jibundetsukuritai.com Open in urlscan Pro
157.7.107.253 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://jibundetsukuritai.com/
Submission Tags: phishtake
Submission: On April 10 via api (April 10th 2021, 1:04:35 pm UTC) from JP

Summary HTTP 83 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 13 domains to perform 83 HTTP transactions. The main IP is 157.7.107.253, located in Japan and belongs to INTERQ GMO Internet,Inc, JP. The main domain is jibundetsukuritai.com.
TLS certificate: Issued by R3 on April 10th 2021. Valid for: 3 months.

This is the only time jibundetsukuritai.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	157.7.107.253 157.7.107.253	7506 (INTERQ GM...) (INTERQ GMO Internet)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
24	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::b5	15169 (GOOGLE) (GOOGLE)
1	74.125.206.181 74.125.206.181	15169 (GOOGLE) (GOOGLE)
83	20

12 157.7.107.253 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: 157-7-107-253.virt.lolipop.jp

jibundetsukuritai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::b5 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-789002-i1-v6exp3.ds.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.206.181 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f181.1e100.net

p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-789002-i2-v6exp3.v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	425 KB
13	doubleclick.net googleads.g.doubleclick.net	84 KB
12	jibundetsukuritai.com jibundetsukuritai.com	505 KB
8	gstatic.com p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-if-v6exp3-v4.metric.gstatic.com fonts.gstatic.com www.gstatic.com p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-789002-i1-v6exp3.ds.metric.gstatic.com p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-789002-i2-v6exp3.v4.metric.gstatic.com	76 KB
4	googletagservices.com www.googletagservices.com	136 KB
4	google.com 2 redirects adservice.google.com www.google.com	856 B
3	googleapis.com ajax.googleapis.com fonts.googleapis.com	35 KB
2	google.de adservice.google.de	942 B
2	google-analytics.com www.google-analytics.com	19 KB
1	googleadservices.com partner.googleadservices.com	270 B
1	jsdelivr.net cdn.jsdelivr.net	4 KB
1	cloudflare.com cdnjs.cloudflare.com	4 KB
1	googletagmanager.com www.googletagmanager.com	31 KB
83	13

	Domain	Requested by
23	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
12	jibundetsukuritai.com	jibundetsukuritai.com
10	pagead2.googlesyndication.com	jibundetsukuritai.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	tpc.googlesyndication.com googleads.g.doubleclick.net
2	www.google.com	2 redirects
2	p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-if-v6exp3-v4.metric.gstatic.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-789002-i2-v6exp3.v4.metric.gstatic.com
1	p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-789002-i1-v6exp3.ds.metric.gstatic.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.jsdelivr.net	jibundetsukuritai.com
1	cdnjs.cloudflare.com	jibundetsukuritai.com
1	ajax.googleapis.com	jibundetsukuritai.com
1	www.googletagmanager.com	jibundetsukuritai.com
83	20

This site contains no links.

Subject Issuer	Validity	Valid
jibundetsukuritai.com R3	`2021-04-10` - `2021-07-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-25` - `2022-03-26`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.ds.metric.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.v4.metric.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://jibundetsukuritai.com/
Frame ID: 320E0680DC8C1CCEDF50C462ED4DF014
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/zrt_lookup.html
Frame ID: E95E5B0357F6F2B3E48A43E699DF2A4A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=90&slotname=8092149923&adk=3700744237&adf=2728409667&pi=t.ma~as.8092149923&w=800&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=2&psa=0&format=800x90&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1618059850485&bpp=4&bdt=582&idt=83&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3403315857225&frm=20&pv=2&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=9zoo4AbGXn&p=https%3A//jibundetsukuritai.com&dtd=103
Frame ID: 2436BDE039B4BF49E60FDF4C92D2E053
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=280&slotname=8092149923&adk=394546067&adf=2037289645&pi=t.ma~as.8092149923&w=800&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=3&psa=0&format=800x280&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&dt=1618059850489&bpp=2&bdt=586&idt=108&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2843&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=R26jKHu69G&p=https%3A//jibundetsukuritai.com&dtd=111
Frame ID: 03DD9D52BFBE334E65911B81926DBB5B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=0&slotname=7232010731&adk=2397563849&adf=2586229376&pi=t.ma~as.7232010731&w=336&lmt=1618059850&rafmt=12&psa=0&format=336x0&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&wgl=1&dt=1618059850491&bpp=1&bdt=587&idt=113&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90%2C800x280&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=FKsujD9EUg&p=https%3A//jibundetsukuritai.com&dtd=116
Frame ID: BF5EBE3E553BC404875CAE4EEB8C2D9B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=280&slotname=8092149923&adk=2541379471&adf=2872259201&pi=t.ma~as.8092149923&w=336&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1618059850493&bpp=1&bdt=589&idt=116&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90%2C800x280%2C336x0&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=2820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oU2WHCbLLh&p=https%3A//jibundetsukuritai.com&dtd=119
Frame ID: EE294B480C3A02ED9DF2AD2EDC0AF6FE
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&adk=1812271804&adf=3025194257&lmt=1618059850&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fjibundetsukuritai.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1618059850500&bpp=1&bdt=597&idt=118&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90%2C800x280%2C336x0%2C336x280&nras=1&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&dtd=123
Frame ID: AEDCC7AAC2B577D898AE2E69B5ED5A62
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 33C80D2568711C7E95A903DFD202C8AC
Requests: 2 HTTP requests in this frame

Frame: https://p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 7B7DA7C92E8BD1B471925752ED8E56A7
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15618902507468553245/index.html
Frame ID: FE7AC9ADA138F96FA684B6766E78118C
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 3FD35118E317A632E966CA16E2A89E45
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Frame ID: 37FA597D1EF597781C29C31EC939829C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Frame ID: 70F8E90F87CD8339B6DA31813782CDEC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 8E44BE1EEE3E2D881EDF7B729D87E4F6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

83
Requests

100 %
HTTPS

81 %
IPv6

13
Domains

20
Subdomains

20
IPs

4
Countries

1320 kB
Transfer

2580 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 54

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

83 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
jibundetsukuritai.com/ 278 KB
58 KB 1970ms
1247ms Document
text/html 157.7.107.253
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://jibundetsukuritai.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.253 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-253.virt.lolipop.jp
Software: Apache / PHP/7.1.5
Resource Hash: 4c5ab86e1d3a139d0e55085451ee73439b9441bbe79716044d24f59e118df3ee

Request headers

:method: GET
:authority: jibundetsukuritai.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:04:09 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.1.5
link: <https://jibundetsukuritai.com/wp-json/>; rel="https://api.w.org/"
vary: Range,Accept-Encoding
accept-ranges: none
content-encoding: gzip

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 78 KB
31 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5TMTBNK

