%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Maie3MooXG0W5Uj-LMNFsdmsIg_3w&gpic=UID%3D00000cddfbd74712%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Ma17UJosvDs5R7im-gWjN_IXtQNiA&prev_fmts=0x0%2C800x280%2C800x280%2C300x600&nras=2&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&psts=ABnkTfCr-Fvq5U58DXYKYuN0Eksw-dFmAofElGoU0PpxSMA2sdR-FWfFW9sPYtmoX6-xvhVVag5RzBm-HJzBhv3QhL9ZmSbk%2CABnkTfCsafCApQUQwfX645wk5qI9x_wLzALHHQdN-2NmPoe6RVmbz_uLRvcLn4RCFZIqWncHptndtZdIhccFRJP_78v82H1G&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=Xs9fN1PNHu&p=https%3A//tsuredurediary.com&dtd=18

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:13 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OWZhMTU3NTItODExZS00ZTFhLTk5NjgtMmY2NDk5YmFjMzM1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=9fa15752-811e-4e1a-9968-2f6499bac335
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 423

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2FF7
Redirect Chain

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEDTPuffbUwLoyUvhFR4XES0&google_cver=1&google_push=AaAOQGF7VOlxF20adW5A-CEY2Ipv13B37Z7-VoXt6jWV3hSd3rfCN-gnu1eqqCEnm6gAOpozk6qyjT-U7fiRwjXRAc8moSG3...
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AaAOQGF7VOlxF20adW5A-CEY2Ipv13B37Z7-VoXt6jWV3hSd3rfCN-gnu1eqqCEnm6gAOpozk6qyjT-U7fiRwjXRAc8moSG3G6MTgQjUQdMf2NoWfG18FjIYRJsSu7Ful8xSp-...

170 B
188 B

42ms
42ms

Image
image/png

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AaAOQGF7VOlxF20adW5A-CEY2Ipv13B37Z7-VoXt6jWV3hSd3rfCN-gnu1eqqCEnm6gAOpozk6qyjT-U7fiRwjXRAc8moSG3G6MTgQjUQdMf2NoWfG18FjIYRJsSu7Ful8xSp-p4Hgzl15AkgeM4JDTeBDpO

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AaAOQGF7VOlxF20adW5A-CEY2Ipv13B37Z7-VoXt6jWV3hSd3rfCN-gnu1eqqCEnm6gAOpozk6qyjT-U7fiRwjXRAc8moSG3G6MTgQjUQdMf2NoWfG18FjIYRJsSu7Ful8xSp-p4Hgzl15AkgeM4JDTeBDpO
Date: Thu, 20 Jul 2023 17:12:13 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2FF7
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEJcZo2IWYnQ9gWf1jdANSWY&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Njk3OTU1YWUtOWVlOC00OTg5LTk3MDQtNDkyNWU3ZDNmOTRm&google_gid=CAESEJcZo2IWYnQ9gWf1jdANSWY&google_cver=1&google_push=AaAOQGGP...

170 B
188 B

44ms
44ms

Image
image/png

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Njk3OTU1YWUtOWVlOC00OTg5LTk3MDQtNDkyNWU3ZDNmOTRm&google_gid=CAESEJcZo2IWYnQ9gWf1jdANSWY&google_cver=1&google_push=AaAOQGGPygbFG01dpH-rb2wrW3qfXUK__YxiaWlMSUAyogTDEOEI4o9QayF-wyT5Epz0ri3eI-RinhbuedYz1MuoUJZS4bczd9cpv1v9h6ALhBXfpedFxM4wjZsdghhlJM9KpG1mfJFJGqkxYbLuZgKkUlS4Bg

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Njk3OTU1YWUtOWVlOC00OTg5LTk3MDQtNDkyNWU3ZDNmOTRm&google_gid=CAESEJcZo2IWYnQ9gWf1jdANSWY&google_cver=1&google_push=AaAOQGGPygbFG01dpH-rb2wrW3qfXUK__YxiaWlMSUAyogTDEOEI4o9QayF-wyT5Epz0ri3eI-RinhbuedYz1MuoUJZS4bczd9cpv1v9h6ALhBXfpedFxM4wjZsdghhlJM9KpG1mfJFJGqkxYbLuZgKkUlS4Bg
date: Thu, 20 Jul 2023 17:12:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2FF7
Redirect Chain

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEKe7rBkcw8PLieMb7PtWAGI&google_cver=1&google_push=AaAOQGF7CnlOxNbZWeuahCHZa98s-9G1N5pzcbI4W5ggUMWkebzGkz0t1uqVwkFY1MYgu6ALkPE16lxj6nPcLcTKE-Ysd4pPzFX-AOpIM...
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AaAOQGF7CnlOxNbZWeuahCHZa98s-9G1N5pzcbI4W5ggUMWkebzGkz0t1uqVwkFY1MYgu6ALkPE16lxj6nPcLcTKE-Ysd4pPzFX-AOpIMY1XI9OxOMIU0feT1vXU-ojtc_KDHl...

170 B
188 B

39ms
38ms

Image
image/png

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AaAOQGF7CnlOxNbZWeuahCHZa98s-9G1N5pzcbI4W5ggUMWkebzGkz0t1uqVwkFY1MYgu6ALkPE16lxj6nPcLcTKE-Ysd4pPzFX-AOpIMY1XI9OxOMIU0feT1vXU-ojtc_KDHlQPqiZRQ4a2eghmNfpx1pfBNw&google_hm=NTVTSENEMDFCQkRITjAwNjVSejM

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-store, no-cache
Date: Thu, 20 Jul 2023 17:12:13 GMT
Server: nginx
P3P: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location: //cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AaAOQGF7CnlOxNbZWeuahCHZa98s-9G1N5pzcbI4W5ggUMWkebzGkz0t1uqVwkFY1MYgu6ALkPE16lxj6nPcLcTKE-Ysd4pPzFX-AOpIMY1XI9OxOMIU0feT1vXU-ojtc_KDHlQPqiZRQ4a2eghmNfpx1pfBNw&google_hm=NTVTSENEMDFCQkRITjAwNjVSejM
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
X-SID: 159f32b0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2FF7
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEJC-SoEWwDBDuQ7AArP0-KE&c_param1=AaAOQGGNYHZAYNnpSj0QRNZFLQyclptPJEfJLYXI-MkzD8lh_vPPkjigaSlFQxF2Lg11Pa45sFkQBtlHphk26atqW989LJ4FUD5GsE10nr8IHLzZJDy...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AaAOQGGNYHZAYNnpSj0QRNZFLQyclptPJEfJLYXI-MkzD8lh_vPPkjigaSlFQxF2Lg11Pa45sFkQBtlHphk26atqW989LJ4FUD5GsE10nr8IHLzZJDykApPd5bFCUHQqPvXyC...

170 B
188 B

44ms
44ms

Image
image/png

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AaAOQGGNYHZAYNnpSj0QRNZFLQyclptPJEfJLYXI-MkzD8lh_vPPkjigaSlFQxF2Lg11Pa45sFkQBtlHphk26atqW989LJ4FUD5GsE10nr8IHLzZJDykApPd5bFCUHQqPvXyC-1G5-0OCO7BS36n0IPoURcpHg

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AaAOQGGNYHZAYNnpSj0QRNZFLQyclptPJEfJLYXI-MkzD8lh_vPPkjigaSlFQxF2Lg11Pa45sFkQBtlHphk26atqW989LJ4FUD5GsE10nr8IHLzZJDykApPd5bFCUHQqPvXyC-1G5-0OCO7BS36n0IPoURcpHg
date: Thu, 20 Jul 2023 17:12:14 GMT
server: nginx/1.23.2
content-length: 0

GET
H2

200

dot.gif
s0.2mdn.net/ Frame 2FF7
Redirect Chain

https://sync.gonet-ads.com/match/google?google_gid=CAESEDOhgANCdU51YL9Ge-E07TY&google_cver=1&google_push=AaAOQGE7jXd86_rbroJ9FFJFMGYYsCrwrpr8Zsv0jTU2ipR3CqJAOxfNYAjfimY1qlW6ZSiGl9d9zBdccMsL6SQfrwtF...
https://sync.gonet-ads.com/match/google?google_gid=CAESEDOhgANCdU51YL9Ge-E07TY&google_cver=1&google_push=AaAOQGE7jXd86_rbroJ9FFJFMGYYsCrwrpr8Zsv0jTU2ipR3CqJAOxfNYAjfimY1qlW6ZSiGl9d9zBdccMsL6SQfrwtF...
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=MzBkNjM1ODVlNDViYThhYw&google_push=AaAOQGE7jXd86_rbroJ9FFJFMGYYsCrwrpr8Zsv0jTU2ipR3CqJAOxfNYAjfimY1qlW6ZSiGl9d9zBdccMsL6SQfrwtFJ1a...
https://sync.gonet-ads.com/match/google
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=MzBkNjM1ODVlNDViYThhYw&google_push=
https://s0.2mdn.net/dot.gif?google_error=5

43 B
490 B

58ms
3ms

Image
image/gif

2404:6800:4004:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_error=5

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Server

2404:6800:4004:801::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 06:51:35 GMT
x-content-type-options: nosniff
age: 37240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Jul 2023 06:51:35 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s0.2mdn.net/dot.gif?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2FF7 0
59 B 42ms
40ms Image
text/html 142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JqlpxFPQgEVGjtyE953K_lBtFzWTftZ7KFSuDSktR_4nJgK_Xw8_ywhNk7wE105uWKV4rvpw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&adk=3656351597&adf=1343128910&pi=t.aa~a.477068230~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1689873133&rafmt=1&to=qs&pwprc=4950149482&format=336x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873133348&bpp=1&bdt=1447&idt=1&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfbbe5f0852cd7e7b-2230ce25d3e200c9%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Maie3MooXG0W5Uj-LMNFsdmsIg_3w&gpic=UID%3D00000cddfbd74712%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Ma17UJosvDs5R7im-gWjN_IXtQNiA&prev_fmts=0x0%2C800x280%2C800x280%2C300x600&nras=2&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&psts=ABnkTfCr-Fvq5U58DXYKYuN0Eksw-dFmAofElGoU0PpxSMA2sdR-FWfFW9sPYtmoX6-xvhVVag5RzBm-HJzBhv3QhL9ZmSbk%2CABnkTfCsafCApQUQwfX645wk5qI9x_wLzALHHQdN-2NmPoe6RVmbz_uLRvcLn4RCFZIqWncHptndtZdIhccFRJP_78v82H1G&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=Xs9fN1PNHu&p=https%3A//tsuredurediary.com&dtd=18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 99FC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a22e843d038d46758b0a313dde6e751ae03b11e431e38a80bc976c680bb7b23

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 font
fonts.gstatic.com/l/ Frame 99FC 20 KB
20 KB 3ms
2ms Font
text/html 2404:6800:4004:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxpyMdfkZGuG91j0LBpUNTWYW0E9gj_Npibjw96Cv-7XHvmEJEPK7D3JXd_b6VvdthF1rckfTX8KWDN--aIon8alDPAk3thzolrGshlqoZRvpm7d4p4j_-8zm_5WBElGV4B_wLZdgtLGWwoM-BZDCnVs5rk4-dp4Wbfg&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%81%AB%E3%81%A7%E3%82%AF%E3%82%A6%E3%83%93%E3%82%B8%E3%81%AE%E6%8F%B4%E3%82%92%E3%83%BC%E6%8F%90%E3%82%A4%E3%83%88%E6%A1%88%E7%89%B9%E3%83%86%E5%8C%96%E6%94%AF%E9%81%A9%E3%81%AA%E3%83%8D%E3%83%89%E3%82%B9%E3%82%B5%E3%81%94%E6%9C%80%E3%80%81%E3%83%A9%E7%92%B0%E5%A2%83

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b96244288649c95617e1d3cf81421017e6895d151fdee92e5dde16496d8606ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 01:53:36 GMT
x-content-type-options: nosniff
age: 55117
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20416
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 20 Jul 2023 01:53:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 99FC 0
19 B 54ms
54ms Image
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CB8hV7Wq5ZL-zGKK029gP-NqM4AiCsObtcMra9tyiDNrZHhABINWU9TxgifPFhPQToAGgk4uwA8gBCakC4LPATUnFPj6oAwHIA8sEqgSVAk_QZ8KmwapaAaPuW34KHx1F0nSipcGWlmjG24G-uw8DPbpC3dDFX3byzOoApxTt6iUBOZ6vf8BIdtsTLGXqo3zsUarWJWPtv7Sd_ecsqeb10m60arcZvT7pnX97SyLNDh09qjpnyGlIE_q8rxE1TEyTpL62Wc2LHcQlEapsjT2jxXrSvDyeM5_ibRHDLmwZPGT2U_6zp5_DcRfPx1j6xoAeszY5c7YgAn2WZ-ToCeuMVg_bPmrR20rcMt7yMJmwlXS7RilKp6vx77IYR9iCeZWVmfn8F5JR7xJ8rmo6kzJcBOfgL_HrO23goaP51mjhTVQXoQ3SZmF65zFxhFurk2ZL3NpQsGlT4wLeSRg-GGXVCR6RGPjABK71i9G6A6AGLoAHyOz0T6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEL27AdIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsBuBPkA9gTA4gUDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zNjMxNDI3ODU2MjEyMDU3GAA&sigh=oaXTA0Ob7Y8&uach_m=[UACH]&cid=CAQSPABpAlJWODsr2nfd9luMU0q1JgbfJjhPqJUJB6FW9pVTMyMlRAFXvqzP714TCbYYmF9H349N42upYH16tBgB&template_id=484&cbvp=2&vis=1

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&adk=3656351597&adf=1343128910&pi=t.aa~a.477068230~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1689873133&rafmt=1&to=qs&pwprc=4950149482&format=336x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873133348&bpp=1&bdt=1447&idt=1&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfbbe5f0852cd7e7b-2230ce25d3e200c9%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Maie3MooXG0W5Uj-LMNFsdmsIg_3w&gpic=UID%3D00000cddfbd74712%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Ma17UJosvDs5R7im-gWjN_IXtQNiA&prev_fmts=0x0%2C800x280%2C800x280%2C300x600&nras=2&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&psts=ABnkTfCr-Fvq5U58DXYKYuN0Eksw-dFmAofElGoU0PpxSMA2sdR-FWfFW9sPYtmoX6-xvhVVag5RzBm-HJzBhv3QhL9ZmSbk%2CABnkTfCsafCApQUQwfX645wk5qI9x_wLzALHHQdN-2NmPoe6RVmbz_uLRvcLn4RCFZIqWncHptndtZdIhccFRJP_78v82H1G&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=Xs9fN1PNHu&p=https%3A//tsuredurediary.com&dtd=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 20 Jul 2023 17:12:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 33CA 37 KB
14 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3631427856212057&output=html&h=280&adk=3656351597&adf=1343128910&pi=t.aa~a.477068230~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1689873133&rafmt=1&to=qs&pwprc=4950149482&format=336x280&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689873133348&bpp=1&bdt=1447&idt=1&shv=r20230718&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfbbe5f0852cd7e7b-2230ce25d3e200c9%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Maie3MooXG0W5Uj-LMNFsdmsIg_3w&gpic=UID%3D00000cddfbd74712%3AT%3D1689873132%3ART%3D1689873132%3AS%3DALNI_Ma17UJosvDs5R7im-gWjN_IXtQNiA&prev_fmts=0x0%2C800x280%2C800x280%2C300x600&nras=2&correlator=8005487011791&frm=20&pv=1&ga_vid=2071532570.1689873132&ga_sid=1689873133&ga_hid=371668149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076089%2C31076208%2C44788442&oid=2&psts=ABnkTfCr-Fvq5U58DXYKYuN0Eksw-dFmAofElGoU0PpxSMA2sdR-FWfFW9sPYtmoX6-xvhVVag5RzBm-HJzBhv3QhL9ZmSbk%2CABnkTfCsafCApQUQwfX645wk5qI9x_wLzALHHQdN-2NmPoe6RVmbz_uLRvcLn4RCFZIqWncHptndtZdIhccFRJP_78v82H1G&pvsid=2586081069535265&tmod=972458964&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=Xs9fN1PNHu&p=https%3A//tsuredurediary.com&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 09:17:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jul 2024 09:17:24 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0011 0
19 B 48ms
48ms Image
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTSVR7Gq5ZN7uI_j-2gTyi7m4D43LuZ9wxZjxoaERwI23ARABINWU9TxgifPFhPQToAHKuqDfAsgBAakCcX8vxPyyPj6oAwHIA8MEqgSiAk_QMCYOOKWdvzvUDlJE9M8QN_j72rvCKXr-rT-IvIzSrB1_I1WxrxA_x35Di-A21vcJskST9iBMo-BZFbTXcY26kS2txw7XStcQVFdG_e5lOwJOZzKxFuS-Bea_ge9NulSp1nYrBs8st6mfBMRohoJVSAXJp0kbk6mboJZbUjXM7c63SC578EYLV5Yc6XbNTbxtjquJ66DqwpIHxo8dVZJXHJC6yFdgBrJjPDuOF0n7O5pS-gSzU9vh7ty_3jrGriGm0FGJPMdEVvCuy8tru1nU3RM5tmG3fwfdMTHRVRGhClt2gW8XKUhKVMuR7me5t7avFcP04AU864NbDeWrcCkpmZq0JE76Upt97I9WLvbkh9LLlYvnvv0YADXbDdap42I2wATBvLOaswSSBQQIBBgBkgUECAUYBKAGZoAHnsXfoAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC67wvSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAdgTDYgUAtAVAYAXAbIXHAoaCAASFHB1Yi0zNjMxNDI3ODU2MjEyMDU3GAA&sigh=-ylmLNmKvVM&uach_m=[UACH]&cid=CAQSGwBpAlJW8hDD457gCU5gpuzA_8lEhw6kElf75xgB&cbvp=2&vis=1

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 20 Jul 2023 17:12:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 367E 37 KB
14 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 09:17:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jul 2024 09:17:24 GMT

GET
H/1.1

204
No Content

sync
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm
https://s.cpx.to/sync?dsp_uid=CAESECfNb70x8Hcr7tP-xh6KyqI&dsp=dbm&google_cver=1

0
443 B

442ms
239ms

Image
text/plain

52.211.251.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp_uid=CAESECfNb70x8Hcr7tP-xh6KyqI&dsp=dbm&google_cver=1
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: HTTP/1.1
Server: 52.211.251.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-251-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

p3p: CP="NOI DEV ADM"
Date: Thu, 20 Jul 2023 17:12:14 GMT
Connection: keep-alive
expires: Thu, 20 Jul 2023 17:12:14 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.cpx.to/sync?dsp_uid=CAESECfNb70x8Hcr7tP-xh6KyqI&dsp=dbm&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 284
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

sync
s.cpx.to/
Redirect Chain

https://u.openx.net/w/1.0/cm?id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D
https://u.openx.net/w/1.0/cm?cc=1&id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D
https://s.cpx.to/sync?dsp=OPENX&dsp_uid=06b6cd20-867c-49d2-b212-859d1bc04ccd

0
454 B

689ms
248ms

Image
text/plain

52.211.251.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp=OPENX&dsp_uid=06b6cd20-867c-49d2-b212-859d1bc04ccd
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: HTTP/1.1
Server: 52.211.251.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-251-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

p3p: CP="NOI DEV ADM"
Date: Thu, 20 Jul 2023 17:12:14 GMT
Connection: keep-alive
expires: Thu, 20 Jul 2023 17:12:14 GMT

Redirect headers

date: Thu, 20 Jul 2023 17:12:14 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://s.cpx.to/sync?dsp=OPENX&dsp_uid=06b6cd20-867c-49d2-b212-859d1bc04ccd
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

fire.js
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D12770%26url%3Dhttps%253A%252F%252Ftsuredurediary.com%252Farchives%252Fwindows-file-coll...
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=6041145649349111353&pid=12770&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&hn_ver=57&fid=2be12d53-a2c2-4...

27 B
27 B

655ms
240ms

Image
text/plain

52.211.251.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=6041145649349111353&pid=12770&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&hn_ver=57&fid=2be12d53-a2c2-41bb-826a-3416fe93dfec&dsp=pub_common&dsp_uid=426f4570-4ea7-45c7-8a1c-41e36db9c37d&dsp=TTD&dsp_uid=9fa15752-811e-4e1a-9968-2f6499bac335
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: HTTP/1.1
Server: 52.211.251.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-251-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

expires: Thu, 20 Jul 2023 17:12:14 GMT
Date: Thu, 20 Jul 2023 17:12:14 GMT
Connection: keep-alive
Content-Length: 27
p3p: CP="NOI DEV ADM"

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:14 GMT
an-x-request-uuid: 446f551a-3690-4c0f-a80a-eee21c990937
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=6041145649349111353&pid=12770&url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&hn_ver=57&fid=2be12d53-a2c2-41bb-826a-3416fe93dfec&dsp=pub_common&dsp_uid=426f4570-4ea7-45c7-8a1c-41e36db9c37d&dsp=TTD&dsp_uid=9fa15752-811e-4e1a-9968-2f6499bac335
x-proxy-origin: 217.138.252.196; 217.138.252.196; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3

0
457 B

240ms
239ms

Image
text/plain

52.211.251.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: HTTP/1.1
Server: 52.211.251.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-251-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

p3p: CP="NOI DEV ADM"
Date: Thu, 20 Jul 2023 17:12:14 GMT
Connection: keep-alive
expires: Thu, 20 Jul 2023 17:12:14 GMT

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3
date: Thu, 20 Jul 2023 17:12:12 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK app3 Show response
dalc.valuecommerce.com/ 2 KB
2 KB 7ms
7ms Script
application/javascript 210.140.225.92
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL

https://dalc.valuecommerce.com/app3?p=886427584&_s=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&_b=ZLlq7AAG_tLZivzEwKhvIsCob2RYow&vf=iVBORw0KGgoAAAANSUhEUgAAAAMAAAADCAYAAABWKLW%2FAAAAAXNSR0IArs4c6QAAADBJREFUGFdjZBRj%2BJ%2B8OIuhw302A2POu5v%2F5fheMzS02TAwPuZq%2Bi8bfIxh%2F%2BIdDAAZ%2BA89HivnHQAAAABJRU5ErkJggg%3D%3D

Requested by

Host: aml.valuecommerce.com
URL: https://aml.valuecommerce.com/vcdal.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.140.225.92 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),

Reverse DNS

210-140-225-92.newton.jp-east.compute.idcfcloud.net

Software

nginx /

Resource Hash

a7a878b3febac3277695344147e332427d2c74ce7cedce43d0de77773e34e816

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:14 GMT
x-content-type-options: nosniff
server: nginx
front-end-https: on
p3p: CP="ALL DSP COR CURa OUR BUS"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8;
cache-control: private, max-age=0, no-cache
content-length: 1945

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame F706
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac

281 B
554 B

38ms
2ms

Document
text/html

23.60.110.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.60.110.42 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-60-110-42.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 20 Jul 2023 17:12:14 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 20 Jul 2023 17:12:14 GMT
location: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
server: AkamaiGHost

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D7AC 42 B
174 B 47ms
45ms Fetch
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu99j0X5Cpy2g5QYW8fdd6xAqmmgRv7xCLC1tsTHRBcjAjzaqgNxhtOjkaWPt2DSGP888LO7keb5V4VhknRkU1KC38YbMd4RRul1OQB2U_krzYDosvU2ba1fFYKhYeh8iTA6drXBjfyAg&sai=AMfl-YSax_ifrt6ZOSwJQoNjL2tPiRk8aae1ikBPkVp7avaubvXe5m7mrVvXvrv3BB9wYSd6J8tbwVjLRzrK&sig=Cg0ArKJSzGGRe-k_P5YhEAE&cid=CAQSGwBpAlJW-l4MsD8PYfy4hMMpr8Kkpvwojv8VnhgB&id=lidar2&mcvt=1000&p=0,0,280,800&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2441125790&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689873132596&rpt=587&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F706 34 KB
10 KB 4ms
3ms Script
text/html 23.60.110.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.60.110.42 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-60-110-42.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 24429211bd14ed5f592ff2bdcac2c33cea10bcbd21ffeb47c38d25eccdfd4f72

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 17:12:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Jul 2023 20:29:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=11782
Connection: keep-alive
Content-Length: 10114
Expires: Thu, 20 Jul 2023 20:28:36 GMT

GET
H2

200

setuid
u.4dex.io/ Frame F706
Redirect Chain

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=onfocus&gdpr_consent=undefined&gdpr=0&khaos=LKBETYXU-I-KVDD
https://u.4dex.io/setuid?bidder=rubicon&uid=LKBETYXU-I-KVDD&gdpr=0&gdpr_consent=undefined

0
1 KB

6ms
5ms

Image
text/plain

34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=rubicon&uid=LKBETYXU-I-KVDD&gdpr=0&gdpr_consent=undefined
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol: H2
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:14 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://u.4dex.io/setuid?bidder=rubicon&uid=LKBETYXU-I-KVDD&gdpr=0&gdpr_consent=undefined
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f60a7260b0ebb7a40a81234af4a9e826
Expires: 0

GET
H3 200 z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 37D5 37 KB
14 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 09:17:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jul 2024 09:17:24 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C665 42 B
64 B 41ms
41ms Fetch
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssITXf5qf1pXQdM-wQ_mz_sw8h6moo1zsWuoLSb_O1HO3q_bf1Qcqq0c1sROT-xW_0T84oZ7eLx6M-AyYk-fBez2vIPrIh7PyYcwZ3h38yHUw58MCvwpFn9CAOaA3zT6pIx8QL0l_xwVw&sai=AMfl-YQfNut3tMbeXdHbn2GifyWULcnxA-7QHU7sZEkp-brn6am4hKvA3hXkcZU0yB0z0Nhi12LE34C8DR9i&sig=Cg0ArKJSzODuSCe-Un0IEAE&cid=CAQSGwBpAlJWUYlxc2FJlk23L5iGNQVyuUyWJ-a__hgB&id=lidar2&mcvt=1029&p=0,0,280,800&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2441125790&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689873132564&rpt=707&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F706
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjA0MmQ3NGM5YTk1OTQ2MDM3NTBmYzcwNDFlZGVkODRiYmNiNTA5Yg&gdpr=0

170 B
188 B

42ms
42ms

Image
image/png

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjA0MmQ3NGM5YTk1OTQ2MDM3NTBmYzcwNDFlZGVkODRiYmNiNTA5Yg&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjA0MmQ3NGM5YTk1OTQ2MDM3NTBmYzcwNDFlZGVkODRiYmNiNTA5Yg&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 750589468d5634b7e99830971becaf64
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F706
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9fa15752-811e-4e1a-9968-2f6499bac335&gdpr=0&gdpr_consent=&expires=30

42 B
702 B

674ms
110ms

Image
image/gif

8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9fa15752-811e-4e1a-9968-2f6499bac335&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol: HTTP/1.1
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 5daa34953a867809056448757b76591b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:14 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9fa15752-811e-4e1a-9968-2f6499bac335&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame F706
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t

43 B
855 B

319ms
318ms

Image
image/gif

67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac

Protocol

HTTP/1.1

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 17:12:15 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: P7ZSZ05D7PWB1W34SPZ7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 17:12:15 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1M7R9DK0W7BCTERKW7X7
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F706
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtCRVRZWFUtSS1LVkRE&gdpr=0
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEKiI2oZJooWRHGmEAiWRo9o&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtCRVRZWFUtSS1LVkRE&google_push=&gdpr=0

170 B
188 B

42ms
41ms

Image
image/png

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtCRVRZWFUtSS1LVkRE&google_push=&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtCRVRZWFUtSS1LVkRE&google_push=&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5daa34953a867809056448757b76591b
Expires: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame F706
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKBETYXU-I-KVDD&gdpr=0

0
514 B

217ms
183ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKBETYXU-I-KVDD&gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:15 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 9F1D91ED0073479B820C30819EFB71F1 Ref B: TYAEDGE0906 Ref C: 2023-07-20T17:12:15Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYA7j/x0ezPY/NPyOEBkg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKBETYXU-I-KVDD&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 750589468d5634b7e99830971becaf64
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F706
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELyKcTg3Ah9MwW3gktEkOFA&google_cver=1

42 B
702 B

632ms
104ms

Image
image/gif

8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELyKcTg3Ah9MwW3gktEkOFA&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol: HTTP/1.1
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 750589468d5634b7e99830971becaf64
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELyKcTg3Ah9MwW3gktEkOFA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F706
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
https://pr-bh.ybp.yahoo.com/sync/rubicon/e4rWe_dOEShaqlRL0ImCmg?csrc=&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tQaaoBlE2oLghTOolAXDr7HAoU_IruUthb66JA--~A

42 B
702 B

112ms
111ms

Image
image/gif

8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tQaaoBlE2oLghTOolAXDr7HAoU_IruUthb66JA--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol: HTTP/1.1
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 750589468d5634b7e99830971becaf64
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 20 Jul 2023 17:12:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tQaaoBlE2oLghTOolAXDr7HAoU_IruUthb66JA--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F706
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=jPQSPzArRSS2F5Au3ZBEfA&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jPQSPzArRSS2F5Au3ZBEfA&gdpr=0

43 B
720 B

176ms
175ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jPQSPzArRSS2F5Au3ZBEfA&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 17:12:15 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 50J2V1D3JN029JMC3EJD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jPQSPzArRSS2F5Au3ZBEfA&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 750589468d5634b7e99830971becaf64
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

OPTIONS
H/1.1 204
No Content genericpost
ww1097.smartadserver.com/ Frame 0
0 846ms
234ms Preflight 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/genericpost
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,save-data
Access-Control-Request-Method: POST
Origin: https://tsuredurediary.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,save-data
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://tsuredurediary.com
date: Thu, 20 Jul 2023 17:12:14 GMT
vary: Origin

OPTIONS
H/1.1 204
No Content genericpost
ww1097.smartadserver.com/ Frame 0
0 927ms
265ms Preflight 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/genericpost
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,save-data
Access-Control-Request-Method: POST
Origin: https://tsuredurediary.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,save-data
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://tsuredurediary.com
date: Thu, 20 Jul 2023 17:12:15 GMT
vary: Origin

POST
H/1.1 200
OK genericpost Show response
ww1097.smartadserver.com/ 563 B
1 KB 762ms
290ms XHR
application/javascript 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/genericpost
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 4faa502bbf8f8f296507d12f1ab2099091cab159538dfb9fed3eaa30742c6cf5

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
Save-Data: off
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
content-type: application/javascript

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://tsuredurediary.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
281 B 281ms
281ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=102422&f=6&fi=0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102422&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:14 GMT
server: nginx
x-iplb-request-id: D98AFCC4:B8F6_36264064:01BB_64B96AEE_C85E852:2F089
x-iplb-instance: 38439
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

