genshin-leak.com Open in urlscan Pro
118.27.100.23 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://genshin-leak.com/
Effective URL:
https://genshin-leak.com/
Submission: On January 31 via api (January 31st 2024, 11:31:45 am UTC) from US — Scanned from JP

Summary HTTP 199 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 51 IPs in 6 countries across 38 domains to perform 199 HTTP transactions. The main IP is 118.27.100.23, located in Japan and belongs to INTERQ GMO Internet,Inc, JP. The main domain is genshin-leak.com.
TLS certificate: Issued by GlobalSign Atlas R3 AlphaSSL CA 2023 Q4 on January 6th 2024. Valid for: a year.

This is the only time genshin-leak.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 70	118.27.100.23 118.27.100.23	7506 (INTERQ GM...) (INTERQ GMO Internet)
13	2404:6800:400... 2404:6800:4004:818::2002	15169 (GOOGLE) (GOOGLE)
1	18.65.125.113 18.65.125.113	16509 (AMAZON-02) (AMAZON-02)
14	2404:6800:400... 2404:6800:4004:826::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:822::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:310... 2606:4700:310c::ac42:2eee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:310... 2606:4700:310c::ac42:2ef4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:2800:248... 2606:2800:248:2f:1d8a:787:dc7:17df	15133 (EDGECAST) (EDGECAST)
6	2404:6800:400... 2404:6800:4004:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
3	18.64.126.129 18.64.126.129	16509 (AMAZON-02) (AMAZON-02)
4	2404:6800:400... 2404:6800:4004:823::2003	15169 (GOOGLE) (GOOGLE)
3	34.160.89.38 34.160.89.38	15169 (GOOGLE) (GOOGLE)
1	143.204.86.33 143.204.86.33	16509 (AMAZON-02) (AMAZON-02)
1	2406:2600:4::12 2406:2600:4::12	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	202.233.84.2 202.233.84.2	131957 (MICROAD M...) (MICROAD MicroAd)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
1	18.65.107.133 18.65.107.133	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
2 11	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4004:827::2003	15169 (GOOGLE) (GOOGLE)
11	2404:6800:400... 2404:6800:4004:813::200e	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:81c::2001	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:825::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21e... 2600:9000:21ee:9800:1f:2964:4340:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4004:820::2002	15169 (GOOGLE) (GOOGLE)
2 3	52.196.50.30 52.196.50.30	16509 (AMAZON-02) (AMAZON-02)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
5	52.76.134.18 52.76.134.18	16509 (AMAZON-02) (AMAZON-02)
1 1	23.105.12.170 23.105.12.170	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2	23.45.58.82 23.45.58.82	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	54.238.5.160 54.238.5.160	16509 (AMAZON-02) (AMAZON-02)
5	2404:6800:400... 2404:6800:4004:822::2003	15169 (GOOGLE) (GOOGLE)
12 17	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2600:140b:1c0... 2600:140b:1c00:e::17cb:853e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:1901:0:e... 2600:1901:0:e207::	15169 (GOOGLE) (GOOGLE)
2	2600:9000:204... 2600:9000:2047:3200:1f:5b22:6e00:93a1	16509 (AMAZON-02) (AMAZON-02)
3 5	216.58.220.130 216.58.220.130	15169 (GOOGLE) (GOOGLE)
3 3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3 3	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1 1	23.108.103.8 23.108.103.8	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:2112:9a00:19:8e9:d580:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2406:2600:4::1 2406:2600:4::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 1	2406:da18:929... 2406:da18:929:5a00:f9ef:986d:b765:c7ac	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.239.33.158 54.239.33.158	16509 (AMAZON-02) (AMAZON-02)
1	131.153.206.100 131.153.206.100	59210 (PHOENIXNA...) (PHOENIXNAP-AS-SG1 PhoenixNAP)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	172.64.146.152 172.64.146.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	103.43.90.178 103.43.90.178	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	13.228.126.19 13.228.126.19	16509 (AMAZON-02) (AMAZON-02)
1	23.192.45.98 23.192.45.98	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	52.44.239.97 52.44.239.97	14618 (AMAZON-AES) (AMAZON-AES)
2	104.244.42.136 104.244.42.136	() ()
1 2	2406:2600:4::b 2406:2600:4::b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	182.161.74.11 182.161.74.11	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
199	51

70 118.27.100.23 (Japan) 1 redirects

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: www153.onamae.ne.jp

genshin-leak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2404:6800:4004:818::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.125.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-125-113.kix50.r.cloudfront.net

flux-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2404:6800:4004:826::2002 (Australia)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:822::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:310c::ac42:2eee (United States)

ASN13335 (CLOUDFLARENET, US)

new-adtest.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:310c::ac42:2ef4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

adtest.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:248:2f:1d8a:787:dc7:17df (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:827::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.64.126.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-126-129.nrt12.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.160.89.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.89.160.34.bc.googleusercontent.com

a.flux.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.86.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-86-33.nrt12.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:4::12 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.2 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

s-rtb-pb.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.107.133 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-107-133.kix50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.46.143.56 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:827::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:4004:813::200e (Australia)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:81c::2001 (Australia)

ASN15169 (GOOGLE, US)

f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:825::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ee:9800:1f:2964:4340:93a1 (United States)

ASN16509 (AMAZON-02, US)

imp-adedge.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.196.50.30 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-50-30.ap-northeast-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.76.134.18 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-134-18.ap-southeast-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.170 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ssbsync-us.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.58.82 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-58-82.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.238.5.160 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-5-160.ap-northeast-1.compute.amazonaws.com

ssp-bidapi.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:822::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 69.173.158.64 (Singapore, Singapore) 12 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:1c00:e::17cb:853e (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:e207:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2047:3200:1f:5b22:6e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

spnativeapi-tls.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.220.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: syd09s01-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.213.12.39 (Tokyo, Japan) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.108.103.8 (Jurong Town, Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2112:9a00:19:8e9:d580:93a1 (United States)

ASN16509 (AMAZON-02, US)

spimgv1.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da18:929:5a00:f9ef:986d:b765:c7ac (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.239.33.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.153.206.100 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.146.152 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.43.90.178 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.228.126.19 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.192.45.98 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-192-45-98.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.239.97 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-239-97.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (None, )

ASN- ()

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:4::b (Japan) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	genshin-leak.com 1 redirects genshin-leak.com	1 MB
20	rubiconproject.com 13 redirects eus.rubiconproject.com — Cisco Umbrella Rank: 579 token.rubiconproject.com — Cisco Umbrella Rank: 477 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1274 pixel.rubiconproject.com — Cisco Umbrella Rank: 381	25 KB
19	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	213 KB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	360 KB
17	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 314 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591 aax.amazon-adsystem.com — Cisco Umbrella Rank: 395 s.amazon-adsystem.com — Cisco Umbrella Rank: 326 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 801	84 KB
17	google.com www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143	116 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	445 KB
6	i-mobile.co.jp imp-adedge.i-mobile.co.jp — Cisco Umbrella Rank: 130352 ssp-bidapi.i-mobile.co.jp — Cisco Umbrella Rank: 127294 spnativeapi-tls.i-mobile.co.jp — Cisco Umbrella Rank: 133388 spimgv1.i-mobile.co.jp — Cisco Umbrella Rank: 194357	63 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1230 syndication.twitter.com	150 KB
5	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 508	2 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 679 gum.criteo.com — Cisco Umbrella Rank: 423 mug.criteo.com — Cisco Umbrella Rank: 3123	7 KB
3	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495 ups.analytics.yahoo.com — Cisco Umbrella Rank: 358	1 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 373	2 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 357	1 KB
3	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 555	1 KB
3	flux.jp a.flux.jp — Cisco Umbrella Rank: 83822	881 B
3	pages.dev 1 redirects new-adtest.pages.dev adtest.pages.dev	4 KB
2	connatix.com 1 redirects capi.connatix.com — Cisco Umbrella Rank: 1105	522 B
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 501	1 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 657	60 KB
2	openx.net 2 redirects u.openx.net — Cisco Umbrella Rank: 683	737 B
2	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 29548 audiencedata.im-apps.net — Cisco Umbrella Rank: 29678	3 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 857 id5-sync.com — Cisco Umbrella Rank: 425	26 KB
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 906	493 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 773	648 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 253	1 KB
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 740	451 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 349	514 B
1	admixer.net 1 redirects inv-nets.admixer.net — Cisco Umbrella Rank: 1841	589 B
1	smartadserver.com 1 redirects ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6940	279 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1161	361 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	65 KB
1	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 25120	179 B
1	microad.jp s-rtb-pb.send.microad.jp — Cisco Umbrella Rank: 87784	514 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	4 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 369	31 KB
1	flux-cdn.com flux-cdn.com — Cisco Umbrella Rank: 95710	87 KB
199	38