Requested by

Host: jibundetsukuritai.com
URL: https://jibundetsukuritai.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc270c483827b3512053381a9b8280124529da576e39ae5f5a898e893ca93793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:04:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31441
x-xss-protection: 0
last-modified: Sat, 10 Apr 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 10 Apr 2021 13:04:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TMTBNK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 656
date: Sat, 10 Apr 2021 12:53:13 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Sat, 10 Apr 2021 14:53:13 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
391 B 48ms
21ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1670728664&t=pageview&_s=1&dl=https%3A%2F%2Fjibundetsukuritai.com%2F&ul=en-us&de=UTF-8&dt=%E3%81%AA%E3%82%8B%E3%81%B9%E3%81%8F%E8%87%AA%E5%88%86%E3%81%A7%E4%BD%9C%E3%82%8A%E3%81%9F%E3%81%84%20%7C%20%E5%AE%B6%E5%BA%AD%E8%8F%9C%E5%9C%92%E3%83%BBDIY%E3%83%BB%E6%99%82%E3%80%85%E3%82%B7%E3%83%A7%E3%82%A2%E3%82%B8%E3%82%AE%E3%83%B3%E3%82%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1766053401&gjid=169849089&cid=93479155.1618059850&tid=UA-98709105-1&_gid=171593281.1618059850&_r=1&gtm=2wg3v05TMTBNK&z=1047940667

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 13:04:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jibundetsukuritai.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s-IMG_0870-640x360.jpg
jibundetsukuritai.com/wp-content/uploads/2020/04/ 41 KB
41 KB 265ms
264ms Image
image/jpeg 157.7.107.253
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jibundetsukuritai.com/wp-content/uploads/2020/04/s-IMG_0870-640x360.jpg
Requested by: Host: jibundetsukuritai.com
URL: https://jibundetsukuritai.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.253 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-253.virt.lolipop.jp
Software: Apache /
Resource Hash: 36d7215cee1d70d7ac7698b480afd25f69f5765e47fcf6c76a370b66f31c3743

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:04:10 GMT
last-modified: Thu, 30 Apr 2020 10:59:37 GMT
server: Apache
vary: Range
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: none
content-length: 41790
expires: Sat, 17 Apr 2021 13:04:10 GMT

GET
H2 200 s-IMG_0868-640x360.jpg
jibundetsukuritai.com/wp-content/uploads/2020/04/ 80 KB
80 KB 439ms
438ms Image
image/jpeg 157.7.107.253
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jibundetsukuritai.com/wp-content/uploads/2020/04/s-IMG_0868-640x360.jpg
Requested by: Host: jibundetsukuritai.com
URL: https://jibundetsukuritai.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.253 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-253.virt.lolipop.jp
Software: Apache /
Resource Hash: f2c4b83cfed06cb6134e7a1411e90e2e8a3c06b38d2cd4448f9c1b6525ab5209

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:04:10 GMT
last-modified: Wed, 29 Apr 2020 23:22:12 GMT
server: Apache
vary: Range
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: none
content-length: 81682
expires: Sat, 17 Apr 2021 13:04:10 GMT

GET
H2 200 s-IMG_0866-640x360.jpg
jibundetsukuritai.com/wp-content/uploads/2020/04/ 53 KB
53 KB 480ms
479ms Image
image/jpeg 157.7.107.253
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jibundetsukuritai.com/wp-content/uploads/2020/04/s-IMG_0866-640x360.jpg
Requested by: Host: jibundetsukuritai.com
URL: https://jibundetsukuritai.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.253 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-253.virt.lolipop.jp
Software: Apache /
Resource Hash: 8b3aa0900ae73fa28e6061abd94b5d9253bce5a93e8a85c8a6e3881122e8ac5e

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:04:10 GMT
last-modified: Wed, 29 Apr 2020 14:08:08 GMT
server: Apache
vary: Range
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: none
content-length: 53856
expires: Sat, 17 Apr 2021 13:04:10 GMT

GET
H2 200 fontawesome-webfont.woff2
jibundetsukuritai.com/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/ 75 KB
76 KB 476ms
476ms Font
application/x-font-woff2 157.7.107.253
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://jibundetsukuritai.com/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: jibundetsukuritai.com
URL: https://jibundetsukuritai.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.253 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-253.virt.lolipop.jp
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://jibundetsukuritai.com
Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:04:10 GMT
last-modified: Thu, 19 Sep 2019 19:10:01 GMT
server: Apache
vary: Range
content-type: application/x-font-woff2
cache-control: max-age=604800, public
accept-ranges: none
content-length: 77160
expires: Sun, 10 Apr 2022 13:04:10 GMT

GET
H2 200 s-IMG_0848-640x360.jpg
jibundetsukuritai.com/wp-content/uploads/2020/04/ 14 KB
15 KB 494ms
492ms Image
image/jpeg 157.7.107.253
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jibundetsukuritai.com/wp-content/uploads/2020/04/s-IMG_0848-640x360.jpg
Requested by: Host: jibundetsukuritai.com
URL: https://jibundetsukuritai.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.253 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-253.virt.lolipop.jp
Software: Apache /
Resource Hash: d37fbeab10fcedac608bd147674241dbe57da94d126ee82357cf29a4864956db

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:04:10 GMT
last-modified: Wed, 29 Apr 2020 03:58:41 GMT
server: Apache
vary: Range
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: none
content-length: 14648
expires: Sat, 17 Apr 2021 13:04:10 GMT

GET
H2 200 s-IMG_0847-640x360.jpg
jibundetsukuritai.com/wp-content/uploads/2020/04/ 15 KB
16 KB 494ms
492ms Image
image/jpeg 157.7.107.253
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jibundetsukuritai.com/wp-content/uploads/2020/04/s-IMG_0847-640x360.jpg
Requested by: Host: jibundetsukuritai.com
URL: https://jibundetsukuritai.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.253 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-253.virt.lolipop.jp
Software: Apache /
Resource Hash: 069634ee0a93afd2cead906b4faa2c65a7041c3269a56986b819717635d05be9

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:04:10 GMT
last-modified: Mon, 27 Apr 2020 03:40:03 GMT
server: Apache
vary: Range
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: none
content-length: 15819
expires: Sat, 17 Apr 2021 13:04:10 GMT

GET
H2 200 s-%E8%80%90%E6%B0%B4%E3%83%9A%E3%83%BC%E3%83%91%E3%83%BC4000%E7%95%AA_%E3%83%93%E3%83%95%E3%82%A9%E3%83%BC%E3%82%A2%E3%83%95%E3%82%BF%E3%83%BC-640x360.jpg
jibundetsukuritai.com/wp-content/uploads/2019/10/ 26 KB
26 KB 276ms
275ms Image
image/jpeg 157.7.107.253
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jibundetsukuritai.com/wp-content/uploads/2019/10/s-%E8%80%90%E6%B0%B4%E3%83%9A%E3%83%BC%E3%83%91%E3%83%BC4000%E7%95%AA_%E3%83%93%E3%83%95%E3%82%A9%E3%83%BC%E3%82%A2%E3%83%95%E3%82%BF%E3%83%BC-640x360.jpg
Requested by: Host: jibundetsukuritai.com
URL: https://jibundetsukuritai.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.253 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-253.virt.lolipop.jp
Software: Apache /
Resource Hash: 048e96d7b605e26a525c937b7e9ee9a07754b099715b527c681965074d110e26

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:04:10 GMT
last-modified: Sun, 27 Oct 2019 05:24:07 GMT
server: Apache
vary: Range
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: none
content-length: 26664
expires: Sat, 17 Apr 2021 13:04:10 GMT