POST
H/1.1 200
OK genericpost Show response
ww1097.smartadserver.com/ 32 KB
10 KB 863ms
428ms XHR
application/javascript 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/genericpost
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 4df742710df63141021e23ee87257f20ba20d5c32e0424bff263dbcf4b02039b

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
accept-language: jp-JP,jp;q=0.9
Save-Data: off
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
content-type: application/javascript

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://tsuredurediary.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
x-smrt-i: 3356698

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
281 B 268ms
268ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=102422&f=20&fi=0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102422&formatId=20
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:14 GMT
server: nginx
x-iplb-request-id: D98AFCC4:B8F8_36264064:01BB_64B96AEE_C835BAE:2F08E
x-iplb-instance: 38439
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0011 42 B
64 B 40ms
39ms Fetch
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcqoYjwiNWUxiiEjtaCqrO2-8ye1v7dSLJn9CjXwHW6zAozYSE7K9-AKpi5NSlExPcgFo0RBTvfJPYKO4_HmQjWh1H0kuIxI4yK_txpzyCSAjy0acUq0eKOa0v2sEgtnV9Tt_txZTX7g&sai=AMfl-YQdJOq7WeNGoFwwIzMwZ-KYCttFxyM0G82Of-mhFuqmKzx9R511qWq9CrJCiJmB1MVPxh44OgoGiQ_g&sig=Cg0ArKJSzMfNBSveihseEAE&cid=CAQSGwBpAlJW8hDD457gCU5gpuzA_8lEhw6kElf75xgB&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=249,937,1001,1001,1001&tos=249,688,64,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689873133471&rpt=507&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

setuid
u.4dex.io/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58675/occ?gdpr=0&gdpr_consent=
https://u.4dex.io/setuid?bidder=yahoo&uid=y-Ww01GGRE2uFUYqN0cDFBYSmwMhIDKhv_lK7plws-~A&gdpr=0

0
15 B

7ms
6ms

Image
text/plain

34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=yahoo&uid=y-Ww01GGRE2uFUYqN0cDFBYSmwMhIDKhv_lK7plws-~A&gdpr=0
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H3
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:15 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

location: https:///u.4dex.io/setuid?bidder=yahoo&uid=y-Ww01GGRE2uFUYqN0cDFBYSmwMhIDKhv_lK7plws-~A&gdpr=0
date: Thu, 20 Jul 2023 17:12:15 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 8573 0
128 B 10ms
3ms Script
text/plain 103.231.99.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.81 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:14 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 30ms
8ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:12:16 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 17ms
6ms XHR
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-17893"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:12:16 GMT

GET
H3

200

setuid
u.4dex.io/
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D&s=194558&C=1
https://u.4dex.io/setuid?bidder=indexexchange&uid=ZLlq8Cem3U2ac0ecaHH2TQAAFRcAAAAB

0
15 B

5ms
5ms

Image
text/plain

34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=indexexchange&uid=ZLlq8Cem3U2ac0ecaHH2TQAAFRcAAAAB
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H3
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 17:12:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://u.4dex.io/setuid?bidder=indexexchange&uid=ZLlq8Cem3U2ac0ecaHH2TQAAFRcAAAAB
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2 200 lib_footer_slidein.js Show response
ads.themoneytizer.com/ 25 KB
4 KB 2ms
1ms Script
application/javascript 2a02:6ea0:d300::13
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/lib_footer_slidein.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102422&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::13 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ca039c9541f1a5f8eb157df578e50664f9e775b18c6a3ff4e9fca87701e93557

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-77-pop: tokyoJP
date: Thu, 20 Jul 2023 17:12:16 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 47387
x-accel-date: 1689825749
x-77-nzt: AVm7oB0C5tn/G7kAAA
pragma: public
x-accel-expires: @1689912149
last-modified: Fri, 02 Jun 2023 13:02:33 GMT
server: CDN77-Turbo
x-77-nzt-ray: f5cf380c4d82cd5cf06ab9644e99200b
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Fri, 21 Jul 2023 04:02:29 GMT

GET
H2 200 lib_watermark.js Show response
ads.themoneytizer.com/ 6 KB
2 KB 2ms
2ms Script
application/javascript 2a02:6ea0:d300::13
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/lib_watermark.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102422&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::13 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a72baa0c1d82bdc8930d5e2698d3ef2173094bd40ef2d157e6b3e49fab07ba44

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-77-pop: tokyoJP
date: Thu, 20 Jul 2023 17:12:16 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 47387
x-accel-date: 1689825749
x-77-nzt: AVm7oB23/+3/G7kAAA
pragma: public
x-accel-expires: @1689912149
last-modified: Mon, 24 Apr 2023 13:12:59 GMT
server: CDN77-Turbo
x-77-nzt-ray: f5cf380c4d82cd5cf06ab96416372a0b
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Fri, 21 Jul 2023 04:02:29 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/millennialnexageinapp768429046591/ Frame 5E2D 330 KB
112 KB 76ms
4ms Script
application/x-javascript 23.44.53.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/millennialnexageinapp768429046591/moatad.js
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-53-234.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: dbb541c2a79ce14dc6eda6f26c5969b1eaac77451ee13c96132d695373b2bdab

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 16:41:55 GMT
server: AmazonS3
x-amz-request-id: K7R753QNFK9FB3FN
etag: "2e51c687e56df1b4ffa33e158d7e8600"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=41197
accept-ranges: bytes
content-length: 114272
x-amz-id-2: Vmoe9NWEhLPElGghT8Xj/tkMpz2v0p7dH/3+JacP15LI5AdrYWY/sKwWyOVcdCXxnbisFgjGPaYomoXocuSR5A==

GET
H2 200 adEvent.do
prod-m-node-2113.ssp.yahoo.com/admax/ Frame 5E2D 43 B
171 B 607ms
68ms Image
image/gif 18.136.165.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-m-node-2113.ssp.yahoo.com/admax/adEvent.do?tidi=770957513&dcn=8a9699c60180804b9939526b2810048c&posi=1668955&grp=%3F%3F%3F&nl=1689873133596&rts=1689873133474&pix=1&et=1&a=4acd72f2-2bc5-4d0a-ab3d-e163dfe3b048&m=aXAtMTAtMjItMTMwLTEyNg..&p=MC4wMDAwMQ&b=MTM1MTM7Q3JpdGVvS0s7eG10cmFkaW5nLmNvbTs7OzsxMGI2MWZmMjQ0MzM0ZDE5YWI5YTUxYmViMzllYTRhZjsxMTM3ODk7MTY4OTg3MDY1Mjs7MC4wMDAwMDc7OzA7OzkzNDk1LTk3MHg5MC1IVE1MOzhlMzViNzgwMmUwMmEyODBiNDE2N2I4NWNkNTVmYWQwOTUzZjFjOTU7MTsxOw..&uid=y-spR6eBJE2rNZEroFVLPtMVdQNpsTd9BpEX.cmDcLpZ37%7EA&xdi=Pz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.&xoi=MHxKUE4.&hb=true&type=6&af=4&dety=2
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.136.165.102 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-136-165-102.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:16 GMT
last-modified: Thu, 06 Jul 2023 13:00:34 GMT
server: nginx
accept-ranges: bytes
content-length: 43
content-type: image/gif

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame 5E2D 2 KB
3 KB 384ms
81ms Script
application/javascript 13.228.126.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58301,57926,55936,47,55944,55859,58294&referrer=tsuredurediary.com&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.228.126.19 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

1e91ddc4bb2d05fbd302d2191b5786e37e709282ef25c8050469b771f6a1082d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
server: ATS/9.1.10.64
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 2277
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 talon-1.0.40.js Show response
cdn.js7k.com/ix/ Frame 5E2D 69 KB
17 KB 884ms
143ms Script
application/javascript 2406:2000:a4:807::
YAHOO-SG internet...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.40.js

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2000:a4:807:: , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),

Reverse DNS

Software

ATS /

Resource Hash

b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 15:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: A59DZPKWPMKRJZA2
age: 7550
x-amz-server-side-encryption: AES256
content-length: 16540
x-amz-id-2: aZ05r03epV/G8lzkxmiCYkZM33TpevXOs6oOJR4fnE30ar5CxLlKriC/AJlwQZIv+IYZVeGDcBg=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Apr 2022 16:08:42 GMT
server: ATS
etag: "adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H/1.1 200
OK close-retina.png
ced-ns.sascdn.com/diff/templates/images/ 2 KB
2 KB 173ms
2ms Image
image/png 2600:140b:a00:8::b81a:2b4f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ced-ns.sascdn.com/diff/templates/images/close-retina.png
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:a00:8::b81a:2b4f Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Unused62: 8096267
Date: Thu, 20 Jul 2023 17:12:16 GMT
Last-Modified: Wed, 20 Oct 2021 08:07:22 GMT
Server: AkamaiNetStorage
ETag: "dc45791e534223d16a4d14fa1a1a5f4e:1634717611.309945"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1802

GET
H2 200 n.js Show response
geo.moatads.com/ 57 B
230 B 576ms
75ms Script
text/html 13.250.85.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=492976120&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tnH%2FUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-SScRKbOpzNBk3A%3D%3D&sc=1&os=1-vw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=MILLENNIALNEXAGEINAPP1&hp=1&wf=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1689873136320&de=560425372846&m=0&ar=c013c52fed3-clean&iw=46fb322&q=2&cb=0&ym=0&cu=1689873136320&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=13513%3ACriteoKK%3Anull%3A93495-970x90-HTML&zGSRC=1&gu=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&id=1&ii=4&bo=378107&bd=1668955&zMoatOrigSlicer1=378107&zMoatOrigSlicer2=1668955&zMoatDomain=tsuredurediary.com&zMoatSubdomain=tsuredurediary.com&gw=millennialnexageinapp768429046591&fd=1&it=500&ti=0&ih=2&pe=1%3A550%3A622%3A0%3A880&jk=-1&jm=-1&fs=204627&na=414639278&cs=0&ord=1689873136320&jv=958555058&callback=DOMlessLLDcallback_18072576
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/millennialnexageinapp768429046591/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.250.85.75 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-85-75.ap-southeast-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: aa78443859498f8c4cb1df12bd4163a26806daf1e3e145bf0f04bb61fc158040

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:16 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "1b73ad54de103d7c2e609e8c333514c8ef8f891b"
content-length: 57
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 158ms
22ms Image
image/gif 23.44.53.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=MILLENNIALNEXAGEINAPP1&hp=1&wf=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1689873136320&de=560425372846&m=0&ar=c013c52fed3-clean&iw=46fb322&q=3&cb=0&ym=0&cu=1689873136320&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=13513%3ACriteoKK%3Anull%3A93495-970x90-HTML&zGSRC=1&gu=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&id=1&ii=4&bo=378107&bd=1668955&zMoatOrigSlicer1=378107&zMoatOrigSlicer2=1668955&zMoatDomain=tsuredurediary.com&zMoatSubdomain=tsuredurediary.com&gw=millennialnexageinapp768429046591&fd=1&it=500&ti=0&ih=2&pe=1%3A550%3A622%3A0%3A880&jk=-1&jm=-1&fs=204627&na=1347766233&cs=0
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-53-234.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 17:12:16 GMT

GET
H2 200 afr.php Show response
ads.as.criteo.com/delivery/r/ Frame 31CE 47 KB
18 KB 27ms
8ms Document
text/html 2406:2600:4::22
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.as.criteo.com/delivery/r/afr.php?z=3FP_sppoDV1NPx8Oe3xTOgGglJmNZIChq0kbAsinve8&u=%7C2YqaqKNOByh%2FzIMi6mkCMxppnTsPd9rPsXlnSrw9qRs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4ITGua8zXVFPAvqyeWDAeT4nPFYwrkA-eMofrmuuMlhwTnoJmGkYrrnd_KUwOFcD03miaaTet8ZXVPGe56pDihowbQnA7QtWj6JGFNQTyT3NDneWP13iGB_zMVkekTf9DqBuZDiJ8oBMKJB9vzT4cDtJU85xwOPEqJy1YCbQgYe2QpC6j47BXGbzgVMynkCE3rVGJow2zeJ5Sw607NCq2WlAoFSyvXncxfIx2SDx15IBHj18rk6cBVCFKqiEZpg4hl7U4D8VWgsNYMiG_6dwmAAcT_SU3ylPFHNxQlDpnURtsl9gG-Ont4zOCsstE-U2Z-09yOlJGt8iiEc_OGcrxuxObY15b6t9_EE9FcokqJeLxCcmNDxulIO0nrS7cAEVHa_0E9UmwIGkgdAMhs8LNwC6ihSswqqrbvbhXlfpHK9Pjs5bq6Zmfm7EIAvRjGwQi-G-AhhlI0kxqupO9VZdvxLgCrJY3B6-AFY6eSi27qwccwTBJpshhSkUEdALb92jf8k3uWAg6TethCQF4lCD2t9C_lWSsS1IIuwf0iYm56rtTYzf42AjVO8Uwoj9bpp71X6pMdcElSqMNkftb8v87jB

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::22 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

6765bde004efc5b2c5a2a281ebe9974c40e3df9b6c109d2a2fe80797d5c586ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 17:12:16 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=1uQB1SaoBdZD2LvFb99wgZtBpKofCuW8tw_6JUasZvCwn9YNYiipViOBUIMaLJcAqkGOAqWYqf2u6DtpZXey6xmaNk8vUADGQjkemDNZIFs3nlRoNMTTB_xRaDSyFN_RS_5ER70QcXve6IhFdayYoGy12XfEed_2Y8FUo86ptuL2XrQvcrFETlCBuXRvaj1GY3XBPiNcoMtpe5ZsMrEv9em1qCTPbOtEmunl39-Q_6icFNsTADcU3FMIyU4c1P2DFYLiCMH_biryRbOK"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 3524979
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK sas-banner-1.3.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ 35 KB
12 KB 2ms
2ms Script
application/x-javascript 2600:140b:a00:8::b81a:2b4f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.3.js
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:a00:8::b81a:2b4f Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a2f28e53424beade854325302d7671b42ec31220bab6ef021c95dc6a8d8235c8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 17:12:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Jun 2023 14:06:45 GMT
Server: AkamaiNetStorage
ETag: "d1c72ab0d8a4b2f67c2cf215141ac265:1688048038.940187"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11616

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 8573 47 B
320 B 2ms
1ms Script
text/html 103.231.99.243
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=61158400&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 20 Jul 2023 17:12:16 GMT
content-length: 47
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame 9F77 531 B
881 B 100ms
2ms Document
text/html 2600:140b:a00:8::b81a:2b47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%229b5cea4f-0215-4c87-8a19-1cbd676dd8a9%22%2c%22adomain%22%3a%22autodesk.com%22%2c%22page%22%3a%221698012%22%2c%22format%22%3a%2226706%22%2c%22crid%22%3a%22501682956%22%2c%22dsp%22%3a%2276%22%2c%22buyer%22%3a%224744%22%2c%22cid%22%3a%2220315471271%22%2c%22adid%22%3a%22501682956%22%2c%22hash%22%3a%22555810315835713401%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:a00:8::b81a:2b47 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 531
Content-Type: text/html
Date: Thu, 20 Jul 2023 17:12:16 GMT
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires: Fri, 21 Jul 2023 17:12:16 GMT
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 87D6 244 B
137 B 43ms
43ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DELH6yK4EGIymnO8BMAE&v=APEucNWlu3yTAYLR3ik_BJ-YbsogvJnRTQwWHTxygumplDZoc8WMu7GaKv4TCxsXOHSdNUwyH_xMUuKPo_4_tgYwkiMRHZRkrrlTVdq2Cq3zufJMjiVogvI

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e7ca7bfb8999f27ef2cedc1e55f767bcb003c4ee878a6b343879c952f127530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 117
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 17:12:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4986 85 KB
29 KB 90ms
90ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29781
x-xss-protection: 0
server: cafe
etag: 4315658989838864570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:12:16 GMT

GET
H/1.1 200
OK aip
itx5.smartadserver.com/h/ Frame 4986 43 B
270 B 752ms
252ms Image
image/gif 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itx5.smartadserver.com/h/aip?uii=5727761062401612614&tmstp=9597774660&ckid=161175378474174537&systgt=%24qc%3d1311284246%3b%24ql%3dHigh%3b%24qpc%3d162-0843%3b%24qt%3d36_1721_129814t%3b%24dma%3d0%3b%24b%3d16999%3b%24o%3d11100%3b%24sw%3d1600%3b%24sh%3d1200%3b%24wpc%3d5506%3b%24wpc%3d1273%3b%24wpc%3d8630%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d7823%3b%24wpc%3d5753%3b%24wpc%3d5917%3b%24wpc%3d5890%3b%24wpc%3d5892%3b%24wpc%3d5893%3b%24wpc%3d5839%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5757%3b%24wpc%3d5759%3b%24wpc%3d5762%3b%24wpc%3d5771%3b%24wpc%3d6052%3b%24wpc%3d6054%3b%24wpc%3d6055%3b%24wpc%3d6001%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5947%3b%24wpc%3d5920%3b%24wpc%3d5921%3b%24wpc%3d5924%3b%24wpc%3d5933%3b%24wpc%3d5188%3b%24wpc%3d18410%3b%24wpc%3d169%3b%24wpc%3d3704%3b%24wpc%3d3970%3b%24wpc%3d4238%3b%24wpc%3d3440%3b%24wpc%3d3703%3b%24wpc%3d3607%3b%24wpc%3d4235%3b%24wpc%3d19272%3b%24wpc%3d20131%3b%24wpc%3d20135%3b%24wpc%3d18666%3b%24wpc%3d18681%3b%24wpc%3d24076%3b%24wpc%3d18652%3b%24wpc%3d19157%3b%24wpc%3d21050%3b%24wpc%3d19002%3b%24wpc%3d21051%3b%24wpc%3d21052%3b%24wpc%3d21053%3b%24wpc%3d21054%3b%24wpc%3d21055%3b%24wpc%3d21056%3b%24wpc%3d21057%3b%24wpc%3d21058%3b%24wpc%3d21059%3b%24wpc%3d21060%3b%24wpc%3d21061%3b%24wpc%3d21514%3b%24wpc%3d21471%3b%24wpc%3d18964%3b%24wpc%3d18971%3b%24wpc%3d18973%3b%24wpc%3d19028%3b%24wpc%3d19035%3b%24wpc%3d19052%3b%24wpc%3d19057%3b%24wpc%3d19072%3b%24wpc%3d19079%3b%24wpc%3d19103%3b%24wpc%3d19105%3b%24wpc%3d19119%3b%24wpc%3d19121%3b%24wpc%3d19122%3b%24wpc%3d19127%3b%24wpc%3d19128%3b%24wpc%3d19130%3b%24wpc%3d19147%3b%24wpc%3d19150%3b%24wpc%3d19151%3b%24wpc%3d19153%3b%24wpc%3d19155%3b%24wpc%3d19158%3b%24wpc%3d19160%3b%24wpc%3d19162%3b%24wpc%3d19164%3b%24wpc%3d19166%3b%24wpc%3d19168%3b%24wpc%3d19170%3b%24wpc%3d19171%3b%24wpc%3d19174%3b%24wpc%3d19175%3b%24wpc%3d19178%3b%24wpc%3d19180%3b%24wpc%3d19181%3b%24wpc%3d19183%3b%24wpc%3d19185%3b%24wpc%3d19187%3b%24wpc%3d19190%3b%24wpc%3d19192%3b%24wpc%3d19193%3b%24wpc%3d19194%3b%24wpc%3d19196%3b%24wpc%3d19198%3b%24wpc%3d19200%3b%24wpc%3d19202%3b%24wpc%3d19205%3b%24wpc%3d20363%3b%24wpc%3d19812%3b%24wpc%3d19894%3b%24wpc%3d20270%3b%24wpc%3d20037%3b%24wpc%3d19688%3b%24wpc%3d19935&acd=1689873136033&envtype=0&opid=673967b3-d766-4fd2-9df8-8aa886b15b22&opdt=1689873136033&siteid=558893&hb_bid=yahoossp&hb_cpm=0.04419700588130458&hb_ccy=USD&tgt=%24dt%3d1t%3b%24hc&gdpr=0&visit=S&statid=19&imptype=0&intgtype=0&pgDomain=https%3a%2f%2ftsuredurediary.com%2farchives%2fwindows-file-collective-acquisition.html&cappid=161175378474174537&capp=0&mcrdbt=0&insid=3356698&imgid=0&pgid=1698012&fmtid=26706&isLazy=0&rtb=1&rtbnid=1097&rtbbid=4701671625188383448&rtbh=b0e0325da31633bca161e276dc357ec5eba847f8&rtblt=638254699360419548&rtbet=0&rtbptnid=76&cftgid=abf9897545c5
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4986 42 B
63 B 39ms
38ms Image
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AG4IPHWEc_7JB0tuhruzsg53pC0OnL0mFV06_6mRd6EvZSx41AU2yLAwqBPfDZcFOp108j6KW-qG1rEgifEvKOJ71JYbf4HLyJo5w7C2Mvvw4_u4g

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4986 0
20 B 41ms
40ms Image
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4109918814840772156&x=60&ct=76

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 setuid Show response
u.4dex.io/ Frame A45D 0
15 B 5ms
5ms Document
text/plain 34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Thu, 20 Jul 2023 17:12:16 GMT
expires: 0
pragma: no-cache
vary: Origin Accept-Encoding
via: 1.1 google

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 31CE 2 KB
1 KB 5ms
4ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=3FP_sppoDV1NPx8Oe3xTOgGglJmNZIChq0kbAsinve8&u=%7C2YqaqKNOByh%2FzIMi6mkCMxppnTsPd9rPsXlnSrw9qRs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4ITGua8zXVFPAvqyeWDAeT4nPFYwrkA-eMofrmuuMlhwTnoJmGkYrrnd_KUwOFcD03miaaTet8ZXVPGe56pDihowbQnA7QtWj6JGFNQTyT3NDneWP13iGB_zMVkekTf9DqBuZDiJ8oBMKJB9vzT4cDtJU85xwOPEqJy1YCbQgYe2QpC6j47BXGbzgVMynkCE3rVGJow2zeJ5Sw607NCq2WlAoFSyvXncxfIx2SDx15IBHj18rk6cBVCFKqiEZpg4hl7U4D8VWgsNYMiG_6dwmAAcT_SU3ylPFHNxQlDpnURtsl9gG-Ont4zOCsstE-U2Z-09yOlJGt8iiEc_OGcrxuxObY15b6t9_EE9FcokqJeLxCcmNDxulIO0nrS7cAEVHa_0E9UmwIGkgdAMhs8LNwC6ihSswqqrbvbhXlfpHK9Pjs5bq6Zmfm7EIAvRjGwQi-G-AhhlI0kxqupO9VZdvxLgCrJY3B6-AFY6eSi27qwccwTBJpshhSkUEdALb92jf8k3uWAg6TethCQF4lCD2t9C_lWSsS1IIuwf0iYm56rtTYzf42AjVO8Uwoj9bpp71X6pMdcElSqMNkftb8v87jB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 14 Jul 2024 17:12:16 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 31CE 2 KB
1 KB 11ms
10ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 14 Jul 2024 17:12:16 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 31CE 308 B
636 B 5ms
4ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:16 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 14 Jul 2024 17:12:16 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 31CE 293 B
621 B 11ms
11ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:16 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 14 Jul 2024 17:12:16 GMT

GET
H2 200 lg.php
cat.jp2.as.criteo.com/delivery/ Frame 31CE 43 B
348 B 17ms
4ms Image
image/gif 182.161.74.13
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.jp2.as.criteo.com/delivery/lg.php?cppv=3&cpp=7SWEBi6Jg8axKbMFPopFWyli6SW7neE70FuuBPCY0dBCn-UzD8F9okH3eoLXaNZB6pqIzEfEs0DumE765ozhg5KTaAQLGPDu5xa_dTCbk19cqoia8V0RqT5TpNV1b_Rpp2tM_tmHRBojwac9WHGB9KsYcQjaiklx1wXcvPn6aEPl6jn-A0GB9UOwivE2wo7Emyo7RswKMS2_Xc9e59eg7OrU5osabxdDxQF3weC7_p8xyzE1VRJYwpWN8ciObKOYx7PApNKJTKVbwfYOnBXfu_t9CrSjFHOhykb1Ee57QYQCQBl_mBt8pUe4DWGpZGhoMUX-7zB00DSyLcUlhebQGNdrsi2KGQBuz-vJFj57s5CA9tuO85QLZmVvkeZ3paDgeYPH0Zan1XzXZbJhME2ojMXSDHZv9UUjZf6jwOwAaaWov4z3LD3jJ_1uS9xxVXXU1cRPqIirCl-C__X3P70mPkpd02A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.13 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1779392
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 d3d5fc86a7f640b7bb079ae27b9c48d9_image_ad_970x90.png
static.criteo.net/design/dt/100889/4806093/ Frame 31CE 104 KB
104 KB 5ms
5ms Image
image/png 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/100889/4806093/d3d5fc86a7f640b7bb079ae27b9c48d9_image_ad_970x90.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

5a95a333e4d24547b33644c30362c72e780aee0dc10defb6fa6a46324ce5b21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:16 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 27 Jun 2023 05:57:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "649a7a5c-1a01f"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 106527
expires: Sun, 14 Jul 2024 17:12:16 GMT

GET
H2 200 dis.aspx Show response
widget.jp2.as.criteo.com/dis/ Frame BF15 28 B
472 B 15ms
4ms Document
text/html 182.161.74.16
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.jp2.as.criteo.com/dis/dis.aspx?pu=193968&cb=64b96af0499b7a1d5c45c416698bb48d&r=https%3a%2f%2ftsuredurediary.com%2farchives%2fwindows-file-collective-acquisition.html&crossorigin=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

28246fc455ed80a6d38f2779e518e2fb49031680c01ae393a7cae3d04462daf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Thu, 20 Jul 2023 17:12:16 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1737099
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

POST
H2 200 all
csm.as.criteo.net/ Frame 31CE 0
128 B 20ms
4ms Ping
text/plain 2406:2600:4::7
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.as.criteo.net/all?cppv=3&cpp=1uQB1SaoBdZD2LvFb99wgZtBpKofCuW8tw_6JUasZvCwn9YNYiipViOBUIMaLJcAqkGOAqWYqf2u6DtpZXey6xmaNk8vUADGQjkemDNZIFs3nlRoNMTTB_xRaDSyFN_RS_5ER70QcXve6IhFdayYoGy12XfEed_2Y8FUo86ptuL2XrQvcrFETlCBuXRvaj1GY3XBPiNcoMtpe5ZsMrEv9em1qCTPbOtEmunl39-Q_6icFNsTADcU3FMIyU4c1P2DFYLiCMH_biryRbOK&sds=2&rev=87574&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::7 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 20 Jul 2023 17:12:15 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 31CE 2 KB
1 KB 4ms
4ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 14 Jul 2024 17:12:16 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87D6
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
188 B

43ms
43ms

Image
image/png

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DELH6yK4EGIymnO8BMAE&v=APEucNWlu3yTAYLR3ik_BJ-YbsogvJnRTQwWHTxygumplDZoc8WMu7GaKv4TCxsXOHSdNUwyH_xMUuKPo_4_tgYwkiMRHZRkrrlTVdq2Cq3zufJMjiVogvI

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 20 Jul 2023 17:12:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

/
cs.adingo.jp/sync/ Frame 87D6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adingo_dbm&google_cm&google_dbm&gdpr=0
https://cs.adingo.jp/sync/?from=dbm&id=CAESELxKisSwbzm5wmqtKBG2q1A&google_cver=1&gdpr=0