	Domain	Requested by
70	genshin-leak.com	1 redirects genshin-leak.com
13	pagead2.googlesyndication.com	genshin-leak.com pagead2.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
11	s.amazon-adsystem.com	2 redirects c.amazon-adsystem.com s.amazon-adsystem.com match.sharethrough.com
10	pixel.rubiconproject.com	6 redirects s.amazon-adsystem.com genshin-leak.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com
7	token.rubiconproject.com	6 redirects eus.rubiconproject.com
6	www.google.com	genshin-leak.com www.gstatic.com www.google.com tpc.googlesyndication.com
6	securepubads.g.doubleclick.net	genshin-leak.com securepubads.g.doubleclick.net f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com www.googletagservices.com
5	cm.g.doubleclick.net	3 redirects s.amazon-adsystem.com
5	csi.gstatic.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	match.sharethrough.com	s.amazon-adsystem.com match.sharethrough.com
4	tpc.googlesyndication.com	f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	platform.twitter.com	genshin-leak.com platform.twitter.com
3	x.bidswitch.net	3 redirects
3	match.adsrvr.org	3 redirects
3	match.prod.bidr.io	2 redirects s.amazon-adsystem.com
3	a.flux.jp	flux-cdn.com
3	c.amazon-adsystem.com	genshin-leak.com c.amazon-adsystem.com
2	gum.criteo.com	1 redirects static.criteo.net
2	syndication.twitter.com	platform.twitter.com
2	ups.analytics.yahoo.com	2 redirects
2	capi.connatix.com	1 redirects genshin-leak.com
2	pixel.tapad.com	1 redirects s.amazon-adsystem.com
2	static.criteo.net	flux-cdn.com static.criteo.net
2	u.openx.net	2 redirects
2	spnativeapi-tls.i-mobile.co.jp	imp-adedge.i-mobile.co.jp genshin-leak.com
2	ssp-bidapi.i-mobile.co.jp	imp-adedge.i-mobile.co.jp
2	eus.rubiconproject.com	s.amazon-adsystem.com eus.rubiconproject.com
2	f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	fonts.gstatic.com	www.google.com
2	adtest.pages.dev	1 redirects genshin-leak.com
1	mug.criteo.com
1	sync.ipredictive.com	1 redirects
1	hb.yahoo.net	genshin-leak.com
1	ib.adnxs.com	s.amazon-adsystem.com
1	prebid.a-mo.net	s.amazon-adsystem.com
1	aax-eu.amazon-adsystem.com	s.amazon-adsystem.com
1	px.ads.linkedin.com	s.amazon-adsystem.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	pixel-us-east.rubiconproject.com	1 redirects
1	spimgv1.i-mobile.co.jp	f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com
1	inv-nets.admixer.net	1 redirects
1	audiencedata.im-apps.net	dmp.im-apps.net
1	dmp.im-apps.net	imp-adedge.i-mobile.co.jp
1	ssbsync-us.smartadserver.com	1 redirects
1	trace.mediago.io	1 redirects
1	www.googletagservices.com	f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com
1	imp-adedge.i-mobile.co.jp	f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com
1	id5-sync.com	cdn.id5-sync.com
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	prebid-asia.creativecdn.com	flux-cdn.com
1	s-rtb-pb.send.microad.jp	flux-cdn.com
1	bidder.criteo.com	flux-cdn.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	cdn.jsdelivr.net	flux-cdn.com
1	new-adtest.pages.dev	genshin-leak.com
1	cdnjs.cloudflare.com	genshin-leak.com
1	ajax.googleapis.com	genshin-leak.com
1	flux-cdn.com	genshin-leak.com
199	62

This site contains links to these domains. Also see Links.

Domain
genshin.mihoyo.com
twitter.com
genshin.matomegamer.com
gensin.antenam.jp
antena-iine.com
policies.google.com

Subject Issuer	Validity	Valid
www.genshin-leak.com GlobalSign Atlas R3 AlphaSSL CA 2023 Q4	`2024-01-06` - `2025-01-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
flux-cdn.com Amazon RSA 2048 M03	`2023-10-19` - `2024-11-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
new-adtest.pages.dev GTS CA 1P5	`2023-12-06` - `2024-03-05`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
a.flux.jp GTS CA 1D4	`2023-12-05` - `2024-03-04`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2023-10-03` - `2024-11-03`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2024-01-01` - `2024-12-21`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.i-mobile.co.jp JPRS Domain Validation Authority - G4	`2023-03-01` - `2024-03-31`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-09-23` - `2024-10-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-12-03` - `2024-03-02`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2024-01-13` - `2024-12-22`	a year	crt.sh
match.prod.bidr.io Amazon RSA 2048 M01	`2023-07-19` - `2024-08-15`	a year	crt.sh
syndication.twitter.com R3	`2023-12-11` - `2024-03-10`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://genshin-leak.com/
Frame ID: 199E00AC15C3457CC575972D26F45938
Requests: 151 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20190131/zrt_lookup_fy2021.html
Frame ID: F8B23C39B08481FFB75873B714CA1B01
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fgenshin-leak.com
Frame ID: F8DB02DE2AE6BAA1FFED84EAFA3BB398
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4573464922099349&output=html&h=189&slotname=1114547601&adk=528440180&adf=2902566794&pi=t.ma~as.1114547601&w=800&lmt=1706700698&rafmt=11&format=800x189&url=https%3A%2F%2Fgenshin-leak.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706700698521&bpp=2&bdt=193&idt=337&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&correlator=1006946935966&rume=1&frm=20&pv=2&ga_vid=1544928421.1706700699&ga_sid=1706700699&ga_hid=563756796&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=1015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080743%2C95323004%2C31061691%2C31061693&oid=2&pvsid=980706753001410&tmod=903848287&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=353
Frame ID: 6600FF07492DDD484457A733FC461B32
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4573464922099349&output=html&h=189&slotname=1114547601&adk=1799831110&adf=84399023&pi=t.ma~as.1114547601&w=800&lmt=1706700698&rafmt=11&format=800x189&url=https%3A%2F%2Fgenshin-leak.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706700698523&bpp=1&bdt=195&idt=368&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=800x189&correlator=1006946935966&rume=1&frm=20&pv=1&ga_vid=1544928421.1706700699&ga_sid=1706700699&ga_hid=563756796&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080743%2C95323004%2C31061691%2C31061693&oid=2&pvsid=980706753001410&tmod=903848287&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=373
Frame ID: 2CA49AABA588E53848C91A4E50511F0B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4573464922099349&output=html&h=280&slotname=3480872400&adk=2698024083&adf=134347123&pi=t.ma~as.3480872400&w=800&fwrn=4&fwrnh=100&lmt=1706700698&rafmt=1&format=800x280&url=https%3A%2F%2Fgenshin-leak.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706700698524&bpp=1&bdt=197&idt=389&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=800x189%2C800x189&correlator=1006946935966&rume=1&frm=20&pv=1&ga_vid=1544928421.1706700699&ga_sid=1706700699&ga_hid=563756796&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=3870&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080743%2C95323004%2C31061691%2C31061693&oid=2&pvsid=980706753001410&tmod=903848287&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=392
Frame ID: 5B7EFE466ADD76874F4FD79CDD70E8B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4573464922099349&output=html&h=280&slotname=3480872400&adk=1782772825&adf=2123904157&pi=t.ma~as.3480872400&w=336&fwrn=4&fwrnh=100&lmt=1706700698&rafmt=1&format=336x280&url=https%3A%2F%2Fgenshin-leak.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706700698526&bpp=1&bdt=198&idt=427&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=800x189%2C800x189%2C800x280&correlator=1006946935966&rume=1&frm=20&pv=1&ga_vid=1544928421.1706700699&ga_sid=1706700699&ga_hid=563756796&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080743%2C95323004%2C31061691%2C31061693&oid=2&pvsid=980706753001410&tmod=903848287&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=431
Frame ID: 816FF2894A8824567C7317F72D262D0A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzwkIhAAAAABsQBYGq_mXIZ_3QaLkty6aCTGad&co=aHR0cHM6Ly9nZW5zaGluLWxlYWsuY29tOjQ0Mw..&hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=31swf12w9ouq
Frame ID: EF690BF8AA8F971B6738701BA7F57417
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4573464922099349&output=html&h=600&slotname=3480872400&adk=2281005407&adf=2888125981&pi=t.ma~as.3480872400&w=300&fwrn=1&fwrnh=100&lmt=1706700699&rafmt=4&format=300x600&url=https%3A%2F%2Fgenshin-leak.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706700698526&bpp=1&bdt=199&idt=539&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=800x189%2C800x189%2C800x280%2C336x280&correlator=1006946935966&rume=1&frm=20&pv=1&ga_vid=1544928421.1706700699&ga_sid=1706700699&ga_hid=563756796&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1090&ady=2809&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080743%2C95323004%2C31061691%2C31061693&oid=2&pvsid=980706753001410&tmod=903848287&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=543
Frame ID: 651F82BE056808B10C3C66272BEB3ABE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4573464922099349&output=html&h=271&slotname=1114547601&adk=1945539098&adf=4129429195&pi=t.ma~as.1114547601&w=1200&lmt=1706700699&rafmt=11&format=1200x271&url=https%3A%2F%2Fgenshin-leak.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706700698527&bpp=1&bdt=199&idt=567&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=800x189%2C800x189%2C800x280%2C336x280%2C300x600&correlator=1006946935966&rume=1&frm=20&pv=1&ga_vid=1544928421.1706700699&ga_sid=1706700699&ga_hid=563756796&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080743%2C95323004%2C31061691%2C31061693&oid=2&pvsid=980706753001410&tmod=903848287&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=571
Frame ID: E1976A8860EDAC84061C077799B3D187
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4573464922099349&output=html&adk=1812271804&adf=3025194257&lmt=1706700699&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fgenshin-leak.com%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706700698538&bpp=1&bdt=211&idt=571&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=800x189%2C800x189%2C800x280%2C336x280%2C300x600%2C1200x271&nras=1&correlator=1006946935966&rume=1&frm=20&pv=1&ga_vid=1544928421.1706700699&ga_sid=1706700699&ga_hid=563756796&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080743%2C95323004%2C31061691%2C31061693&oid=2&pvsid=980706753001410&tmod=903848287&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&fsb=1&dtd=584
Frame ID: 1B7C381045AFA38954DDDBFAAB61A1F9
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_n-baidu_n-Beeswax_smrt&dcc=t
Frame ID: 11B72F43B9F0CDD1544E16E19B0426A2
Requests: 1 HTTP requests in this frame