GET
H2 200 IMG_5566-%E7%B8%AE%E5%B0%8F-640x360.jpg
jibundetsukuritai.com/wp-content/uploads/2019/10/ 35 KB
35 KB 286ms
283ms Image
image/jpeg 157.7.107.253
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jibundetsukuritai.com/wp-content/uploads/2019/10/IMG_5566-%E7%B8%AE%E5%B0%8F-640x360.jpg
Requested by: Host: jibundetsukuritai.com
URL: https://jibundetsukuritai.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.253 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-253.virt.lolipop.jp
Software: Apache /
Resource Hash: 5f42b6ec5a17be1a3ed274b28e53054a13757faf5947fa802b5b2fa38634321f

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:04:11 GMT
last-modified: Tue, 22 Oct 2019 20:48:19 GMT
server: Apache
vary: Range
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: none
content-length: 35567
expires: Sat, 17 Apr 2021 13:04:10 GMT

GET
H2 200 s-IMG_0265-640x360.jpg
jibundetsukuritai.com/wp-content/uploads/2019/10/ 38 KB
38 KB 287ms
284ms Image
image/jpeg 157.7.107.253
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jibundetsukuritai.com/wp-content/uploads/2019/10/s-IMG_0265-640x360.jpg
Requested by: Host: jibundetsukuritai.com
URL: https://jibundetsukuritai.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.253 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-253.virt.lolipop.jp
Software: Apache /
Resource Hash: 724cbe44bc0a75e8142b968960aa1606c3ef4c4ba884e9ba223ac1aec9dde15b

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:04:11 GMT
last-modified: Tue, 15 Oct 2019 21:44:16 GMT
server: Apache
vary: Range
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: none
content-length: 38436
expires: Sat, 17 Apr 2021 13:04:11 GMT

GET
H2 200 s-IMG_0261-640x360.jpg
jibundetsukuritai.com/wp-content/uploads/2019/10/ 17 KB
17 KB 308ms
305ms Image
image/jpeg 157.7.107.253
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jibundetsukuritai.com/wp-content/uploads/2019/10/s-IMG_0261-640x360.jpg
Requested by: Host: jibundetsukuritai.com
URL: https://jibundetsukuritai.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.253 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-253.virt.lolipop.jp
Software: Apache /
Resource Hash: 1fcb21ea3222527e3c965f1a9af966585373ab7fe986f494b791cf7d3f1da27e

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:04:11 GMT
last-modified: Tue, 15 Oct 2019 12:26:13 GMT
server: Apache
vary: Range
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: none
content-length: 17505
expires: Sat, 17 Apr 2021 13:04:11 GMT

GET
H2 200 s-IMG_0023-640x360.jpg
jibundetsukuritai.com/wp-content/uploads/2019/09/ 51 KB
51 KB 310ms
308ms Image
image/jpeg 157.7.107.253
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jibundetsukuritai.com/wp-content/uploads/2019/09/s-IMG_0023-640x360.jpg
Requested by: Host: jibundetsukuritai.com
URL: https://jibundetsukuritai.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.253 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-253.virt.lolipop.jp
Software: Apache /
Resource Hash: 4e3a986e8eb41988f249d282d07ffd56f858d1295448c5c3a44d2188fc3a5553

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:04:11 GMT
last-modified: Sun, 29 Sep 2019 20:52:41 GMT
server: Apache
vary: Range
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: none
content-length: 52267
expires: Sat, 17 Apr 2021 13:04:11 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
47 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: jibundetsukuritai.com
URL: https://jibundetsukuritai.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b35f828bed609bd50d0004f302ae90810fcfdff55f4a1a50f7d801f590f2358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48426
x-xss-protection: 0
server: cafe
etag: 9073347465432709909
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 10 Apr 2021 13:04:10 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4

Requested by

Host: jibundetsukuritai.com
URL: https://jibundetsukuritai.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 05:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287464
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Apr 2022 05:13:06 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ 10 KB
4 KB 14ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: jibundetsukuritai.com
URL: https://jibundetsukuritai.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:04:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5223885
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3550
cf-request-id: 095d7b0a750000bece9d3b3000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zDfmyqrcmEyJHGkagr2kbTdQbLtNzRVotMw0P6T0ttuFnN6S81tpAxuq2lfKOKmWskhmWOWHC7LwKIGqA7BgT8CodxLpcFayXcsrp7AhZJ4EQeX%2FzRAJrBsU5an9kJ0xOA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 63dc2df0bf75bece-FRA
expires: Thu, 31 Mar 2022 13:04:10 GMT

GET
H2 200 clipboard.min.js Show response
cdn.jsdelivr.net/clipboard.js/1.5.13/ 10 KB
4 KB 9ms
9ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clipboard.js/1.5.13/clipboard.min.js

Requested by

Host: jibundetsukuritai.com
URL: https://jibundetsukuritai.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fac02a96e87d9afaa0ccb933490c281386d6f3b3971e419c747fd6e1f5875e1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 5148298
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 3469
etag: W/"29b8-SfrX8LNZaoGlcNmIEvoJIzsobb4"
x-served-by: cache-fra19172-FRA, cache-hhn4078-HHN
date: Sat, 10 Apr 2021 13:04:10 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/ 219 KB
82 KB 58ms
44ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5747570615922422&plah=jibundetsukuritai.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd5713e27f4481988d37b5b719dedea4e4379ec3c3bafea0fba9d0abe8db4973

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83926
x-xss-protection: 0
server: cafe
etag: 9615343531509228114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 10 Apr 2021 13:04:10 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/ Frame E95E 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210406/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://jibundetsukuritai.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://jibundetsukuritai.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 09 Apr 2021 14:15:42 GMT
expires: Fri, 23 Apr 2021 14:15:42 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 82108
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 211 B
270 B 54ms
54ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=jibundetsukuritai.com&callback=_gfp_s_&client=ca-pub-5747570615922422

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5747570615922422&plah=jibundetsukuritai.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

eb02fae11d358a1e65a370d1eaea9efd0f7d64373729510409c7ae01a7d0af60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=jibundetsukuritai.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Apr 2021 13:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=jibundetsukuritai.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Apr 2021 13:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2436 62 KB
23 KB 256ms
255ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=90&slotname=8092149923&adk=3700744237&adf=2728409667&pi=t.ma~as.8092149923&w=800&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=2&psa=0&format=800x90&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1618059850485&bpp=4&bdt=582&idt=83&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3403315857225&frm=20&pv=2&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=9zoo4AbGXn&p=https%3A//jibundetsukuritai.com&dtd=103

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3272d296ac93000ea534ff4478b6011c5d4995c25ade60734fc71d5b723d2e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5747570615922422&output=html&h=90&slotname=8092149923&adk=3700744237&adf=2728409667&pi=t.ma~as.8092149923&w=800&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=2&psa=0&format=800x90&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1618059850485&bpp=4&bdt=582&idt=83&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3403315857225&frm=20&pv=2&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=9zoo4AbGXn&p=https%3A//jibundetsukuritai.com&dtd=103
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://jibundetsukuritai.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://jibundetsukuritai.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Apr 2021 13:04:10 GMT
server: cafe
content-length: 23265
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Apr-2021 13:19:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Apr 2021 13:04:10 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12a84d53232f26ad8feb3dab55e480195520c092b9a8dc87baca96c7390d919b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617988871915048"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28262
x-xss-protection: 0
expires: Sat, 10 Apr 2021 13:04:10 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 03DD 71 KB
24 KB 522ms
522ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=280&slotname=8092149923&adk=394546067&adf=2037289645&pi=t.ma~as.8092149923&w=800&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=3&psa=0&format=800x280&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&dt=1618059850489&bpp=2&bdt=586&idt=108&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2843&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=R26jKHu69G&p=https%3A//jibundetsukuritai.com&dtd=111