43 B
398 B

28ms
5ms

Image
image/gif

52.192.201.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=dbm&id=CAESELxKisSwbzm5wmqtKBG2q1A&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DELH6yK4EGIymnO8BMAE&v=APEucNWlu3yTAYLR3ik_BJ-YbsogvJnRTQwWHTxygumplDZoc8WMu7GaKv4TCxsXOHSdNUwyH_xMUuKPo_4_tgYwkiMRHZRkrrlTVdq2Cq3zufJMjiVogvI
Protocol: H2
Server: 52.192.201.178 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-201-178.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
expires: Wed, 17 Sep 1975 21:32:10 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.adingo.jp/sync/?from=dbm&id=CAESELxKisSwbzm5wmqtKBG2q1A&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4986 0
20 B 42ms
41ms Ping
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1255188935049&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4986 0
20 B 38ms
38ms Ping
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1255188935049&version=m202306200101&ct=76&x=60&cor=4109918814840772000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4986 79 KB
37 KB 101ms
100ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cns6ssu_AkNpuOQbhvF_2qkMX20nqdDXO3oVJVoPrRzpANKT44089JqCRL57_raHyxjXaV0Zkj_MtsX5D5QIbugmNGEHmr_TrfjhbcXzK4Nm8TIkGeJ_a1xOSI-NbxWHFyzgh_2EjLNPcVE_SVxzRNutd2aHvI-ssSdhkdUHev_syVzUU&dbm_d=AKAmf-CK5Qk3MRmM9kaRH9qGmd-W8H-xCAlwdmw_e1tMcxhdP6EOFs87EpR_a7q_4xg7peF00o_MbkxKc_1zCR3Ul7EsKnnMVshkj9dqNCesWurRZgrqYthE-L8l6JJaf3pQ4rPnCilFHSmas3xtruCsf8rmdx9bjXG55BacaPzzmIrY9GvpWR6p6davlmWdLS7Fa3t27Jm2vV1-bZjZOMb0KQhTMt_oerc6ARcyGTLp5RJohApiQOOMaUhGYjfkNkNghTWWlZ0OIMRgU5O-KXUuJuODrm2DCUVjD0C4Xy2uBcOINekM4piqeGJzgMFXZGSVmE8wimX7HanfOK2suoIDZdioBoIiEw0c7FaIKaJiE7RYeh0eWiLQUZcL69LXR67rPAPSG_WHNEtmdrWK7elnXBNJeKsvlSfjI9JwA1WBTSXN0UVFoUeD5s3MRUFh4ANSN844tkgulJLLwrKa5x4IXUBZ8mpwROLMqi5rrqivjtExmcjcbuSQJOl0y8ZVNi8tdVeHOY1lrti_r7oxCJZ9a8idEHZNKWCbAgVpuic3XIiiEbjl-Z3ZkQnv5k0U0Xx3nG_rxoxdknX4OGbpTntbil3DrxILHxKyM4_kT7MxrGSySYaO4RvqbhSEq-32RQg-u2uBHP9xE_2794K5k1rT2sDn2JoZH1UlIikzzy_3VcWIXd6COBvAYrQvZYDi12tNz6PHlcUfrHtQBvvCTDcGM85O2x_Dbkr3YPpvt6LOzsZEwZuBAAK_fMsel8GoYGQYNgGwnBvt0mYocQGMFPH-DNDFC_MrtL9sfGwEXgphcc5XH0THERBK1j3DKFrA4yN85BnYrohd1e8XHXAYSfumnWOtydXvKrwfbuMj6hLU0si87G7E8B694YWOZdGznQkYWQd4GtcWLNm0_bWABv6E6PEX2QotD7W632jsaZw1cwwtHCqyM05sbX8vmlcBGBNQJgEu8BcsWfoz9gQbBdx154mRvJShU6r8AqNKp6Ljx9lUkrHwEAu28eX-UQ7cx-1JYi3aPOId9j7fSjrkNWbrvWY11GNx0bXk9GumOX0ZShTTrzFKnJaba428f1CM17pebcDH0cSY1x2KzTKpk5jcCed6fUuU9CX6u8BJuiEF9Yv_B2hnMwuJlbs7EUxpBGLLnNUYN_B8JDIO1QMgzUQwGmmflZhhE38EuhESs672gxNr63vQL-jjqLhsokF-e5C7eg3lFxscLvIGqilrS3NjwkeBFs192rY4V3Ec7rqnA28bMgUZCDmDU0JB9KjA9QeVKcLP0keu49W6nd9GRevLuLKIpJAINU-YURpoXC7LLJzTUH85VgS0AEKHLPZyXKf9GkPNP4fBQe7sEZvw9F5M7MamKQxUr10E8sVRk7wVYFkbPGF2dSTQoF5MqxQ_Pj4iXeaIMZu9qYZJ9W4YVGc0I1CMmmc47s4boeRWRF6Qyb5Pxpxzq1m0VAOy7Zh8GfkErVlfwkyuxI5I9dfxU67gtGX7zWruI4tfP51NAQhV0rdOKQEhOcR--8XMaWlUXBCPDS2twKoDGa_yXLRBhnnATe0Tu208QyiynJHhAfXtAsgQbd4QByPby3_dhxc4i_quxoudk9DhvVa4yMPysz1iqpqXIfxS6gONk9Hehd2wtYrONT8Ip6OeuOOTfHpXGDMv-Dn3UhE5LcgUIoiEn_ZUTmcMVGGG0Bzeoi22ABrI38BiYs2prumureHajcqFymc_RwasE2oHsvkvUC7ov_A0cqtOFam3EAPis8wLozWCfunvSNrdCeavwQ-h0N85Y1XOW78U789dPFea0Tn0sSYsCu5r2W38ZxXzr0FQkJotMtHtqug9CZrSNjPP7mUmsOjlaPKMcPAnhB2uKt8GODqx6hFo7TtQdEY6XPsaze8x2wgPNUJsa6iiayfbeDfCBi_ZxWw1rU_os0zrNoEYXk37BGPG0UiT6xxwLJzkzWJBjXWKwc66Mr24N-hIw0AsKXHkmdEwDJ93Z8MIQsDnRvGsOriQHTrJz0BCzUKweqF4rhdh-iPXaiuij-Y1HsoG5W2MAUwu_I2NfVvsL0U7ANwlKsXby6YanAeS4dugJwtg9vzrLB77HekUoDNyPP29azuHMQvCVSRf_ctnYiIdeQjTqwvy6T5eNUIz6crL8LTZCSAwUtYcRjnVXpVerRrYTwSboR7-ECLdF0yRHEkVqFHfUBActSM75h_dp6-QAaWWKN0P5AozHXw94bAZKYf0xIc9aiVm-4MD8o-IVAvJpXT92Y5Yr7W0fmUJkbJrsF5w6TBn4Ef8MF4O5fBfO9qn_-ZXoNs64RDCM6YK8PpdeFa99xKx4-olz3Lv2QN9umI5JBQVpefKXgjziQruh-N0ad-fSl32h9ArmADrcUHJHr-UisoTvADGl7snYBj8jeDC6JZUd1_Lw_UYS6szTw28F29o5J8osZYuHaHBy1ers4qFnLs2UvrrDtPqIKhDs7NQUtmAh5NFVe4Fqqw2XwNLS18G8rvupKCQqpMgs4Vnq1LVO_rNyuMie_lsds-KXFBi55xZwT8PaGIjAMXLQRiVMwJ_hEByRFwn58YuAtSL0oeFGo2GGIRcXHDTVuerOj5e9zQsu4cE3UtIaJP_bSYgFFiq1z-xFC238ysYbFK6LesoUGcizBPYUwAVr1XqBDSk-2ZzAx_zTe61ekuslZ_dV-lfbR9JdyLE4YlzByIs7q3UGsvx9YR8p2pYp6KLgrz8Y4rolT3nbRq-QuZKAfYuLrEDTPHiRv6MoGfTEIpJkHThozfgOfovUHwty34Xa53Qg-tDCiQR16lYZFLktqarvY8GasmFYG_iI-YKHBzUXERP-6Lw1o9o-m3dzTigWtZg-ViSXlVxpZ0gRe_F3IX7Emq7ZFjv2Hfu2iEovZOpV1Tu_ZiCinAlbKrPjQiAMaX2IUHGZXhw1gxth9VQFb0kO5zAr98U2-pJndb4o-4ES3cEJmwRz-zFukbquQ0-v4b6NVRa3PJRGRkufB5qOUdCoXtXFJVJE5i8r24b_cwCT9y9R4dmJyOOQF16HGO56fAx0CJJrbQuUzI4W6jqjwKRg4KvljkV7SnD97-XgLPne256kickbhrlI_Z5mpKqzuUMy5_m-RfWiPVXR9a7v7a7b3kT_vGzMYxHCrVzLK6EcXKu22kcd96s65xja3ERUPe848CKWpHMdhz4AFz3upb7bvMBPBXanyCqniIvExUz60a4OVGNnwfncXPyBakomYQXiYLpwSJ6QKVdoxoS6feUWlI95rpo8KITsc7iQgh7wcSGcMky8TBn12WgGyc0UiFBt5GjYw2tcE1tWR0AlAuWRtwVyjWTleqGb-byYuIF7u5cJfWWhnQ6-2Fe60G_N1qn6ZnwUpc0jkgxid_Lo0PBMBLHKUindT9by-M9NQYDbiiLpXhmVLfcwCOeeHBR4pQPpi_l2j2fxnFn7QpbBRXBdQouIeMt4_U0T1AtX8OYmSZ4244MC6z3bVL6WBOlEQOig7ABGLdTe74&pr=60%3A0.0682&cid=CAQSYABpAlJWiX3lHoRb1D23iy6ea2oSdLbARDOXrdfDwkfnFcCRnO7cgZvKACQpdXLvsfYrZaOrM_jeqRIz7nxkQw0cCeJmNtDawPV89etFDMpn9xUWo7dNKsHThmSbFvvnvhgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202306200101&rfl=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&ds=l&xdt=0&iif=1&cor=4109918814840772000&adk=44744063&idt=96&cac=0&dtd=26

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0aba6fe52fea02888902e553968ba9b7973fb01a091c8738fa788a8bfb092ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37803
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

match
ssp-sync.criteo.com/user-sync/ Frame 5E2D
Redirect Chain

https://ssp-sync.criteo.com/user-sync/redirect?profile=73&gdprapplies=0&gdpr=&gpp=&gpp_sid=
https://x.bidswitch.net/sync?ssp=criteo&custom_data=km8cBV9pOFdHRDhoWEJxVzR6eG41OGU0aWhHZGhJR3VUTFgxdVJVdk5HWGtidjlET1NWVmRnNG83VUpMMUd6M25jYXdNNGZ4WHVBemVwTXV0ZHVQTUlDUExKQmZtdkVOQUZrNFpOMVFlSWJBJ...
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40
https://widget.as.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40
https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-wKFxrBMw5O7c9qz75LE3pmTytllrYasHG7Lz0w&gdpr=&gdpr_consent=
https://ssp-sync.criteo.com/user-sync/match?p=&u=817c9144-d961-4726-86a6-7595c6e4d090

0
141 B

4ms
4ms

Image
text/plain

2406:2600:4::1b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssp-sync.criteo.com/user-sync/match?p=&u=817c9144-d961-4726-86a6-7595c6e4d090

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Server

2406:2600:4::1b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:16 GMT
cache-control: no-store,max-age=0
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Kestrel

Redirect headers

Location: //ssp-sync.criteo.com/user-sync/match?p=&u=817c9144-d961-4726-86a6-7595c6e4d090
Date: Thu, 20 Jul 2023 17:12:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/57926/ Frame 5E2D
Redirect Chain

https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&tc=1
https://ups.analytics.yahoo.com/ups/57926/sync?uid=jrwlP7uJsVbHhNsmKEft&pi=aol&_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&tc=1

0
342 B

77ms
76ms

Image
text/plain

13.228.126.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57926/sync?uid=jrwlP7uJsVbHhNsmKEft&pi=aol&_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&tc=1

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Server

13.228.126.19 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:17 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/57926/sync?uid=jrwlP7uJsVbHhNsmKEft&pi=aol&_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&tc=1
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:17 GMT, Thu, 20 Jul 2023 17:12:17 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

6041145649349111353
pr-bh.ybp.yahoo.com/sync/msft/csrc/3/ Frame 5E2D
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55936%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26redir2%3Dtrue%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D&gdpr=0&gdpr_co...
https://ups.analytics.yahoo.com/ups/55936/sync?uid=6041145649349111353&_origin=0&redir2=true&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&gdpr=0&gdpr_consent=
https://pr-bh.ybp.yahoo.com/sync/msft/csrc/3/6041145649349111353

43 B
604 B

75ms
75ms

Image
image/gif

2406:da18:929:5a03:6501:163c:2f11:2df9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/msft/csrc/3/6041145649349111353

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Server

2406:da18:929:5a03:6501:163c:2f11:2df9 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/msft/csrc/3/6041145649349111353
date: Thu, 20 Jul 2023 17:12:16 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame 5E2D
Redirect Chain

https://c1.adform.net/serving/cookie/match/?CC=1&party=15&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&curl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55944%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3d0%...
https://ups.analytics.yahoo.com/ups/55944/sync?uid=4931925723668045182&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=

0
140 B

76ms
75ms

Image
text/plain

13.228.126.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=4931925723668045182&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Server

13.228.126.19 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:16 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=4931925723668045182&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55859/ Frame 5E2D
Redirect Chain

https://x.bidswitch.net/sync?ssp=rmx&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=rmx
https://x.bidswitch.net/sync?dsp_id=70&user_id=4931925723668045182&ssp=rmx
https://ups.analytics.yahoo.com/ups/55859/sync?uid=817c9144-d961-4726-86a6-7595c6e4d090&_origin=0&gdpr=&gdpr_consent=

0
140 B

80ms
79ms

Image
text/plain

13.228.126.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55859/sync?uid=817c9144-d961-4726-86a6-7595c6e4d090&_origin=0&gdpr=&gdpr_consent=

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Server

13.228.126.19 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:16 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Location: //ups.analytics.yahoo.com/ups/55859/sync?uid=817c9144-d961-4726-86a6-7595c6e4d090&_origin=0&gdpr=&gdpr_consent=
Date: Thu, 20 Jul 2023 17:12:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58294/ Frame 5E2D
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&r=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58294%2Fsync%3F_origin%3D0%26gdpr%3D0%26g...
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&uid=684f62ba-62be-4f94-83a3-bc3b8df4a726

0
140 B

79ms
78ms

Image
text/plain

13.228.126.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58294/sync?_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&uid=684f62ba-62be-4f94-83a3-bc3b8df4a726

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Server

13.228.126.19 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:16 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date: Thu, 20 Jul 2023 17:12:16 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://ups.analytics.yahoo.com/ups/58294/sync?_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&uid=684f62ba-62be-4f94-83a3-bc3b8df4a726
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 usync
onevideosync.uplynk.com/ Frame 5E2D 0
195 B 815ms
71ms Image
text/plain 52.221.136.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onevideosync.uplynk.com/usync?key=onevideo&comboId=y-bAQ7WkBE2uHG9sofzCGdCMpMl9TmTnFL~A&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.221.136.13 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-136-13.ap-southeast-1.compute.amazonaws.com
Software: ribs2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:17 GMT
server: ribs2.0
content-length: 0
content-type: text/plain

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 5E2D 170 B
188 B 48ms
45ms Image
image/png 142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS04RUJJNlN0RTJ1SDlBYWJVOC5Gc0xOSVhkelYuWm1XVn5B&gdpr=0&gdpr_consent=&gpp=&gpp_sid=

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

y-Ndcirm5E2uL94S1lR35TFNaUUcioEy0-~A
pr-bh.ybp.yahoo.com/sync/adtech/ Frame 5E2D
Redirect Chain

https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gpp=&gpp_sid=
https://pr-bh.ybp.yahoo.com/sync/adtech/y-Ndcirm5E2uL94S1lR35TFNaUUcioEy0-~A

43 B
425 B

74ms
73ms

Image
image/gif

2406:da18:929:5a03:6501:163c:2f11:2df9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/adtech/y-Ndcirm5E2uL94S1lR35TFNaUUcioEy0-~A

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Server

2406:da18:929:5a03:6501:163c:2f11:2df9 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/adtech/y-Ndcirm5E2uL94S1lR35TFNaUUcioEy0-~A
date: Thu, 20 Jul 2023 17:12:16 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

23507AF097AB61D239CA69A496F6601E
pr-bh.ybp.yahoo.com/sync/msn/ Frame 5E2D
Redirect Chain

https://c.bing.com/c.gif?Red3=OATHMS_pd&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://pr-bh.ybp.yahoo.com/sync/msn/23507AF097AB61D239CA69A496F6601E

43 B
604 B

74ms
74ms

Image
image/gif

2406:da18:929:5a03:6501:163c:2f11:2df9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/msn/23507AF097AB61D239CA69A496F6601E

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Server

2406:da18:929:5a03:6501:163c:2f11:2df9 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 20A5B09989F344D8A4F4A35CC0C0D402 Ref B: TYBEDGE0911 Ref C: 2023-07-20T17:12:16Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://pr-bh.ybp.yahoo.com/sync/msn/23507AF097AB61D239CA69A496F6601E
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET /
ignore.me/ Frame 5E2D 0
0

GET
H2

200

setuid
ib.adnxs.com/prebid/ Frame 5E2D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58230/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-oIFqeshE2uFt_uH6Jo4xUquJbwt3Ug--~A&gdpr=0

43 B
640 B

72ms
71ms

Image
image/gif

103.43.90.179
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-oIFqeshE2uFt_uH6Jo4xUquJbwt3Ug--~A&gdpr=0

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Server

103.43.90.179 , Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
an-x-request-uuid: 262b3a12-ce68-4f27-9681-a1fdffb16f95
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.138.252.196; 217.138.252.196; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location: https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-oIFqeshE2uFt_uH6Jo4xUquJbwt3Ug--~A&gdpr=0
date: Thu, 20 Jul 2023 17:12:16 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230718/r20110914/ Frame 4986 30 KB
11 KB 4ms
3ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230718/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cns6ssu_AkNpuOQbhvF_2qkMX20nqdDXO3oVJVoPrRzpANKT44089JqCRL57_raHyxjXaV0Zkj_MtsX5D5QIbugmNGEHmr_TrfjhbcXzK4Nm8TIkGeJ_a1xOSI-NbxWHFyzgh_2EjLNPcVE_SVxzRNutd2aHvI-ssSdhkdUHev_syVzUU&dbm_d=AKAmf-CK5Qk3MRmM9kaRH9qGmd-W8H-xCAlwdmw_e1tMcxhdP6EOFs87EpR_a7q_4xg7peF00o_MbkxKc_1zCR3Ul7EsKnnMVshkj9dqNCesWurRZgrqYthE-L8l6JJaf3pQ4rPnCilFHSmas3xtruCsf8rmdx9bjXG55BacaPzzmIrY9GvpWR6p6davlmWdLS7Fa3t27Jm2vV1-bZjZOMb0KQhTMt_oerc6ARcyGTLp5RJohApiQOOMaUhGYjfkNkNghTWWlZ0OIMRgU5O-KXUuJuODrm2DCUVjD0C4Xy2uBcOINekM4piqeGJzgMFXZGSVmE8wimX7HanfOK2suoIDZdioBoIiEw0c7FaIKaJiE7RYeh0eWiLQUZcL69LXR67rPAPSG_WHNEtmdrWK7elnXBNJeKsvlSfjI9JwA1WBTSXN0UVFoUeD5s3MRUFh4ANSN844tkgulJLLwrKa5x4IXUBZ8mpwROLMqi5rrqivjtExmcjcbuSQJOl0y8ZVNi8tdVeHOY1lrti_r7oxCJZ9a8idEHZNKWCbAgVpuic3XIiiEbjl-Z3ZkQnv5k0U0Xx3nG_rxoxdknX4OGbpTntbil3DrxILHxKyM4_kT7MxrGSySYaO4RvqbhSEq-32RQg-u2uBHP9xE_2794K5k1rT2sDn2JoZH1UlIikzzy_3VcWIXd6COBvAYrQvZYDi12tNz6PHlcUfrHtQBvvCTDcGM85O2x_Dbkr3YPpvt6LOzsZEwZuBAAK_fMsel8GoYGQYNgGwnBvt0mYocQGMFPH-DNDFC_MrtL9sfGwEXgphcc5XH0THERBK1j3DKFrA4yN85BnYrohd1e8XHXAYSfumnWOtydXvKrwfbuMj6hLU0si87G7E8B694YWOZdGznQkYWQd4GtcWLNm0_bWABv6E6PEX2QotD7W632jsaZw1cwwtHCqyM05sbX8vmlcBGBNQJgEu8BcsWfoz9gQbBdx154mRvJShU6r8AqNKp6Ljx9lUkrHwEAu28eX-UQ7cx-1JYi3aPOId9j7fSjrkNWbrvWY11GNx0bXk9GumOX0ZShTTrzFKnJaba428f1CM17pebcDH0cSY1x2KzTKpk5jcCed6fUuU9CX6u8BJuiEF9Yv_B2hnMwuJlbs7EUxpBGLLnNUYN_B8JDIO1QMgzUQwGmmflZhhE38EuhESs672gxNr63vQL-jjqLhsokF-e5C7eg3lFxscLvIGqilrS3NjwkeBFs192rY4V3Ec7rqnA28bMgUZCDmDU0JB9KjA9QeVKcLP0keu49W6nd9GRevLuLKIpJAINU-YURpoXC7LLJzTUH85VgS0AEKHLPZyXKf9GkPNP4fBQe7sEZvw9F5M7MamKQxUr10E8sVRk7wVYFkbPGF2dSTQoF5MqxQ_Pj4iXeaIMZu9qYZJ9W4YVGc0I1CMmmc47s4boeRWRF6Qyb5Pxpxzq1m0VAOy7Zh8GfkErVlfwkyuxI5I9dfxU67gtGX7zWruI4tfP51NAQhV0rdOKQEhOcR--8XMaWlUXBCPDS2twKoDGa_yXLRBhnnATe0Tu208QyiynJHhAfXtAsgQbd4QByPby3_dhxc4i_quxoudk9DhvVa4yMPysz1iqpqXIfxS6gONk9Hehd2wtYrONT8Ip6OeuOOTfHpXGDMv-Dn3UhE5LcgUIoiEn_ZUTmcMVGGG0Bzeoi22ABrI38BiYs2prumureHajcqFymc_RwasE2oHsvkvUC7ov_A0cqtOFam3EAPis8wLozWCfunvSNrdCeavwQ-h0N85Y1XOW78U789dPFea0Tn0sSYsCu5r2W38ZxXzr0FQkJotMtHtqug9CZrSNjPP7mUmsOjlaPKMcPAnhB2uKt8GODqx6hFo7TtQdEY6XPsaze8x2wgPNUJsa6iiayfbeDfCBi_ZxWw1rU_os0zrNoEYXk37BGPG0UiT6xxwLJzkzWJBjXWKwc66Mr24N-hIw0AsKXHkmdEwDJ93Z8MIQsDnRvGsOriQHTrJz0BCzUKweqF4rhdh-iPXaiuij-Y1HsoG5W2MAUwu_I2NfVvsL0U7ANwlKsXby6YanAeS4dugJwtg9vzrLB77HekUoDNyPP29azuHMQvCVSRf_ctnYiIdeQjTqwvy6T5eNUIz6crL8LTZCSAwUtYcRjnVXpVerRrYTwSboR7-ECLdF0yRHEkVqFHfUBActSM75h_dp6-QAaWWKN0P5AozHXw94bAZKYf0xIc9aiVm-4MD8o-IVAvJpXT92Y5Yr7W0fmUJkbJrsF5w6TBn4Ef8MF4O5fBfO9qn_-ZXoNs64RDCM6YK8PpdeFa99xKx4-olz3Lv2QN9umI5JBQVpefKXgjziQruh-N0ad-fSl32h9ArmADrcUHJHr-UisoTvADGl7snYBj8jeDC6JZUd1_Lw_UYS6szTw28F29o5J8osZYuHaHBy1ers4qFnLs2UvrrDtPqIKhDs7NQUtmAh5NFVe4Fqqw2XwNLS18G8rvupKCQqpMgs4Vnq1LVO_rNyuMie_lsds-KXFBi55xZwT8PaGIjAMXLQRiVMwJ_hEByRFwn58YuAtSL0oeFGo2GGIRcXHDTVuerOj5e9zQsu4cE3UtIaJP_bSYgFFiq1z-xFC238ysYbFK6LesoUGcizBPYUwAVr1XqBDSk-2ZzAx_zTe61ekuslZ_dV-lfbR9JdyLE4YlzByIs7q3UGsvx9YR8p2pYp6KLgrz8Y4rolT3nbRq-QuZKAfYuLrEDTPHiRv6MoGfTEIpJkHThozfgOfovUHwty34Xa53Qg-tDCiQR16lYZFLktqarvY8GasmFYG_iI-YKHBzUXERP-6Lw1o9o-m3dzTigWtZg-ViSXlVxpZ0gRe_F3IX7Emq7ZFjv2Hfu2iEovZOpV1Tu_ZiCinAlbKrPjQiAMaX2IUHGZXhw1gxth9VQFb0kO5zAr98U2-pJndb4o-4ES3cEJmwRz-zFukbquQ0-v4b6NVRa3PJRGRkufB5qOUdCoXtXFJVJE5i8r24b_cwCT9y9R4dmJyOOQF16HGO56fAx0CJJrbQuUzI4W6jqjwKRg4KvljkV7SnD97-XgLPne256kickbhrlI_Z5mpKqzuUMy5_m-RfWiPVXR9a7v7a7b3kT_vGzMYxHCrVzLK6EcXKu22kcd96s65xja3ERUPe848CKWpHMdhz4AFz3upb7bvMBPBXanyCqniIvExUz60a4OVGNnwfncXPyBakomYQXiYLpwSJ6QKVdoxoS6feUWlI95rpo8KITsc7iQgh7wcSGcMky8TBn12WgGyc0UiFBt5GjYw2tcE1tWR0AlAuWRtwVyjWTleqGb-byYuIF7u5cJfWWhnQ6-2Fe60G_N1qn6ZnwUpc0jkgxid_Lo0PBMBLHKUindT9by-M9NQYDbiiLpXhmVLfcwCOeeHBR4pQPpi_l2j2fxnFn7QpbBRXBdQouIeMt4_U0T1AtX8OYmSZ4244MC6z3bVL6WBOlEQOig7ABGLdTe74&pr=60%3A0.0682&cid=CAQSYABpAlJWiX3lHoRb1D23iy6ea2oSdLbARDOXrdfDwkfnFcCRnO7cgZvKACQpdXLvsfYrZaOrM_jeqRIz7nxkQw0cCeJmNtDawPV89etFDMpn9xUWo7dNKsHThmSbFvvnvhgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202306200101&rfl=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&ds=l&xdt=0&iif=1&cor=4109918814840772000&adk=44744063&idt=96&cac=0&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cf6b0041792515d9036fad75e278ddc885672587d77908729cc9b5d66ca3dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72968
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11528
x-xss-protection: 0
server: cafe
etag: 1206305422853166885
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 20:56:08 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4986 179 KB
56 KB 57ms
55ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:12:16 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230718/r20110914/elements/html/ Frame 4986 11 KB
4 KB 13ms
11ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230718/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:24:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74850
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 20:24:46 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4986 0
0 103ms
51ms Fetch
image/gif 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuZ1nDnzUjil8sn7wb0qsEv7dh3Dgqa77vqWzkCeMa362y2EzO3rSB0U5sqYE51HoHoxUh4wwHQRd4qmmsDCujnqgKqV00e73Bwzn7ntiq3hT--Dz3mvc1vofwXYC9g8qpl032-zcfo5NwL3zmSGBAhNZHEEcdsUM25jByNWHTW5TV-0_nBJwAhuPe3RJpdMUZjWgTebdPpjT6ZQRjA_DfGFDHSszcIEVTzaeYOYtLH5qn_YP73OLObp2fk4QwIKQLA652FVyGIFa5Vet7zqVHzKuU5VKl_M0VKHUP6QsiWKZZxt2nObvvzCUG7YEhxA1sBM3dWmIuZeBAqO9DHAjRL5O16G-hsqUG2PEpiIzUhqwIEh2YVUXcEywjkYqBH6qKt1VixhjvjsLCUJtxVyADVcO6o48E6bm9I6C1pGwPBYqDf0Qtf2ANys7fwv6AxOLDNoxkRkOPLFB3TDxwP09K8JWppgFtNLhlnUXZHzr8OVLNgk_A7IdDR9ofy9S4_myc27Doed-A3LfcHYpiKRgnLKmEZbrpoXVfG-_iiY8ZWw-iFdSkZmA22RcvB0Q95GoltWe_DTyBBDCIlJWB5QtooJxJFTyA6dOQNVakunyid810NgOINHBQ_Po0KNKHCy67y6IYIoCy9sgZ1WLtXsb5yJxNiEfIMaYNJJ4cVx2Ge6GI5LpBPhARIrR00ohmGsByFvhju8xzrI2hsGshVnXeuC4MSq56pGbyuQYV4wH34A2bzg4O442Rvdhw6qKpHJFzMEqLVyvxK3dA3Fe6T2_li1GUcy3P5mi_nYMAsnMnyfesTqi3kPN-D9MU_NXsro63_B8qHjj7yxLWV6zrjsGTAiicGoyY7BNHfzrVVMzQeO4h5riP0gyUuI4QHqLDOCww2k3nT9lpuvkjp9LgT91pvhnUkfoCs6cxx4ckPLsu218JDnv7xyyBdJfvy_1Jl_7Y1Smhvx9yndEDuC4xcvLqTvcdv1USVIv5A6eOjuu9DsPf4RnNKG3OZAzHs-TDrIAFZgunEaun2rIvFuLaai-W5Labb4llEffdKSQx7MSdUH-5xmOE5IEU1la83GuDxqYbBHPmJ1gaLPqursOY__huNrWc_EUwx64k9i7LZBMxzr3bgbpYaUlEBbfWGkDS83yaAfBiPjb_XLGeBPuBmMbj65irVYA6TWaJBgqBmTYZGHfNaWRT8vA1au4xcW4fWR56IK8DIM9Lx1O9MX1QQPW4S1qF1yy0CfDpI-WEyn8EGXQNmyEkkG6iCtocZsuBANDFmgx9Av43hvA&sai=AMfl-YSi_WEiv57rVd17tljitj0oBwPIzLMdkVxWM-CmlNkBerzVRKuFDist5R_RN9naxb1DA-YrBEpki08ijEOykmD_kc4Ey7AfeHaioPIqiQl3NHJ665cnsFTtg1TrstDOaWZhTYJA9hv5NiKSqPBVv8kqL6XSsayRNR-uNxH6HHjcU32MJNxR-wFmJ-t2H2prVJPUxB-bUPhxtU0vSELAf4FRRzgFSYI8imS75Pn7O_RxaS4CTZVUIbIPAwLv6iJwNl7kwrvIDJxdSilQyo9pdybjVYIHVOjKqOsgQdwwt6KIfhgSrhyedi-XUGdxwKGFe4qaWKuBfe5QQeyJXZVgdFzS8Iy3N-G5bPajDHI-I44xoK_DYsheZxVBN2k-BKz3G2uVJVcKKGxul2c&sig=Cg0ArKJSzOq_c7ghSNVxEAE&uach_m=[UACH]&pr=60:0.0682&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=6&cbvp=1&cstd=1&cisv=r20230718.33384&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.130 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 20 Jul 2023 17:12:16 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:12:16 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4986 41 KB
13 KB 9ms
3ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 04:39:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 217956
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jul 2024 04:39:40 GMT

GET
H2 200 393477835333685900
s0.2mdn.net/simgad/ Frame 4986 42 KB
42 KB 8ms
2ms Image
image/jpeg 2404:6800:4004:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/393477835333685900