Frame: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0D5D51BD01F1D88FDFFE365DC58F5100
Requests: 1 HTTP requests in this frame

Frame: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 90236B76233E7CA886ADC8FE14684FD8
Requests: 16 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_n-sharethrough_smrt_rbd_n-baidu&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: BE2B24E9B2586E804DE16A5298A99747
Requests: 3 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: D4CB47C59EB9428FDCAA9D2318FE7F1F
Requests: 6 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6608134191370834693&gdpr=0&gdpr_consent=
Frame ID: 44DA5D9C4A86B958ADB5EAB8B5C2EA56
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 7C3B0CCD7C0FE3AD6072B441E18818F3
Requests: 20 HTTP requests in this frame

Frame: https://spimgv1.i-mobile.co.jp/a4615/01HBAREJMYPJ6S2GDAD6XNJG6V/main.jpg
Frame ID: 68436BB9CD256B816F493097B3D6C5C4
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=genshin-leak.com
Frame ID: 549A4BC42992944824E4FED1D4D9D050
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 95DACA11D14F5115998C2924A95C5F60
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B02717A9DA4D404DC86CBE2578689724
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.2f70fb173b9000da126c79afe2098f02.ja.html
Frame ID: 274790DA8B84F5FAECA2AE1698903AF2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

原神まとめ速報 | ていそく！【テイワット速報】

Page URL History Show full URLs

http://genshin-leak.com/ HTTP 301
https://genshin-leak.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

199
Requests

88 %
HTTPS

45 %
IPv6

38
Domains

62
Subdomains

51
IPs

6
Countries

3128 kB
Transfer

7063 kB
Size

46
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://genshin.mihoyo.com/ja
Title: 原神公式サイト

Search URL Search Domain Scan URL

URL: https://twitter.com/Genshin_7
Title: 原神公式Twitter

Search URL Search Domain Scan URL

URL: https://genshin.matomegamer.com/
Title: 原神まとめアンテナ

Search URL Search Domain Scan URL

URL: https://gensin.antenam.jp/
Title: 原神まとめアンテナ速報

Search URL Search Domain Scan URL

URL: http://antena-iine.com/
Title: 速報＠まとめ王

Search URL Search Domain Scan URL

URL: https://twitter.com/genshin_sokuhoo?ref_src=twsrc%5Etfw
Title: Follow @genshin_sokuhoo

Search URL Search Domain Scan URL

URL: https://twitter.com/genshin_sokuhoo

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: プライバシーポリシー

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: 利用規約

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://genshin-leak.com/ HTTP 301
https://genshin-leak.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://adtest.pages.dev/v4.js HTTP 302
https://adtest.pages.dev/v4.9.0.js

Request Chain 117

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_n-baidu_n-Beeswax_smrt HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_n-baidu_n-Beeswax_smrt&dcc=t

Request Chain 136

https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1 HTTP 303
https://s.amazon-adsystem.com/ecm3?id=AAIYn07LdF8AABRMThB01Q&ex=beeswax.com

Request Chain 137

https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7e85e7a988201aj600ls1pj4rx

Request Chain 139

https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6608134191370834693&gdpr=0&gdpr_consent=

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=OWU2ZDk2MmMtYjNiMi00ZmJlLThmZjktZjA4MTRiYjA5YjEw HTTP 302
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=

Request Chain 163

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=288b79c4-ee13-40b7-8aa3-1052520177f6&gdpr=0&gdpr_consent=

Request Chain 164

https://x.bidswitch.net/sync?ssp=sharethrough&user_id=9e6d962c-b3b2-4fbe-8ff9-f0814bb09b10&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=sharethrough&user_id=9e6d962c-b3b2-4fbe-8ff9-f0814bb09b10&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dsharethrough%26bsw_param%3D5708f775-8e41-4837-bcb7-8d7594360f46%26gdpr%3D0%26consent%3D%26gdpr_pd%3D1%26expires%3D7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=354&user_id=25e7f08a74b84fbf94244e0eb5459202&ssp=sharethrough&bsw_param=5708f775-8e41-4837-bcb7-8d7594360f46&gdpr=0&consent=&gdpr_pd=1&expires=7 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=5708f775-8e41-4837-bcb7-8d7594360f46&seat_user_id=&seat_key=&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=

Request Chain 165

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2Stothm3wg5g6opTuaPadz9%26source_user_id%3D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2Stothm3wg5g6opTuaPadz9%26source_user_id%3D HTTP 302
https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=cff8cad7-7c1b-0a54-3772-d2ccb42e81ad

Request Chain 169

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LS1PJ50K-J-201M HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LS1PJ50K-J-201M&ex=d-rubiconproject.com&status=ok

Request Chain 172

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/KL8s6gLjjq8YUBjIfeWzIw?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-eY8bcEJE2oKFOd6I0f7QxlNA3jFC1GEIh77OxA--~A

Request Chain 173

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFMxUEo1MEstSi0yMDFN HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBz6mdl83vGh09wQcEYfr7o&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxUEo1MEstSi0yMDFN&google_push=

Request Chain 174

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS1PJ50K-J-201M

Request Chain 175

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEUkdDmkdT0fCLLTvLVmOe0&google_cver=1

Request Chain 176

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWIxMzE0YzYxMWIyMDRhOGFjZGI4ZjZjNGExMGNhMDc4MGFkMTRiZQ

Request Chain 178

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LS1PJ50K-J-201M&ex=d-rubiconproject.com&status=ok

Request Chain 179

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZKjMZ3BnRoCrxqxBHmsgzw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZKjMZ3BnRoCrxqxBHmsgzw

Request Chain 180

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=288b79c4-ee13-40b7-8aa3-1052520177f6&gdpr=0&gdpr_consent=&expires=30

Request Chain 182

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
https://prebid.a-mo.net/setuid/magnite?uid=LS1PJ50K-J-201M

Request Chain 183

https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LS1PJ50K-J-201M HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LS1PJ50K-J-201M

Request Chain 184

https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
https://capi.connatix.com/us/pixel?puid=LS1PJ50K-J-201M&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://capi.connatix.com/us/pixel?puid=LS1PJ50K-J-201M&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

Request Chain 185

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LS1PJ50K-J-201M

Request Chain 186

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LS1PJ50K-J-201M&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LS1PJ50K-J-201M&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1taE9YT1cxRTJ1RUxmeUpaN21vUEZVbXVjOF9yaFlqQn5B&ovsid=LS1PJ50K-J-201M&dpid=58160

Request Chain 187

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=c12f94d5-d22e-42dc-871a-371f6e20950c&expires=30

Request Chain 199

https://gum.criteo.com/sid/json?origin=publishertag&domain=genshin-leak.com&sn=ChromeSyncframe&so=0&topUrl=genshin-leak.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=aliXU3xqcnErNkVqNVNpU3pNRGgweXp0YXZmM2Z1ektlUzhRdFc4MWxhZ2xOYlFBMTlZNDNTY2prV09iYjl1MjBQcUtmR09ENHI0TS9oSGZWWDA3WjJ1L3o5MzFRaFFPeHpscmJtVXJCQ3ZZbDltdjU4UzZjTmR3cTcvS2FTd0s1Sngra0V4NEJ2NkJlZzFpYy9hNEtnTnJnNENreVFTN2RwcTQ5eTdwK1hMaWJmT1J6V2dQcHdEamMzajNGMnVTdEl2NzRWNzkyaGsyV2YzVG5NdkIzQ3Z2TmlTVUdSOXY1aElCUHdpVjlNNFRhUnRaeHBjT3RaT095SVovUzI1M3F5bVVzQ2IvMmhJSnpHcVNrUHN1d1k5cm5YcXc4Tk9YbFpLZUpKWnR3Sks3b1dTMD18&cppv=2

199 HTTP transactions
28 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
genshin-leak.com/
Redirect Chain

http://genshin-leak.com/
https://genshin-leak.com/

370 KB
35 KB

699ms
686ms

Document
text/html

118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

5024a16300b29ab0675f2e78661262030ca745f4fbb7205e2a38b71f0971cb9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: max-age=0, no-cache
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 31 Jan 2024 11:31:38 GMT
server: nginx
vary: Accept-Encoding,User-Agent
x-b-cache: B=nil:D=HIT
x-content-type-options: nosniff
x-debug-donot-cache: 0
x-debug-non-text: 0
x-debug-too-large: 0
x-page-speed: 1.13.35.2-0
x-pst-dynamic: HIT; 1.094 ms
x-pst-nginx-cache: MISS
x-pst-version: 3.1.29
x-signature-wexal: KUSANAGI
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 31 Jan 2024 11:31:37 GMT
Location: https://genshin-leak.com/
Server: nginx

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 120ms
75ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4afdbb03e8fc03fe0b25b2e077640428132a9fa6b5ff84db173d4b4a713969e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51340
x-xss-protection: 0
server: cafe
etag: 6483342969972128478
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 31 Jan 2024 11:31:38 GMT

GET
H2 200 genshinleak_00932.min.js Show response
flux-cdn.com/client/00774/ 301 KB
87 KB 335ms
11ms Script
application/javascript 18.65.125.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flux-cdn.com/client/00774/genshinleak_00932.min.js
Requested by: Host: genshin-leak.com
URL: https://genshin-leak.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.125.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-125-113.kix50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2a9560ea37def37ead1707ddb6edbcd0aac9aaff1198192962051fca10f00904