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb69fdea3aaec8f24798c318292865f99f74ed99cccab57dfde6737925a977af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5747570615922422&output=html&h=280&slotname=8092149923&adk=394546067&adf=2037289645&pi=t.ma~as.8092149923&w=800&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=3&psa=0&format=800x280&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&dt=1618059850489&bpp=2&bdt=586&idt=108&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2843&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=R26jKHu69G&p=https%3A//jibundetsukuritai.com&dtd=111
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://jibundetsukuritai.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://jibundetsukuritai.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Apr 2021 13:04:11 GMT
server: cafe
content-length: 24288
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Apr-2021 13:19:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Apr 2021 13:04:11 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BF5E 399 B
227 B 255ms
254ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=0&slotname=7232010731&adk=2397563849&adf=2586229376&pi=t.ma~as.7232010731&w=336&lmt=1618059850&rafmt=12&psa=0&format=336x0&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&wgl=1&dt=1618059850491&bpp=1&bdt=587&idt=113&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90%2C800x280&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=FKsujD9EUg&p=https%3A//jibundetsukuritai.com&dtd=116

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d87e7eb53e33cdf59c3a1c4cf810d79eaaa9dca2626500ee2e953a9270d1a86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5747570615922422&output=html&h=0&slotname=7232010731&adk=2397563849&adf=2586229376&pi=t.ma~as.7232010731&w=336&lmt=1618059850&rafmt=12&psa=0&format=336x0&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&wgl=1&dt=1618059850491&bpp=1&bdt=587&idt=113&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90%2C800x280&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=FKsujD9EUg&p=https%3A//jibundetsukuritai.com&dtd=116
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://jibundetsukuritai.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://jibundetsukuritai.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Apr 2021 13:04:10 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Apr-2021 13:19:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Apr 2021 13:04:10 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EE29 89 KB
32 KB 273ms
272ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=280&slotname=8092149923&adk=2541379471&adf=2872259201&pi=t.ma~as.8092149923&w=336&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1618059850493&bpp=1&bdt=589&idt=116&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90%2C800x280%2C336x0&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=2820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oU2WHCbLLh&p=https%3A//jibundetsukuritai.com&dtd=119

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32917240fac7f2f351ee75ab8aea0f6179b6a6cfdeb228f0893720ce3066e71d

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15618902507468553245/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15618902507468553245/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ6M_dTe8-8CFRnnuwgdc-MDaw&gqi=SqJxYNv1JYj13wPZ64GoDQ&layout=/sadbundle/%24csp%253Der3%24/15618902507468553245/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5747570615922422&output=html&h=280&slotname=8092149923&adk=2541379471&adf=2872259201&pi=t.ma~as.8092149923&w=336&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1618059850493&bpp=1&bdt=589&idt=116&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90%2C800x280%2C336x0&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=2820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oU2WHCbLLh&p=https%3A//jibundetsukuritai.com&dtd=119
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://jibundetsukuritai.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://jibundetsukuritai.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15618902507468553245/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15618902507468553245/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ6M_dTe8-8CFRnnuwgdc-MDaw&gqi=SqJxYNv1JYj13wPZ64GoDQ&layout=/sadbundle/%24csp%253Der3%24/15618902507468553245/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Apr 2021 13:04:10 GMT
server: cafe
content-length: 32145
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Apr-2021 13:19:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Apr 2021 13:04:10 GMT
cache-control: private

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
777 B 42ms
28ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=jibundetsukuritai.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Apr 2021 13:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 37ms
23ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=jibundetsukuritai.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Apr 2021 13:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AEDC 54 B
317 B 51ms
50ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&adk=1812271804&adf=3025194257&lmt=1618059850&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fjibundetsukuritai.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1618059850500&bpp=1&bdt=597&idt=118&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90%2C800x280%2C336x0%2C336x280&nras=1&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&dtd=123

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5747570615922422&output=html&adk=1812271804&adf=3025194257&lmt=1618059850&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fjibundetsukuritai.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1618059850500&bpp=1&bdt=597&idt=118&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90%2C800x280%2C336x0%2C336x280&nras=1&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&dtd=123
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://jibundetsukuritai.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://jibundetsukuritai.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Apr 2021 13:04:10 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Apr-2021 13:19:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Apr 2021 13:04:10 GMT
cache-control: private

GET
H2 200 18324705556571386225
tpc.googlesyndication.com/daca_images/simgad/ Frame 2436 23 KB
24 KB 7ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/18324705556571386225

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=90&slotname=8092149923&adk=3700744237&adf=2728409667&pi=t.ma~as.8092149923&w=800&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=2&psa=0&format=800x90&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1618059850485&bpp=4&bdt=582&idt=83&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3403315857225&frm=20&pv=2&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=9zoo4AbGXn&p=https%3A//jibundetsukuritai.com&dtd=103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e8054ad0725bafb2fb63ea56cfc79f5c926b08028a00b21a7868b590147d040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 08:12:52 GMT
x-content-type-options: nosniff
age: 190278
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23987
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:48:31 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Apr 2022 08:12:52 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame 2436 17 KB
7 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:59:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 17914786394753848863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 12:59:41 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 2436 2 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 13:02:46 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2436 118 KB
36 KB 37ms
22ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617988883687958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Sat, 10 Apr 2021 13:04:10 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 2436 13 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:03:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 13:03:50 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 2436 25 KB
10 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4379d5f31e3f6afe959f9b9a7f92c2b482dbddff7f95a73abf78066dc7d7facc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 06:24:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10481
x-xss-protection: 0
server: cafe
etag: 6535096331343443408
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 06:24:24 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2436 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CyeTsSqJxYLWnJbXd7_UP-8OY-A6dy_-XYvuXooCuDQsQASC2kYooYJUCoAGD3pjtAsgBAqkCdL_6GTv3sz6oAwHIA8kEqgTQAU_QYSiCyVyzH7BmDAtpLgtTdZAUTwsd_Qcu0pL0AG2y-aTacsuEAiIEC0_RQfBfP5sxLMgyvAAbzzIeU5TT45KiczX31RFUM0HeminLvFEczelXKqiYyqJi6UN0R6kWq0XYj1gymQRkdJfX6lKeHI2LWPPh-voxBLf2HjeRXKFm5DCuW3rI5IYm6ZSaeFCaVXuBljn3ZOQv8HCJJd8Xhxl3FtY4uVuswib6LeuMZzMqQESEpXUcRLTrDlisjNPYS6VkQqW5NB65tTgaW2zlCh3ABNfEsdC6A5IFBAgEGAGSBQQIBRgEoAYCgAeSxd52qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEPe6AdIICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi01NzQ3NTcwNjE1OTIyNDIy&sigh=tyY6hVUOczA&tpd=AGWhJmtc9iMGdVHkXHFHwdBJfwGlNix9dLEZWjeHDF0XisT5xw