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f56fc03a7200ea3686b3fedd2c136f38b879bbe277877be215845dbe7eccc2bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 17:16:09 GMT
x-content-type-options: nosniff
age: 86167
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42966
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 11:58:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jul 2024 17:16:09 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4986 0
0 76ms
39ms Fetch
image/gif 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuZ1nDnzUjil8sn7wb0qsEv7dh3Dgqa77vqWzkCeMa362y2EzO3rSB0U5sqYE51HoHoxUh4wwHQRd4qmmsDCujnqgKqV00e73Bwzn7ntiq3hT--Dz3mvc1vofwXYC9g8qpl032-zcfo5NwL3zmSGBAhNZHEEcdsUM25jByNWHTW5TV-0_nBJwAhuPe3RJpdMUZjWgTebdPpjT6ZQRjA_DfGFDHSszcIEVTzaeYOYtLH5qn_YP73OLObp2fk4QwIKQLA652FVyGIFa5Vet7zqVHzKuU5VKl_M0VKHUP6QsiWKZZxt2nObvvzCUG7YEhxA1sBM3dWmIuZeBAqO9DHAjRL5O16G-hsqUG2PEpiIzUhqwIEh2YVUXcEywjkYqBH6qKt1VixhjvjsLCUJtxVyADVcO6o48E6bm9I6C1pGwPBYqDf0Qtf2ANys7fwv6AxOLDNoxkRkOPLFB3TDxwP09K8JWppgFtNLhlnUXZHzr8OVLNgk_A7IdDR9ofy9S4_myc27Doed-A3LfcHYpiKRgnLKmEZbrpoXVfG-_iiY8ZWw-iFdSkZmA22RcvB0Q95GoltWe_DTyBBDCIlJWB5QtooJxJFTyA6dOQNVakunyid810NgOINHBQ_Po0KNKHCy67y6IYIoCy9sgZ1WLtXsb5yJxNiEfIMaYNJJ4cVx2Ge6GI5LpBPhARIrR00ohmGsByFvhju8xzrI2hsGshVnXeuC4MSq56pGbyuQYV4wH34A2bzg4O442Rvdhw6qKpHJFzMEqLVyvxK3dA3Fe6T2_li1GUcy3P5mi_nYMAsnMnyfesTqi3kPN-D9MU_NXsro63_B8qHjj7yxLWV6zrjsGTAiicGoyY7BNHfzrVVMzQeO4h5riP0gyUuI4QHqLDOCww2k3nT9lpuvkjp9LgT91pvhnUkfoCs6cxx4ckPLsu218JDnv7xyyBdJfvy_1Jl_7Y1Smhvx9yndEDuC4xcvLqTvcdv1USVIv5A6eOjuu9DsPf4RnNKG3OZAzHs-TDrIAFZgunEaun2rIvFuLaai-W5Labb4llEffdKSQx7MSdUH-5xmOE5IEU1la83GuDxqYbBHPmJ1gaLPqursOY__huNrWc_EUwx64k9i7LZBMxzr3bgbpYaUlEBbfWGkDS83yaAfBiPjb_XLGeBPuBmMbj65irVYA6TWaJBgqBmTYZGHfNaWRT8vA1au4xcW4fWR56IK8DIM9Lx1O9MX1QQPW4S1qF1yy0CfDpI-WEyn8EGXQNmyEkkG6iCtocZsuBANDFmgx9Av43hvA&sai=AMfl-YSi_WEiv57rVd17tljitj0oBwPIzLMdkVxWM-CmlNkBerzVRKuFDist5R_RN9naxb1DA-YrBEpki08ijEOykmD_kc4Ey7AfeHaioPIqiQl3NHJ665cnsFTtg1TrstDOaWZhTYJA9hv5NiKSqPBVv8kqL6XSsayRNR-uNxH6HHjcU32MJNxR-wFmJ-t2H2prVJPUxB-bUPhxtU0vSELAf4FRRzgFSYI8imS75Pn7O_RxaS4CTZVUIbIPAwLv6iJwNl7kwrvIDJxdSilQyo9pdybjVYIHVOjKqOsgQdwwt6KIfhgSrhyedi-XUGdxwKGFe4qaWKuBfe5QQeyJXZVgdFzS8Iy3N-G5bPajDHI-I44xoK_DYsheZxVBN2k-BKz3G2uVJVcKKGxul2c&sig=Cg0ArKJSzOq_c7ghSNVxEAE&uach_m=[UACH]&pr=60:0.0682&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=24&vt=11&dtpt=18&dett=2&cstd=1&cisv=r20230718.33384&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.130 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Jul 2023 17:12:16 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2ABC 22 KB
8 KB 4ms
4ms Document
text/html 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 217956
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 04:39:40 GMT
expires: Wed, 17 Jul 2024 04:39:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 2ABC 37 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 09:17:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jul 2024 09:17:24 GMT

GET
H2 200 v2 Show response
mb.moatads.com/s/ 149 B
322 B 84ms
82ms Script
text/html 13.250.85.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/s/v2?url=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&pcode=millennialnexageinapp768429046591&ord=1689873136320&jv=1393232857&callback=BrandSafetyNadoscallback_18072576
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/millennialnexageinapp768429046591/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.250.85.75 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-85-75.ap-southeast-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 0db4ca3f92ab1c4eb3917269e6f8be6f1cd482a5864a9c0b7b52b653bf07b3cc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:16 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "b857304771dbe34eea18fbbd37c594032fcbc164"
content-length: 149
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 4ms
4ms Image
image/gif 23.44.53.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fads.as.criteo.com%2Fdelivery%2Fr%2Fafr.php%3Fz%3D3FP_sppoDV1NPx8Oe3xTOgGglJmNZIChq0kbAsinve8%26u%3D%257C2YqaqKNOByh%252FzIMi6mkCMxppnTsPd9rPsXlnSrw9qRs%253D%257C%26c1%3DjWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4ITGua8zXVFPAvqyeWDAeT4nPFYwrkA-eMofrmuuMlhwTnoJmGkYrrnd_KUwOFcD03miaaTet8ZXVPGe56pDihowbQnA7QtWj6JGFNQTyT3NDneWP13iGB_zMVkekTf9DqBuZDiJ8oBMKJB9vzT4cDtJU85xwOPEqJy1YCbQgYe2QpC6j47BXGbzgVMynkCE3rVGJow2zeJ5Sw607NCq2WlAoFSyvXncxfIx2SDx15IBHj18rk6cBVCFKqiEZpg4hl7U4D8VWgsNYMiG_6dwmAAcT_SU3ylPFHNxQlDpnURtsl9gG-Ont4zOCsstE-U2Z-09yOlJGt8iiEc_OGcrxuxObY15b6t9_EE9FcokqJeLxCcmNDxulIO0nrS7cAEVHa_0E9UmwIGkgdAMhs8LNwC6ihSswqqrbvbhXlfpHK9Pjs5bq6Zmfm7EIAvRjGwQi-G-AhhlI0kxqupO9VZdvxLgCrJY3B6-AFY6eSi27qwccwTBJpshhSkUEdALb92jf8k3uWAg6TethCQF4lCD2t9C_lWSsS1IIuwf0iYm56rtTYzf42AjVO8Uwoj9bpp71X6pMdcElSqMNkftb8v87jB&i=MILLENNIALNEXAGEINAPP1&ol=492976120&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tnH%2FUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-SScRKbOpzNBk3A%3D%3D&sc=1&os=1-vw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&id=1&ii=4&f=0&j=&t=1689873136320&de=560425372846&cu=1689873136320&m=579&ar=c013c52fed3-clean&iw=46fb322&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=10063&le=1&lh=13&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A550%3A622%3A0%3A880&as=0&ag=61&an=0&gf=61&gg=0&ix=61&ic=61&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=61&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=121&cd=0&ah=121&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=13513%3ACriteoKK%3Anull%3A93495-970x90-HTML&bo=378107&bd=1668955&gw=millennialnexageinapp768429046591&zMoatOrigSlicer1=378107&zMoatOrigSlicer2=1668955&zMoatDomain=tsuredurediary.com&zMoatSubdomain=tsuredurediary.com&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=-1&jm=-1&tc=0&fs=204627&na=942833539&cs=0
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-53-234.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 17:12:16 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2ABC 0
20 B 39ms
39ms Image
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvWzz8Gq5ZPu1JNS5vcAPmf-V2AsAAAAAOAHgBAI&bg=!7O-l77vNAAa3SiIRl0o7ADkAdvg8Wk4T6pEPwqU_K9xDJsWoJINl_aC1TGggUSwaOhD1aHw5XkgJ3tGr63X6lpzryyayJGMbNTQCAAAAY1IAAAAGaAEHCgAmBLmHtH4JxMnrBWlqccwgXV7MADu82z8UKkAcE2DjP5kVZpeXr8OZAtdYgd4x4miRRx78-_osMw7sQB3ny55_IDq2U-xMOXJg5n7mchMHQszpEzsPWEO_yCugrjUyaFYvTRD8D7t7bxNkwermmLwOzfdG2q7sBYsAGRGO6Hq_hZejTkp724qF8z6NxBySke5wJ6G_yVRhZWO5uYsWEEieXKPhs08AqqZGLJHn-T13e6WxPpy7qB6i5Z5QUanKFyt698fUmKuKnI5WfiXCpn2Z-TCpeg_9KfJ1uJAbUejugdDrDEsHl2BStKL7xbzIDko42Y9xzgqi-P-41WSLppbJcTR-lPI52JYV4pxobZJkEmFnU9w6zmBKUL-lTyDlBCuSZ1ProK0mGhll0kZL-QsZnK7R2MzeNy5Pa9XIOu1HhYBUHtU86SaPxSsP8xmyKwjmjHk5S4cU_cf2oTNZWF3zuP3Eg1GQSVTwu5UDo0BcrS0OMPygBnUg5c8BzSNNQSPToRWQ6PnpNUZOoECZVWgO2KKLxj_6Igcla9H1el47oO2BuPqATvYNt5Jp6t9-nf2JpmF4Jqo_1vYLvaNz2l5Rg6L9VMcAYJXagTr8EOCZA5mKgYI4kuUx1ZSwmLO6XkOGp4Kev6N9GmWY6fZsthum_M2ilYU61BvMLR6mLoMX7i5p0nv5WSGPsyZiG4_PwWb2ehVp2PCuORZCspNSMei2JqV3o4-rtR1cj992TxoEt-IqF_Hy7HdVu0mQTy-fkN-4l1v2zdw5-BI2nfqspm6zor382ysJRRee4HJJ_c_IePwelK41oag-mKKtoHmojUy0Kh9y2O7__t6uX-XlPwCj3asFwOs6E__3VMI89spPJy5a-WSvpY9jLAvsECpj1zylgPNIQul2KYfByM6TcJWAHe0bpHqcB3Nj9a5ckmGZa0t7UOHtXbP0XIZP2aAR2uZzRQEYmyjvxrXZrVUfCJ_wSEfpmY2MR72Sbgq5klzHlcVh6i_KKsk0ChWUdm7DYYf1

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
millennialnexageinapp768429046591.s.moatpixel.com/ 43 B
265 B 25ms
3ms Image
image/gif 23.45.57.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://millennialnexageinapp768429046591.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=61&fi=1&apd=121&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=tsuredurediary.com&L1id=13513&L2id=CriteoKK&L3id=null&L4id=93495-970x90-HTML&S1id=378107&S2id=1668955&ord=1689873136320&r=560425372846&t=meas&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252Ftsuredurediary.com%252Farchives%252Fwindows-file-collective-acquisition.html&mobile=0&click=0&initW=970&initH=90&initSRE=0.04546875&bedc=1&q=1&nu=1&ib=0&dc=0&ob=0&oh=0&lt=0&ab=0&n=0&nm=1&sp=0&pt=0
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.57.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-45-57-234.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 17:12:16 GMT

GET
H2 200 pixel.gif
millennialnexageinapp768429046591.s.moatpixel.com/ 43 B
265 B 24ms
3ms Image
image/gif 23.45.57.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://millennialnexageinapp768429046591.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=61&fi=1&apd=121&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=tsuredurediary.com&L1id=13513&L2id=CriteoKK&L3id=null&L4id=93495-970x90-HTML&S1id=378107&S2id=1668955&ord=1689873136320&r=560425372846&t=fv&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252Ftsuredurediary.com%252Farchives%252Fwindows-file-collective-acquisition.html&mobile=0&click=0&initW=970&initH=90&initSRE=0.04546875&bedc=1&q=2&nu=1&ib=0&dc=0&ob=0&oh=0&lt=0&ab=0&n=0&nm=1&sp=0&pt=0
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.57.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-45-57-234.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 17:12:16 GMT

GET
H2 200 pixel.gif
millennialnexageinapp768429046591.s.moatpixel.com/ 43 B
265 B 24ms
3ms Image
image/gif 23.45.57.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://millennialnexageinapp768429046591.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=61&fi=1&apd=121&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=tsuredurediary.com&L1id=13513&L2id=CriteoKK&L3id=null&L4id=93495-970x90-HTML&S1id=378107&S2id=1668955&ord=1689873136320&r=560425372846&t=bs&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252Ftsuredurediary.com%252Farchives%252Fwindows-file-collective-acquisition.html&mobile=0&click=0&initW=970&initH=90&initSRE=0.04546875&bedc=1&q=3&nu=1&ib=0&dc=0&ob=0&oh=0&lt=0&ab=0&n=0&nm=1&sp=0&pt=0
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.57.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-45-57-234.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 17:12:16 GMT

GET
H2 200 pixel.gif
millennialnexageinapp768429046591.s.moatpixel.com/ 43 B
265 B 9ms
3ms Image
image/gif 23.45.57.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://millennialnexageinapp768429046591.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=140&fi=1&apd=200&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=tsuredurediary.com&L1id=13513&L2id=CriteoKK&L3id=null&L4id=93495-970x90-HTML&S1id=378107&S2id=1668955&ord=1689873136320&r=560425372846&t=hdn&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252Ftsuredurediary.com%252Farchives%252Fwindows-file-collective-acquisition.html&mobile=0&click=0&initW=970&initH=90&initSRE=0.04546875&bedc=1&q=4&nu=1&ib=0&dc=0&ob=0&oh=0&lt=0&ab=0&n=0&nm=1&sp=0&pt=0
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.57.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-45-57-234.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 17:12:16 GMT

GET
H2 200 pixel.gif
millennialnexageinapp768429046591.s.moatpixel.com/ 43 B
265 B 9ms
4ms Image
image/gif 23.45.57.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://millennialnexageinapp768429046591.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=140&fi=1&apd=200&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=tsuredurediary.com&L1id=13513&L2id=CriteoKK&L3id=null&L4id=93495-970x90-HTML&S1id=378107&S2id=1668955&ord=1689873136320&r=560425372846&t=nht&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252Ftsuredurediary.com%252Farchives%252Fwindows-file-collective-acquisition.html&mobile=0&click=0&initW=970&initH=90&initSRE=0.04546875&bedc=1&q=5&nu=1&ib=0&dc=0&ob=0&oh=0&lt=0&ab=0&n=0&nm=1&sp=0&pt=0
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.57.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-45-57-234.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 17:12:16 GMT

GET
H2

200

/ Show response
hde.tynt.com/deb/ Frame 4F16
Redirect Chain

https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1

3 KB
4 KB

148ms
143ms

Document
text/html

67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 0b815761e135edd18d4af32750ccea8b7489cb89fe7a953cbef85d4a63c786d0

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length: 2639
content-type: text/html
date: Thu, 20 Jul 2023 17:12:17 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy: unsafe-url

Redirect headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length: 0
date: Thu, 20 Jul 2023 17:12:16 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
location: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy: unsafe-url

POST
H2 200 all
csm.as.criteo.net/ Frame 31CE 0
127 B 5ms
5ms Ping
text/plain 2406:2600:4::7
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::7 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 20 Jul 2023 17:12:16 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 isyn Show response
prebid.a-mo.net/ Frame 4614 2 KB
987 B 73ms
72ms Document
text/html 131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: 2a4bae1fb927d3b29219c8d61f9c2567a897cea65eb0d729e93490a0ed5ba746

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-length: 649
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 17:12:16 GMT
server: envoy
vary: accept-encoding
x-envoy-upstream-service-time: 3

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 8B46
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://usersync.gumgum.com/usersync?b=rth&i=jrwlP7uJsVbHhNsmKEft&pi=gumgum

35 B
250 B

8ms
7ms

Document
image/gif

13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=jrwlP7uJsVbHhNsmKEft&pi=gumgum
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 20 Jul 2023 17:12:17 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Thu, 20 Jul 2023 17:12:17 GMT Thu, 20 Jul 2023 17:12:17 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=jrwlP7uJsVbHhNsmKEft&pi=gumgum
pragma: no-cache

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame ACE4 170 B
188 B 52ms
43ms Document
image/png 142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV84N2IxYjZjZS1jNDdmLTRiYmUtYTZiZS0yMDM2YmEwNThjYTc=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 17:12:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 9543
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=atm&i=ZLlq7QACT-5HnwAb&gdpr=0&gdpr_consent=

35 B
250 B

26ms
8ms

Document
image/gif

13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=atm&i=ZLlq7QACT-5HnwAb&gdpr=0&gdpr_consent=
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 20 Jul 2023 17:12:17 GMT
Expires: 0
Pragma: no-cache

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Thu, 20 Jul 2023 17:12:17 GMT
location: https://usersync.gumgum.com/usersync?b=atm&i=ZLlq7QACT-5HnwAb&gdpr=0&gdpr_consent=
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-tyo11935-TYO
x-timer: S1689873138.576434,VS0,VE0

GET
H2 200 / Show response
csync.smilewanted.com/ Frame 19C1 6 KB
2 KB 264ms
256ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7e9cd405ea3e262a-NRT
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 17:12:17 GMT
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 04F8
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZLlq8cCo5ucAAOz0akIAAAAA

35 B
250 B

17ms
8ms

Document
image/gif

13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZLlq8cCo5ucAAOz0akIAAAAA
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 20 Jul 2023 17:12:17 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Thu, 20 Jul 2023 17:12:17 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZLlq8cCo5ucAAOz0akIAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 3
X-SO-Cluster-ID: 0
X-SO-HostName: m-ad366.dc4p.scaleout.jp
X-SO-IP: 217.138.252.196
X-SO-Key: ZLlq8cCo5ucAAOz0akIAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"217.138.252.196","key":"ZLlq8cCo5ucAAOz0akIAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad366"}
X-SO-LB-Hostname: a-tgng40016.dc2p.scaleout.jp
X-SO-Upstream-ID: m-ad366

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 0A57 2 KB
814 B 277ms
277ms Document
text/html 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1689873133435&gdpr=0

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame A6B4
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=ttd&i=9fa15752-811e-4e1a-9968-2f6499bac335

35 B
250 B

18ms
9ms

Document
image/gif

13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=ttd&i=9fa15752-811e-4e1a-9968-2f6499bac335
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 20 Jul 2023 17:12:17 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: private,no-cache, must-revalidate
content-length: 193
content-type: text/html
date: Thu, 20 Jul 2023 17:12:17 GMT
location: https://usersync.gumgum.com/usersync?b=ttd&i=9fa15752-811e-4e1a-9968-2f6499bac335
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 6040 281 B
554 B 2ms
2ms Document
text/html 23.60.110.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.60.110.42 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-60-110-42.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 20 Jul 2023 17:12:17 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame E76F
Redirect Chain

https://cs.admanmedia.com/sync/gumgum?puid=a_87b1b6ce-c47f-4bbe-a6be-2036ba058ca7&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=
https://usersync.gumgum.com/usersync?b=aad&i=4b2bfb3d-f39a-4a9e-8cb5-1df8887658e7

35 B
250 B

6ms
6ms

Document
image/gif

13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=aad&i=4b2bfb3d-f39a-4a9e-8cb5-1df8887658e7
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 20 Jul 2023 17:12:18 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Date: Thu, 20 Jul 2023 17:12:18 GMT
Expires: 0
Location: https://usersync.gumgum.com/usersync?b=aad&i=4b2bfb3d-f39a-4a9e-8cb5-1df8887658e7
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Transfer-Encoding: chunked
X-Frame-Options: DENY

GET
H/1.1 200
OK iframe Show response
sync.missena.io/ Frame 6291 36 KB
12 KB 24ms
3ms Document
text/html 54.168.247.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.168.247.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-168-247-123.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 53e42eac2910d072b26f840249769d3d2158019bf5e2616f98ba1023dff5b88d

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html; charset=utf-8
Date: Thu, 20 Jul 2023 17:12:17 GMT
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Thu, 20 Jul 2023 17:12:17 GMT
Pragma: no-cache
Transfer-Encoding: chunked
Vary: Accept-Encoding Origin

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 80EC 15 KB
6 KB 9ms
4ms Document
text/html 23.44.52.240
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-52-240.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=145964
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Thu, 20 Jul 2023 17:12:17 GMT
expires: Sat, 22 Jul 2023 09:45:01 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 / Show response
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 6B12 2 KB
1 KB 1039ms
253ms Document
text/html 162.55.233.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=8429213012
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.233.55.162.clients.your-server.de
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: b907ff7d8e1e3f05a8e15a4149194aa5e043ac62849467071fa1ed4fc4d72ebd

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 17:12:15 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx/1.14.1
x-powered-by: PHP/8.2.4

GET
H2

200

sync Show response
eb2.3lift.com/ Frame 9847
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
2 KB

144ms
144ms

Document
text/html

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_52/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: 521a9189a437545f3260b1d98f5c2c07d77126a009aaf0fb87df95588514c74f

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1110
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 17:12:18 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Thu, 20 Jul 2023 17:12:17 GMT
location: /sync?&ld=1
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

setuid
a-prebid.vidoomy.com/
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=undefined&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D$%7BUID%7D
https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=7f556efc-034b-4634-bb08-bd249b0c91c2

0
571 B

950ms
240ms

Image
text/html

212.36.83.246
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=7f556efc-034b-4634-bb08-bd249b0c91c2
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: HTTP/1.1
Server: 212.36.83.246 Terrassa, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb2.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 17:12:18 GMT
Server: nginx
Vary: Accept-Encoding, Origin
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:17 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=7f556efc-034b-4634-bb08-bd249b0c91c2
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116

GET
H/1.1

200
OK

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=undefined&us_privacy=
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LKBETYXU-I-KVDD&gdpr=0&gdpr_consent=undefined

43 B
622 B

865ms
221ms

Image
image/gif

212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LKBETYXU-I-KVDD&gdpr=0&gdpr_consent=undefined
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: HTTP/1.1
Server: 212.36.83.245 Terrassa, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 17:12:18 GMT
Content-Encoding: none
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 43

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LKBETYXU-I-KVDD&gdpr=0&gdpr_consent=undefined
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 750589468d5634b7e99830971becaf64
Expires: 0

GET
H/1.1

200
OK

prebid
b1h.zemanta.com/usersync/
Redirect Chain

https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=
https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&s=2

26 B
315 B

144ms
144ms

Image
image/gif

50.31.142.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&s=2
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: HTTP/1.1
Server: 50.31.142.95 Itasca, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

P3p: CP="We do not support P3P header."
Date: Thu, 20 Jul 2023 17:12:17 GMT
Content-Length: 26
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 17:12:17 GMT
Content-Type: text/html; charset=utf-8
Location: /usersync/prebid?gdpr=0&gdpr_consent=&s=2
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 72
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200
OK

setuid
a-prebid.vidoomy.com/
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID
https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=undefined&uid=4931925723668045182

86 B
630 B

287ms
229ms

Image
image/png

212.36.83.246
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=undefined&uid=4931925723668045182
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: HTTP/1.1
Server: 212.36.83.246 Terrassa, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb2.vdmy.dtic.es
Software: nginx /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 17:12:18 GMT
Server: nginx
Vary: Accept-Encoding, Origin
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 86
Expires: 0

Redirect headers

location: https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=undefined&uid=4931925723668045182
date: Thu, 20 Jul 2023 17:12:18 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ 0
187 B 775ms
240ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=undefined&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:17 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ 0
0 9ms
4ms Image
text/html 23.44.52.240
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=undefined&us_privacy=&predirect=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D{{GDPR}}%26gdpr_consent%3D{{GDPR_CONSENT}}%26uid%3D
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-52-240.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H/1.1

200
OK

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=0&gdpr_consent=undefined&us_privacy=
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=817c9144-d961-4726-86a6-7595c6e4d090&google_hm=ODE3YzkxNDQtZDk2MS00NzI2LTg2YTYtNzU5NWM2ZTRkMDkw
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFdX2gWhD0gPFDGDv6xuMNE&google_cver=1&ssp=vidoomy&bsw_param=817c9144-d961-4726-86a6-7595c6e4d090
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=817c9144-d961-4726-86a6-7595c6e4d090

43 B
650 B

913ms
263ms

Image
image/gif

212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=817c9144-d961-4726-86a6-7595c6e4d090
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: HTTP/1.1
Server: 212.36.83.245 Terrassa, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 17:12:18 GMT
Content-Encoding: none
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 43

Redirect headers

Location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=817c9144-d961-4726-86a6-7595c6e4d090
Date: Thu, 20 Jul 2023 17:12:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6040 34 KB
10 KB 3ms
3ms Script
text/html 23.60.110.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.60.110.42 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-60-110-42.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 24429211bd14ed5f592ff2bdcac2c33cea10bcbd21ffeb47c38d25eccdfd4f72

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 17:12:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Jul 2023 20:29:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=11779
Connection: keep-alive
Content-Length: 10114
Expires: Thu, 20 Jul 2023 20:28:36 GMT

GET
H/1.1 200 usersync Show response
usersync.gumgum.com/ Frame 5D77 35 B
250 B 6ms
6ms Document
image/gif 13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=pbm&i=141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 20 Jul 2023 17:12:17 GMT
Expires: 0
Pragma: no-cache

GET
H/1.1 204
No Content missena
sync.missena.io/ Frame 4DF1 0
0 9ms
9ms Document
text/plain 54.168.247.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.missena.io/missena?gdpr=0&gdpr_consent=undefined
Requested by: Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.168.247.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-168-247-123.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Date: Thu, 20 Jul 2023 17:12:17 GMT
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Thu, 20 Jul 2023 17:12:17 GMT
Pragma: no-cache
Vary: Origin

GET
H2 200 cframe.js Show response
assets.a-mo.net/js/ Frame 4614 9 KB
4 KB 66ms
9ms Script
text/javascript 2606:4700::6813:9e13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.a-mo.net/js/cframe.js
Requested by: Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1d0e50c440571cffce4c7aea610d6cbee0f2a15f1058aef12b225e3e246e404

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:17 GMT
via: 1.1 d1fa9409a9380374423ca786990631ba.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-cf-pop: NRT57-P2
age: 458
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 27 Mar 2023 18:10:34 GMT
server: cloudflare
etag: W/"60125fcf1fcf576eebb45554f83ada73"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-ray: 7e9cd4069978f5d8-NRT
x-amz-cf-id: 43GBAhinIWzBFGz_xxA8gO_srH_BDeoVbsEU9WGVrztDFS-VJTrx7Q==
expires: Thu, 20 Jul 2023 18:12:17 GMT

GET
H/1.1

204
No Content

de1353e2-9a29-450f-b39f-f321b37d86d5
sync.missena.io/improvedigital/ Frame BF7E
Redirect Chain

https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=undefined&partner_id=2157&r=https%3A%2F%2Fsync.missena.io%2Fimprovedigital%2F%7BPUB_USER_ID%7D
https://sync.missena.io/improvedigital/de1353e2-9a29-450f-b39f-f321b37d86d5

0
0

4ms
4ms

Document
text/plain

54.168.247.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.missena.io/improvedigital/de1353e2-9a29-450f-b39f-f321b37d86d5
Requested by: Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.168.247.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-168-247-123.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://sync.missena.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Date: Thu, 20 Jul 2023 17:12:17 GMT
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Thu, 20 Jul 2023 17:12:17 GMT
Pragma: no-cache
Vary: Origin

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Thu, 20 Jul 2023 17:12:17 GMT
location: https://sync.missena.io/improvedigital/de1353e2-9a29-450f-b39f-f321b37d86d5
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame FCA5
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined
https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined

281 B
554 B

2ms
2ms

Document
text/html

23.60.110.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined
Requested by: Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.60.110.42 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-60-110-42.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://sync.missena.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 20 Jul 2023 17:12:17 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 20 Jul 2023 17:12:17 GMT
location: https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined
server: AkamaiGHost

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FCA5 34 KB
10 KB 2ms
2ms Script
text/html 23.60.110.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.60.110.42 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-60-110-42.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 24429211bd14ed5f592ff2bdcac2c33cea10bcbd21ffeb47c38d25eccdfd4f72

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 17:12:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Jul 2023 20:29:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=11779
Connection: keep-alive
Content-Length: 10114
Expires: Thu, 20 Jul 2023 20:28:36 GMT

GET
H/1.1

204
No Content

LKBETYXU-I-KVDD
sync.missena.io/magnite/ Frame FCA5
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=missena&gdpr=0&gdpr_consent=undefined&gdpr_consent=undefined&gdpr=0&khaos=LKBETYXU-I-KVDD
https://sync.missena.io/magnite/LKBETYXU-I-KVDD?gdpr=0&gdpr_consent=undefined

0
589 B

5ms
3ms

Image
text/plain

54.168.247.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.missena.io/magnite/LKBETYXU-I-KVDD?gdpr=0&gdpr_consent=undefined
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined
Protocol: HTTP/1.1
Server: 54.168.247.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-168-247-123.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 17:12:18 GMT
Last-Modified: Thu, 20 Jul 2023 17:12:18 GMT
Vary: Origin
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.missena.io/magnite/LKBETYXU-I-KVDD?gdpr=0&gdpr_consent=undefined
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 7c5d24517ee193cc868994bc18883d1d
Expires: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 947A 15 KB
6 KB 4ms
3ms Document
text/html 23.44.52.240
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=undefined&p=20156578&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.missena.io%2Fpubmatic%2FPM_UID
Requested by: Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-52-240.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://sync.missena.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=145964
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Thu, 20 Jul 2023 17:12:17 GMT
expires: Sat, 22 Jul 2023 09:45:01 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

204
No Content

ab3b7a1c-1d30-4f54-9e6d-0zz1689873133
sync.missena.io/richaudience/ Frame 2B48
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=pbs&r=https://sync.missena.io/richaudience/%5BPDID%5D
https://sync.missena.io/richaudience/ab3b7a1c-1d30-4f54-9e6d-0zz1689873133

0
0

5ms
3ms

Document
text/plain

54.168.247.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.missena.io/richaudience/ab3b7a1c-1d30-4f54-9e6d-0zz1689873133
Requested by: Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.168.247.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-168-247-123.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://sync.missena.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Date: Thu, 20 Jul 2023 17:12:18 GMT
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Thu, 20 Jul 2023 17:12:18 GMT
Pragma: no-cache
Vary: Origin

Redirect headers

content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 17:12:15 GMT
location: https://sync.missena.io/richaudience/ab3b7a1c-1d30-4f54-9e6d-0zz1689873133
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx/1.14.1
x-powered-by: PHP/8.2.4

GET
H/1.1 204
No Content 141C74A5-B50F-4CFF-8575-960D9DCA6DC3
sync.missena.io/pubmatic/ Frame B138 0
0 3ms
3ms Document
text/plain 54.168.247.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.missena.io/pubmatic/141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=undefined&p=20156578&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.missena.io%2Fpubmatic%2FPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.168.247.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-168-247-123.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Date: Thu, 20 Jul 2023 17:12:17 GMT
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Thu, 20 Jul 2023 17:12:17 GMT
Pragma: no-cache
Vary: Origin

GET
H/1.1

204
No Content

161175378474174537
sync.missena.io/smart/ Frame C3AF
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=undefined&nwid=3927&url=https%3A%2F%2Fsync.missena.io%2Fsmart%2F%5Bsas_uid%5D
https://sync.missena.io/smart/161175378474174537

0
0

3ms
3ms

Document
text/plain

54.168.247.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.missena.io/smart/161175378474174537
Requested by: Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.168.247.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-168-247-123.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://sync.missena.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Date: Thu, 20 Jul 2023 17:12:17 GMT
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Thu, 20 Jul 2023 17:12:17 GMT
Pragma: no-cache
Vary: Origin

Redirect headers

content-length: 0
date: Thu, 20 Jul 2023 17:12:17 GMT
location: https://sync.missena.io/smart/161175378474174537

GET
H/1.1 200 usersync Show response
usersync.gumgum.com/ Frame A75F 35 B
250 B 6ms
6ms Document
image/gif 13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=pbm&i=141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 20 Jul 2023 17:12:17 GMT
Expires: 0
Pragma: no-cache

GET
H/1.1

204
No Content

8847e0255600dd0b501c75630d89e04c
sync.missena.io/smilewanted/ Frame 45E2
Redirect Chain

https://csync.smilewanted.com/getuid?gdpr=0&gdpr_consent=undefined&pubid=3924&redirect=https%3A%2F%2Fsync.missena.io%2Fsmilewanted%2F%24UID&source=openrtb-via-prebid-server
https://sync.missena.io/smilewanted/8847e0255600dd0b501c75630d89e04c