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: neVugHB6GaQCStn84eh3tKlm0b0LzGlM
content-encoding: br
via: 1.1 9255b5ec86281904bd7d241fc5340624.cloudfront.net (CloudFront)
date: Wed, 31 Jan 2024 11:27:22 GMT
x-amz-cf-pop: KIX50-P3
age: 257
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 16 Jan 2024 01:07:27 GMT
server: AmazonS3
x-amz-meta-release_job_id: 580
etag: W/"1068db12bbcad6bfbb028faaa124c8da"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, max-age=300
x-amz-cf-id: 5gUOH3r78Yxcf-o-wSiIt3YTcTTYp5AF2aRTBEml8Sbh6goBSC3Fcg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 125ms
74ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de3d61c93f7c9e8bba2a7a8ba4a5e6bac0282fdddddb9ea518f8f02d07965d3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29508
x-xss-protection: 0
server: cafe
etag: 423 / 19753 / 31080756 / config-hash: 8161858144323825894
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 11:31:38 GMT

GET
H2 200 icomoon.woff
genshin-leak.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/ 16 KB
17 KB 30ms
26ms Font
font/x-woff 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.woff?v=2.6.8

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

607b0828676eb8a38835dead7770d1c42e12ba7725dc29f7aa653d8a4b76b2bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genshin-leak.com/
Origin: https://genshin-leak.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
x-content-type-options: nosniff
x-debug-non-text: 1
content-length: 16684
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Thu, 07 Dec 2023 13:27:31 GMT
server: nginx
vary: User-Agent
content-type: font/x-woff
cache-control: max-age=31536000, public, s-maxage=10
x-pst-nginx-cache: MISS
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 16684
accept-ranges: bytes
expires: Wed, 31 Jan 2024 11:31:39 GMT

GET
H2 200 fa-brands-400.woff2
genshin-leak.com/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/ 75 KB
75 KB 28ms
24ms Font
application/x-font-woff2 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/fa-brands-400.woff2

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genshin-leak.com/
Origin: https://genshin-leak.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
x-content-type-options: nosniff
x-debug-non-text: 1
content-length: 76736
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Thu, 07 Dec 2023 13:27:31 GMT
server: nginx
vary: User-Agent
content-type: application/x-font-woff2
cache-control: max-age=31536000, public, s-maxage=10
x-pst-nginx-cache: MISS
x-debug-too-large: 0
x-debug-donot-cache: 0
x-upstream-content-length: 76736
accept-ranges: bytes
expires: Thu, 30 Jan 2025 11:31:38 GMT

GET
H2 200 fa-regular-400.woff2
genshin-leak.com/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/ 13 KB
13 KB 28ms
24ms Font
application/x-font-woff2 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/fa-regular-400.woff2

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genshin-leak.com/
Origin: https://genshin-leak.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
x-content-type-options: nosniff
x-debug-non-text: 1
content-length: 13224
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Thu, 07 Dec 2023 13:27:31 GMT
server: nginx
vary: User-Agent
content-type: application/x-font-woff2
cache-control: max-age=31536000, public, s-maxage=10
x-pst-nginx-cache: MISS
x-debug-too-large: 0
x-debug-donot-cache: 0
x-upstream-content-length: 13224
accept-ranges: bytes
expires: Thu, 30 Jan 2025 11:31:38 GMT

GET
H2 200 fa-solid-900.woff2
genshin-leak.com/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/ 76 KB
77 KB 19ms
16ms Font
application/x-font-woff2 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/fa-solid-900.woff2

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genshin-leak.com/
Origin: https://genshin-leak.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
x-content-type-options: nosniff
x-debug-non-text: 1
content-length: 78268
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Thu, 07 Dec 2023 13:27:31 GMT
server: nginx
vary: User-Agent
content-type: application/x-font-woff2
cache-control: max-age=31536000, public, s-maxage=10
x-pst-nginx-cache: MISS
x-debug-too-large: 0
x-debug-donot-cache: 0
x-upstream-content-length: 78268
accept-ranges: bytes
expires: Thu, 30 Jan 2025 11:31:38 GMT

GET
H2 200 style.min.css
genshin-leak.com/wp-includes/css/dist/block-library/ 107 KB
14 KB 15ms
11ms Stylesheet
text/css 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-includes/css/dist/block-library/style.min.css?ver=b2a5a65b202b6602222729a9e0ead88e&fver=20231120020312

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 110035
x-debug-non-text: 0
content-length: 14345
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Mon, 20 Nov 2023 14:03:12 GMT
server: nginx
etag: W/"PSA-matGbghmyC"
vary: Accept-Encoding,User-Agent
content-type: text/css
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 110035
expires: Wed, 29 Jan 2025 13:01:10 GMT

GET
H2 200 all.min.css
genshin-leak.com/wp-content/plugins/comments-like-dislike/css/fontawesome/css/ 46 KB
10 KB 22ms
18ms Stylesheet
text/css 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/plugins/comments-like-dislike/css/fontawesome/css/all.min.css?ver=1.2.1&fver=20230905105052

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 46930
x-debug-non-text: 0
content-length: 10102
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Tue, 05 Sep 2023 10:50:52 GMT
server: nginx
etag: W/"PSA-IKnOUW6up2"
vary: Accept-Encoding,User-Agent
content-type: text/css
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 46930
expires: Wed, 29 Jan 2025 13:01:04 GMT

GET
H2 200 autoptimize_single_f921a3ff01d6c60e708e854111eb673e.css
genshin-leak.com/wp-content/cache/autoptimize/css/ 1 KB
781 B 22ms
19ms Stylesheet
text/css 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/cache/autoptimize/css/autoptimize_single_f921a3ff01d6c60e708e854111eb673e.css?ver=1.2.1&fver=20230905105052

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

40422de7715084edba5b090cda29d7e6a8b73a8a473f10de121cc102f3a69c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 1101
x-debug-non-text: 0
content-length: 369
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Tue, 16 Jan 2024 00:39:48 GMT
server: nginx
etag: W/"PSA-Xu4Zid1Zbb"
vary: Accept-Encoding,User-Agent
content-type: text/css
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 1101
expires: Sun, 19 Jan 2025 13:01:04 GMT

GET
H2 200 autoptimize_single_3fd2afa98866679439097f4ab102fe0a.css
genshin-leak.com/wp-content/cache/autoptimize/css/ 2 KB
1 KB 22ms
19ms Stylesheet
text/css 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/cache/autoptimize/css/autoptimize_single_3fd2afa98866679439097f4ab102fe0a.css?ver=5.8.6&fver=20240116045228

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

13081d86b2f11a8db3398c0532fe59915f1fe03ffb4b9240d578c6a0b76a03eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 2347
x-debug-non-text: 0
content-length: 885
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Tue, 16 Jan 2024 00:39:48 GMT
server: nginx
etag: W/"PSA-4KhvJFoqod"
vary: Accept-Encoding,User-Agent
content-type: text/css
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 2347
expires: Sun, 19 Jan 2025 13:01:10 GMT

GET
H2 200 autoptimize_single_cff4a50b569f9d814cfe56378d2d03f7.css
genshin-leak.com/wp-content/cache/autoptimize/css/ 281 B
594 B 22ms
19ms Stylesheet
text/css 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/cache/autoptimize/css/autoptimize_single_cff4a50b569f9d814cfe56378d2d03f7.css?ver=6.3.4&fver=20231110011001

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

bed09a8a00803109606ceedf62262ffc4a9b964351426df286f842254ec85f43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 281
x-debug-non-text: 0
content-length: 184
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Tue, 16 Jan 2024 00:39:48 GMT
server: nginx
etag: W/"PSA-GKC8ow5Otq"
vary: Accept-Encoding,User-Agent
content-type: text/css
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 281
expires: Sun, 19 Jan 2025 13:01:10 GMT

GET
H2 200 autoptimize_single_87a8f8fdac8f73dbaa20caf781da5c78.css
genshin-leak.com/wp-content/cache/autoptimize/css/ 188 KB
35 KB 22ms
19ms Stylesheet
text/css 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/cache/autoptimize/css/autoptimize_single_87a8f8fdac8f73dbaa20caf781da5c78.css?ver=b2a5a65b202b6602222729a9e0ead88e&fver=20231207012731

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

d86ea4c723d261133261d08077a5185838cd957b5637730b94199da8dfb1f0d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 192045
x-debug-non-text: 0
content-length: 35242
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Tue, 16 Jan 2024 00:39:48 GMT
server: nginx
etag: W/"PSA-Jz9yGxx9NU"
vary: Accept-Encoding,User-Agent
content-type: text/css
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 192045
expires: Sun, 19 Jan 2025 13:01:10 GMT

GET
H2 200 autoptimize_single_dc09ef626e859e97176bcf6586c9576b.css
genshin-leak.com/wp-content/cache/autoptimize/css/ 208 B
516 B 22ms
19ms Stylesheet
text/css 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/cache/autoptimize/css/autoptimize_single_dc09ef626e859e97176bcf6586c9576b.css?ver=b2a5a65b202b6602222729a9e0ead88e&fver=20231207012730

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

a33ee364a6dccf06173dd2d44a705b450d20f9e4065b2c15c63ccdf47ae32062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 208
x-debug-non-text: 0
content-length: 107
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Tue, 16 Jan 2024 00:39:48 GMT
server: nginx
etag: W/"PSA-1EnYt80bc1"
vary: Accept-Encoding,User-Agent
content-type: text/css
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 208
expires: Sun, 19 Jan 2025 13:01:04 GMT