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=90&slotname=8092149923&adk=3700744237&adf=2728409667&pi=t.ma~as.8092149923&w=800&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=2&psa=0&format=800x90&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1618059850485&bpp=4&bdt=582&idt=83&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3403315857225&frm=20&pv=2&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=9zoo4AbGXn&p=https%3A//jibundetsukuritai.com&dtd=103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 10 Apr 2021 13:04:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 10 Apr 2021 13:04:10 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 33C8 143 B
216 B 7ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=90&slotname=8092149923&adk=3700744237&adf=2728409667&pi=t.ma~as.8092149923&w=800&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=2&psa=0&format=800x90&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1618059850485&bpp=4&bdt=582&idt=83&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3403315857225&frm=20&pv=2&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=9zoo4AbGXn&p=https%3A//jibundetsukuritai.com&dtd=103
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=90&slotname=8092149923&adk=3700744237&adf=2728409667&pi=t.ma~as.8092149923&w=800&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=2&psa=0&format=800x90&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1618059850485&bpp=4&bdt=582&idt=83&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3403315857225&frm=20&pv=2&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=9zoo4AbGXn&p=https%3A//jibundetsukuritai.com&dtd=103

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 10 Apr 2021 12:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1364
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 7B7D 247 B
789 B 94ms
29ms Document
text/html 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

c5179278ae3f0e3d4ef49621978613e2125fec8fdc6ff27740db9e9df3954e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/redir.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-rbsL-46JF-bCLDUHGKlQqQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 204
date: Sat, 10 Apr 2021 13:04:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15618902507468553245/ Frame FE7A 81 KB
19 KB 29ms
15ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15618902507468553245/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=280&slotname=8092149923&adk=2541379471&adf=2872259201&pi=t.ma~as.8092149923&w=336&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1618059850493&bpp=1&bdt=589&idt=116&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90%2C800x280%2C336x0&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=2820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oU2WHCbLLh&p=https%3A//jibundetsukuritai.com&dtd=119

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495a4c400e3b0991b2b9ed16dc8dc0c631a92e61ad82fe3394c1c8986dd7566e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/15618902507468553245/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Fri, 09 Apr 2021 10:06:13 GMT
expires: Sat, 09 Apr 2022 10:06:13 GMT
last-modified: Mon, 22 Jun 2020 07:22:15 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 18177
age: 97077
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame EE29 17 KB
7 KB 30ms
17ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:59:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 17914786394753848863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 12:59:41 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame EE29 2 KB
1 KB 30ms
17ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 13:02:46 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE29 118 KB
36 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617988883687958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Sat, 10 Apr 2021 13:04:10 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame EE29 13 KB
6 KB 27ms
16ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:03:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 13:03:50 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame EE29 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPWaaSqJxYJ6_JpnO7_UP88aP2AbOi6_CYI38kZ3RC-vV7smiGhABILaRiihglQKgAem58ccCyAEJqQJ0v_oZO_ezPqgDAcgDSKoE4QFP0KN_krSRqY6Sr-ZqaBMOGJ6qooXzmxBk9VyR2zik1YrQ7BMYLcULu5Tv0v9SE3IjeI7Du2f5OjwV-ZKc_htORYJyXrOL4jc4cZl6WWU_99WPKzvEEzTDxqz0SWZ1fVfULTOKO0ezicoBNygNI6LsSTIJgRngWkgDWYQbLBHcLf2aMvx2yLY8mVAPYZTxvmzltuTrV_Hcr8GamZEzjBfyPUFXUYHI_vnBc1NP8hs6R_PkDnsq-8kcWyKiyTeVVq8yrBQRM6T8b1ej4maSUPMbhbq_pBEiAZ6q8SdUkGEIha_ABO_e2K7vApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf_xY64AagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBD2_gHSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItNTc0NzU3MDYxNTkyMjQyMg&sigh=IxvO4VaJMDs&template_id=419&tpd=AGWhJmtF64GabYC7OlMZlrakQVErXLcV9VXgrSyBLtmdSfD35Q

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=280&slotname=8092149923&adk=2541379471&adf=2872259201&pi=t.ma~as.8092149923&w=336&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1618059850493&bpp=1&bdt=589&idt=116&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90%2C800x280%2C336x0&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=2820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oU2WHCbLLh&p=https%3A//jibundetsukuritai.com&dtd=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 10 Apr 2021 13:04:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 10 Apr 2021 13:04:10 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 33C8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

16ms
15ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnm02ejnMY1ERSWpbveucn3g-RkF3vJnhtN-7aPO0LJiii0cCkwRqIKLSpG-is
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 10 Apr 2021 13:04:10 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 10-Apr-2021 14:04:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Apr 2021 13:04:10 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 10 Apr 2021 13:04:10 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2436 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b18d9542e7bc356f31d92c031d64e29f3ac47484f9a1155d11394c1969d7a22d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3FD3 143 B
165 B 6ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=280&slotname=8092149923&adk=2541379471&adf=2872259201&pi=t.ma~as.8092149923&w=336&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1618059850493&bpp=1&bdt=589&idt=116&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90%2C800x280%2C336x0&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=2820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oU2WHCbLLh&p=https%3A//jibundetsukuritai.com&dtd=119
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUkg4yIctCNImHdia08_-JKkGTX7oJ1lUJXaxWBoIhGGJ7QrJVxQKV6UNIQYxJY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=280&slotname=8092149923&adk=2541379471&adf=2872259201&pi=t.ma~as.8092149923&w=336&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1618059850493&bpp=1&bdt=589&idt=116&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90%2C800x280%2C336x0&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=2820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oU2WHCbLLh&p=https%3A//jibundetsukuritai.com&dtd=119

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 10 Apr 2021 12:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1364
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame EE29 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bc3fd44f5621a42d24d7ae22104868cbe2bb8da2350d7addcf9c9a77f543411

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame FE7A 2 KB
603 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15618902507468553245/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4608ce05feace4b1b636463e65188e56c7b30b5ca261a70a3a567e9880f16ce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 10 Apr 2021 12:48:24 GMT
server: ESF
date: Sat, 10 Apr 2021 13:04:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Apr 2021 13:04:11 GMT

GET
H3-Q050 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame FE7A 16 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15618902507468553245/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 17:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71686
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 10 Apr 2021 17:09:25 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame FE7A 22 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15618902507468553245/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 10 Apr 2021 13:07:30 GMT

GET
H3-Q050 200 iframe.html Show response
p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 7B7D 7 KB
3 KB 74ms
45ms Document
text/html 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

5fd2e32a10713a19aa03a5cee016ca499197704191fd8a0a49dc690baa334b15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-Wk5ORtT1HK0WJ86OifQ4qA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 2426
date: Sat, 10 Apr 2021 13:04:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 25 Feb 2021 15:45:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3FD3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
156 B

14ms
13ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUkg4yIctCNImHdia08_-JKkGTX7oJ1lUJXaxWBoIhGGJ7QrJVxQKV6UNIQYxJY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 10 Apr 2021 13:04:11 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 10-Apr-2021 14:04:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Apr 2021 13:04:11 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 10 Apr 2021 13:04:11 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 XRXW3I6Li01BKofAjsOUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ Frame FE7A 19 KB
19 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUYevI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Nov 2020 02:44:23 GMT
server: sffe
age: 97233
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19088
x-xss-protection: 0
expires: Sat, 09 Apr 2022 10:03:38 GMT