0
0

4ms
3ms

Document
text/plain

54.168.247.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.missena.io/smilewanted/8847e0255600dd0b501c75630d89e04c
Requested by: Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.168.247.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-168-247-123.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://sync.missena.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Date: Thu, 20 Jul 2023 17:12:17 GMT
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Thu, 20 Jul 2023 17:12:17 GMT
Pragma: no-cache
Vary: Origin

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7e9cd406bb35262a-NRT
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 17:12:17 GMT
location: https://sync.missena.io/smilewanted/8847e0255600dd0b501c75630d89e04c
server: cloudflare

GET
H/1.1

204
No Content

6041145649349111353
sync.missena.io/xandr/ Frame 39E2
Redirect Chain

https://secure.adnxs.com/getuid?https://sync.missena.io/xandr/$UID?fu&gdpr=0&gdpr_consent=undefined
https://sync.missena.io/xandr/6041145649349111353?fu&gdpr=0&gdpr_consent=undefined

0
0

4ms
4ms

Document
text/plain

54.168.247.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.missena.io/xandr/6041145649349111353?fu&gdpr=0&gdpr_consent=undefined
Requested by: Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.168.247.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-168-247-123.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://sync.missena.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Date: Thu, 20 Jul 2023 17:12:17 GMT
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Thu, 20 Jul 2023 17:12:17 GMT
Pragma: no-cache
Vary: Origin

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: e41974e8-f26a-4c23-998e-babc44ae963e
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 17:12:17 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://sync.missena.io/xandr/6041145649349111353?fu&gdpr=0&gdpr_consent=undefined
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 217.138.252.196; 217.138.252.196; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H/1.1

204
No Content

y-Ww01GGRE2uFUYqN0cDFBYSmwMhIDKhv_lK7plws-~A
sync.missena.io/yahoo/ Frame D23D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58673/occ?gdpr=0&gdpr_consent=undefined
https://sync.missena.io/yahoo/y-Ww01GGRE2uFUYqN0cDFBYSmwMhIDKhv_lK7plws-~A?gdpr=0

0
0

4ms
3ms

Document
text/plain

54.168.247.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.missena.io/yahoo/y-Ww01GGRE2uFUYqN0cDFBYSmwMhIDKhv_lK7plws-~A?gdpr=0
Requested by: Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.168.247.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-168-247-123.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://sync.missena.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Date: Thu, 20 Jul 2023 17:12:17 GMT
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Thu, 20 Jul 2023 17:12:17 GMT
Pragma: no-cache
Vary: Origin

Redirect headers

age: 0
content-length: 0
date: Thu, 20 Jul 2023 17:12:17 GMT
location: https://sync.missena.io/yahoo/y-Ww01GGRE2uFUYqN0cDFBYSmwMhIDKhv_lK7plws-~A?gdpr=0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.64
strict-transport-security: max-age=31536000

GET
H/1.1

204
No Content

ac6e6a84c0129ea84e5c28d0518b8bf8
sync.missena.io/adyoulike/ Frame 2315
Redirect Chain

https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=undefined&uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&url=https%3A%2F%2Fsync.missena.io%2Fadyoulike%2F%7BuserId%7D
https://sync.missena.io/adyoulike/ac6e6a84c0129ea84e5c28d0518b8bf8

0
0

3ms
3ms

Document
text/plain

54.168.247.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.missena.io/adyoulike/ac6e6a84c0129ea84e5c28d0518b8bf8
Requested by: Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.168.247.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-168-247-123.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://sync.missena.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Date: Thu, 20 Jul 2023 17:12:17 GMT
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Thu, 20 Jul 2023 17:12:17 GMT
Pragma: no-cache
Vary: Origin

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 17:12:17 GMT
expires: 0
location: https://sync.missena.io/adyoulike/ac6e6a84c0129ea84e5c28d0518b8bf8
p3p: CP="CAO PSA OUR"
pragma: no-cache
vary: Accept-Encoding
via: kong/2.8.3
x-content-type-options: nosniff
x-kong-proxy-latency: 0
x-kong-upstream-latency: 5

GET
H2

204

2119
prebid.a-mo.net/cchain/5/ Frame 4614
Redirect Chain

https://id.a-mx.com/usync?uid=&gdpr_consent=
https://prebid.a-mo.net/cchain/0
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F2119%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D31956c23-248a-4996-9347-39b34a7ff92f%26bidder%3Dappnexus%26cbx%3D%26u...
https://prebid.a-mo.net/cchain/0/2119?gdpr=&gdpr_consent=&us_privacy=&A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=appnexus&cbx=&uid=6041145649349111353
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F2119%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D31956c23-248a-4996-9347-39b34a7...
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F2119%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D31956c23-248a-4996-9347-39b34a7...
https://prebid.a-mo.net/cchain/3/2119?gdpr=&gdpr_consent=&us_privacy=&A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=sovrn&cbx=&uid=HA2ILLZHTHEuzX5AQkus6IgK
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F2119%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D31956c23-248a-4996-9347-39b34a7ff9...
https://prebid.a-mo.net/cchain/5/2119?gdpr=&gdpr_consent=&us_privacy=&A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=adform&cbx=&uid=4931925723668045182

0
15 B

72ms
72ms

Image
text/plain

131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/cchain/5/2119?gdpr=&gdpr_consent=&us_privacy=&A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=adform&cbx=&uid=4931925723668045182
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:17 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy
vary: Accept-Encoding

Redirect headers

location: https://prebid.a-mo.net/cchain/5/2119?gdpr=&gdpr_consent=&us_privacy=&A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=adform&cbx=&uid=4931925723668045182
date: Thu, 20 Jul 2023 17:12:18 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H2

204

setuid
prebid.a-mo.net/ Frame 4614
Redirect Chain

https://x.bidswitch.net/sync?ssp=adaptmx&user_id=31956c23-248a-4996-9347-39b34a7ff92f&gdpr=0&gdpr_consent=&us_privacy=
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=817c9144-d961-4726-86a6-7595c6e4d090&gdpr=0&gdpr_consent=&us_privacy=

0
148 B

76ms
75ms

Image
text/plain

131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=817c9144-d961-4726-86a6-7595c6e4d090&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:17 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 4
server: envoy
vary: Accept-Encoding

Redirect headers

Location: //prebid.a-mo.net/setuid?bidder=bid_switch&uid=817c9144-d961-4726-86a6-7595c6e4d090&gdpr=0&gdpr_consent=&us_privacy=
Date: Thu, 20 Jul 2023 17:12:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

204

yahoo
prebid.a-mo.net/setuid/ Frame 4614
Redirect Chain

https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=31956c23-248a-4996-9347-39b34a7ff92f
https://prebid.a-mo.net/setuid/yahoo?uid=y-Ww01GGRE2uFUYqN0cDFBYSmwMhIDKhv_lK7plws-~A&gdpr=0

0
112 B

73ms
73ms

Image
text/plain

131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/yahoo?uid=y-Ww01GGRE2uFUYqN0cDFBYSmwMhIDKhv_lK7plws-~A&gdpr=0
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:17 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 4
server: envoy
vary: Accept-Encoding

Redirect headers

location: https://prebid.a-mo.net/setuid/yahoo?uid=y-Ww01GGRE2uFUYqN0cDFBYSmwMhIDKhv_lK7plws-~A&gdpr=0
date: Thu, 20 Jul 2023 17:12:17 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

magnite
prebid.a-mo.net/setuid/ Frame 4614
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=
https://prebid.a-mo.net/setuid/magnite?uid=LKBETYXU-I-KVDD&gdpr=0

0
112 B

73ms
73ms

Image
text/plain

131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/magnite?uid=LKBETYXU-I-KVDD&gdpr=0
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:17 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 3
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid.a-mo.net/setuid/magnite?uid=LKBETYXU-I-KVDD&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 750589468d5634b7e99830971becaf64
Expires: 0

GET
H2

204

setuid
prebid.a-mo.net/ Frame 4614
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D31956c23-248a-4996-9347-39b34a7ff92f%26bidder%3Dopenx%26uid%3D%24%7BUID%7D
https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=openx&uid=7f556efc-034b-4634-bb08-bd249b0c91c2

0
113 B

73ms
73ms

Image
text/plain

131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=openx&uid=7f556efc-034b-4634-bb08-bd249b0c91c2
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:17 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 3
server: envoy
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:17 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=openx&uid=7f556efc-034b-4634-bb08-bd249b0c91c2
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 154

GET
H2

204

setuid
prebid.a-mo.net/ Frame 4614
Redirect Chain

https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D31956c23-248a-4996-9347-39b34a7ff92f%26bidder%3Dadform%26uid%3D%24UID
https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=adform&uid=4931925723668045182

0
112 B

75ms
74ms

Image
text/plain

131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=adform&uid=4931925723668045182
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:18 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 4
server: envoy
vary: Accept-Encoding

Redirect headers

location: https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=adform&uid=4931925723668045182
date: Thu, 20 Jul 2023 17:12:18 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H2

204

setuid
prebid.a-mo.net/ Frame 4614
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D31956c23-248a-4996-9347-39b34a7ff92f%26bidder%...
https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=smartadserver&uid=161175378474174537

0
115 B

72ms
71ms

Image
text/plain

131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=smartadserver&uid=161175378474174537
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:18 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy
vary: Accept-Encoding

Redirect headers

location: https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=smartadserver&uid=161175378474174537
date: Thu, 20 Jul 2023 17:12:17 GMT
content-length: 0

GET
H2

204

setuid
prebid.a-mo.net/ Frame 4614
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D31956c23-248a-4996-9347-39b34a7ff92f%26bidder%3Dpubmatic%26uid%3D141C74A5-B50F-4CFF-8...
https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=pubmatic&uid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3

0
112 B

73ms
73ms

Image
text/plain

131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=pubmatic&uid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:17 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 3
server: envoy
vary: Accept-Encoding

Redirect headers

location: https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=pubmatic&uid=141C74A5-B50F-4CFF-8575-960D9DCA6DC3
date: Thu, 20 Jul 2023 17:12:16 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

204

setuid
prebid.a-mo.net/ Frame 4614
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D31956c23-248a-4996-9347-39b34a7ff92f%26bidder%3Dindex_rtb%26uid%3D
https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=index_rtb&uid=ZLlq8Cem3U2ac0ecaHH2TQAA%265399

0
135 B

74ms
73ms

Image
text/plain

131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=index_rtb&uid=ZLlq8Cem3U2ac0ecaHH2TQAA%265399
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:18 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 4
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 17:12:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=index_rtb&uid=ZLlq8Cem3U2ac0ecaHH2TQAA%265399
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2

204

setuid
prebid.a-mo.net/ Frame 4614
Redirect Chain

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D31956c23-248a-4996-9347-39b34a7ff92f%26bidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D31956c23-248a-4996-9347-39b34a7ff92f%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=sovrn&uid=HA2ILLZH6FpT3rGIQymTQGgm

0
112 B

73ms
73ms

Image
text/plain

131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=sovrn&uid=HA2ILLZH6FpT3rGIQymTQGgm
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:18 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 3
server: envoy
vary: Accept-Encoding

Redirect headers

Date: Thu, 20 Jul 2023 17:12:18 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=sovrn&uid=HA2ILLZH6FpT3rGIQymTQGgm
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

204

setuid
prebid.a-mo.net/ Frame 4614
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D31956c23-248a-4996-9347-39b34a7ff92f%26bidder%3Dappnexus%26uid%3D%24UID
https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=appnexus&uid=6041145649349111353

0
112 B

73ms
73ms

Image
text/plain

131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=appnexus&uid=6041145649349111353
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:17 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 4
server: envoy
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:17 GMT
an-x-request-uuid: 6efa34d0-f3bb-400c-a4d8-3026d7a73d49
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://prebid.a-mo.net/setuid?A=31956c23-248a-4996-9347-39b34a7ff92f&bidder=appnexus&uid=6041145649349111353
x-proxy-origin: 217.138.252.196; 217.138.252.196; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content 141C74A5-B50F-4CFF-8575-960D9DCA6DC3
sync.missena.io/pubmatic/ Frame ADB4 0
0 4ms
3ms Document
text/plain 54.168.247.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.missena.io/pubmatic/141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=undefined&p=20156578&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.missena.io%2Fpubmatic%2FPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.168.247.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-168-247-123.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Date: Thu, 20 Jul 2023 17:12:17 GMT
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Thu, 20 Jul 2023 17:12:17 GMT
Pragma: no-cache
Vary: Origin

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 5ms
3ms Image
image/gif 23.44.53.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=MILLENNIALNEXAGEINAPP1&ol=492976120&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tnH%2FUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-SScRKbOpzNBk3A%3D%3D&sc=1&os=1-vw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=90&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&id=1&ii=4&f=0&j=&t=1689873136320&de=560425372846&cu=1689873136320&m=1534&ar=c013c52fed3-clean&iw=46fb322&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=10063&le=1&lf=578&lg=0&lh=13&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A550%3A622%3A0%3A880&as=1&ag=1025&an=61&gi=1&gf=1025&gg=61&ix=1025&ic=1025&ez=1&ck=1025&kw=823&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1025&bx=61&ci=1025&jz=823&dj=1&aa=0&ad=925&cn=0&gk=925&gl=0&ik=925&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=823&cd=121&ah=823&am=121&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=13513%3ACriteoKK%3Anull%3A93495-970x90-HTML&bo=378107&bd=1668955&gw=millennialnexageinapp768429046591&zMoatOrigSlicer1=378107&zMoatOrigSlicer2=1668955&zMoatDomain=tsuredurediary.com&zMoatSubdomain=tsuredurediary.com&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tc=0&fs=204627&na=1334582717&cs=0
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-53-234.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 17:12:17 GMT

GET
H2 200 pixel.gif
millennialnexageinapp768429046591.s.moatpixel.com/ 43 B
265 B 5ms
4ms Image
image/gif 23.45.57.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://millennialnexageinapp768429046591.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=823&tet=1025&fi=1&apd=1085&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=tsuredurediary.com&L1id=13513&L2id=CriteoKK&L3id=null&L4id=93495-970x90-HTML&S1id=378107&S2id=1668955&ord=1689873136320&r=560425372846&t=iv&os=1&fi2=0&div1=1&ait=0&url=https%253A%252F%252Ftsuredurediary.com%252Farchives%252Fwindows-file-collective-acquisition.html&mobile=0&click=0&initW=970&initH=90&initSRE=0.04546875&bedc=1&q=6&nu=1&ib=0&dc=0&ob=0&oh=0&lt=0&ab=0&n=0&nm=1&sp=0&pt=0
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.57.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-45-57-234.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 17:12:17 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 3ms
3ms Image
image/gif 23.44.53.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=MILLENNIALNEXAGEINAPP1&ol=492976120&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tnH%2FUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-SScRKbOpzNBk3A%3D%3D&sc=1&os=1-vw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&id=1&ii=4&f=0&j=&t=1689873136320&de=560425372846&cu=1689873136320&m=1535&ar=c013c52fed3-clean&iw=46fb322&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=10063&le=1&lf=578&lg=0&lh=13&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A550%3A622%3A0%3A880&as=1&ag=1025&an=1025&gi=1&gf=1025&gg=1025&ix=1025&ic=1025&ez=1&ck=1025&kw=823&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1025&bx=1025&ci=1025&jz=823&dj=1&aa=0&ad=925&cn=925&gk=925&gl=925&ik=925&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=823&cd=823&ah=823&am=823&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=13513%3ACriteoKK%3Anull%3A93495-970x90-HTML&bo=378107&bd=1668955&gw=millennialnexageinapp768429046591&zMoatOrigSlicer1=378107&zMoatOrigSlicer2=1668955&zMoatDomain=tsuredurediary.com&zMoatSubdomain=tsuredurediary.com&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tc=0&fs=204627&na=1717164603&cs=0
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-53-234.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 17:12:17 GMT

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame 19C1 48 KB
12 KB 19ms
15ms Script
application/javascript 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1999718
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e9cd407bbdd262a-NRT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 3ms
3ms Image
image/gif 23.44.53.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=MILLENNIALNEXAGEINAPP1&ol=492976120&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tnH%2FUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-SScRKbOpzNBk3A%3D%3D&sc=1&os=1-vw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&id=1&ii=4&f=0&j=&t=1689873136320&de=560425372846&cu=1689873136320&m=1536&ar=c013c52fed3-clean&iw=46fb322&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=10063&le=1&lf=578&lg=0&lh=13&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A550%3A622%3A0%3A880&as=1&ag=1025&an=1025&gi=1&gf=1025&gg=1025&ix=1025&ic=1025&ez=1&ck=1025&kw=823&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1025&bx=1025&ci=1025&jz=823&dj=1&aa=0&ad=925&cn=925&gk=925&gl=925&ik=925&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=823&cd=823&ah=823&am=823&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=13513%3ACriteoKK%3Anull%3A93495-970x90-HTML&bo=378107&bd=1668955&gw=millennialnexageinapp768429046591&zMoatOrigSlicer1=378107&zMoatOrigSlicer2=1668955&zMoatDomain=tsuredurediary.com&zMoatSubdomain=tsuredurediary.com&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tc=0&fs=204627&na=140393339&cs=0
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-53-234.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 17:12:17 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame 9509 0
346 B 267ms
266ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7e9cd407fc00262a-NRT
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 17:12:18 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 7C77 2 KB
814 B 277ms
277ms Document
text/html 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H2

200

HA2ILLZHmvMw19H-Sm2BLY-g Show response
csync.smilewanted.com/set_partner_userid_get/sovrn/ Frame A4B9
Redirect Chain

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID&sovrn_retry=true
https://csync.smilewanted.com/set_partner_userid_get/sovrn/HA2ILLZHmvMw19H-Sm2BLY-g

0
402 B

265ms
265ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/sovrn/HA2ILLZHmvMw19H-Sm2BLY-g
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7e9cd40a2d6b262a-NRT
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 17:12:18 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Thu, 20 Jul 2023 17:12:18 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/sovrn/HA2ILLZHmvMw19H-Sm2BLY-g
X-Sovrn-Pod: ad_ap3sea1

GET
H2

200

ab3b7a1c-1d30-4f54-9e6d-0zz1689873133 Show response
csync.smilewanted.com/set_partner_userid_get/richaudience/ Frame AA16
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
https://csync.smilewanted.com/set_partner_userid_get/richaudience/ab3b7a1c-1d30-4f54-9e6d-0zz1689873133

0
485 B

272ms
271ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/richaudience/ab3b7a1c-1d30-4f54-9e6d-0zz1689873133
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7e9cd40c6f2c262a-NRT
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 17:12:18 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 17:12:15 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/richaudience/ab3b7a1c-1d30-4f54-9e6d-0zz1689873133
server: nginx/1.14.1
x-powered-by: PHP/8.2.4

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 6ms
6ms Image
image/gif 23.44.53.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=MILLENNIALNEXAGEINAPP1&ol=492976120&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tnH%2FUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-SScRKbOpzNBk3A%3D%3D&sc=1&os=1-vw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&id=1&ii=4&f=0&j=&t=1689873136320&de=560425372846&cu=1689873136320&m=1737&ar=c013c52fed3-clean&iw=46fb322&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=10063&le=1&lf=578&lg=0&lh=13&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A550%3A622%3A0%3A880&as=1&ag=1228&an=1025&gi=1&gf=1228&gg=1025&ix=1228&ic=1228&ez=1&ck=1025&kw=823&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1228&bx=1025&ci=1025&jz=823&dj=1&aa=1&ad=1128&cn=925&gn=1&gk=1128&gl=925&ik=1128&co=1128&cp=1085&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1085&cd=823&ah=1085&am=823&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=13513%3ACriteoKK%3Anull%3A93495-970x90-HTML&bo=378107&bd=1668955&gw=millennialnexageinapp768429046591&zMoatOrigSlicer1=378107&zMoatOrigSlicer2=1668955&zMoatDomain=tsuredurediary.com&zMoatSubdomain=tsuredurediary.com&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=6&jm=-1&tc=0&fs=204627&na=2001244603&cs=0
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-53-234.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 17:12:18 GMT

GET
H2

200

RX-423f4343-3912-4957-943a-469617546e0d-004 Show response
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame 307B
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1689873138216
https://ad.turn.com/r/cs?pid=45&rndcb=6146018267
https://sync.1rx.io/usersync/turn/4123746814959108888?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-423f4343-3912-4957-943a-469617546e0d-004?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-423f4343-3912-4957-943a-469...
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-423f4343-3912-4957-943a-469617546e0d-004

0
446 B

274ms
274ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-423f4343-3912-4957-943a-469617546e0d-004
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7e9cd40c5f25262a-NRT
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 17:12:18 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-type: text/html
date: Thu, 20 Jul 2023 17:12:18 GMT
etag: RX423f434339124957943a469617546e0d004
location: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-423f4343-3912-4957-943a-469617546e0d-004
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H2

200

9731948c-e92e-54c9-a64a-22bfc2f3484d Show response
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 0DB4
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-421440300299332427
https://csync.smilewanted.com/set_partner_userid_get/betweenx/9731948c-e92e-54c9-a64a-22bfc2f3484d

0
444 B

262ms
261ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/betweenx/9731948c-e92e-54c9-a64a-22bfc2f3484d
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7e9cd40c8f3c262a-NRT
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 17:12:18 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: https://csync.smilewanted.com/set_partner_userid_get/betweenx/9731948c-e92e-54c9-a64a-22bfc2f3484d

GET
H3

200

setuid
u.4dex.io/
Redirect Chain

https://u.openx.net/w/1.0/cm?id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D
https://u.4dex.io/setuid?bidder=openx&uid=ca81e5a6-6dbc-4715-9c2d-4016c1d55aa7

0
15 B

5ms
4ms

Image
text/plain

34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=openx&uid=ca81e5a6-6dbc-4715-9c2d-4016c1d55aa7
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H3
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

date: Thu, 20 Jul 2023 17:12:18 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://u.4dex.io/setuid?bidder=openx&uid=ca81e5a6-6dbc-4715-9c2d-4016c1d55aa7
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4986 0
20 B 37ms
37ms Ping
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1255188935049&version=m202306200101&ct=76&x=60&cor=4109918814840772000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 9847
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=9fa15752-811e-4e1a-9968-2f6499bac335&dongle=0cfd&gdpr=0&gdpr_consent=

37 B
353 B

147ms
147ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=9fa15752-811e-4e1a-9968-2f6499bac335&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 20 Jul 2023 17:12:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://eb2.3lift.com/xuid?mid=3658&xuid=9fa15752-811e-4e1a-9968-2f6499bac335&dongle=0cfd&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 251

GET
H2

200

ebda
eb2.3lift.com/ Frame 9847
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM3NTY2ODE3MzY3MTk4NzY4MTI5
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

37 B
139 B

144ms
144ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 9847
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDGCm89cznk1oxkNuNKY89U&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
353 B

148ms
148ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDGCm89cznk1oxkNuNKY89U&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 20 Jul 2023 17:12:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDGCm89cznk1oxkNuNKY89U&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9847
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM3NTY2ODE3MzY3MTk4NzY4MTI5

170 B
188 B

44ms
44ms

Image
image/png

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM3NTY2ODE3MzY3MTk4NzY4MTI5

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM3NTY2ODE3MzY3MTk4NzY4MTI5
date: Thu, 20 Jul 2023 17:12:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 9847 0
580 B 184ms
182ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=237566817367198768129&dbredirect=true&gdpr=0&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:18 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: DC9B3935A72547FA8D853AC6566AB361 Ref B: TYAEDGE0906 Ref C: 2023-07-20T17:12:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYA7kAfuuAnnBbW3lSUAA==

GET
H2

200

xuid
eb2.3lift.com/ Frame 9847
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=237566817367198768129&gdpr=0&gdpr_consent=
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=60efbb57-2267-4652-b393-c2f0667b04c4&ssp=triplelift
https://eb2.3lift.com/xuid?mid=2409&xuid=817c9144-d961-4726-86a6-7595c6e4d090&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

37 B
353 B

151ms
151ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=817c9144-d961-4726-86a6-7595c6e4d090&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 20 Jul 2023 17:12:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: //eb2.3lift.com/xuid?mid=2409&xuid=817c9144-d961-4726-86a6-7595c6e4d090&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date: Thu, 20 Jul 2023 17:12:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 c.gif
c.bing.com/ Frame 9847 42 B
230 B 51ms
49ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=237566817367198768129&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:17 GMT
last-modified: Tue, 06 Jun 2023 16:36:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 90B11C3546A7424D96D7AB1422C73EFF Ref B: TYBEDGE0911 Ref C: 2023-07-20T17:12:18Z
etag: "7b637fb9498d91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame 9847
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/237566817367198768129?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-VScbk2dE2oQLIqBoQyT0b0R2uWaObUaAHqoJD14Lqg--~A&dongle=0883

37 B
353 B

149ms
148ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-VScbk2dE2oQLIqBoQyT0b0R2uWaObUaAHqoJD14Lqg--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 20 Jul 2023 17:12:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Thu, 20 Jul 2023 17:12:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-VScbk2dE2oQLIqBoQyT0b0R2uWaObUaAHqoJD14Lqg--~A&dongle=0883
content-length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 9847
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
https://stags.bluekai.com/site/23178?id=5nyIHNHYatsdhuk_fBpQ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5GVXHSSKIJZEFS...
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=5nyIHNHYatsdhuk_fBpQ

37 B
353 B

147ms
147ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=5nyIHNHYatsdhuk_fBpQ
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 20 Jul 2023 17:12:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 17:12:19 GMT
Content-Type: text/html; charset=utf-8
Location: https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=5nyIHNHYatsdhuk_fBpQ
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 115
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 9847
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=6041145649349111353&dongle=4d58&gdpr=0&gdpr_consent=

37 B
353 B

149ms
148ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=6041145649349111353&dongle=4d58&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 20 Jul 2023 17:12:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
an-x-request-uuid: 96e37cfd-3fe7-4ace-8b52-ca895f4a11eb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://eb2.3lift.com/xuid?mid=3335&xuid=6041145649349111353&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin: 217.138.252.196; 217.138.252.196; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

7bfd7373ddb330b07b9a9d9bc9363b48c078e9ae1d321c806ec86393abf5297f Show response
csync.smilewanted.com/set_partner_userid_get/bizzclick/ Frame CDCA
Redirect Chain

https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/7bfd7373ddb330b07b9a9d9bc9363b48c078e9ae1d321c806ec86393abf5297f

0
515 B

266ms
266ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/7bfd7373ddb330b07b9a9d9bc9363b48c078e9ae1d321c806ec86393abf5297f
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7e9cd40e3817262a-NRT
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 17:12:19 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Date: Thu, 20 Jul 2023 17:12:18 GMT
Expires: 0
Location: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/7bfd7373ddb330b07b9a9d9bc9363b48c078e9ae1d321c806ec86393abf5297f
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame A793
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

281 B
554 B

3ms
3ms

Document
text/html

23.60.110.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.60.110.42 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-60-110-42.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 20 Jul 2023 17:12:18 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 20 Jul 2023 17:12:18 GMT
location: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server: AkamaiGHost

GET
H2

200

user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0683
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1689873138085.4&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D

15 KB
6 KB

5ms
3ms

Document
text/html

23.44.52.240
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-52-240.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=145963
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Thu, 20 Jul 2023 17:12:18 GMT
expires: Sat, 22 Jul 2023 09:45:01 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
date: Thu, 20 Jul 2023 17:12:17 GMT
expires: Thu, 01-Jan-70 00:00:01 GMT
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma: no-cache
referrer-policy: unsafe-url
server: 33XP019
x-33x-status: 40000000008200000A

GET
H3

200

cm Show response
us-u.openx.net/w/1.0/ Frame 5801
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1689873138085.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D...