GET
H2 200 all.min.css
genshin-leak.com/wp-content/themes/cocoon-master/webfonts/fontawesome5/css/ 57 KB
13 KB 24ms
21ms Stylesheet
text/css 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/themes/cocoon-master/webfonts/fontawesome5/css/all.min.css?ver=b2a5a65b202b6602222729a9e0ead88e&fver=20231207012731

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 58578
x-debug-non-text: 0
content-length: 12521
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Thu, 07 Dec 2023 13:27:31 GMT
server: nginx
etag: W/"PSA-dstGwQtsAp"
vary: Accept-Encoding,User-Agent
content-type: text/css
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 58578
expires: Wed, 29 Jan 2025 13:01:10 GMT

GET
H2 200 autoptimize_single_2f81146cd28e07c21590df72e8c749b5.css
genshin-leak.com/wp-content/cache/autoptimize/css/ 5 KB
1 KB 24ms
22ms Stylesheet
text/css 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/cache/autoptimize/css/autoptimize_single_2f81146cd28e07c21590df72e8c749b5.css?ver=b2a5a65b202b6602222729a9e0ead88e&fver=20231207012730

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

579f02c2c27bd606800243df194c184b8356dae40f997980bbd09238676da51e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 5278
x-debug-non-text: 0
content-length: 1031
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Tue, 16 Jan 2024 00:39:48 GMT
server: nginx
etag: W/"PSA-yEWKsbqvqc"
vary: Accept-Encoding,User-Agent
content-type: text/css
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 5278
expires: Sun, 19 Jan 2025 13:01:10 GMT

GET
H2 200 autoptimize_single_5e2501a5522c4860a1c9df52493598b1.css
genshin-leak.com/wp-content/cache/autoptimize/css/ 3 KB
1 KB 14ms
12ms Stylesheet
text/css 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/cache/autoptimize/css/autoptimize_single_5e2501a5522c4860a1c9df52493598b1.css?v=2.6.8&ver=6.4.2&fver=20231207012731

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

b7407f8ff5f749e6e1e2328a66fb7e055df1ffbbfaa03c8f13973ebe8507652c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 2951
x-debug-non-text: 0
content-length: 754
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Tue, 16 Jan 2024 00:39:48 GMT
server: nginx
etag: W/"PSA-oYrbmofdMq"
vary: Accept-Encoding,User-Agent
content-type: text/css
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 2951
expires: Sun, 19 Jan 2025 13:01:10 GMT

GET
H2 200 autoptimize_single_f6f706ce94be54e3a707f833422e8061.css
genshin-leak.com/wp-content/cache/autoptimize/css/ 3 KB
1 KB 24ms
22ms Stylesheet
text/css 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/cache/autoptimize/css/autoptimize_single_f6f706ce94be54e3a707f833422e8061.css?ver=b2a5a65b202b6602222729a9e0ead88e&fver=20231207012731

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

c97f0adc11ccad69fa8a91e95cc521d6e78f04f1d9362d012ffd47b37b915ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 2870
x-debug-non-text: 0
content-length: 826
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Tue, 16 Jan 2024 00:39:48 GMT
server: nginx
etag: W/"PSA-43_8oZdVnh"
vary: Accept-Encoding,User-Agent
content-type: text/css
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 2870
expires: Sun, 19 Jan 2025 13:01:10 GMT

GET
H2 200 autoptimize_single_08e8aee4cf2ad50c5c8aa175c6d4e257.css
genshin-leak.com/wp-content/cache/autoptimize/css/ 4 KB
2 KB 24ms
22ms Stylesheet
text/css 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/cache/autoptimize/css/autoptimize_single_08e8aee4cf2ad50c5c8aa175c6d4e257.css?ver=b2a5a65b202b6602222729a9e0ead88e&fver=20231207012731

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

1e46005535662551e524682a099a0f4bf7f87a7daef48880457458fe8ea6dd0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 3687
x-debug-non-text: 0
content-length: 1219
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Tue, 16 Jan 2024 00:39:48 GMT
server: nginx
etag: W/"PSA-0xY5d9bGmA"
vary: Accept-Encoding,User-Agent
content-type: text/css
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 3687
expires: Sun, 19 Jan 2025 13:01:10 GMT

GET
DATA 200
OK truncated Show response
/ 45 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca84b00a88fe4f3bd9987656f5810be63c345918ff2d762462c95f892acddfc5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 55 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a4c8e42a550bea6cb1fd0c68b37f874bb487bb2edb6034d520e029b15b57338

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 946 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d9ec3d7cfd274c1de582f4eb14b3cc6fcfce7df6e5bbf53fb9f29466ce304e1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 93 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 147b550854610ad26f8b841045209597cca0f448cbbff44244fa5b40e8507a45

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01056e72b910937a0a438ea60dcdbdcfce2b611db3f4eb6ecf652fa750dc2e2a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fbf496f4c2c2078749fd1cb879cb5655469fbd68584e270b5e512857b1d33fa

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 autoptimize_single_728c140d8844d138d9a30f51f0207e5a.css
genshin-leak.com/wp-content/cache/autoptimize/css/ 2 KB
1 KB 21ms
14ms Stylesheet
text/css 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/cache/autoptimize/css/autoptimize_single_728c140d8844d138d9a30f51f0207e5a.css?ver=b2a5a65b202b6602222729a9e0ead88e&fver=20230410015939

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

8f4c82902d7199827496fc047a38d3ef293d882b218cffc3df4f7ecaa0f71810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 1807
x-debug-non-text: 0
content-length: 868
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Tue, 16 Jan 2024 00:39:48 GMT
server: nginx
etag: W/"PSA-sXQH2LOZCn"
vary: Accept-Encoding,User-Agent
content-type: text/css
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 1807
expires: Sun, 19 Jan 2025 13:01:04 GMT

GET
H2 200 keyframes.css
genshin-leak.com/wp-content/themes/cocoon-child-master/ 130 B
546 B 21ms
15ms Stylesheet
text/css 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/themes/cocoon-child-master/keyframes.css?ver=b2a5a65b202b6602222729a9e0ead88e&fver=20201122085840

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 130
x-debug-non-text: 0
content-length: 136
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Sun, 22 Nov 2020 08:58:40 GMT
server: nginx
etag: W/"PSA-IZKF9aqd0k"
vary: Accept-Encoding,User-Agent
content-type: text/css
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 130
expires: Wed, 29 Jan 2025 13:01:10 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 88 KB
31 KB 49ms
5ms Script
text/javascript 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js?ver=3.6.1

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 06:28:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31100
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jan 2025 06:28:36 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/ 11 KB
4 KB 17ms
10ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/jquery-migrate.min.js?ver=3.0.1

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3646277
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3718
last-modified: Wed, 18 Nov 2020 00:51:42 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fb4701e-2c03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxRCCn44sW%2Fx8DtK0S4dF8DagIoRqtN34GiVwV4SvovMfaBLKAlo31tTizfJw7l%2FZ9GzRPgukA9cFLFNaZ1yBsZowiCD0NuhXonm58mj7CMnE4hN58lmf%2Fmg65T5T4CkUMM67QUplJO3mNKiNa1mdE4K"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84e1a124cae5f64d-NRT
expires: Mon, 20 Jan 2025 11:31:38 GMT

GET
DATA 200
OK truncated Show response
/ 154 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1ec34a915172009f6145254973cc73b62262c21c84a1556a309b21ce6e57914

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 autoptimize_single_674c14821779eea2bc4d3074da005a95.js Show response
genshin-leak.com/wp-content/cache/autoptimize/js/ 3 KB
1 KB 21ms
15ms Script
application/javascript 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/cache/autoptimize/js/autoptimize_single_674c14821779eea2bc4d3074da005a95.js?ver=1.2.1&fver=20230905105052

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

daf05f302c6b9637696c0aa655db8adead45a8c48e406de6af9ea5b467937e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 2748
x-debug-non-text: 1
content-length: 763
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Tue, 16 Jan 2024 00:39:48 GMT
server: nginx
etag: W/"PSA-MDCPOuvePA"
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 2748
expires: Sun, 19 Jan 2025 13:01:04 GMT

GET
H2 200 wpp.min.js Show response
genshin-leak.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 4 KB
2 KB 21ms
16ms Script
application/javascript 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.3.4&fver=20231110011001

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

a85904e098cd1b968434e3bdcedd5a1465fec7d762b06d54348f334dc51bfc54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 4500
x-debug-non-text: 1
content-length: 1674
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Fri, 10 Nov 2023 13:10:01 GMT
server: nginx
etag: W/"PSA-Pas8HevINI"
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 4500
expires: Wed, 29 Jan 2025 13:01:04 GMT

GET
DATA 200
OK truncated Show response
/ 156 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9160b68ade898c44cd361aa1286df10acc091be9a8e1559eceb22ac13505f405

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 autoptimize_single_6dde9bca6a5540f137a538a8ab6f6488.js Show response
genshin-leak.com/wp-content/cache/autoptimize/js/ 901 B
998 B 7ms
2ms Script
application/javascript 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/cache/autoptimize/js/autoptimize_single_6dde9bca6a5540f137a538a8ab6f6488.js?ver=1.0.1&fver=20220430032358

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

e6b3bde9a96e8af982f7496c4883e4fae2be36b27fd4f7dd0425423ebd8b0470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 901
x-debug-non-text: 1
content-length: 567
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Tue, 16 Jan 2024 00:39:48 GMT
server: nginx
etag: W/"PSA-SYUs_YFWxa"
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 901
expires: Sun, 19 Jan 2025 13:01:10 GMT