GET
H3-Q050 200 rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js Show response
pagead2.googlesyndication.com/bg/ Frame FE7A 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 11:17:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 6384
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5683
x-xss-protection: 0
expires: Sun, 10 Apr 2022 11:17:47 GMT

GET
H3-Q050 200 BST-bUTTON-05-05.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15618902507468553245/ Frame FE7A 1 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15618902507468553245/BST-bUTTON-05-05.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba705512917e5f4d7046601a2bddef6f96d85999f518695b9c55d620bddf3791

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 212283
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1453
x-xss-protection: 0
last-modified: Mon, 22 Jun 2020 07:22:15 GMT
server: sffe
date: Thu, 08 Apr 2021 02:06:08 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Apr 2022 02:06:08 GMT

GET
H3-Q050 200 logo-bst-klein_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15618902507468553245/ Frame FE7A 12 KB
12 KB 12ms
10ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15618902507468553245/logo-bst-klein_1.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20bcafc14695138a78b87b2ad80fd92dd39d9973af5cc37a7b1bb01b670d6784

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 97078
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11803
x-xss-protection: 0
last-modified: Mon, 22 Jun 2020 07:22:15 GMT
server: sffe
date: Fri, 09 Apr 2021 10:06:13 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Apr 2022 10:06:13 GMT

GET
H3-Q050 200 BST-Eisbuddy_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15618902507468553245/ Frame FE7A 39 KB
39 KB 9ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15618902507468553245/BST-Eisbuddy_1.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3032fff752875a5501df39b2e1e7c12e2bf05e0e71cd6d73d52b0ff22f746ca5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 97078
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39748
x-xss-protection: 0
last-modified: Mon, 22 Jun 2020 07:22:15 GMT
server: sffe
date: Fri, 09 Apr 2021 10:06:13 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Apr 2022 10:06:13 GMT

GET
H3-Q050 200 BST-Dinnerbuddy_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15618902507468553245/ Frame FE7A 39 KB
39 KB 14ms
13ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15618902507468553245/BST-Dinnerbuddy_1.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24399d873a36277f26e7c16717a2bffc2b1b114e8f5ba7d3e005974843549b49

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 97078
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39636
x-xss-protection: 0
last-modified: Mon, 22 Jun 2020 07:22:15 GMT
server: sffe
date: Fri, 09 Apr 2021 10:06:13 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Apr 2022 10:06:13 GMT

GET
H3-Q050 200 BST-Weinbuddy_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15618902507468553245/ Frame FE7A 35 KB
35 KB 12ms
11ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15618902507468553245/BST-Weinbuddy_1.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4426b931903440e4230784e2b52891ed7b8f108410ae29e211f1dfff9c66c56

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 97078
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35591
x-xss-protection: 0
last-modified: Mon, 22 Jun 2020 07:22:15 GMT
server: sffe
date: Fri, 09 Apr 2021 10:06:13 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Apr 2022 10:06:13 GMT

GET
H3-Q050 200 rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js Show response
pagead2.googlesyndication.com/bg/ Frame 37FA 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 11:17:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 6384
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5683
x-xss-protection: 0
expires: Sun, 10 Apr 2022 11:17:47 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 03DD 3 KB
1016 B 42ms
28ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=280&slotname=8092149923&adk=394546067&adf=2037289645&pi=t.ma~as.8092149923&w=800&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=3&psa=0&format=800x280&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&dt=1618059850489&bpp=2&bdt=586&idt=108&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2843&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=R26jKHu69G&p=https%3A//jibundetsukuritai.com&dtd=111

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 10 Apr 2021 11:33:36 GMT
server: ESF
date: Sat, 10 Apr 2021 13:04:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Apr 2021 13:04:11 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 03DD 1 KB
991 B 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=280&slotname=8092149923&adk=394546067&adf=2037289645&pi=t.ma~as.8092149923&w=800&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=3&psa=0&format=800x280&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&dt=1618059850489&bpp=2&bdt=586&idt=108&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2843&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=R26jKHu69G&p=https%3A//jibundetsukuritai.com&dtd=111

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:02:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 13:02:47 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame 03DD 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=280&slotname=8092149923&adk=394546067&adf=2037289645&pi=t.ma~as.8092149923&w=800&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=3&psa=0&format=800x280&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&dt=1618059850489&bpp=2&bdt=586&idt=108&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2843&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=R26jKHu69G&p=https%3A//jibundetsukuritai.com&dtd=111

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:59:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 270
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 17914786394753848863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 12:59:41 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5033216052339213191/ Frame 03DD 16 KB
16 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5033216052339213191/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=280&slotname=8092149923&adk=394546067&adf=2037289645&pi=t.ma~as.8092149923&w=800&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=3&psa=0&format=800x280&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&dt=1618059850489&bpp=2&bdt=586&idt=108&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2843&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=R26jKHu69G&p=https%3A//jibundetsukuritai.com&dtd=111

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81acb1303f3b9f41b19557cbc5ef8d131a14427edb8f6319e955d653ddd7142a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 19:17:06 GMT
x-content-type-options: nosniff
age: 64025
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16681
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:40:14 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Apr 2022 19:17:06 GMT

GET
DATA 200
OK truncated
/ Frame 03DD 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 03DD 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=280&slotname=8092149923&adk=394546067&adf=2037289645&pi=t.ma~as.8092149923&w=800&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=3&psa=0&format=800x280&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&dt=1618059850489&bpp=2&bdt=586&idt=108&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2843&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=R26jKHu69G&p=https%3A//jibundetsukuritai.com&dtd=111

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 13:02:46 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 03DD 118 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=280&slotname=8092149923&adk=394546067&adf=2037289645&pi=t.ma~as.8092149923&w=800&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=3&psa=0&format=800x280&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&dt=1618059850489&bpp=2&bdt=586&idt=108&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2843&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=R26jKHu69G&p=https%3A//jibundetsukuritai.com&dtd=111

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617988883687958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Sat, 10 Apr 2021 13:04:11 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 03DD 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=280&slotname=8092149923&adk=394546067&adf=2037289645&pi=t.ma~as.8092149923&w=800&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=3&psa=0&format=800x280&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&dt=1618059850489&bpp=2&bdt=586&idt=108&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2843&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=R26jKHu69G&p=https%3A//jibundetsukuritai.com&dtd=111

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:03:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 13:03:50 GMT