907 B
511 B

42ms
42ms

Document
text/html

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 7da17a1c41361c21bfabf7ac6eee19ae4b564e61d693d9454fe73d982ee78781

Request headers

Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 492
content-type: text/html
date: Thu, 20 Jul 2023 17:12:18 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
date: Thu, 20 Jul 2023 17:12:17 GMT
expires: Thu, 01-Jan-70 00:00:01 GMT
location: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma: no-cache
referrer-policy: unsafe-url
server: 33XP009
x-33x-status: 40000000008200000A

GET
H3

200

setuid
u.4dex.io/ Frame 4F16
Redirect Chain

https://ssc-cms.33across.com/ps/?_=1689873138085.&ri=0015a00002oUk4aAAC&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
https://u.4dex.io/setuid?bidder=33across&uid=212164344206024

0
15 B

7ms
6ms

Image
text/plain

34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=33across&uid=212164344206024
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol: H3
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:17 GMT
referrer-policy: unsafe-url
server: 33XP018
x-33x-status: 100000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://u.4dex.io/setuid?bidder=33across&uid=212164344206024
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

match
events-ssc.33across.com/ Frame 4F16
Redirect Chain

https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=93&user_id=9fa15752-811e-4e1a-9968-2f6499bac335&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=817c9144-d961-4726-86a6-7595c6e4d090
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=817c9144-d961-4726-86a6-7595c6e4d090&ts=1689873138&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
126 B

100ms
96ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=10&external_user_id=817c9144-d961-4726-86a6-7595c6e4d090&ts=1689873138&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:18 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:17 GMT
referrer-policy: unsafe-url
server: 33XP015
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=10&external_user_id=817c9144-d961-4726-86a6-7595c6e4d090&ts=1689873138&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

match
events-ssc.33across.com/ Frame 4F16
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1689873138085.6&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253...
https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=6041145649349111353

68 B
126 B

92ms
92ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=6041145649349111353
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:18 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
an-x-request-uuid: ebf528d2-af99-41f8-be75-e5218990bb58
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=6041145649349111353
x-proxy-origin: 217.138.252.196; 217.138.252.196; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame 4F16
Redirect Chain

https://px.ads.linkedin.com/db_sync?pid=15927&puuid=1yuPQ2S5avGDNq5xRuEGzQ%3D%3D&us_privacy=&_rand=1689873138085.7
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=1yuPQ2S5avGDNq5xRuEGzQ%3D%3D&us_privacy=&_rand=1689873138085.7&expected_cookie=e367e610-7947-4429-9f6e-12e27ee764ac

0
143 B

191ms
191ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15927&puuid=1yuPQ2S5avGDNq5xRuEGzQ%3D%3D&us_privacy=&_rand=1689873138085.7&expected_cookie=e367e610-7947-4429-9f6e-12e27ee764ac
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:18 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: CA54B17147BA426EB145C26758D8F4CA Ref B: TYAEDGE0906 Ref C: 2023-07-20T17:12:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYA7kAiot1COe2cILgqPQ==

Redirect headers

date: Thu, 20 Jul 2023 17:12:18 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 96095FEE30D64E11810752932E840C93 Ref B: TYAEDGE0906 Ref C: 2023-07-20T17:12:18Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
location: /db_sync?pid=15927&puuid=1yuPQ2S5avGDNq5xRuEGzQ%3D%3D&us_privacy=&_rand=1689873138085.7&expected_cookie=e367e610-7947-4429-9f6e-12e27ee764ac
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYA7kAfy6UE/l+pBilDAQ==

GET
H2

204

9fa15752-811e-4e1a-9968-2f6499bac335
map.go.affec.tv/map/ttd/ Frame 4F16
Redirect Chain

https://map.go.affec.tv/map/3a/?pid=1yuPQ2S5avGDNq5xRuEGzQ%3D%3D&us_privacy=&ts=1689873138085.8
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D64b96af25d4b1a00017f5a71%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
https://map.go.affec.tv/map/an/6041145649349111353?ch=64b96af25d4b1a00017f5a71&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
https://map.go.affec.tv/map/ttd/9fa15752-811e-4e1a-9968-2f6499bac335?ttd_puid=&gdpr=0&gdpr_consent=

0
564 B

69ms
69ms

Image
text/plain

54.151.157.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://map.go.affec.tv/map/ttd/9fa15752-811e-4e1a-9968-2f6499bac335?ttd_puid=&gdpr=0&gdpr_consent=
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol: H2
Server: 54.151.157.69 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-151-157-69.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:18 GMT
content-encoding: gzip
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://map.go.affec.tv/map/ttd/9fa15752-811e-4e1a-9968-2f6499bac335?ttd_puid=&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 229

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 4F16
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=1yuPQ2S5avGDNq5xRuEGzQ%3D%3D&us_privacy=&random=1689873138085.9&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%...
https://dpm.demdex.net/ibs:dpid=540&dpuuid=eb972ec4-bd73-4a82-b320-6f31bc0f5988&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=eb972ec4-bd73-4a82-b320-6f31bc0f5988&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device...
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=02539039547372527444589749211747002383&pt=eb972ec4-bd73-4a82-b320-6f31bc0f5988%2C%2C

95 B
123 B

40ms
40ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=02539039547372527444589749211747002383&pt=eb972ec4-bd73-4a82-b320-6f31bc0f5988%2C%2C

Requested by

Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:18 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

DCS: dcs-prod-tyo3-1-v047-016a2354d.edge-tyo3.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: o9nZWeJhRO8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=02539039547372527444589749211747002383&pt=eb972ec4-bd73-4a82-b320-6f31bc0f5988%2C%2C
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

mapuid
secure.adnxs.com/ Frame 4F16
Redirect Chain

https://dp1.33across.com/ps/?pid=669&uid=1yuPQ2S5avGDNq5xRuEGzQ%3D%3D&us_privacy=&random=1689873138085.10&pu=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212164344206024&seg_code=33x&random=1689873138

43 B
791 B

71ms
71ms

Image
image/gif

103.43.90.179
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/mapuid?t=2&member=1001&user=212164344206024&seg_code=33x&random=1689873138

Requested by

Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1

Protocol

Server

103.43.90.179 , Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
an-x-request-uuid: 07c88d98-2683-420e-956e-e8d995d16f24
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.138.252.196; 217.138.252.196; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
referrer-policy: unsafe-url
server: 33XP017
x-33x-status: 402044000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://secure.adnxs.com/mapuid?t=2&member=1001&user=212164344206024&seg_code=33x&random=1689873138
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A793 34 KB
10 KB 2ms
2ms Script
text/html 23.60.110.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.60.110.42 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-60-110-42.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 24429211bd14ed5f592ff2bdcac2c33cea10bcbd21ffeb47c38d25eccdfd4f72

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 17:12:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Jul 2023 20:29:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=11778
Connection: keep-alive
Content-Length: 10114
Expires: Thu, 20 Jul 2023 20:28:36 GMT

GET
H2

200

4931925723668045182 Show response
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 9C12
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
https://csync.smilewanted.com/set_partner_userid_get/adform/4931925723668045182

0
388 B

259ms
258ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/adform/4931925723668045182
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7e9cd40b8e24262a-NRT
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 17:12:18 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-length: 0
content-type: text/plain
date: Thu, 20 Jul 2023 17:12:18 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/adform/4931925723668045182
server: nginx

GET
H2

200

match
events-ssc.33across.com/ Frame A793
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&gdpr_consent=undefined&gdpr=0&khaos=LKBETYXU-I-KVDD
https://ssc-cms.33across.com/ps/?xi=1&xu=LKBETYXU-I-KVDD&gdpr=0&gdpr_consent=undefined
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LKBETYXU-I-KVDD&ts=1689873139&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
117 B

93ms
93ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LKBETYXU-I-KVDD&ts=1689873139&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:19 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
referrer-policy: unsafe-url
server: 33XP003
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LKBETYXU-I-KVDD&ts=1689873139&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

add0c06fe74706fc111c7542e4227ee Show response
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 3289
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/add0c06fe74706fc111c7542e4227ee?gdpr_consent=&gdpr=0

0
716 B

254ms
254ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/add0c06fe74706fc111c7542e4227ee?gdpr_consent=&gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7e9cd40e4828262a-NRT
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 17:12:19 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Thu, 20 Jul 2023 17:12:18 GMT
Expires: Thu, 20 Jul 2023 17:12:18 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/add0c06fe74706fc111c7542e4227ee?gdpr_consent=&gdpr=0
Pragma: no-cache
Server: nginx
x-sticky-vk: 1689873138863040-41

GET
H2

200

%7BSTX_USER_ID%7D Show response
csync.smilewanted.com/set_partner_userid_get/sharethrough/ Frame 7A6C
Redirect Chain

https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/sharethrough/%7BSTX_USER_ID%7D?gdpr=0

0
636 B

267ms
267ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/sharethrough/%7BSTX_USER_ID%7D?gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7e9cd40c4f17262a-NRT
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 17:12:18 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-length: 0
date: Thu, 20 Jul 2023 17:12:18 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/sharethrough/%7BSTX_USER_ID%7D?gdpr=0

GET
H2

200

0caf2e976c1d8df391e6406e7fe82730402b87e436ef4d2c08c0ad117b27a31a Show response
csync.smilewanted.com/set_partner_userid_get/smartyads/ Frame 1261
Redirect Chain

https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
https://csync.smilewanted.com/set_partner_userid_get/smartyads/0caf2e976c1d8df391e6406e7fe82730402b87e436ef4d2c08c0ad117b27a31a

0
535 B

262ms
262ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/smartyads/0caf2e976c1d8df391e6406e7fe82730402b87e436ef4d2c08c0ad117b27a31a
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7e9cd40e3816262a-NRT
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 17:12:19 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Date: Thu, 20 Jul 2023 17:12:18 GMT
Expires: 0
Location: https://csync.smilewanted.com/set_partner_userid_get/smartyads/0caf2e976c1d8df391e6406e7fe82730402b87e436ef4d2c08c0ad117b27a31a
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 match Show response
events-ssc.33across.com/ Frame 13E6 68 B
216 B 108ms
96ms Document
image/png 34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png
date: Thu, 20 Jul 2023 17:12:18 GMT
via: 1.1 google

GET
H2 200 match
events-ssc.33across.com/ Frame 5801 68 B
126 B 92ms
91ms Image
image/png 34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=70&external_user_id=30e0ed5d-645f-4532-bcb3-72e11003c110
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:18 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

GET
H2 200 d24c8777-2a78-e794-e153-6bc4e5009e06
pr-bh.ybp.yahoo.com/sync/openx/ Frame 5801 43 B
604 B 73ms
73ms Image
image/gif 2406:da18:929:5a03:6501:163c:2f11:2df9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/d24c8777-2a78-e794-e153-6bc4e5009e06?gdpr=0

Requested by

Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2406:da18:929:5a03:6501:163c:2f11:2df9 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:12:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET openx
cs.nex8.net/cs/ Frame 5801 0
0

GET
H3

200

dds
rtb.openx.net/sync/ Frame 5801
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=md1rDxNSzPM28DGGyU5p9Q==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
58 B

41ms
41ms

Image
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame 5801
Redirect Chain

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
https://jp-u.openx.net/w/1.0/sd?id=537072588&val=EbSD-EmNUez-l

43 B
61 B

39ms
39ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072588&val=EbSD-EmNUez-l
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 17:12:18 GMT
Server: nginx
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Location: https://jp-u.openx.net/w/1.0/sd?id=537072588&val=EbSD-EmNUez-l
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 0
expires: -1

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 5801
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4123746814959108888&gdpr=0&gdpr_consent=&us_privacy=

43 B
61 B

44ms
42ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=4123746814959108888&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=4123746814959108888&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:17 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 5801
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=468be133-bad4-75dd-d084-7d311a57534f&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=9fa15752-811e-4e1a-9968-2f6499bac335&ttd_puid=468be133-bad4-75dd-d084-7d311a57534f&gdpr=0&gdpr_consent=

43 B
62 B

45ms
45ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=9fa15752-811e-4e1a-9968-2f6499bac335&ttd_puid=468be133-bad4-75dd-d084-7d311a57534f&gdpr=0&gdpr_consent=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=9fa15752-811e-4e1a-9968-2f6499bac335&ttd_puid=468be133-bad4-75dd-d084-7d311a57534f&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 5801
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZLlq8cCo5ucAAOz0akIAAAAA

43 B
172 B

43ms
38ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZLlq8cCo5ucAAOz0akIAAAAA
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 20 Jul 2023 17:12:18 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"217.138.252.196","key":"ZLlq8cCo5ucAAOz0akIAAAAA","privacy_sensitive":false,"uid":"ZLlq8cCo5ucAAOz0akIAAAAA","upstream_id":"m-ad366"}
X-SO-Key: ZLlq8cCo5ucAAOz0akIAAAAA
X-SO-Upstream-ID: m-ad366
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: m-ad366.dc4p.scaleout.jp
X-SO-UID: ZLlq8cCo5ucAAOz0akIAAAAA
Connection: keep-alive
Content-Length: 0
X-SO-IP: 217.138.252.196
X-SO-Cluster-ID: 0
Server: nginx
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZLlq8cCo5ucAAOz0akIAAAAA
Cache-Control: private
X-SO-Ads-Time: 2
X-SO-LB-Hostname: a-tgng40016.dc2p.scaleout.jp

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame 5801
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQmboG4ipd8wks8AD7Il6q7Bq88AAAGJdEnDKw

43 B
61 B

43ms
42ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQmboG4ipd8wks8AD7Il6q7Bq88AAAGJdEnDKw
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
via: 1.1 238f87cf80263f9c43ff4cecc9810868.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: NRT20-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQmboG4ipd8wks8AD7Il6q7Bq88AAAGJdEnDKw
cache-control: no-cache
content-length: 0
x-amz-cf-id: JUcq5SzHllryBT09zjVwMHAZwnrHc8oACYyW6xjkt3ULmSCGXbw-XQ==
expires: -1

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 5801 170 B
188 B 48ms
47ms Image
image/png 142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmFlNDMyZjktNzNhMy0yYjc5LWM1NjQtMjc4OGQwYjU5ZDJm

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 5801
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJVCJDxHtPZEGTa95M46uHQ&google_cver=1

43 B
61 B

47ms
40ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJVCJDxHtPZEGTa95M46uHQ&google_cver=1
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJVCJDxHtPZEGTa95M46uHQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 match Show response
events-ssc.33across.com/ Frame C289 68 B
117 B 97ms
96ms Document
image/png 34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png
date: Thu, 20 Jul 2023 17:12:18 GMT
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9BBF 15 KB
6 KB 84ms
79ms Document
text/html 23.44.52.240
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Requested by: Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=8429213012
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-52-240.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://sync.richaudience.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=145963
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Thu, 20 Jul 2023 17:12:18 GMT
expires: Sat, 22 Jul 2023 09:45:01 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

/
sync.richaudience.com/03635d2e5423be5c297a9b6f812b727e/ Frame 6B12
Redirect Chain

https://pixel.advertising.com/ups/58170/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58170/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true
https://sync.richaudience.com/03635d2e5423be5c297a9b6f812b727e/?action=in&uid=y-1jz4B1lE2uHC1g9gO7eJPiaUBXbJacDO~A&gdpr=0

95 B
382 B

250ms
249ms

Image
image/png

162.55.233.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/03635d2e5423be5c297a9b6f812b727e/?action=in&uid=y-1jz4B1lE2uHC1g9gO7eJPiaUBXbJacDO~A&gdpr=0
Requested by: Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=8429213012
Protocol: H2
Server: 162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.233.55.162.clients.your-server.de
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://sync.richaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/png
date: Thu, 20 Jul 2023 17:12:16 GMT
server: nginx/1.14.1
x-powered-by: PHP/8.2.4
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location: https://sync.richaudience.com/03635d2e5423be5c297a9b6f812b727e/?action=in&uid=y-1jz4B1lE2uHC1g9gO7eJPiaUBXbJacDO~A&gdpr=0
date: Thu, 20 Jul 2023 17:12:18 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
sync.richaudience.com/1334b6ec0ff0dc970481738a2374448c/ Frame 6B12
Redirect Chain

https://ups.analytics.yahoo.com/ups/58368/occ?gdpr=0&gdpr_consent=
https://sync.richaudience.com/1334b6ec0ff0dc970481738a2374448c/?uid=y-u1D.YDNE2uEkdBoyWpXjZf3lR8ZSpY1JPMXBcjQ-~A&gdpr=0

95 B
390 B

253ms
249ms

Image
image/png

162.55.233.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1334b6ec0ff0dc970481738a2374448c/?uid=y-u1D.YDNE2uEkdBoyWpXjZf3lR8ZSpY1JPMXBcjQ-~A&gdpr=0
Requested by: Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=8429213012
Protocol: H2
Server: 162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.233.55.162.clients.your-server.de
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://sync.richaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/png
date: Thu, 20 Jul 2023 17:12:16 GMT
server: nginx/1.14.1
x-powered-by: PHP/8.2.4
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location: https://sync.richaudience.com/1334b6ec0ff0dc970481738a2374448c/?uid=y-u1D.YDNE2uEkdBoyWpXjZf3lR8ZSpY1JPMXBcjQ-~A&gdpr=0
date: Thu, 20 Jul 2023 17:12:18 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/ Frame 6B12
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID&gdpr=0&gdpr_consent=
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=6041145649349111353&gdpr=0&gdpr_consent=

95 B
365 B

257ms
250ms

Image
image/png

162.55.233.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=6041145649349111353&gdpr=0&gdpr_consent=
Requested by: Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=8429213012
Protocol: H2
Server: 162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.233.55.162.clients.your-server.de
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://sync.richaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/png
date: Thu, 20 Jul 2023 17:12:16 GMT
server: nginx/1.14.1
x-powered-by: PHP/8.2.4
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:18 GMT
an-x-request-uuid: 7a399ffb-f8a3-4f22-acdb-7eefd5207f8c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=6041145649349111353&gdpr=0&gdpr_consent=
x-proxy-origin: 217.138.252.196; 217.138.252.196; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6B12
Redirect Chain

https://id5-sync.com/s/286/9.gif?puid=ab3b7a1c-1d30-4f54-9e6d-0zz1689873133&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fuid%3D%7BID5UID%7D
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F441%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://id5-sync.com/c/286/441/8/2.gif?puid=a_87b1b6ce-c47f-4bbe-a6be-2036ba058ca7&gdpr=0&gdpr_consent=
https://inmobi-match.dotomi.com/match/bounce/current?networkId=98193&version=1&gdpr=0&gdpr_consent=
https://inmobi-match.dotomi.com/match/bounce/current?DotomiTest=1c01eb56d7a41b46&is_secure=true&networkId=98193&version=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/822.gif?puid=AAANK4z3XDE7VwNOA-j8AAAAAAA&expiration=1689959539&is_secure=true&gdpr_consent=&gdpr=0
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F826%2F6%2F4.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D

0
187 B

240ms
240ms

Image
text/plain

98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F826%2F6%2F4.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D
Requested by: Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=8429213012
Protocol: H2
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://sync.richaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:19 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F826%2F6%2F4.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D
date: Thu, 20 Jul 2023 17:12:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

/
sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/ Frame 6B12
Redirect Chain

https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=ab3b7a1c-1d30-4f54-9e6d-0zz1689873133
https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=817c9144-d961-4726-86a6-7595c6e4d090&gdpr=0&gdpr_consent=&us_ps=

95 B
379 B

249ms
249ms

Image
image/png

162.55.233.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=817c9144-d961-4726-86a6-7595c6e4d090&gdpr=0&gdpr_consent=&us_ps=
Requested by: Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=8429213012
Protocol: H2
Server: 162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.233.55.162.clients.your-server.de
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://sync.richaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/png
date: Thu, 20 Jul 2023 17:12:16 GMT
server: nginx/1.14.1
x-powered-by: PHP/8.2.4
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Location: //sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=817c9144-d961-4726-86a6-7595c6e4d090&gdpr=0&gdpr_consent=&us_ps=
Date: Thu, 20 Jul 2023 17:12:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 / Show response
sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/ Frame 0D5F 0
474 B 251ms
250ms Document
text/html 162.55.233.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?pmUserId=141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.233.55.162.clients.your-server.de
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 17:12:16 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx/1.14.1
x-powered-by: PHP/8.2.4

GET
H2 200 / Show response
sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/ Frame FCF5 0
474 B 249ms
249ms Document
text/html 162.55.233.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?pmUserId=141C74A5-B50F-4CFF-8575-960D9DCA6DC3
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.233.55.162.clients.your-server.de
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 17:12:16 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx/1.14.1
x-powered-by: PHP/8.2.4

GET
H3

200

setuid
u.4dex.io/
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1476273142
https://sync.1rx.io/usersync/tradedesk/9fa15752-811e-4e1a-9968-2f6499bac335
https://sync.targeting.unrulymedia.com/csync/RX-423f4343-3912-4957-943a-469617546e0d-004?redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-423f4343-3912-4957-943a-469617546e0d-004
https://u.4dex.io/setuid?bidder=unruly&uid=RX-423f4343-3912-4957-943a-469617546e0d-004

0
15 B

5ms
4ms

Image
text/plain

34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=unruly&uid=RX-423f4343-3912-4957-943a-469617546e0d-004
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H3
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:19 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

location: https://u.4dex.io/setuid?bidder=unruly&uid=RX-423f4343-3912-4957-943a-469617546e0d-004
date: Thu, 20 Jul 2023 17:12:19 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX423f434339124957943a469617546e0d004
content-type: text/html

GET
H3

200

setuid
u.4dex.io/
Redirect Chain

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://u.4dex.io/setuid?bidder=sovrn&uid=HA2ILLZHTHEuzX5AQkus6IgK

0
15 B

6ms
5ms

Image
text/plain

34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=sovrn&uid=HA2ILLZHTHEuzX5AQkus6IgK
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H3
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:20 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

Date: Thu, 20 Jul 2023 17:12:20 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://u.4dex.io/setuid?bidder=sovrn&uid=HA2ILLZHTHEuzX5AQkus6IgK
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 200
OK sync Show response
ssbsync.smartadserver.com/api/ Frame 92EA 829 B
931 B 369ms
67ms Document
text/html 23.106.127.38
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.38 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: b880f4a6898fbbaa5563a65dfd88c6277a84e95151987ff9dc94252aad50c264

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-length: 829
content-type: text/html
date: Thu, 20 Jul 2023 17:12:21 GMT

GET
H3 200 setuid
u.4dex.io/ Frame 92EA 0
15 B 8ms
6ms Image
text/plain 34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=smart&uid=161175378474174537&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:21 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 92EA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZLlq7QACT-5HnwAb&gdpr=0&gdpr_consent=

43 B
456 B

71ms
69ms

Image
image/gif

23.106.127.53
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZLlq7QACT-5HnwAb&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 23.106.127.53 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:20 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by: cache-tyo11935-TYO
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:21 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1689873142.515082,VS0,VE0
x-cache: HIT
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZLlq7QACT-5HnwAb&gdpr=0&gdpr_consent=
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 92EA
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=zOB8ZESmyV2h&ev=1&pid=560288&gdpr_consent=&gdpr=0

43 B
495 B

71ms
70ms

Image
image/gif

23.106.127.53
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=zOB8ZESmyV2h&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 23.106.127.53 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:21 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: jp-JP
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=zOB8ZESmyV2h&ev=1&pid=560288&gdpr_consent=&gdpr=0
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-579c9b568b-ftqfd
expires: -1

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 92EA
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6041145649349111353&gdpr=0&gdpr_consent=

43 B
479 B

141ms
70ms

Image
image/gif

23.106.127.53
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6041145649349111353&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 23.106.127.53 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:21 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:21 GMT
an-x-request-uuid: c61941d4-3c98-43b8-a6a3-692226fc2783
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6041145649349111353&gdpr=0&gdpr_consent=
x-proxy-origin: 217.138.252.196; 217.138.252.196; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 92EA
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=9fa15752-811e-4e1a-9968-2f6499bac335&gdpr=0&gdpr_consent=

43 B
476 B

135ms
70ms

Image
image/gif

23.106.127.53
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=9fa15752-811e-4e1a-9968-2f6499bac335&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 23.106.127.53 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:20 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=9fa15752-811e-4e1a-9968-2f6499bac335&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 299

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 6ms
4ms Image
image/gif 23.44.53.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=MILLENNIALNEXAGEINAPP1&ol=492976120&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tnH%2FUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-SScRKbOpzNBk3A%3D%3D&sc=1&os=1-vw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=90&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ftsuredurediary.com%2Farchives%2Fwindows-file-collective-acquisition.html&id=1&ii=4&f=0&j=&t=1689873136320&de=560425372846&cu=1689873136320&m=5576&ar=c013c52fed3-clean&iw=46fb322&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=10063&le=1&lf=578&lg=0&lh=13&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A550%3A622%3A0%3A880&as=1&ag=5065&an=1228&gi=1&gf=5065&gg=1228&ix=5065&ic=5065&ez=1&ck=1025&kw=823&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5065&bx=1228&ci=1025&jz=823&dj=1&aa=1&ad=4965&cn=1128&gn=1&gk=4965&gl=1128&ik=4965&co=1128&cp=1085&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4923&cd=1085&ah=4923&am=1085&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=13513%3ACriteoKK%3Anull%3A93495-970x90-HTML&bo=378107&bd=1668955&gw=millennialnexageinapp768429046591&zMoatOrigSlicer1=378107&zMoatOrigSlicer2=1668955&zMoatDomain=tsuredurediary.com&zMoatSubdomain=tsuredurediary.com&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=6&jm=-1&tc=0&fs=204627&na=1993983069&cs=0
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-53-234.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:21 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 17:12:21 GMT

GET
H2 200 pixel.gif
millennialnexageinapp768429046591.s.moatpixel.com/ 43 B
265 B 6ms
5ms Image
image/gif 23.45.57.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://millennialnexageinapp768429046591.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=823&tet=5065&fi=1&apd=5125&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=tsuredurediary.com&L1id=13513&L2id=CriteoKK&L3id=null&L4id=93495-970x90-HTML&S1id=378107&S2id=1668955&ord=1689873136320&r=560425372846&t=page5&os=1&fi2=1&div1=1&ait=0&url=https%253A%252F%252Ftsuredurediary.com%252Farchives%252Fwindows-file-collective-acquisition.html&mobile=0&click=0&initW=970&initH=90&initSRE=0.04546875&bedc=1&q=7&nu=1&ib=0&dc=0&ob=0&oh=0&lt=0&ab=0&n=0&nm=1&sp=0&pt=0
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.57.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-45-57-234.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 20 Jul 2023 17:12:21 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 17:12:21 GMT

GET
H3

200

setuid
u.4dex.io/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://u.4dex.io/setuid?bidder=appnexus&uid=6041145649349111353

0
15 B

5ms
5ms

Image
text/plain

34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=appnexus&uid=6041145649349111353
Requested by: Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Protocol: H3
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:22 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 17:12:22 GMT
an-x-request-uuid: 7abb55ac-52cf-44a1-8343-e98600208da4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://u.4dex.io/setuid?bidder=appnexus&uid=6041145649349111353
x-proxy-origin: 217.138.252.196; 217.138.252.196; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame D579 2 KB
814 B 278ms
277ms Document
text/html 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: tsuredurediary.com
URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258