GET
DATA 200
OK truncated Show response
/ 98 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dd23fed73b24ec27520eba02a41f6328050f53481a9e21e187461fabc4a72b7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 810 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3915d12aa9e630a7a8a8c2feaa631e3f542c980bf0aaa18f701772d2490072b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 98 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b88fe97f337699b5c3bb72b8335404045f9572a6fcee179ae5011f2c77a4a3ae

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 96 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5858a642cc1b48c3b21af58bde5a4c6493ad2ce7f9fabd787aa1b9f30b00c09

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 790 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a443980509ae55cf122a2167a6ca2efb42e6f8affba77b15dce260900cd2fe4e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 96 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c5288f6621fd5afab0bf8ccc8c94eb6ca60812d324a81e6adcf4c34887eed61

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d338a550f43bf4003e6d4dd49ad8f645c6b7b96735f35f2c1561376a32f30d8e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 993783f9494454e262a5aa07c7b7631906faafb4c65e5f4e69269abcdbc00606

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc2edd0b58beae3ba4ff5dec705cc4a5b42d9c11b45795c96db18f5fcabfb662

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 genshinleak.js Show response
new-adtest.pages.dev/ 2 KB
2 KB 58ms
42ms Script
application/javascript 2606:4700:310c::ac42:2eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://new-adtest.pages.dev/genshinleak.js

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

369837f28e2fa0492b55aea5262b31a8b7ac6a465ac04b74d239d1474224f913

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"48b23e0f30e45d2305a1775e85ffb19c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XR5ZEwel1Gphp7XkIpa14TItaKVFtRxaCByKvIiRmkvOU%2BcMtZR167qDQBWZHWXU5WbB2%2FUU0Av1Wpm8uAjs%2F9bM81Xy4eg%2FBN5h%2FBvhxQ35gs0m1UkGarYxDP4XsyIPPFZdTCsHGX36Wbii%2BbyievBjPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 84e1a124dd3d25f6-NRT
alt-svc: h3=":443"; ma=86400

GET
H2

200

v4.9.0.js Show response
adtest.pages.dev/
Redirect Chain

https://adtest.pages.dev/v4.js
https://adtest.pages.dev/v4.9.0.js

5 KB
2 KB

35ms
35ms

Script
application/javascript

2606:4700:310c::ac42:2ef4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adtest.pages.dev/v4.9.0.js

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Server

2606:4700:310c::ac42:2ef4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b8eea0e52d5093cf6bb4cc8537812fc51b783398a47a5ccae92d4969fa0d545

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"af49f6d9b91a2dea3014bfdd3e3cfae1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kw7Bh%2BsPasRRd%2FbDwIZpQJai30fHeopPK%2FvHhIHSkzQRoQUHlnI9BVIGnlxqp9pXKD951MDOjKRMdX%2FwoixbCgVT1HKEtGpMilcTS9hUko%2BIxWzUGumMJBN4hvNEeyN0qRc%2BPYh3H5Szims8xay1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 84e1a125586bd5fd-NRT
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 31 Jan 2024 11:31:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDEFTn4LYK5x0S%2BruLB2XpAMHaSITvqSV2woCuMnF6h%2FQ3vRQKdjENvxM8ZI5BtXGPE2g5pPWepDFO6pJdzuH3AsZSEjlyxuXI5Vw7pZXdIxwXJ96RGkDXReY28ynwVPW2C1xFFJYPZyK8v4g6yB"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
location: /v4.9.0.js
access-control-allow-origin: *
cf-ray: 84e1a124effed5fd-NRT
alt-svc: h3=":443"; ma=86400
content-length: 25

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 15ms
5ms Script
application/javascript 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: genshin-leak.com
URL: https://genshin-leak.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/73A4) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 11:31:38 GMT
Content-Encoding: gzip
Age: 282
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (tkb/73A4)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 lazysizes.min.js Show response
genshin-leak.com/wp-content/plugins/autoptimize/classes/external/js/ 10 KB
4 KB 20ms
17ms Script
application/javascript 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.10

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 9813
x-debug-non-text: 1
content-length: 4120
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Mon, 20 Nov 2023 01:37:54 GMT
server: nginx
etag: W/"PSA-0e2_-95QzT"
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 9813
expires: Wed, 29 Jan 2025 13:01:10 GMT

GET
H2 200 lazysizes.min.js Show response
genshin-leak.com/wp-content/plugins/ewww-image-optimizer/includes/ 15 KB
6 KB 21ms
17ms Script
application/javascript 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=723&fver=20240107112847

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

8875034ea813fa8a38f1e262928f4f2f74712e947efff24d07e49b0ec328ea4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 15774
x-debug-non-text: 1
content-length: 5934
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Sun, 07 Jan 2024 23:28:47 GMT
server: nginx
etag: W/"PSA-DOeqpfqKyd"
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 15774
expires: Wed, 29 Jan 2025 13:01:10 GMT

GET
H2 200 autoptimize_single_a53a916adf48efefd5a2aa0861ebbc07.js Show response
genshin-leak.com/wp-content/cache/autoptimize/js/ 11 KB
4 KB 21ms
17ms Script
application/javascript 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/cache/autoptimize/js/autoptimize_single_a53a916adf48efefd5a2aa0861ebbc07.js?ver=5.8.6&fver=20240116045228

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 11117
x-debug-non-text: 1
content-length: 3188
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Tue, 16 Jan 2024 00:39:48 GMT
server: nginx
etag: W/"PSA-pTqRat9I7-"
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 11117
expires: Sun, 19 Jan 2025 13:01:10 GMT

GET
H2 200 autoptimize_single_83a062cf6545b990c13b4398035a29d0.js Show response
genshin-leak.com/wp-content/cache/autoptimize/js/ 13 KB
5 KB 21ms
18ms Script
application/javascript 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/cache/autoptimize/js/autoptimize_single_83a062cf6545b990c13b4398035a29d0.js?ver=5.8.6&fver=20240116045228

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 13182
x-debug-non-text: 1
content-length: 4183
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Tue, 16 Jan 2024 00:39:48 GMT
server: nginx
etag: W/"PSA-g6Biz2VFuZ"
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 13182
expires: Sun, 19 Jan 2025 13:01:10 GMT

GET
H2 200 js.cookie.min.js Show response
genshin-leak.com/wp-content/plugins/ad-invalid-click-protector/assets/js/ 1 KB
1 KB 21ms
18ms Script
application/javascript 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/plugins/ad-invalid-click-protector/assets/js/js.cookie.min.js?ver=3.0.0&fver=20230324024254

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

85e74cf367fdd70c3bdbb603df85574f4f7e9a99b6f77c3e0b4cee1c9fe5105c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 1500
x-debug-non-text: 1
content-length: 726
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Fri, 24 Mar 2023 02:42:54 GMT
server: nginx
etag: W/"PSA-yRcJB-cg9d"
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 1500
expires: Wed, 29 Jan 2025 13:01:05 GMT

GET
H2 200 jquery.iframetracker.min.js Show response
genshin-leak.com/wp-content/plugins/ad-invalid-click-protector/assets/js/ 3 KB
2 KB 21ms
18ms Script
application/javascript 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/plugins/ad-invalid-click-protector/assets/js/jquery.iframetracker.min.js?ver=2.1.0&fver=20230324024254

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

169129c84912473c3eea8cb0783089f986648c26f879f25caf12b9933feedebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 3186
x-debug-non-text: 1
content-length: 1249
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Fri, 24 Mar 2023 02:42:54 GMT
server: nginx
etag: W/"PSA-wozMpt55aG"
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 3186
expires: Wed, 29 Jan 2025 13:01:10 GMT

GET
H2 200 aicp.min.js Show response
genshin-leak.com/wp-content/plugins/ad-invalid-click-protector/assets/js/ 777 B
862 B 22ms
19ms Script
application/javascript 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/plugins/ad-invalid-click-protector/assets/js/aicp.min.js?ver=1.0&fver=20230324024254

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

1e0a52e09f6a82103811fb05011f1487605df55d406ecaad89c68999d67f8ae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 777
x-debug-non-text: 1
content-length: 429
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Fri, 24 Mar 2023 02:42:54 GMT
server: nginx
etag: W/"PSA-ZGbNKL4nlg"
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 777
expires: Wed, 29 Jan 2025 13:01:05 GMT

GET
H2 200 stickyfill.min.js Show response
genshin-leak.com/wp-content/themes/cocoon-master/plugins/stickyfill/dist/ 6 KB
3 KB 22ms
19ms Script
application/javascript 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/themes/cocoon-master/plugins/stickyfill/dist/stickyfill.min.js?ver=b2a5a65b202b6602222729a9e0ead88e&fver=20231207012731

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

ea6b03f54820c7ce3aa1378f599c83a4a07fad0d58667c98c586af1119a186d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 6139
x-debug-non-text: 1
content-length: 2212
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Thu, 07 Dec 2023 13:27:31 GMT
server: nginx
etag: W/"PSA-QCUQ5Og4Kk"
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 6139
expires: Wed, 29 Jan 2025 13:01:05 GMT

GET
H2 200 slick.min.js Show response
genshin-leak.com/wp-content/themes/cocoon-master/plugins/slick/ 42 KB
11 KB 22ms
20ms Script
application/javascript 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/themes/cocoon-master/plugins/slick/slick.min.js?ver=b2a5a65b202b6602222729a9e0ead88e&fver=20231207012731

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 42863
x-debug-non-text: 1
content-length: 10336
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Thu, 07 Dec 2023 13:27:31 GMT
server: nginx
etag: W/"PSA-1aYcdJ5E5H"
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 42863
expires: Wed, 29 Jan 2025 13:01:10 GMT