GET
H2 200 1f3867f1f27527e43574e1cbaa2e66c3.js Show response
www.gstatic.com/mysidia/ Frame 03DD 25 KB
10 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1f3867f1f27527e43574e1cbaa2e66c3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=280&slotname=8092149923&adk=394546067&adf=2037289645&pi=t.ma~as.8092149923&w=800&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=3&psa=0&format=800x280&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&dt=1618059850489&bpp=2&bdt=586&idt=108&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2843&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=R26jKHu69G&p=https%3A//jibundetsukuritai.com&dtd=111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47266f5d8118cec1898402204dbdfa8d5a2343b6ceec8c2036ea1d86552d519b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 11:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Apr 2021 08:45:50 GMT
server: sffe
age: 179842
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10498
x-xss-protection: 0
expires: Wed, 07 Jul 2021 11:06:49 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 03DD 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWtaLSqJxYJPVJe3D7_UP_a6SmAHMr53kYenWzenWDbbdwISGAhABILaRiihglQKgAb_Fg9AByAEJqQJ0v_oZO_ezPqgDAcgDywSqBNgBT9AqU0KUF33-Jjl0sXGXzoR32h4NRrYwaNp5BH4VMK2G8-RqaR_iOIcKccWQ-rHGseeI59fIbn7-HNyz2e9mPAATe4VFv1CpBnDpqvmUU1aDOjux7ygWfhLa7PtbAiHkzcwm2yDG-B8XoVRNV4I9MiGDku2AlFNRuP4xWEo3FBjMYgm0pOJbIPyJQ3NAluPYdkYRJGnkM2GDlobppdlGXqSHXoV9PNkSHIlKyrklNtOSnxr3b14HFOxbSJB10eYp9T9X-yeKyU2afWRqU8VtpNjUAt6jhezzwASFru2luQOSBQQIBBgBkgUECAUYBKAGLoAHqbr8rwKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQsr4D0ggJCIDhgBAQARgfgAoByAsBuBOIJ9gTDYgUApgWAbIXGgoYCAASFHB1Yi01NzQ3NTcwNjE1OTIyNDIy&sigh=-XjSCVl1bQg&template_id=5000&tpd=AGWhJmunJW6caVw6y5-M5vSox2dI85Bh5qohcl5OU3kdxn8dKA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=280&slotname=8092149923&adk=394546067&adf=2037289645&pi=t.ma~as.8092149923&w=800&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=3&psa=0&format=800x280&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&dt=1618059850489&bpp=2&bdt=586&idt=108&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2843&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=R26jKHu69G&p=https%3A//jibundetsukuritai.com&dtd=111

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=280&slotname=8092149923&adk=394546067&adf=2037289645&pi=t.ma~as.8092149923&w=800&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=3&psa=0&format=800x280&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&dt=1618059850489&bpp=2&bdt=586&idt=108&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2843&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=R26jKHu69G&p=https%3A//jibundetsukuritai.com&dtd=111
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 10 Apr 2021 13:04:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 03DD 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 268b6c3f0a6a2a3043794e5afc7da4e9aea2d34b693762565d8087eec858f24b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 03DD 21 KB
21 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 97234
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Sat, 09 Apr 2022 10:03:37 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 03DD 21 KB
21 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 212469
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 08 Apr 2022 02:03:02 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 41ms
26ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210406&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8de9f2cfa2e4fe6abade1a0241998ee0b98560856f3576d7fbebdf25b3014bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Apr 2021 13:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6575
x-xss-protection: 0

GET
H3-Q050 200 rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js Show response
pagead2.googlesyndication.com/bg/ Frame 70F8 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747570615922422&output=html&h=280&slotname=8092149923&adk=394546067&adf=2037289645&pi=t.ma~as.8092149923&w=800&fwrn=4&fwrnh=100&lmt=1618059850&rafmt=3&psa=0&format=800x280&url=https%3A%2F%2Fjibundetsukuritai.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&dt=1618059850489&bpp=2&bdt=586&idt=108&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=800x90&correlator=3403315857225&frm=20&pv=1&ga_vid=93479155.1618059850&ga_sid=1618059851&ga_hid=1670728664&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2843&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711%2C44740079%2C44739387&oid=3&pvsid=3691976042992204&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=R26jKHu69G&p=https%3A//jibundetsukuritai.com&dtd=111

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 11:17:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 6384
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5683
x-xss-protection: 0
expires: Sun, 10 Apr 2022 11:17:47 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 10 Apr 2021 13:04:11 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 8E44 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://jibundetsukuritai.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://jibundetsukuritai.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 10 Apr 2021 13:03:34 GMT
expires: Sun, 10 Apr 2022 13:03:34 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 37
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js Show response
pagead2.googlesyndication.com/bg/ Frame 8E44 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 11:17:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 6384
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5683
x-xss-protection: 0
expires: Sun, 10 Apr 2022 11:17:47 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
330 B 46ms
44ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210406&jk=3691976042992204&bg=!urmluf3NAAY56aLOOek7ACkAdvg8WnYbgJDK6s-BURLfTFtjgJQbw3KV1Pz-wz7cxgPPFhXqlP1BfAIAAABXUgAAAAxoAQcKAUjhuEovoEt2G2OvKNpiDwsOfDFbI4awpMT-iLxeS8H8DiGZ3td8Pl9rM8iGFLfAZ7EFCiJZ5FAApyEpnp9AzeQJ9JsjHSNuqg_zTxTAaIc7KkgaZZSjw4KqcmEHsR1iVW_sjS95GkceEw5fswNh1wDxaWhiie4f5fH0XvGLoAwW05sootgx8A7X6-U1Pj5F3ZhDrC8_kfJvg9FA16g5ApbLL1sAIlAPGjWP7EL5m8Qi7EdSsR5nqJk6rBGMPN_k48UizdvNj3SJaFF7kYx_ehO22gdrQbmOgRKbS6WNp-rT8-u34MJPPdVnLnurKwmc6QPxxpI0fpbHr752Zk90JY59dwV9-uiisiKKT1xQJO8p_TMmy29BrbljjaaxcFeBUXLvfxtSPchbiOMHlljI8uJmGX4QQnJqybDQdo5b4RBI-x2b5dffcTNCmQHhWxl95ync88HMGcxJFGrwdsu_ZKCk0bRWhUz3zkLXGsB0pOpXrkkH3VWevqkqQh0bHfAsUeuGCiLrTTeJyJ7QRtaMsFxvsRVGVjO-eYgeBP06tm2Co1ZalnZ8PMf-xT0e23N7B5KuiBUSaD4gJCcaGN8sOHWK4EOaCbY1gCQr-lD2AOkGmHyZmPtRBikECQQfyBtLIZNsZyzPa4eVraFt1scwxtKk2Q2IJMgke1E8PG545Thxl6WJCfhrOxZm9F6tezen1hBzP0aMyvFW2i-VVV3g-4-5bg-DKd9brZKE2HIp8rWmgpcua6feCfXcHySaM2e87b08vYhxI1hW0WS3dLOYLb7slHJ_sv6A8l-O-Ja_889VSnab88lviHeBx1pPyhWQTp3lCOzQ1xYunzNwVJ2Q6zG9ndCxCEe4LoLQ-iVgX6yaG5quA033BdVXnOEdTF2dry-LwK-FWK6iH7XqME7Z84VD-1c5r34A35DxWBjNUfwCzDi-thiijh1h8l21PfMkBHXja-dkkkWNhi4YAny9ihyieTYwNbwpZQ7ZGrJvTP-wBWO172M487XFDsh6HvjcIV7t1IAlyXEN9nn346XOFhG-8Jg4qEW6D_iYsLFyMZqt3wSI8hM3kst3awASqQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 13:04:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2436 42 B
132 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstbK-r5eN1S8EbAuMH_HuqUUFnfUcNqWOomYZuthUJDVQJ1v_vg8oWPeYo0lWAOFvurBBrcBsU4rlgutEER21e4QBT7K98n-jpjk6jEkfpNYtz2E9OlJWKfzI7cvg&sai=AMfl-YRIDaG2P2sh8QtIidZ2yFqZEc5lkc0gtrYCV9ebE_1G8ace1Qyl2r6uXOsz8oMlxqnuFEx7HSvUoH1R&sig=Cg0ArKJSzJiGxMAARzFeEAE&id=osdim&mcvt=1000&p=1002,238,1092,966&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210409&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3700744237&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618059850594&dlt=264&rpt=55&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 13:04:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 39ms
38ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-5747570615922422&su=jibundetsukuritai.com&doc=complete&pg_h=3436&pg_w=1600&pg_hs=3436&c=3&aa_c=0&av_h=216.667&av_w=645.333&av_a=130026.667&s=70&all_s=70&b=312.828&all_b=312.828&d=0.189&all_d=0.189&ard=0.071&all_ard=0.071&dt=d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jibundetsukuritai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 13:04:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-789002-i1-v6exp3.ds.metric.gstatic.com/v6exp3/ Frame 7B7D 35 B
410 B 82ms
17ms Image
image/gif 2a00:1450:400c:c04::b5
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-789002-i1-v6exp3.ds.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::b5 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 13:04:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-789002-i2-v6exp3.v4.metric.gstatic.com/v6exp3/ Frame 7B7D 35 B
410 B 74ms
21ms Image
image/gif 74.125.206.181
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-789002-i2-v6exp3.v4.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.181 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f181.1e100.net