Domain: ignore.me
URL: https://ignore.me/?&gdpr=0&gdpr_consent=

Domain: cs.nex8.net
URL: https://cs.nex8.net/cs/openx

Verdicts & Comments Add Verdict or Comment

342 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

232 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
map.go.affec.tv/map/ttd	1969-12-31 23:59:59	Name: oo Value: 1
map.go.affec.tv/map/an	1969-12-31 23:59:59	Name: oo Value: 1
.3lift.com/sync	1970-01-20 15:34:09	Name: sync Value: CgoIoQEQsYOnopcxCgoI4gEQsYOnopcxCgoI5gEQsYOnopcxCgoIhwIQsYOnopcxCgkICRCxg6eilzEKCQg6ELGDp6KXMQoJCAsQsYOnopcxCgoIjAIQsYOnopcxCgkIXxCxg6eilzEKCQgfELGDp6KXMQ==
tsuredurediary.com/	1970-01-20 14:07:45	Name: _pbjs_userid_consent_data Value: 6683316680106290
.tsuredurediary.com/	1970-01-20 15:34:09	Name: sharedid Value: 49d5be61-bede-4a0b-9531-075282cf8c45
.tsuredurediary.com/	1970-01-20 13:25:59	Name: _gid Value: GA1.2.937606763.1689873132
.tsuredurediary.com/	1970-01-20 13:24:33	Name: _gat_UA-126525324-1 Value: 1
.tsuredurediary.com/	1970-01-20 22:46:09	Name: cto_bundle Value: GKuwn19FTzgyMEpZczZtOCUyQmpGcFR0ZmVIbzJvaURxJTJCdGFoNk5FdFB1R2Z4c1pmMTV1MWZLbEtWMHVCMmNVazNsNFlxVENLc1dlU010Zm9xajBDRTZUZmhRTGFUeHMyblZaaFVNa2hEckhCb0dtSlE3a2t5TEwySEdvU2s2eTV2T2FjYWs
.tsuredurediary.com/	1970-01-20 22:46:09	Name: cto_bidid Value: OuAK7V9Yemp3RFh0eHc0M2tGdGlDRldLdW53NXlqVnk0UkRFbHVHNVc1MTRDRkRMMjB3R2pEZnM1TXhBbmFoYng5RTVNUlJsNEUzRnR2JTJGdFl2OUMyVk5mQUxnJTNEJTNE
.tsuredurediary.com/	1970-01-20 23:00:33	Name: _ga_40R5EFEG1Q Value: GS1.1.1689873132.1.0.1689873132.0.0.0
.tsuredurediary.com/	1970-01-20 23:00:33	Name: _ga Value: GA1.1.2071532570.1689873132
.valuecommerce.com/	1970-01-20 23:00:33	Name: VCB Value: ZLlq7AAG_tLZivzEwKhvIsCob2RYow&c=ec6ab964&v=2&s=71726db8
.tsuredurediary.com/	1970-01-20 23:00:33	Name: _VC_PTB_ Value: ZLlq7AAG_tLZivzEwKhvIsCob2RYow
.tsuredurediary.com/	1970-01-20 22:46:09	Name: __gads Value: ID=fbbe5f0852cd7e7b-2230ce25d3e200c9:T=1689873132:RT=1689873132:S=ALNI_Maie3MooXG0W5Uj-LMNFsdmsIg_3w
.tsuredurediary.com/	1970-01-20 22:46:09	Name: __gpi Value: UID=00000cddfbd74712:T=1689873132:RT=1689873132:S=ALNI_Ma17UJosvDs5R7im-gWjN_IXtQNiA
.quantserve.com/	1970-01-20 22:54:47	Name: mc Value: 64b96aec-92c66-937b2-bdf71
.tsuredurediary.com/	1970-01-20 22:49:01	Name: __qca Value: P0-749657837-1689873132465
.adsrvr.org/	1970-01-20 22:11:35	Name: TDID Value: 9fa15752-811e-4e1a-9968-2f6499bac335
.pubmatic.com/	1970-01-20 22:10:09	Name: KADUSERCOOKIE Value: 141C74A5-B50F-4CFF-8575-960D9DCA6DC3
.pubmatic.com/	1970-01-20 15:34:09	Name: DPSync3 Value: 1691020800%3A201_245_226%7C1690416000%3A248
.pubmatic.com/	1970-01-20 15:34:09	Name: SyncRTB3 Value: 1694995200%3A69%7C1690675200%3A63%7C1691107200%3A35%7C1691020800%3A76_8_21_217_264_220_202_54_254_5_3_209_13_179_46_234_107_71_214_233_56_22_96%7C1690416000%3A2_223_15
.doubleclick.net/	1970-01-20 23:00:33	Name: IDE Value: AHWqTUl4aVJmyecLXOY8ndjl-4iXNwJuhrqN4LVAWDLA_dvPaJEm916odl9LQYK1Rgc
.360yield.com/	1970-01-20 15:34:09	Name: tuuid Value: de1353e2-9a29-450f-b39f-f321b37d86d5
.360yield.com/	1970-01-20 15:34:09	Name: tuuid_lu Value: 1689873133
.richaudience.com/	1970-01-20 14:07:45	Name: pdid Value: ab3b7a1c-1d30-4f54-9e6d-0zz1689873133
.gumgum.com/	1970-01-20 22:10:09	Name: cs Value: true
.gumgum.com/	1970-01-20 14:07:45	Name: loc Value: t3jwFmAqVocP4ECUJzymXulAob8hnWbTA4_9C2TMTnHy7UcoJCCaqhRk_pxRIjEE3yVfmvJs-60Vs_bSDu6BI02CGL8v7FfuiaHSLLQZdQd797du2XCQRQ
.gumgum.com/	1970-01-20 22:10:09	Name: vst Value: a_87b1b6ce-c47f-4bbe-a6be-2036ba058ca7
.uncn.jp/	1970-01-20 22:10:09	Name: t Value: v_5658c150-8c00-43d9-b3d8-6b6d2a26192d
.bidswitch.net/	1970-01-20 22:10:09	Name: tuuid Value: 817c9144-d961-4726-86a6-7595c6e4d090
.bidswitch.net/	1970-01-20 22:10:09	Name: c Value: 1689873133
.bidswitch.net/	1970-01-20 22:10:09	Name: tuuid_lu Value: 1689873133
.ladsp.com/	1970-01-20 13:24:36	Name: cr Value: 1
.ad-m.asia/	1970-01-20 23:00:33	Name: uid Value: bwWUYOICGE
adtrack.adleadevent.com/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 9FC54D150466C174912E5199B1F8E822A79961F4596BFB1311DF4AD552FFCAECC412B5A4F8D63A2A90D1DB19587375008B81DF393E974B37DE71BA6F26DE79F63E8F5DED51
.ladsp.com/	1970-01-20 23:00:33	Name: smn_uid Value: IxP_l71k0R-QYEjerQQvoQ-yJequwas
.pubmatic.com/	1970-01-20 14:07:45	Name: KRTBCOOKIE_1201 Value: 23170-v_5658c150-8c00-43d9-b3d8-6b6d2a26192d&KRTB&23180-v_5658c150-8c00-43d9-b3d8-6b6d2a26192d
.pubmatic.com/	1970-01-20 14:07:45	Name: KRTBCOOKIE_629 Value: 11487-AYoTlKzp21W-ks8AD7Il6q7Bq88AAAGJdEmvJA
.ctnsnet.com/	1970-01-20 22:10:09	Name: cid_984cd8456f0a4da39379f665f1780ba8 Value: 1
.ctnsnet.com/	1970-01-20 22:10:09	Name: cid_8b682c0773df4f6baf21393ca7ad3821 Value: 1
.pubmatic.com/	1970-01-20 13:44:42	Name: KRTBCOOKIE_1159 Value: 23138-984cd8456f0a4da39379f665f1780ba8&KRTB&23328-984cd8456f0a4da39379f665f1780ba8&KRTB&23427-984cd8456f0a4da39379f665f1780ba8&KRTB&23445-984cd8456f0a4da39379f665f1780ba8
.omnitagjs.com/	1970-01-20 14:07:45	Name: ayl_visitor Value: ac6e6a84c0129ea84e5c28d0518b8bf8
.tapad.com/	1970-01-20 14:50:57	Name: TapAd_TS Value: 1689873133361
.tapad.com/	1970-01-20 14:50:57	Name: TapAd_DID Value: eb972ec4-bd73-4a82-b320-6f31bc0f5988
.c.appier.net/	1970-01-20 22:10:09	Name: _auid Value: Z-6RwqVFAfaFWVix7Wq5ZA
.adnxs.com/	1970-01-20 15:34:09	Name: uuid2 Value: 6041145649349111353
.quantserve.com/	1970-01-20 15:34:09	Name: d Value: EKgBCwHBKfijAA
.pubmatic.com/	1970-01-20 15:34:09	Name: KRTBCOOKIE_153 Value: 1923-9_SI5_ehj73s-di99_bH5_L3iOzsoo649vEL7hku&KRTB&19420-9_SI5_ehj73s-di99_bH5_L3iOzsoo649vEL7hku&KRTB&22979-9_SI5_ehj73s-di99_bH5_L3iOzsoo649vEL7hku&KRTB&23403-9_SI5_ehj73s-di99_bH5_L3iOzsoo649vEL7hku
.pubmatic.com/	1970-01-20 14:07:45	Name: KRTBCOOKIE_904 Value: 16787-Z-6RwqVFAfaFWVix7Wq5ZA
.pubmatic.com/	1970-01-20 15:34:09	Name: KRTBCOOKIE_377 Value: 6810-9fa15752-811e-4e1a-9968-2f6499bac335&KRTB&22918-9fa15752-811e-4e1a-9968-2f6499bac335&KRTB&23031-9fa15752-811e-4e1a-9968-2f6499bac335
.pubmatic.com/	1970-01-20 14:07:45	Name: KRTBCOOKIE_656 Value: 12671-ZLlq7cCo5ucAAOz0ZqoAAAAA&KRTB&23509-ZLlq7cCo5ucAAOz0ZqoAAAAA
.pubmatic.com/	1970-01-20 15:34:09	Name: KRTBCOOKIE_80 Value: 22987-CAESEPtUxZDCHGRLwUw9Vd7jfA4&KRTB&16514-CAESEPtUxZDCHGRLwUw9Vd7jfA4&KRTB&23025-CAESEPtUxZDCHGRLwUw9Vd7jfA4&KRTB&23386-CAESEPtUxZDCHGRLwUw9Vd7jfA4
.pubmatic.com/	1970-01-20 15:34:09	Name: KRTBCOOKIE_57 Value: 22776-6041145649349111353&KRTB&23339-6041145649349111353
.admatrix.jp/	1970-01-20 23:00:33	Name: uid Value: afa9b411-6baf-44df-9f19-634aef9d85e2
.pubmatic.com/	1970-01-20 14:07:45	Name: KRTBCOOKIE_943 Value: 19522-4HbfRsk3Npa&KRTB&23501-4HbfRsk3Npa
.gammaplatform.com/	1970-01-20 13:25:59	Name: _aGeoIp Value: ES\|Madrid
.gammaplatform.com/	1970-01-20 23:00:33	Name: _aUID Value: 1gr33lfnudym
.pubmatic.com/	1970-01-20 14:07:45	Name: KRTBCOOKIE_1310 Value: 23431-1gr33lfnudym&KRTB&23446-1gr33lfnudym&KRTB&23465-1gr33lfnudym
.everesttech.net/	1970-01-20 22:10:09	Name: everest_g_v2 Value: g_surferid~ZLlq7QACT-5HnwAb
.simpli.fi/	1970-01-20 22:11:35	Name: suid Value: B9BEF7920C67422A9995A618CFDA3C16
.w55c.net/	1970-01-20 22:56:13	Name: wfivefivec Value: awC87B491Qmxch5
.yahoo.com/	1970-01-20 22:10:30	Name: A3 Value: d=AQABBO1quWQCEFsQxYiO3Hm-vhuqHWDf1DkFEgEBAQG8umTDZGChyyMA_eMAAA&S=AQAAArO3O9AFXVqjZNxNSQWn8zk
.w55c.net/	1970-01-20 14:07:45	Name: matchpubmatic Value: 5
.pubmatic.com/	1970-01-20 15:34:09	Name: KRTBCOOKIE_107 Value: 1471-uid:awC87B491Qmxch5&KRTB&23421-uid:awC87B491Qmxch5
.crwdcntrl.net/	1970-01-20 19:53:20	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 19:53:20	Name: _cc_id Value: 4426a39f9efef60f1e7e12323d1f6fb3
.turn.com/	1970-01-20 17:43:45	Name: uid Value: 4123746814959108888
.pubmatic.com/	1970-01-20 14:07:45	Name: KRTBCOOKIE_22 Value: 14911-4123746814959108888&KRTB&23150-4123746814959108888
.rubiconproject.com/	1970-01-20 22:10:09	Name: khaos Value: LKBETYXU-I-KVDD
.smartadserver.com/	1970-01-20 22:11:35	Name: pid Value: 161175378474174537
.smartadserver.com/	1970-01-20 22:56:13	Name: TestIfCookieP Value: ok
.adform.net/	1970-01-20 14:09:11	Name: C Value: 1
.semasio.net/	1970-01-20 22:10:09	Name: SEUNCY Value: EAF3B0128A112051
.adform.net/	1970-01-20 14:50:57	Name: uid Value: 4931925723668045182
.pubmatic.com/	1970-01-20 14:07:45	Name: KRTBCOOKIE_391 Value: 22924-4931925723668045182&KRTB&23263-4931925723668045182&KRTB&23481-4931925723668045182
.r-ad.ne.jp/	1970-01-20 17:43:45	Name: r_ad_token Value: 55SHCD01BBDHN0065Rz3
.doubleclick.net/	1970-01-20 13:24:36	Name: DSID Value: NO_DATA
pool.admedo.com/	1970-01-20 22:10:09	Name: tuuid Value: d077fd57-1eb8-42ea-9b12-bd732beeeb74
pool.admedo.com/	1970-01-20 22:10:09	Name: c Value: 1689873133
pool.admedo.com/	1970-01-20 22:10:09	Name: tuuid_lu Value: 1689873133
.mathtag.com/	1970-01-20 22:50:28	Name: uuid Value: 74a464b9-6aed-4200-8735-dcc69b1c41c3
.adx.opera.com/	1970-01-20 22:10:09	Name: UID Value: OPU8c29e089347a415e8ce2f94f81107760
sync.srv.stackadapt.com/	1970-01-20 22:10:09	Name: sa-user-id Value: s%3A0-bb7d7efb-cba5-505e-478a-3532a83ddeda.G%2BRvOIFN%2FaBAutL%2FPQXCxEZv9Q%2FWMTw5dRX%2BIsfMK08
.srv.stackadapt.com/	1970-01-20 22:10:09	Name: sa-user-id Value: s%3A0-bb7d7efb-cba5-505e-478a-3532a83ddeda.G%2BRvOIFN%2FaBAutL%2FPQXCxEZv9Q%2FWMTw5dRX%2BIsfMK08
sync.srv.stackadapt.com/	1970-01-20 22:10:09	Name: sa-user-id-v2 Value: s%3Au31--8ulUF5HijUyqD3e2tmK_MQ.ObHrkuVUTYaUfiA5wBDHncWW3mxFAjvAD3veGU%2Fxslw
.srv.stackadapt.com/	1970-01-20 22:10:09	Name: sa-user-id-v2 Value: s%3Au31--8ulUF5HijUyqD3e2tmK_MQ.ObHrkuVUTYaUfiA5wBDHncWW3mxFAjvAD3veGU%2Fxslw
sync.srv.stackadapt.com/	1970-01-20 22:10:09	Name: sa-user-id-v3 Value: s%3AAQAKIM5C0t_41o3veWIrTcHKAam8fAQhGPV5xxD2Kv5PzWIbEHwYBCDt1eWlBjABOgTtmLXMQgRM4Gt8.c4QAztjyLs9IYqgKqszRfUEF0r1Nj%2B7H1biG84lI%2BTM
.srv.stackadapt.com/	1970-01-20 22:10:09	Name: sa-user-id-v3 Value: s%3AAQAKIM5C0t_41o3veWIrTcHKAam8fAQhGPV5xxD2Kv5PzWIbEHwYBCDt1eWlBjABOgTtmLXMQgRM4Gt8.c4QAztjyLs9IYqgKqszRfUEF0r1Nj%2B7H1biG84lI%2BTM
.pubmatic.com/	1970-01-20 15:34:09	Name: KRTBCOOKIE_860 Value: 16335-u31--8ulUF5HijUyqD3e2tmK_MQ&KRTB&23334-u31--8ulUF5HijUyqD3e2tmK_MQ&KRTB&23417-u31--8ulUF5HijUyqD3e2tmK_MQ&KRTB&23426-u31--8ulUF5HijUyqD3e2tmK_MQ
.pubmatic.com/	1970-01-20 15:34:09	Name: KRTBCOOKIE_466 Value: 16530-817c9144-d961-4726-86a6-7595c6e4d090
.csync.loopme.me/	1970-01-20 15:37:01	Name: viewer_token Value: ba8644ef-4435-4d97-8937-2ec0516427f9
.cpx.to/	1970-01-20 22:10:09	Name: cpSess Value: 456853408b2e52f2
.openx.net/	1970-01-20 22:10:09	Name: i Value: 9527de6a-1353-4a2a-8a52-b5d97e7060b2\|1689873134
.pubmatic.com/	1970-01-20 15:34:09	Name: KRTBCOOKIE_32 Value: 11175-AAANO-SkUHCh_wMSegWYAAAAAAA&KRTB&22713-AAANO-SkUHCh_wMSegWYAAAAAAA&KRTB&22715-AAANO-SkUHCh_wMSegWYAAAAAAA
.cpx.to/	1970-01-20 22:10:09	Name: dsp_pubmatic Value: 141C74A5-B50F-4CFF-8575-960D9DCA6DC3#1689873134166
.inmobi.com/	1970-01-20 15:34:09	Name: idsp_c Value: 697955ae-9ee8-4989-9704-4925e7d3f94f
.cpx.to/	1970-01-20 22:10:09	Name: dsp_dbm Value: CAESECfNb70x8Hcr7tP-xh6KyqI#1689873134407
.uuidksinc.net/	1970-01-20 22:10:09	Name: jcsuuid Value: gfJt76HJ8U7ybRH1LbYT
.cpx.to/	1970-01-20 22:10:09	Name: dsp_app_nexus Value: 6041145649349111353#1689873134648
.cpx.to/	1970-01-20 22:10:09	Name: dsp_pub_common Value: 426f4570-4ea7-45c7-8a1c-41e36db9c37d#1689873134648
.cpx.to/	1970-01-20 22:10:09	Name: dsp_TTD Value: 9fa15752-811e-4e1a-9968-2f6499bac335#1689873134648
.rfihub.com/	1970-01-20 22:46:09	Name: eud Value: H4sIAAAAAAAA_9vEyGtoZmFpYW5saGxibmIJAFS_xP8QAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNrQ0MjQ3MDAwsbA0tbAwNTYzMBfiM9TNcPZ2jgjNqTI1N8wGAH2HpuMlAAAA
.rfihub.com/	1970-01-20 22:46:09	Name: rud Value: H4sIAAAAAAAA_-MSNrQ0MjQ3MDAwsbA0tbAwNTYzMBfiM9TNcPZ2jgjNqTI1N8wGAH2HpuMlAAAA
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.pubmatic.com/	1970-01-20 15:34:09	Name: KRTBCOOKIE_18 Value: 22947-1921700048958853607
.pubmatic.com/	1970-01-20 14:07:45	Name: PugT Value: 1689873134
.cpx.to/	1970-01-20 22:10:09	Name: dsp_OPENX Value: 06b6cd20-867c-49d2-b212-859d1bc04ccd#1689873134708
.gonet-ads.com/	1970-01-20 22:11:35	Name: pid Value: MzBkNjM1ODVlNDViYThhYw
.amazon-adsystem.com/	1970-01-20 23:00:33	Name: ad-privacy Value: 0
.linkedin.com/	1970-01-20 22:10:09	Name: bcookie Value: "v=2&dd2a1443-666d-4f2e-8633-a00f14a1ba95"
.linkedin.com/	1970-01-20 13:25:59	Name: lidc Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2673:u=1:x=1:i=1689873135:t=1689959535:v=2:sig=AQGHd5Bd7GRIUrk7lPCcx9jWpPF-K-g9"
.amazon-adsystem.com/	1970-01-20 19:33:11	Name: ad-id Value: A19LFNc3zknhg3teKlPdGfU
.eyeota.net/	1970-01-20 22:11:35	Name: mako_uid Value: 1897449b7fb-43610000010e5c10
.eyeota.net/	1970-01-20 13:24:33	Name: SERVERID Value: 23568~DM
.bidr.io/	1970-01-20 22:53:06	Name: bito Value: AAFqhE7JctYAACRPCBZydQ
.bidr.io/	1970-01-20 22:53:06	Name: bitoIsSecure Value: ok
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 558893=5547912
.smartadserver.com/	1970-01-20 13:25:59	Name: sasd Value: %24qc%3D1311284246%3B%24ql%3DHigh%3B%24qpc%3D162-0843%3B%24qt%3D36_1721_129814t%3B%24dma%3D0
.smartadserver.com/	1970-01-20 13:25:59	Name: sasd2 Value: q=%24qc%3D1311284246%3B%24ql%3DHigh%3B%24qpc%3D162-0843%3B%24qt%3D36_1721_129814t%3B%24dma%3D0&c=1&l=-669273157&lo=1739943965&lt=638254699360370408&o=1
.ads.pubmatic.com/	1970-01-20 13:25:59	Name: pubsyncexp Value: 1689894736409
.criteo.com/	1970-01-20 22:46:09	Name: uid Value: 4da12f9a-cd1a-48cb-a7b1-1912804698e6
.adingo.jp/	1970-01-20 14:07:45	Name: dbm Value: CAESELxKisSwbzm5wmqtKBG2q1A
.doubleclick.net/	1970-01-20 17:43:45	Name: APC Value: Aa3gxNq9Bo7W61RgowrjVn6NCgwS4QdljY1wJodrBhi8kmAkPEkwvg
.casalemedia.com/	1970-01-20 22:10:09	Name: CMID Value: ZLlq8Cem3U2ac0ecaHH2TQAA
.casalemedia.com/	1970-01-20 15:34:09	Name: CMPS Value: 5399
.casalemedia.com/	1970-01-20 15:34:09	Name: CMPRO Value: 5399
.send.microad.jp/	1970-01-20 15:34:09	Name: TR Value: 9f02d9a238f6442bf45e7fb9e922ef5c
.bing.com/	1970-01-20 22:46:09	Name: MUID Value: 23507AF097AB61D239CA69A496F6601E
.c.bing.com/	1970-01-20 13:34:37	Name: MR Value: 0
.creativecdn.com/	1970-01-20 22:10:09	Name: u Value: jrwlP7uJsVbHhNsmKEft
.creativecdn.com/	1970-01-20 22:10:09	Name: ts Value: 1689873137
.uplynk.com/	1970-01-20 22:46:09	Name: COMBOID Value: "comboid=y-bAQ7WkBE2uHG9sofzCGdCMpMl9TmTnFL~A\|expires_at=1697649137"
.33across.com/	1970-01-20 22:10:09	Name: 33x_ps Value: u%3D212164344206024%3As1%3D1689873137502%3Ats%3D1689873137502
.socdm.com/	1970-01-20 23:00:33	Name: SOC Value: ZLlq8cCo5ucAAOz0akIAAAAA
.a-mo.net/	1970-01-20 22:10:09	Name: amuid2 Value: 31956c23-248a-4996-9347-39b34a7ff92f
.prebid.a-mo.net/	1970-01-20 22:10:09	Name: sd_amuid2 Value: 31956c23-248a-4996-9347-39b34a7ff92f
.missena.io/	1970-01-20 23:00:33	Name: msna Value: cismlsfh6pds73d3m6l0
.missena.io/	1970-01-20 23:00:33	Name: msnapbmcnw Value: 1
.missena.io/	1970-01-20 23:00:33	Name: msnapbmc Value: 141C74A5-B50F-4CFF-8575-960D9DCA6DC3
.missena.io/	1970-01-20 23:00:33	Name: msnampdgnw Value: 1
.missena.io/	1970-01-20 23:00:33	Name: msnampdg Value: de1353e2-9a29-450f-b39f-f321b37d86d5
.zemanta.com/	1970-01-20 22:10:09	Name: zuid Value: 5nyIHNHYatsdhuk_fBpQ
.missena.io/	1970-01-20 23:00:33	Name: msnaxndrnw Value: 1
.missena.io/	1970-01-20 23:00:33	Name: msnaxndr Value: 6041145649349111353
.missena.io/	1970-01-20 23:00:33	Name: msnayhoonw Value: 1
.missena.io/	1970-01-20 23:00:33	Name: msnayhoo Value: y-Ww01GGRE2uFUYqN0cDFBYSmwMhIDKhv_lK7plws-~A
.pubmatic.com/	1970-01-20 13:25:59	Name: pi Value: 158355:3
.pubmatic.com/	1970-01-20 15:34:09	Name: chkChromeAb67Sec Value: 3
.pubmatic.com/	1970-01-20 14:07:45	Name: SPugT Value: 1689873136
.missena.io/	1970-01-20 23:00:33	Name: msnadylknw Value: 1
.missena.io/	1970-01-20 23:00:33	Name: msnadylk Value: ac6e6a84c0129ea84e5c28d0518b8bf8
.missena.io/	1970-01-20 23:00:33	Name: msnasmrtnw Value: 1
.missena.io/	1970-01-20 23:00:33	Name: msnasmrt Value: 161175378474174537
.prebid.a-mo.net/	1970-01-20 13:25:59	Name: _sv3_12 Value: 1
.prebid.a-mo.net/	1970-01-20 13:25:59	Name: _sv3_0 Value: 1
.prebid.a-mo.net/	1970-01-20 13:25:59	Name: _sv3_4 Value: 1
.prebid.a-mo.net/	1970-01-20 13:25:59	Name: _sv3_13 Value: 1
.missena.io/	1970-01-20 23:00:33	Name: msnasmwtnw Value: 1
.missena.io/	1970-01-20 23:00:33	Name: msnasmwt Value: 8847e0255600dd0b501c75630d89e04c
.prebid.a-mo.net/	1970-01-20 13:25:59	Name: _sv3_9 Value: 1
.tynt.com/	1970-01-20 22:10:09	Name: uid Value: 1yuPQ2S5avGDNq5xRuEGzQ==
.3lift.com/	1970-01-20 15:34:09	Name: tluid Value: 237566817367198768129
.prebid.a-mo.net/	1970-01-20 13:25:59	Name: _sv3_7 Value: 1
.prebid.a-mo.net/	1970-01-20 13:25:59	Name: _sv3_3 Value: 1
.admanmedia.com/	1970-01-20 13:44:42	Name: admtr Value: 4b2bfb3d-f39a-4a9e-8cb5-1df8887658e7
.admanmedia.com/	1970-01-20 13:44:42	Name: ac_r Value: CS71
.tynt.com/	1970-01-20 15:34:09	Name: pids Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1689873138085%7D%2C%7B%22p%22%3A%22607295b4a4%22%2C%22f%22%3A1%2C%22ts%22%3A1689873138085%7D%2C%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1689873138085%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1689873138085%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1689873138085%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1689873138085%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1689873138085%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1689873138085%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1689873138085%7D%5D
.prebid.a-mo.net/	1970-01-20 13:25:59	Name: _sv3_2 Value: 1
.demdex.net/	1970-01-20 17:43:45	Name: demdex Value: 02539039547372527444589749211747002383
.dpm.demdex.net/	1970-01-20 17:43:45	Name: dpm Value: 02539039547372527444589749211747002383
.tapad.com/	1970-01-20 14:50:57	Name: TapAd_3WAY_SYNCS Value: 1!4841-3!4841
.prebid.a-mo.net/	1970-01-20 13:25:59	Name: _sv3_6 Value: 1
.openx.net/	1970-01-20 13:46:09	Name: pd Value: v2\|1689873138\|jIjElYiuvOuIlUialQhI
.linkedin.com/	1970-01-20 15:34:09	Name: li_sugr Value: e367e610-7947-4429-9f6e-12e27ee764ac
.socdm.com/	1970-01-20 23:00:33	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNjg5ODczMTM4LCJwdWJtYXRpYyI6MTY4OTg3MzEzM30
.go.affec.tv/	1970-01-20 22:10:09	Name: ck Value: 64b96af25d4b1a00017f5a70
.go.affec.tv/	1970-01-20 22:10:09	Name: oo Value: 1
.openx.net/	1970-01-20 13:46:09	Name: univ_id Value: 537072971\|9fa15752-811e-4e1a-9968-2f6499bac335\|1689873138432859
.lijit.com/	1970-01-20 22:10:09	Name: ljt_reader Value: HA2ILLZHTHEuzX5AQkus6IgK
.ladsp.com/	1970-01-20 23:00:33	Name: lum Value: CKuGp6KXMRIFCAMQ0AUSBQgKEJAN
.prebid.a-mo.net/	1970-01-20 13:25:59	Name: _sv3_8 Value: 1
.sportradarserving.com/	1970-01-20 22:10:09	Name: zuuid Value: 60efbb57-2267-4652-b393-c2f0667b04c4
.sportradarserving.com/	1970-01-20 22:10:09	Name: c Value: 1689873138
.sportradarserving.com/	1970-01-20 22:10:09	Name: zuuid_lu Value: 1689873138
.vidoomy.com/	1970-01-20 22:10:09	Name: vidoomy-uids Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IkxLQkVUWVhVLUktS1ZERCIsImV4cGlyZXMiOjE2OTI0NjUxMzh9fX0=
.betweendigital.com/	1970-01-20 22:10:09	Name: dc Value: sin1
.betweendigital.com/	1970-01-20 22:10:09	Name: tuuid Value: 9731948c-e92e-54c9-a64a-22bfc2f3484d
.betweendigital.com/	1970-01-20 22:10:09	Name: ss Value: 1
.sportradarserving.com/	1970-01-20 22:10:09	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 22:10:09	Name: zuuid_k_lu Value: 1689873138
match.sharethrough.com/	1970-01-20 13:34:37	Name: AWSALBCORS Value: 1PPDXyAcxVmI6HJwAL7+vpx5YwVnFcqYmwkOGE6omIAhyyvt2RN1bEKUuDSARrMAaZvVKjq02u5+N0/dJR4YhhLPriW7aeeZGzK6mcnDIATv4lv775q5PAVYewyH
.sharethrough.com/	1970-01-20 14:07:45	Name: stx_user_id Value: 251504d2-03bd-4f89-abc9-18129047d410
.targeting.unrulymedia.com/	1970-01-20 22:10:09	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-423f4343-3912-4957-943a-469617546e0d-004%22%7D
.richaudience.com/	1970-01-20 13:24:33	Name: cmpsync Value: 1
.missena.io/	1970-01-20 23:00:33	Name: msnarichnw Value: 1
.missena.io/	1970-01-20 23:00:33	Name: msnarich Value: ab3b7a1c-1d30-4f54-9e6d-0zz1689873133
.go.affec.tv/	1970-01-20 22:10:09	Name: pt Value: eyJhbiI6eyJkdCI6MTY4OTg3MzEzOCwiaWQiOiI2MDQxMTQ1NjQ5MzQ5MTExMzUzIiwibHMiOjE2ODk4NzMxMzh9LCJ0dCI6eyJkdCI6MTY4OTg3MzEzOCwiaWQiOiIxeXVQUTJTNWF2R0ROcTV4UnVFR3pRPT0iLCJscyI6MTY4OTg3MzEzOH0sInRkIjp7ImR0IjoxNjg5ODczMTM4LCJpZCI6IjlmYTE1NzUyLTgxMWUtNGUxYS05OTY4LTJmNjQ5OWJhYzMzNSIsImxzIjoxNjg5ODczMTM4fSwidiI6MH0=\|1689873138\|8474065017645b544b05a520d3db3cbf237e3650
.betweendigital.com/	1970-01-20 22:10:09	Name: ut Value: ZLlq8gAJjVBnmy0Bow9YijsWxGXlzFZFqHgwyA==
.adnxs.com/	1970-01-20 15:34:09	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2Ilau%)uk!]tbP6j2F-XstGt!@DnZ$si7@
.missena.io/	1970-01-20 23:00:33	Name: msnamgntnw Value: 1
.missena.io/	1970-01-20 23:00:33	Name: msnamgnt Value: LKBETYXU-I-KVDD
.vidoomy.com/	1970-01-20 15:34:09	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZGYiOnsidWlkIjoiNDkzMTkyNTcyMzY2ODA0NTE4MiIsImV4cGlyZXMiOiIyMDIzLTA4LTAzVDE3OjEyOjE4LjY2NDM0NTEzNVoifX0sImJkYXkiOiIyMDIzLTA3LTIwVDE3OjEyOjE4LjY2NDMxMDJaIn0=
.advertising.com/	1970-01-20 22:10:30	Name: A3 Value: d=AQABBPJquWQCECZAo7CR5eNAMm8ZKgCwi7sFEgEBAQG8umTDZGChyyMA_eMAAA&S=AQAAAmOy57roUo43tETKC4sFgS8
.us.ck-ie.com/	1970-01-20 13:34:37	Name: CID Value: daba45ffe0dc265bbd5c095cef868ee59c11a53b
.richaudience.com/	1970-01-20 15:34:09	Name: avcid-bsw-uid Value: 817c9144-d961-4726-86a6-7595c6e4d090
.id5-sync.com/	1970-01-20 15:34:09	Name: id5 Value: 6538e4af-6911-72e4-8db8-a9280baf88a4#1689873132994#5
.id5-sync.com/	1970-01-20 13:24:33	Name: callback Value: https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fuid%3D%7BID5UID%7D
.ads.stickyadstv.com/	1970-01-20 14:07:45	Name: UID Value: add0c06fe74706fc111c7542e4227ee
.analytics.yahoo.com/	1970-01-20 22:10:09	Name: IDSYNC Value: "18z8~2cvt:199v~2cvt:175s~2cvt:18p2~2cvt:199t~2cvt:196y~2cvt:191c~2cvt:18vu~2cvt"
.richaudience.com/	1970-01-20 15:34:09	Name: avcid-yho-uid Value: y-u1D.YDNE2uEkdBoyWpXjZf3lR8ZSpY1JPMXBcjQ-~A
.richaudience.com/	1970-01-20 15:34:09	Name: avcid-apn-uid Value: 6041145649349111353
.richaudience.com/	1970-01-20 15:34:09	Name: avcid-pmr-uid Value: 141C74A5-B50F-4CFF-8575-960D9DCA6DC3
.richaudience.com/	1970-01-20 15:34:09	Name: avcid-pmt-uid Value: 141C74A5-B50F-4CFF-8575-960D9DCA6DC3
.rubiconproject.com/	1970-01-20 22:10:09	Name: audit Value: 1\|WD0cx+9RTMJUk0BPD3tnklqbBgMWySGKid6DeFnocd+cvGo2yS+GOh1bP2go55MWL0MpXO8CrJjxNWNaoqCdKHKY++jymV4/CF2dljUGsHkEH73kUPWQXfFdJMTEemOR3OlDu/ORdD8=
.richaudience.com/	1970-01-20 15:34:09	Name: avcid-aol-uid Value: y-1jz4B1lE2uHC1g9gO7eJPiaUBXbJacDO~A
.smilewanted.com/	1970-01-20 22:10:30	Name: sw_user_params_infos Value: ln5E5tWutqWu%2BbybEoBXZajz3fLLLMrb%2BS%2FxgBDFXok0L0pgJjlHM48w7GbvORBijLDRDYyDQSpBkQ5WZ79hegO4pawfCkKIIrOPFVvo%2BhE5cfuIM0AUzyTQTMEGfl%2FiY2jL7ODbKQZ9SIkrHve363dH3EigsGx%2BTo8gM%2F0pp0KTCacqnKEW5kEq8y5pwqMEQnvh79%2FNcAHSxa6tXpluQx%2Bz21OtDIHsUhaofVmz4G%2B4sm2C5wi1FNMUkKTtzVctE%2FL8kQLdOu1aLk%2FWUeZ%2FARPpAYgz77b4kaEf49%2FsCEOxLMLkCRDohXuunAJcuRr3xCzRbRdEMEmQdcrJB9joygn%2FICUSlSzgwm6lcUyT2Gg%3D
.1rx.io/	1970-01-20 22:10:09	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-423f4343-3912-4957-943a-469617546e0d-004%22%7D
.bluekai.com/	1970-01-20 17:49:30	Name: bku Value: ikG99wB3rVHAuMya
.bluekai.com/	1970-01-20 17:49:30	Name: bkpa Value: KJyWy1NrQM9z9wY73DK5d238iNkVGPItus65+JzaQDti1QBTzWIdltnLo7ROKnkIKIISeKZ4DZxiPBwR7OIUgt2b+fmCqqoCz8bZITMyOyvsQJtVTfmF8ld+gK37SkfdlCYyh2QmTfmFWqeE25aK3QTO3bFg2PEPayx1R5RQ7sxDCaykULMuFDS28qJ1mWbDiqO5Ojh7hfv6HY+MNTUWKs2/yUK8EGt0ligwz7GGqBOfx8ycAgi1OHbiBC7pxiGFpYs/BaztMDUC/iPzxZ/18EZayAPvIszo7B+JaPwZQMfr1Xz+6PGE7bSgfVct620cpzFd9wehPNL=
.dotomi.com/	1970-01-20 13:24:33	Name: DotomiTest Value: 1c01eb56d7a41b46
.id5-sync.com/	1970-01-20 15:34:09	Name: 3pi Value: 112#1689873135097#-67493#EAF3B0128A112051\|2#1689873134769#1161103192#6041145649349111353\|3#1689873135370#-593515694#74a464b9-6aed-4200-8735-dcc69b1c41c3\|19#1689873135692#1128603421#4426a39f9efef60f1e7e12323d1f6fb3\|102#1689873133867#1708251499\|822#1689873139514#-1460197768\|264#1689873134499#-1561108655#9fa15752-811e-4e1a-9968-2f6499bac335\|441#1689873139110#-1686759839#a_87b1b6ce-c47f-4bbe-a6be-2036ba058ca7\|123#1689873136286#-1972294651\|108#1689873136005#-1227059230\|286#1689873138799#-1473714496
.id5-sync.com/	1970-01-20 13:24:33	Name: cf Value:
.id5-sync.com/	1970-01-20 13:24:33	Name: cip Value:
.id5-sync.com/	1970-01-20 13:24:33	Name: cnac Value:
.id5-sync.com/	1970-01-20 13:24:33	Name: car Value:
.id5-sync.com/	1970-01-20 13:24:33	Name: gdpr Value:
.adsrvr.org/	1970-01-20 22:11:35	Name: TDCPM Value: CAESFAoFdGFwYWQSCwiq___lz9OEPBAFEhUKBmdvb2dsZRILCOz4ounP04Q8EAUSFgoHc3Z4OXQ1MBILCNTG6pLQ04Q8EAUSGAoJYmlkc3dpdGNoEgsIvsGGk9DThDwQBRgBIAEoAjILCMTsxt_m04Q8EAU4AVoOc21hcnQtYWRzZXJ2ZXJgAg..
.contextweb.com/	1970-01-20 22:02:57	Name: V Value: zOB8ZESmyV2h
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: c6bce0ff9d872de1
.smartadserver.com/	1970-01-20 22:11:35	Name: csync Value: 86:6041145649349111353\|92:zOB8ZESmyV2h\|94:ZLlq7QACT-5HnwAb\|111:ID5-f184ot-DU2rnurZTXtE28tvqZpTA5VjwgE7tMLkXzQ
.4dex.io/	1970-01-20 14:50:57	Name: uids Value: eyJzeW5jcyI6eyIzM2Fjcm9zcyI6IjIwMjMtMDctMjBUMTc6MTI6MTMuMTAwNzA3NDk0WiIsImFwcG5leHVzIjoiMjAyMy0wNy0yMFQxNzoxMjoxMy4xMDA3Mzk4MTZaIiwiZXBsYW5uaW5nIjoiMjAyMy0wNy0yMFQxNzoxMjoxMy4xMDA4Mjg4NzJaIiwiZnJlZXdoZWVsIjoiMjAyMy0wNy0yMFQxNzoxMjoxMy4xMDA4MzYzN1oiLCJpbXByb3ZlZGlnaXRhbCI6IjIwMjMtMDctMjBUMTc6MTI6MTMuMTAwODM5OTQ1WiIsImluZGV4ZXhjaGFuZ2UiOiIyMDIzLTA3LTIwVDE3OjEyOjEzLjEwMDcwMTMwN1oiLCJvbmV0YWciOiIyMDIzLTA3LTIwVDE3OjEyOjEzLjEwMDc4ODQ3WiIsIm9wZW54IjoiMjAyMy0wNy0yMFQxNzoxMjoxMy4xMDA3MTY4MzdaIiwicHVibWF0aWMiOiIyMDIzLTA3LTIwVDE3OjEyOjEzLjEwMDY4NDcwNFoiLCJydWJpY29uIjoiMjAyMy0wNy0yMFQxNzoxMjoxMy4xMDA2OTQ0MjRaIiwic21hcnQiOiIyMDIzLTA3LTIwVDE3OjEyOjEzLjEwMDczMzE4NFoiLCJzb3ZybiI6IjIwMjMtMDctMjBUMTc6MTI6MTMuMTAwNzI4NDJaIiwidHJpcGxlbGlmdCI6IjIwMjMtMDctMjBUMTc6MTI6MTMuMTAwODIyNzM0WiIsInVucnVseSI6IjIwMjMtMDctMjBUMTc6MTI6MTMuMTAwNzIxNjE1WiIsInlhaG9vIjoiMjAyMy0wNy0yMFQxNzoxMjoxMy4xMDA2OTYyMzZaIn0sInVpZHMiOnsiMzNhY3Jvc3MiOnsidWlkIjoiMjEyMTY0MzQ0MjA2MDI0IiwiZXhwaXJlcyI6IjIwMjMtMDktMThUMTc6MTI6MTguMzYwMzg1NTMyWiJ9LCJhZGFnaW8iOnsidWlkIjoiZDQ2MzAzOTItM2IzMy00OGZjLTk1ZjEtMWUwNThhNTU5ZmE5IiwiZXhwaXJlcyI6IjIwMjMtMDktMThUMTc6MTI6MTMuMDk5NjI3MTE5WiJ9LCJhcHBuZXh1cyI6eyJ1aWQiOiI2MDQxMTQ1NjQ5MzQ5MTExMzUzIiwiZXhwaXJlcyI6IjIwMjMtMDktMThUMTc6MTI6MjIuMjAyNzUwNzEzWiJ9LCJpbmRleGV4Y2hhbmdlIjp7InVpZCI6IlpMbHE4Q2VtM1UyYWMwZWNhSEgyVFFBQUZSY0FBQUFCIiwiZXhwaXJlcyI6IjIwMjMtMDktMThUMTc6MTI6MTYuNzc3MjYwMjhaIn0sIm9wZW54Ijp7InVpZCI6ImNhODFlNWE2LTZkYmMtNDcxNS05YzJkLTQwMTZjMWQ1NWFhNyIsImV4cGlyZXMiOiIyMDIzLTA5LTE4VDE3OjEyOjE4LjIwMDI3NzI3WiJ9LCJwdWJtYXRpYyI6eyJ1aWQiOiIxNDFDNzRBNS1CNTBGLTRDRkYtODU3NS05NjBEOURDQTZEQzMiLCJleHBpcmVzIjoiMjAyMy0wOS0xOFQxNzoxMjoxNi40MTQ0MTYwOTFaIn0sInJ1Ymljb24iOnsidWlkIjoiTEtCRVRZWFUtSS1LVkREIiwiZXhwaXJlcyI6IjIwMjMtMDktMThUMTc6MTI6MTQuODU2NDMyNzYzWiJ9LCJzbWFydCI6eyJ1aWQiOiIxNjExNzUzNzg0NzQxNzQ1MzciLCJleHBpcmVzIjoiMjAyMy0wOS0xOFQxNzoxMjoyMS41MTYyOTIzMzNaIn0sInNvdnJuIjp7InVpZCI6IkhBMklMTFpIVEhFdXpYNUFRa3VzNklnSyIsImV4cGlyZXMiOiIyMDIzLTA5LTE4VDE3OjEyOjIwLjIzMzg3MDEzWiJ9LCJ1bnJ1bHkiOnsidWlkIjoiUlgtNDIzZjQzNDMtMzkxMi00OTU3LTk0M2EtNDY5NjE3NTQ2ZTBkLTAwNCIsImV4cGlyZXMiOiIyMDIzLTA5LTE4VDE3OjEyOjE5LjMxMzY1NDQ4NFoifSwieWFob28iOnsidWlkIjoieS1XdzAxR0dSRTJ1RlVZcU4wY0RGQllTbXdNaElES2h2X2xLN3Bsd3MtfkEiLCJleHBpcmVzIjoiMjAyMy0wOS0xOFQxNzoxMjoxNS4yMTM3Njc5NTRaIn19LCJiZGF5IjoiMjAyMy0wNy0yMFQxNzoxMjoxMy4wOTk1MzI0MDFaIn0=