GET
H2 200 autoptimize_single_575290d1f6285155d920be3da5822e0d.js Show response
genshin-leak.com/wp-content/cache/autoptimize/js/ 4 KB
2 KB 23ms
20ms Script
application/javascript 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/cache/autoptimize/js/autoptimize_single_575290d1f6285155d920be3da5822e0d.js?ver=b2a5a65b202b6602222729a9e0ead88e&fver=20231207012730

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

91bb4f093ce078209b7e4b3d18dee5175dff4e6830c0418fdc3a653b2d37166e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 4357
x-debug-non-text: 1
content-length: 1541
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Tue, 16 Jan 2024 00:39:48 GMT
server: nginx
etag: W/"PSA-6Ded-ml8v4"
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 4357
expires: Sun, 19 Jan 2025 13:01:05 GMT

GET
H2 200 javascript.js Show response
genshin-leak.com/wp-content/themes/cocoon-master/skins/skin-colors-pink/ 1 B
273 B 18ms
16ms Script
application/javascript 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/themes/cocoon-master/skins/skin-colors-pink/javascript.js?ver=b2a5a65b202b6602222729a9e0ead88e&fver=20231207012731

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 24 Dec 2023 06:07:50 GMT
server: nginx
etag: "6587cab6-1"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1
x-xss-protection: 1; mode=block
expires: Sun, 31 Mar 2024 11:31:38 GMT

GET
H2 200 javascript.js Show response
genshin-leak.com/wp-content/themes/cocoon-child-master/ 1 B
273 B 19ms
16ms Script
application/javascript 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/themes/cocoon-child-master/javascript.js?ver=b2a5a65b202b6602222729a9e0ead88e&fver=20221024125547

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 24 Oct 2022 12:55:47 GMT
server: nginx
etag: "63568b53-1"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1
x-xss-protection: 1; mode=block
expires: Sun, 31 Mar 2024 11:31:38 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 88ms
44ms Script
text/javascript 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfzwkIhAAAAABsQBYGq_mXIZ_3QaLkty6aCTGad&ver=3.0

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

27d11aa536bf9f0c330f1146f55892dacb032bcc7d0858517c876051be97e93a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 31 Jan 2024 11:31:38 GMT

GET
H2 200 wp-polyfill-inert.min.js Show response
genshin-leak.com/wp-includes/js/dist/vendor/ 8 KB
3 KB 17ms
15ms Script
application/javascript 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2&fver=20230405011558

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 8171
x-debug-non-text: 1
content-length: 2485
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Wed, 05 Apr 2023 01:15:58 GMT
server: nginx
etag: W/"PSA-3aZS2xM_3b"
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 8171
expires: Wed, 29 Jan 2025 13:01:05 GMT

GET
H2 200 regenerator-runtime.min.js Show response
genshin-leak.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 18ms
16ms Script
application/javascript 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0&fver=20231120020312

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 6625
x-debug-non-text: 1
content-length: 2502
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Mon, 20 Nov 2023 14:03:12 GMT
server: nginx
etag: W/"PSA-_X7y5HN6zX"
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 6625
expires: Wed, 29 Jan 2025 13:01:10 GMT

GET
H2 200 wp-polyfill.min.js Show response
genshin-leak.com/wp-includes/js/dist/vendor/ 112 KB
35 KB 22ms
20ms Script
application/javascript 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0&fver=20231120020312

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 115127
x-debug-non-text: 1
content-length: 35718
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Mon, 20 Nov 2023 14:03:12 GMT
server: nginx
etag: W/"PSA-mpgBZ1HkmM"
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 115127
expires: Wed, 29 Jan 2025 13:01:10 GMT

GET
H2 200 autoptimize_single_ec0187677793456f98473f49d9e9b95f.js Show response
genshin-leak.com/wp-content/cache/autoptimize/js/ 934 B
916 B 23ms
21ms Script
application/javascript 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/cache/autoptimize/js/autoptimize_single_ec0187677793456f98473f49d9e9b95f.js?ver=5.8.6&fver=20240116045228

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 934
x-debug-non-text: 1
content-length: 483
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Tue, 16 Jan 2024 00:39:48 GMT
server: nginx
etag: W/"PSA-7AGHZ3eTRW"
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
x-debug-donot-cache: 1
x-upstream-content-length: 934
expires: Sun, 19 Jan 2025 13:01:10 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 96ms
57ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f667c2b0cf8df364288e88526b4fa73cd18e4a4cc9680624fe3768379bb4854

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://genshin-leak.com/
Origin: https://genshin-leak.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51332
x-xss-protection: 0
server: cafe
etag: 11699687297348024220
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 31 Jan 2024 11:31:38 GMT

GET
H2 200 genshin-impact-screen-05-08sep20-en-us.jpg
genshin-leak.com/wp-content/uploads/2020/11/ 219 KB
219 KB 4ms
3ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2020/11/genshin-impact-screen-05-08sep20-en-us.jpg
Requested by: Host: genshin-leak.com
URL: https://genshin-leak.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: e7b96c7271f69074ff9a017c54ff372acb3faebeafbd360640fd71e9367b2f66

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
last-modified: Wed, 02 Dec 2020 11:15:22 GMT
server: nginx
etag: "5fc7774a-36bb2"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 224178
expires: Sun, 31 Mar 2024 11:31:38 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7e0fecf0f06b17eeafbad33deaee7cf63ab6b198ea2d85e41183b084c586abb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated Show response
/ 325 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 701fee1d1439aae8c04cf542dcd596337df43fb4d6e065b1c71cfaeccc886d43

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 734b8a197f82abbdf3e01bdeec2191cf1f98ff6fdebffccb5458261ecf3fdb7d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated Show response
/ 103 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c5fc5fded5d6747d5cffe0c807c260250ed1ae7dccbea886233ca79e1985d71

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 130 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b231c9545cb39e595055f83d69f7e51f17b452e400ce018baaace1d0901355b2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 257 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 329aeeefeee2b50eae5dddc14955e0ba012894ed834c90a36c955f93a8e383c0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c22d723aede4f7273958026d86cbd3a9f641f3e350c2efd280e61039ab78770

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 165 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 190a599874b15bbbbc5b78c10453c3eca3ba3d08d7f2e5ed2dce179b915a9baf

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 167 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f732d9c781cc53389880d5decdb8063af59c50b3e45096241b667743064574e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/ 406 KB
138 KB 73ms
73ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js?bust=31080743

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94299b18b49fafa9da0368fd86cf112041db42c51fbcfa25ca4a58d785884c2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140853
x-xss-protection: 0
server: cafe
etag: 4115689653127865558
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 11:31:38 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240124/r20190131/ Frame F8B2 9 KB
4 KB 5ms
2ms Document
text/html 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240124/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://genshin-leak.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1034
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 11:14:24 GMT
etag: 3890843268177463596
expires: Wed, 14 Feb 2024 11:14:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 56ms
2ms XHR
application/json 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: flux-cdn.com
URL: https://flux-cdn.com/client/00774/genshinleak_00932.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

49b0decbc87abc0c5fe97f8928eeff5f7bf1735e612edd1fbdfcff12839e5d4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://genshin-leak.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 31 Jan 2024 11:31:38 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27046
x-jsd-version: 1.0.1951
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 836
x-served-by: cache-fra-eddf8230103-FRA, cache-nrt-rjtf7700027-NRT
x-jsd-version-type: version
etag: W/"637-/AnL0uW+hrzqMl9FIchA6lB7jS4"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/ 436 KB
136 KB 2ms
1ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js?cb=31080756

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

208e5d881a92d84ae1c0e296c5bafe669ec7ac8f87ede263ff5a84de441bdb55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 07:32:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14339
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139485
x-xss-protection: 0
server: cafe
etag: 9760076492862216199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 30 Jan 2025 07:32:39 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 283 KB
71 KB 26ms
2ms Script
application/javascript 18.64.126.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: genshin-leak.com
URL: https://genshin-leak.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.126.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-126-129.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 10:59:03 GMT
content-encoding: gzip
via: 1.1 06dea94a9acccc89bf073f5b6e5408ea.cloudfront.net (CloudFront), 1.1 1ee54fe8d75e768fad3c5263c97be482.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 20:58:08 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P2, NRT12-P1
age: 1956
x-amz-server-side-encryption: AES256
etag: W/"40d0d68b26a97aab8ab324d2c4d4ad42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: ck8in3YxD3iX3LmEe_QwEeLtQBdvEZikZBTAfflkKfbEx8HAiwB5Kg==

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html Show response
platform.twitter.com/widgets/ Frame F8DB 319 KB
104 KB 5005ms
5004ms Document
text/html 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fgenshin-leak.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/7376) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://genshin-leak.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 349180
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Wed, 31 Jan 2024 11:31:43 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (tkb/7376)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 ajax-loader.gif
genshin-leak.com/wp-content/themes/cocoon-master/plugins/slick/ 3 KB
4 KB 4ms
3ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/themes/cocoon-master/plugins/slick/ajax-loader.gif
Requested by: Host: genshin-leak.com
URL: https://genshin-leak.com/wp-content/cache/autoptimize/css/autoptimize_single_f6f706ce94be54e3a707f833422e8061.css?ver=b2a5a65b202b6602222729a9e0ead88e&fver=20231207012731
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: efc4b171b413e8799ab98674eb56eac1735c6e2c86255523737f1e19966362e6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/wp-content/cache/autoptimize/css/autoptimize_single_f6f706ce94be54e3a707f833422e8061.css?ver=b2a5a65b202b6602222729a9e0ead88e&fver=20231207012731
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
last-modified: Thu, 07 Dec 2023 13:27:31 GMT
server: nginx
etag: "6571c843-d92"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 3474
expires: Sun, 31 Mar 2024 11:31:38 GMT