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 13:04:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:27:40	Name: test_cookie Value: CheckForPermission
.jibundetsukuritai.com/	1970-01-20 02:49:15	Name: __gads Value: ID=f00771771c643bae-227252040dbb0028:T=1618059850:RT=1618059850:S=ALNI_MY3qbY4MhVCNOJY2OQB1WEGM3YNHw
.jibundetsukuritai.com/	1970-01-19 17:27:39	Name: _gat_UA-98709105-1 Value: 1
.doubleclick.net/	1970-01-19 17:27:43	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 02:49:15	Name: IDE Value: AHWqTUkg4yIctCNImHdia08_-JKkGTX7oJ1lUJXaxWBoIhGGJ7QrJVxQKV6UNIQYxJY
.jibundetsukuritai.com/	1970-01-19 17:29:06	Name: _gid Value: GA1.2.171593281.1618059850
.jibundetsukuritai.com/	1970-01-20 10:58:51	Name: _ga Value: GA1.2.93479155.1618059850

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jibundetsukuritai.com
p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-789002-i1-v6exp3.ds.metric.gstatic.com
p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-789002-i2-v6exp3.v4.metric.gstatic.com
p4-bsixmkerqmx36-qo3zpjklg5w4a4f2-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.186.163
157.7.107.253
216.58.212.162
2606:4700::6810:125e
2a00:1450:4001:800::200a
2a00:1450:4001:803::2003
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:400c:c04::b5
2a04:4e42:1b::621
74.125.206.181
048e96d7b605e26a525c937b7e9ee9a07754b099715b527c681965074d110e26
069634ee0a93afd2cead906b4faa2c65a7041c3269a56986b819717635d05be9
12a84d53232f26ad8feb3dab55e480195520c092b9a8dc87baca96c7390d919b
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b35f828bed609bd50d0004f302ae90810fcfdff55f4a1a50f7d801f590f2358
1bc3fd44f5621a42d24d7ae22104868cbe2bb8da2350d7addcf9c9a77f543411
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1e8054ad0725bafb2fb63ea56cfc79f5c926b08028a00b21a7868b590147d040
1fcb21ea3222527e3c965f1a9af966585373ab7fe986f494b791cf7d3f1da27e
20bcafc14695138a78b87b2ad80fd92dd39d9973af5cc37a7b1bb01b670d6784
24399d873a36277f26e7c16717a2bffc2b1b114e8f5ba7d3e005974843549b49
268b6c3f0a6a2a3043794e5afc7da4e9aea2d34b693762565d8087eec858f24b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3032fff752875a5501df39b2e1e7c12e2bf05e0e71cd6d73d52b0ff22f746ca5
3272d296ac93000ea534ff4478b6011c5d4995c25ade60734fc71d5b723d2e3f
32917240fac7f2f351ee75ab8aea0f6179b6a6cfdeb228f0893720ce3066e71d
36d7215cee1d70d7ac7698b480afd25f69f5765e47fcf6c76a370b66f31c3743
4379d5f31e3f6afe959f9b9a7f92c2b482dbddff7f95a73abf78066dc7d7facc
4608ce05feace4b1b636463e65188e56c7b30b5ca261a70a3a567e9880f16ce6
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
47266f5d8118cec1898402204dbdfa8d5a2343b6ceec8c2036ea1d86552d519b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
495a4c400e3b0991b2b9ed16dc8dc0c631a92e61ad82fe3394c1c8986dd7566e
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4c5ab86e1d3a139d0e55085451ee73439b9441bbe79716044d24f59e118df3ee
4d87e7eb53e33cdf59c3a1c4cf810d79eaaa9dca2626500ee2e953a9270d1a86
4e3a986e8eb41988f249d282d07ffd56f858d1295448c5c3a44d2188fc3a5553
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f42b6ec5a17be1a3ed274b28e53054a13757faf5947fa802b5b2fa38634321f
5fd2e32a10713a19aa03a5cee016ca499197704191fd8a0a49dc690baa334b15
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1
724cbe44bc0a75e8142b968960aa1606c3ef4c4ba884e9ba223ac1aec9dde15b
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342
81acb1303f3b9f41b19557cbc5ef8d131a14427edb8f6319e955d653ddd7142a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b3aa0900ae73fa28e6061abd94b5d9253bce5a93e8a85c8a6e3881122e8ac5e
8de9f2cfa2e4fe6abade1a0241998ee0b98560856f3576d7fbebdf25b3014bf9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
b18d9542e7bc356f31d92c031d64e29f3ac47484f9a1155d11394c1969d7a22d
ba705512917e5f4d7046601a2bddef6f96d85999f518695b9c55d620bddf3791
bd5713e27f4481988d37b5b719dedea4e4379ec3c3bafea0fba9d0abe8db4973
c5179278ae3f0e3d4ef49621978613e2125fec8fdc6ff27740db9e9df3954e01
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
d37fbeab10fcedac608bd147674241dbe57da94d126ee82357cf29a4864956db
d4426b931903440e4230784e2b52891ed7b8f108410ae29e211f1dfff9c66c56
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dc270c483827b3512053381a9b8280124529da576e39ae5f5a898e893ca93793
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb02fae11d358a1e65a370d1eaea9efd0f7d64373729510409c7ae01a7d0af60
eb69fdea3aaec8f24798c318292865f99f74ed99cccab57dfde6737925a977af
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c4b83cfed06cb6134e7a1411e90e2e8a3c06b38d2cd4448f9c1b6525ab5209
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fac02a96e87d9afaa0ccb933490c281386d6f3b3971e419c747fd6e1f5875e1f

jibundetsukuritai.com Open in urlscan Pro 157.7.107.253 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

83 Requests

100 %HTTPS

81 %IPv6

13 Domains

20 Subdomains

20 IPs

4 Countries

1320 kBTransfer

2580 kBSize

7 Cookies

0 Outgoing links

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

jibundetsukuritai.com Open in urlscan Pro
157.7.107.253 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

100 %
HTTPS

81 %
IPv6

13
Domains

20
Subdomains

20
IPs

4
Countries

1320 kB
Transfer

2580 kB
Size

7
Cookies

83 HTTP transactions
4 data transactions