78 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html Message: Mixed Content: The page at 'https://tsuredurediary.com/archives/windows-file-collective-acquisition.html' was loaded over HTTPS, but requested an insecure element 'http://tsuredurediary.com/wp-content/themes/cocoon-master/images/no-amp-logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html(Line 173) Message: Mixed Content: The page at 'https://tsuredurediary.com/archives/windows-file-collective-acquisition.html' was loaded over HTTPS, but requested an insecure element 'http://tsuredurediary.com/wp-content/themes/cocoon-master/images/no-amp-logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	error	URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html(Line 179) Message: Access to XMLHttpRequest at 'https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258' from origin 'https://tsuredurediary.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 Message: Failed to load resource: the server responded with a status of 417 ()
other	warning	URL: https://tsuredurediary.com/archives/windows-file-collective-acquisition.html Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://blogmura.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://platform.twitter.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://platform.twitter.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cm.g.doubleclick.net').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://usersync.gumgum.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://usersync.gumgum.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://usersync.gumgum.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.missena.io').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://blogmura.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://platform.twitter.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://platform.twitter.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cm.g.doubleclick.net').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://usersync.gumgum.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://usersync.gumgum.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://usersync.gumgum.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.missena.io').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-3631427856212057&fa=1&ifi=10&uci=a!a&btvi=3&xpc=8llmIlS5gI&p=https%3A//tsuredurediary.com Message: The resource https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=j%E5%85%B1%E3%81%AF%E6%B3%95%E3%82%B7%E5%AD%98%E6%96%99%E4%BB%98%E3%81%84%E4%B8%8E%E3%81%AB%E3%81%99%E3%83%97t%E5%AF%BE%E9%9B%BB%E9%A1%8D%E5%B8%B3%E3%82%BF%E5%AE%9Ap%E3%83%9CSe%E5%BA%A6%E5%88%B6%E3%81%97%E4%BF%9D%E9%A1%8C%E3%81%8F%E3%82%A9%E3%81%BE%E6%9C%89O%E3%83%86as%E3%83%AB%20%E5%BF%9C%E3%81%94%E3%83%80o%E3%81%9F%E9%96%8B%E3%82%B9%E7%B0%BFK%E3%83%95%E9%99%90.5r%E3%83%A0%E3%81%BF%E3%81%AE%E3%83%B3%E7%94%A8%E6%94%BE%E3%82%A4g%E5%AD%90%E3%81%A7%E3%81%A0%E3%81%AA%E3%81%91-%E3%80%82%E5%88%A9 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network	error	URL: https://cs.nex8.net/cs/openx Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tsuredurediary.com').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a-prebid.vidoomy.com
a.imgvc.com
a.sportradarserving.com
a.vidoomy.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.as.criteo.com
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
ads.themoneytizer.com
adservice.google.com
adtrack.adleadevent.com
adx.adform.net
ajax.googleapis.com
aml.valuecommerce.com
ap.lijit.com
apps.sascdn.com
assets.a-mo.net
assets.pinterest.com
b.blogmura.com
b1h.zemanta.com
b1sync.zemanta.com
bh.contextweb.com
bid.missena.io
bidder.criteo.com
blog.with2.net
blogmura.com
blogparts.blogmura.com
c.bing.com
c.tmyzer.com
c1.adform.net
c2shb.pubgw.yahoo.com
cat.jp2.as.criteo.com
cdn.js7k.com
cdnjs.cloudflare.com
ced-ns.sascdn.com
ced.sascdn.com
clients1.google.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.g.doubleclick.net
cmp.quantcast.com
cms.quantserve.com
cr-p10.ladsp.com
cr-p3.ladsp.com
creativecdn.com
cs.adingo.jp
cs.admanmedia.com
cs.nex8.net
cs.r-ad.ne.jp
cse.google.com
csm.as.criteo.net
csync.loopme.me
csync.smilewanted.com
d.vidoomy.com
d2zur9cc2gf1tx.cloudfront.net
dalb.valuecommerce.com
dalc.valuecommerce.com
de.tynt.com
dis.criteo.com
dp1.33across.com
dpm.demdex.net
dps.jp.cinarra.com
ds.uncn.jp
eb2.3lift.com
eus.rubiconproject.com
events-ssc.33across.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.moatads.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hde.tynt.com
ib.adnxs.com
id.a-mx.com
id5-sync.com
ignore.me
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
inmobi-match.dotomi.com
ipac.ctnsnet.com
itx5.smartadserver.com
jp-u.openx.net
kvt.sddan.com
lb.eu-1-id5-sync.com
log.pinterest.com
map.go.affec.tv
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mb.moatads.com
millennialnexageinapp768429046591.s.moatpixel.com
mp.4dex.io
mug.criteo.com
mweb.ck.inmobi.com
onetag-sys.com
onevideosync.uplynk.com
p.cpx.to
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-apac.rubiconproject.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
platform.twitter.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.smilewanted.com
prod-m-node-2113.ssp.yahoo.com
ps.eyeota.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s-cs.send.microad.jp
s.amazon-adsystem.com
s.cpx.to
s.uuidksinc.net
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
service.idsync.analytics.yahoo.com
shb.richaudience.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp-sync.criteo.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.blogmura.com
static.criteo.net
static.smilewanted.com
stats.wp.com
sync-dsp.ad-m.asia
sync-tapi.admatrix.jp
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.gonet-ads.com
sync.mathtag.com
sync.missena.io
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
syndication.twitter.com
t.adx.opera.com
tag.leadplace.fr
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tsuredurediary.com
u.4dex.io
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usersync.gumgum.com
v9999.adv.admeme.net
visitor.omnitagjs.com
widget.as.criteo.com
widget.jp2.as.criteo.com
ww1097.smartadserver.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www13.a8.net
www22.a8.net
www28.a8.net
x.bidswitch.net
z.moatads.com
cs.nex8.net
ignore.me
spl.zeotap.com
103.229.205.242
103.231.99.242
103.231.99.243
103.231.99.80
103.231.99.81
103.253.24.71
103.43.90.179
104.22.68.131
104.244.42.8
119.9.108.211
13.112.54.241
13.115.8.252
13.213.165.210
13.227.62.60
13.227.62.70
13.228.115.104
13.228.126.19
13.230.134.59
13.250.173.68
13.250.85.75
13.251.73.116
131.153.206.101
142.250.199.98
142.251.42.130
145.239.193.51
151.101.192.84
151.101.2.49
153.120.49.89
162.19.138.118
162.19.138.119
162.55.233.28
172.105.221.29
175.41.237.238
18.136.165.102
18.172.31.60
18.177.11.95
18.178.232.34
18.182.162.20
182.161.74.11
182.161.74.13
182.161.74.16
183.181.90.31
185.184.8.90
185.84.60.30
185.86.138.121
185.86.138.122
188.42.105.220
192.0.76.3
198.8.71.130
20.85.134.6
2001:df2:a300:bbbb::135
202.233.84.8
202.241.208.56
203.195.121.141
210.140.225.181
210.140.225.92
212.36.83.245
212.36.83.246
213.19.162.80
220.150.223.50
220.150.223.52
23.106.127.165
23.106.127.38
23.106.127.53
23.195.119.85
23.215.255.183
23.44.52.187
23.44.52.240
23.44.53.234
23.45.57.234
23.49.98.204
23.60.110.42
23.90.68.235
2404:6800:4004:801::2002
2404:6800:4004:801::2006
2404:6800:4004:808::2003
2404:6800:4004:80c::2004
2404:6800:4004:810::2002
2404:6800:4004:811::2008
2404:6800:4004:812::200a
2404:6800:4004:813::2003
2404:6800:4004:81e::2001
2404:6800:4004:81f::200e
2404:6800:4004:821::2002
2404:6800:4004:821::200a
2404:6800:4004:823::200e
2404:6800:4004:825::2002
2404:6800:4004:826::2002
2404:6800:4004:826::200e
2406:2000:a4:807::
2406:2600:4::1
2406:2600:4::12
2406:2600:4::1b
2406:2600:4::22
2406:2600:4::7
2406:2600:4::b
2406:da18:929:5a03:6501:163c:2f11:2df9
2600:140b:1a00:3b0::1931
2600:140b:a00:8::b81a:2b47
2600:140b:a00:8::b81a:2b4f
2600:9000:208e:800:18:82c:9d80:93a1
2600:9000:21ee:7600:9:46dc:4700:93a1
2600:9000:21ee:9600:6:44e3:f8c0:93a1
2602:803:c006:158::65
2606:2800:248:2f:1d8a:787:dc7:17df
2606:4700:10::6816:1857
2606:4700:20::681a:9a9
2606:4700:3037::ac43:9a47
2606:4700::6811:190e
2606:4700::6812:272
2606:4700::6813:9e13
2620:116:800e:21:36b5:1576:d999:6e52
2620:1ec:21::14
2620:1ec:c11::200
2a02:6ea0:d300::13
2a02:fa8:c411:12::1050
3.114.88.99
31.220.27.135
34.111.113.62
34.117.239.71
34.124.209.251
34.149.40.38
34.248.128.167
34.98.64.218
35.186.193.173
35.213.12.39
35.213.93.179
35.214.247.17
35.227.252.103
35.71.131.137
35.71.139.29
35.75.137.85
35.75.249.253
37.157.6.237
37.157.6.243
44.237.73.107
50.31.142.63
50.31.142.95
51.158.29.12
51.75.86.98
52.192.11.98
52.192.201.178
52.193.196.125
52.197.0.12
52.211.251.134
52.220.229.2
52.221.136.13
52.31.38.175
52.46.155.104
54.151.157.69
54.168.128.49
54.168.247.123
54.178.169.33
54.179.191.168
54.235.195.83
54.238.235.241
54.238.65.52
54.251.17.22
54.38.64.100
63.251.14.60
67.202.105.22
67.202.105.24
67.202.105.33
67.220.224.144
69.173.151.100
69.173.158.64
74.118.186.107
74.119.119.150
74.214.196.131
8.2.108.194
8.39.36.142
80.77.87.163
82.145.213.8
98.98.134.243
99.84.50.61
99.84.59.217
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0584a45059f8c6349943caed23e41cdfa447c59dd7660d88bf745700ab9ad2d8
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599
0b815761e135edd18d4af32750ccea8b7489cb89fe7a953cbef85d4a63c786d0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db4ca3f92ab1c4eb3917269e6f8be6f1cd482a5864a9c0b7b52b653bf07b3cc
106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8
11630cb02fb0ee513f63c4dfe30a8dbd1a084b56d2e68f186dcaaaa4a5558f2f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14eb4b5c219ce81f5010d833ee7048a18fbfd9aa8a38d0d2016bf2c74c15f48c
155b4835cbf4934cb71065dd73ef8f30d38d5962ec9a510412e6e03bcc67bd3b
175c4fe3443878bf56533ef4f3911719314806ededecdf3417b75a3e39873316
17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762
17b1cfbbd03de405e509c545ceb770ba29bc8acc8b928e75209dad484bf85bf4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1a22e843d038d46758b0a313dde6e751ae03b11e431e38a80bc976c680bb7b23
1b771b41d696097963aa09cd10174219d563fa4de2f9a096d6f84f04902f29b1
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e91ddc4bb2d05fbd302d2191b5786e37e709282ef25c8050469b771f6a1082d
201243ad2ec86a92e07c4dd5130ad33f2b270a1d8c3c0bce4fdf74fcb0cc3e00
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
24429211bd14ed5f592ff2bdcac2c33cea10bcbd21ffeb47c38d25eccdfd4f72
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
26b4b8a7c7f8c6f3c35d50274738abf52351ddd9561b006002d80e6a48a7305c
28246fc455ed80a6d38f2779e518e2fb49031680c01ae393a7cae3d04462daf0
28dd0c47b8d9e386fcc8f7c4fc3a3b6c592263cb31e8adab65a1e65e3efb026e
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be
2a4bae1fb927d3b29219c8d61f9c2567a897cea65eb0d729e93490a0ed5ba746
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2ef2b213a4cea9c6a233b4cbf677ef7e1f7cfb0e8cc4d1be409546cc78b295e6
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
335c016fc016204d80dfb3e96283e4ac900db4fba0b99d3cbad589204d0349bc
350ea3ed363ab714a39b1d2d26d853a9a99a4207664f3550b7bba6333b1c38a5
35d7dfab4e8c7123458b1e4155616b68f1cfd1f102422a98745ae3c2c6784011
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b60e7654f1a22d88904f2c36fbd17b957e4d91ca3ed72f8fa0460e11990440f
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bbf08f327af6d3ca639ab48e802f5dbde9140c72cb3dc161102c3b008c70eaa
3c605435cf38a1203dbe0d6df863d52ff200c0befe3858d1cdbef25e20ad1212
3ceae6ff9f106d9606903189b3834015d581b541bd91d8f877e857dc75029c50
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e40a8797f23fbf2d6f13be09a75eb47940235e948d6dc7de07e1e14187381b3
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
40bf1e94a82e82f15b91f26f6c055bd439be2cc4743048a28a5b1b44727a21d1
42497b8e4a8a73413b2216469321d125916e92b088a4542339bbb3ec17722ecc
463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a8bcb16a7829b5ecdefcedbb3dbf5fb55309c0ee36a9f91260ff6c521978a68
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14
4c504ccdfe7b04ce83f14728890b94cbaaaaacf4d69105c0adbc001d17e480d5
4cf6b0041792515d9036fad75e278ddc885672587d77908729cc9b5d66ca3dcf
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4df742710df63141021e23ee87257f20ba20d5c32e0424bff263dbcf4b02039b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eaaa0ec814e78000f26a82e9c795e5772987b9fea68ee1ac9ceace72aadbdf3
4f823459d4c49111b6bfae9a984e8e91eb850aaf8ef5b02907f8fc7417ee1682
4faa502bbf8f8f296507d12f1ab2099091cab159538dfb9fed3eaa30742c6cf5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
521a9189a437545f3260b1d98f5c2c07d77126a009aaf0fb87df95588514c74f
53e42eac2910d072b26f840249769d3d2158019bf5e2616f98ba1023dff5b88d
548cb2df7afa0f02ed345690199d448e47e5d144ffb24a0c803220cff8552740
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
59960f2cc2c46728b9bae8a7a7a843bce4c43e5f3af3a95012c8b277dc7c84b5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5a95a333e4d24547b33644c30362c72e780aee0dc10defb6fa6a46324ce5b21d
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fd428f7dd2d6b8d1c176b572055f463835f4fccf41286529c81cc8ee42ba170
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
62fdc6b87090924749b6d2917626e9869afbdfd5e0e2724bdf23c727ad1e4cbb
649da8e138bcd23dabd44032438df87593e9b863bce79f2da5ec68f918ed0d1e
6546570d77534cf5fdf2b983c4b5c4b82aee432543271aeb64be42b9eb928180
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6765bde004efc5b2c5a2a281ebe9974c40e3df9b6c109d2a2fe80797d5c586ee
69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c3412b9fce9f497b1f1a5a20031ea70d6ecc0da6cbb98351248174161197a75
6c588aa6f9d444b6f2c7804c090846197f2d66280471c9677ee6779c90cd4a2b
6ecdaa8134be17a38230235fdd9cc5464e022642efe293d8e93087db28ef46c4
7120af7d0980c2ed7cc7e422112b729397720397a5ee27099220bf3503705005
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
7ae64c6c87ab85212ffd77a9c670f5b0a59b30e7bcf16721eef36a6c2a746547
7b63a64d6dbd5386f935b67b02a1c9bfbaa0d2fa0ccc17dc572355ab481e0800
7ca8890ecba0d0fcce4c904f2ecf0131eff75b0c571f644e14a42041ee16c1a5
7da17a1c41361c21bfabf7ac6eee19ae4b564e61d693d9454fe73d982ee78781
7e7ca7bfb8999f27ef2cedc1e55f767bcb003c4ee878a6b343879c952f127530
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
8390bd7de281c9f9f71e063b6f7ef73b02297c9fa9e971fd7b1bbbdee423048e
8590eddc5b177d1da785c682690b091ffa7d41b8eb894bf67e7aeb0bb3057746
868f72de62889d041137bc96fb5774b8b38d4c79cb161e1afd95d02b24f321a8
86fb3f68d0a2c5156c64955419f8381e49641dee0108c075f82e6ceddcde712b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a9c7c5e3556471a142171bfeb8aea206db815dc71cb75dea6e4c9fd71e58980
8cf6b0ea38e65bd94401db5eebd6949b56fee5f488ce95bb36703e45755a6b62
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
92a113885bb1c8a0c31ff0bcd3311327ed9f36a7f315c39d7c92df3cae7ff8a3
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94101896d56c9102c285bcb3aaf24c9e7478f74d6bbbd398f20f531a8468a64c
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9842fc9d0ab98b8220a7d168404aedf4edf3508e68bcb6f8eee9b8a0f1684347
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c0538742a93b69e01aab93de5501c31c1f4dcbf1e8ad7ba92363d05830ce6c3
a004ac904e3e2ed19c08508084f2dfbc60cfbb54a3f8e5a4ef55a24dc213dfe9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0aba6fe52fea02888902e553968ba9b7973fb01a091c8738fa788a8bfb092ec
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a27537e44079dbf5769ac40175ef0993adbe7bd036e9a68f948c8883d6ce70b2
a2f28e53424beade854325302d7671b42ec31220bab6ef021c95dc6a8d8235c8
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6385fd389127baaf589b604b0573565a85e4c660e20a4e7307c964d5046da50
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a72baa0c1d82bdc8930d5e2698d3ef2173094bd40ef2d157e6b3e49fab07ba44
a7a878b3febac3277695344147e332427d2c74ce7cedce43d0de77773e34e816
aa78443859498f8c4cb1df12bd4163a26806daf1e3e145bf0f04bb61fc158040
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3
b0d6733ffb4ab218bc74da3f966496243c019d68c2dea3e08273b460ea9c1ce1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067
b2ae8517e81208ac6e60d7aa50524a409b21a3b45d8261d170171c7aacd8d851
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
b471e74cabe83bf8f3da8793666d55603e3d20a72350873e27f2c75b75d5cfc2
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b70bdd847f06a79a2fdadf5ffcb4f36b7dc0589ed34d9027a3ba619f05ea1ce2
b741ae83cb94d6035e40a0983a9f24708416585dbc00912daba74d1e0e4855a9
b880f4a6898fbbaa5563a65dfd88c6277a84e95151987ff9dc94252aad50c264
b907ff7d8e1e3f05a8e15a4149194aa5e043ac62849467071fa1ed4fc4d72ebd
b96244288649c95617e1d3cf81421017e6895d151fdee92e5dde16496d8606ef
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb31e6a62a23afa4ca7c081323166028f7737ae96bd342c7748e234edd6c5954
bc41c1f428cd3c4a53a839610d11125851bff294352168746889b6323eee9b3b
bd432513d3a681e07e07cf97654374c3e868e7269f16a8b126929b0f0b7b6894
bd777b6ebf16470ccc1864f87fc520fba71e00f5e0175f3c6d6ce223aba1b447
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b6805cadd71458bbf7a43c24c2017bf10ceee556c2858c8c61c43e94d8b991
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c4a272a7bf5c8530717d5cc5797032154d66f321ebf8f17f4c24a55ff201e062
c53cba920017c50d8298d932fffe983f5374aa5f52e5c205f2750042f2157e49
c5bb5102bc524ad49b896c308223e036974ef09dfcafc809fe428dbc44b68b1c
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
c9aa0bb0dc0fbfe87bcfb410da318a6dea0ef5c3d4912a69487f13ea20bdf48d
c9c88e8e5e3a54f5bf0694797b4eb8092cdc73260eb8a915d56917e5d160866d
ca039c9541f1a5f8eb157df578e50664f9e775b18c6a3ff4e9fca87701e93557
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
ca847092475751f850b4b08d8480d08f75fdc4c090b7879f2082a3ad311d55a1
cab7cf5fdcaec5cef59c098589ba78acb18018f9dd7f1ca849a14c037a29aeb8
ccf5f6c66040f32f554355fd79cb355d7b4d88bfa8514795cf41fac4e4162212
ce0b0a955544e973f333d1de0b8c96fac4377fc43a2332bbbbbb18f283dc2116
ce580090d2befdbfe1545ca10b1f2a989634678929df7aa5490d63b3a06c6ba0
ce71154389a9ac2bd1e1564a9f382a60d06de9d90378fe7a00b480cb33c13de9
cea95cc321529b0eb81568e6979b4aa0bc34676398340b25249703cbeba40675
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db
d0006a87f68b26d4775b6d118939f02cb694e787fe4e94cd1248bd46a17b3364
d7ebf7f6fa84a8b4df36bae2e933e4f1d34c70589649515c37b18c3d37bbc3cd
da12d494a30f6c21fc9116f2ba1f02865d9a253c1ab6324462fd2e797f6c6417
dbb541c2a79ce14dc6eda6f26c5969b1eaac77451ee13c96132d695373b2bdab
dcc1f6616511133c3ed41ada84063d299c0cbc2b7794fa571d915eecde333072
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
debb78074e635121207620b4ac145d147eafdb99cf8aa5834b0ca7917c7a0762
e08f522739129390e819b160cd81ba623477e892ac3488c94a38b955dcc0ed72
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882
e7d3aeb288cc7eb5b232b5b7adaf3baa06c0a6d4d4eeec25d7de627591f0fa3e
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb8d6b8bb7b125763c47370cf2b5818647ab72058ae92236e40e4966801a4eff
eb9a7c6064d599210a9d4bef55ef2531d7ebd5798d0035aa21c692e67b7da907
ee730cf3fadd910b3cb8b99c5ed6cc2fce33daaf987f204e35b3850dabf844c3
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef76f153d610c355de8f8aeb1fbe3c17c3f40927d999d2ad4fbf54a7034e43f0
f1d0e50c440571cffce4c7aea610d6cbee0f2a15f1058aef12b225e3e246e404
f210d8ce81c03f90460256b6a1e600814f02739e858ad2c0839d42fb458b4e94
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f53f5b8a754ccfab7a60a40db3263324730b8be57f14e8aaa6def61e5f169c4e
f56fc03a7200ea3686b3fedd2c136f38b879bbe277877be215845dbe7eccc2bb
f58ff080a3ce16e8ee14cc35712c523e75d7921a2413592ba5c05445f48918e7
f71859495a05cd60f5da0babbb281b31a5d33858502e7e24c815338ccdf30955
faefc7d5cb22f0899412f91aa8fcabe5910c50cb6faee897413b62ac324c0f79
fb9b3110a0fe5d5e717e07d05d30ce3c871dd0f081ff3d48a2f15fd2881c59ee

tsuredurediary.com Open in urlscan Pro 183.181.90.31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

474 Requests

78 %HTTPS

25 %IPv6

118 Domains

202 Subdomains

125 IPs

18 Countries

4384 kBTransfer

10536 kBSize

232 Cookies

13 Outgoing links

Redirected requests

474 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tsuredurediary.com Open in urlscan Pro
183.181.90.31 Public Scan

Screenshot
Live screenshot

Full Image

474
Requests

78 %
HTTPS

25 %
IPv6

118
Domains

202
Subdomains

125
IPs

18
Countries

4384 kB
Transfer

10536 kB
Size

232
Cookies

474 HTTP transactions
8 data transactions