GET
H2 200 slick.woff
genshin-leak.com/wp-content/themes/cocoon-master/plugins/slick/fonts/ 1 KB
2 KB 6ms
6ms Font
font/x-woff 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://genshin-leak.com/wp-content/themes/cocoon-master/plugins/slick/fonts/slick.woff

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/wp-content/cache/autoptimize/css/autoptimize_single_f6f706ce94be54e3a707f833422e8061.css?ver=b2a5a65b202b6602222729a9e0ead88e&fver=20231207012731

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genshin-leak.com/wp-content/cache/autoptimize/css/autoptimize_single_f6f706ce94be54e3a707f833422e8061.css?ver=b2a5a65b202b6602222729a9e0ead88e&fver=20231207012731
Origin: https://genshin-leak.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
x-content-type-options: nosniff
x-debug-non-text: 1
content-length: 1380
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Thu, 07 Dec 2023 13:27:31 GMT
server: nginx
vary: User-Agent
content-type: font/x-woff
cache-control: max-age=31536000, public, s-maxage=10
x-pst-nginx-cache: MISS
x-debug-too-large: 0
x-debug-donot-cache: 0
x-upstream-content-length: 1380
accept-ranges: bytes
expires: Wed, 31 Jan 2024 11:31:39 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ 488 KB
194 KB 45ms
3ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfzwkIhAAAAABsQBYGq_mXIZ_3QaLkty6aCTGad&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

689c72d7718868395eaf4bbe26e9f52e92f16daaa1d5486b53ae3744a996f1e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://genshin-leak.com/
Origin: https://genshin-leak.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 19:17:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198255
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 19:17:04 GMT

GET
H2 200 %E3%83%86%E3%82%A4%E3%83%AF%E3%83%83%E3%83%88%E3%81%9D%E3%81%8F%E3%81%BB%E3%81%86.png
genshin-leak.com/wp-content/uploads/2020/11/ 73 KB
73 KB 19ms
16ms Image
image/png 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://genshin-leak.com/wp-content/uploads/2020/11/%E3%83%86%E3%82%A4%E3%83%AF%E3%83%83%E3%83%88%E3%81%9D%E3%81%8F%E3%81%BB%E3%81%86.png

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

75d794673e75d06c3fa0e04cb18aaac9ca34f6153199e5473236a71e5d9868b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
x-content-type-options: nosniff
x-debug-non-text: 1
content-length: 74784
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Wed, 02 Dec 2020 11:15:24 GMT
server: nginx
etag: W/"PSA-mQfNUWuQh9"
vary: User-Agent
content-type: image/png
x-pst-nginx-cache: MISS
cache-control: max-age=31536000, public
x-debug-too-large: 0
accept-ranges: bytes
x-debug-donot-cache: 0
x-upstream-content-length: 74784
expires: Sun, 26 Jan 2025 14:00:03 GMT

GET
H2 200 GB0UasTW4AAy_-J-640x360.jpg
genshin-leak.com/wp-content/uploads/2023/12/ 21 KB
21 KB 9ms
7ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2023/12/GB0UasTW4AAy_-J-640x360.jpg
Requested by: Host: genshin-leak.com
URL: https://genshin-leak.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: 3e89ca0e7df4f0025e2d415c756e4ceba2d51a899391ca81af75aafeaa643c00

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
last-modified: Wed, 20 Dec 2023 20:38:01 GMT
server: nginx
etag: "658350a9-53c2"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 21442
expires: Sun, 31 Mar 2024 11:31:38 GMT

GET
H2 200 GB0Uj5gXcAABtyb-640x360.jpg
genshin-leak.com/wp-content/uploads/2023/12/ 15 KB
15 KB 13ms
11ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2023/12/GB0Uj5gXcAABtyb-640x360.jpg
Requested by: Host: genshin-leak.com
URL: https://genshin-leak.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: 552c3e1fde28cdd9785a767c408d81d2b16425e35c74fe3fad7651468c04d495

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
last-modified: Wed, 20 Dec 2023 20:38:40 GMT
server: nginx
etag: "658350d0-3b14"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 15124
expires: Sun, 31 Mar 2024 11:31:38 GMT

GET
H2 200 ae46b1f460ee46f789c27b264a6cb421-2-640x360.png
genshin-leak.com/wp-content/uploads/2023/12/ 53 KB
53 KB 13ms
12ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2023/12/ae46b1f460ee46f789c27b264a6cb421-2-640x360.png
Requested by: Host: genshin-leak.com
URL: https://genshin-leak.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: 6aecb7eee34482955f6f7660cf98cd9d2eaa65ad363c7def5476e7fc8174f2ea

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
last-modified: Wed, 20 Dec 2023 20:45:28 GMT
server: nginx
etag: "65835268-d428"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 54312
expires: Sun, 31 Mar 2024 11:31:38 GMT

GET
H2 200 chiori-640x360.jpg
genshin-leak.com/wp-content/uploads/2024/01/ 19 KB
20 KB 15ms
14ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2024/01/chiori-640x360.jpg
Requested by: Host: genshin-leak.com
URL: https://genshin-leak.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: 8b9e28b9db6c1712b979dc891aa94760790ae2e028fb4bb36680bdaa0ac1136b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
last-modified: Tue, 30 Jan 2024 15:34:45 GMT
server: nginx
etag: "65b91715-4ddc"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 19932
expires: Sun, 31 Mar 2024 11:31:38 GMT

GET
H2 200 image-640x360.webp
genshin-leak.com/wp-content/uploads/2024/01/ 36 KB
36 KB 18ms
17ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://genshin-leak.com/wp-content/uploads/2024/01/image-640x360.webp

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

f826cd090304196fd59af62cd00baea3112cec9ae76885f0dc0b7adcd678e516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
x-content-type-options: nosniff
x-debug-non-text: 1
content-length: 36782
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Mon, 29 Jan 2024 12:56:44 GMT
server: nginx
vary: Accept-Encoding,User-Agent
content-type: image/webp
cache-control: max-age=1
x-pst-nginx-cache: MISS
x-debug-too-large: 0
x-debug-donot-cache: 0
x-upstream-content-length: 36782
accept-ranges: bytes
expires: Wed, 31 Jan 2024 11:31:39 GMT

GET
H2 200 GEBt0LFakAA4BxB-640x360.jpg
genshin-leak.com/wp-content/uploads/2024/01/ 46 KB
46 KB 16ms
15ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2024/01/GEBt0LFakAA4BxB-640x360.jpg
Requested by: Host: genshin-leak.com
URL: https://genshin-leak.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: 8dcb7c6f7c0a10aa3c6a10e8cb9e34832aa7b3f729c6b36ef1b08532d3d27291

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
last-modified: Fri, 19 Jan 2024 14:02:31 GMT
server: nginx
etag: "65aa80f7-b7f0"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 47088
expires: Sun, 31 Mar 2024 11:31:38 GMT

GET
H2 200 8647ca670e81c100b94a5caf713a1118-640x360.jpg
genshin-leak.com/wp-content/uploads/2024/01/ 27 KB
27 KB 17ms
16ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2024/01/8647ca670e81c100b94a5caf713a1118-640x360.jpg
Requested by: Host: genshin-leak.com
URL: https://genshin-leak.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: 8c028ae3a8f1e2c6d35ae9660f4f777f6cf0317bcc25aa94b52cc86f4c9a56b8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
last-modified: Sat, 27 Jan 2024 15:20:12 GMT
server: nginx
etag: "65b51f2c-6c10"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 27664
expires: Sun, 31 Mar 2024 11:31:38 GMT

GET
H2 200 FqwG903acAIPU0X-640x360.jpg
genshin-leak.com/wp-content/uploads/2024/01/ 9 KB
9 KB 17ms
16ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2024/01/FqwG903acAIPU0X-640x360.jpg
Requested by: Host: genshin-leak.com
URL: https://genshin-leak.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: b62a43859fc6ed44a2a3ebbebd1b814af159f6f84cf02c3940580516757a8715

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
last-modified: Mon, 29 Jan 2024 03:13:28 GMT
server: nginx
etag: "65b717d8-225e"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 8798
expires: Sun, 31 Mar 2024 11:31:38 GMT

GET
H2 200 ae46b1f460ee46f789c27b264a6cb421-10-640x360.jpg
genshin-leak.com/wp-content/uploads/2024/01/ 48 KB
48 KB 8ms
7ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2024/01/ae46b1f460ee46f789c27b264a6cb421-10-640x360.jpg
Requested by: Host: genshin-leak.com
URL: https://genshin-leak.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: 70f3598dfcef4c758a897287d6669c96f45b10789b510d7ab238e02f6762240b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
last-modified: Sun, 28 Jan 2024 21:00:46 GMT
server: nginx
etag: "65b6c07e-be20"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 48672
expires: Sun, 31 Mar 2024 11:31:38 GMT

POST
H2 200 Collect Show response
a.flux.jp/analytics.collect.v1.CollectService/ 2 B
570 B 127ms
110ms XHR
application/json 34.160.89.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/00774/genshinleak_00932.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.89.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.89.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://genshin-leak.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
content-encoding: gzip
via: 1.1 google, 1.1 google
accept-encoding: gzip
server: Google Frontend
traceparent: 00-21e17d00863f2ad274ba75a006119ae7-8a19dba649ab23c0-00
vary: Origin
content-type: application/json
access-control-allow-origin: https://genshin-leak.com
access-control-expose-headers: Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context: 21e17d00863f2ad274ba75a006119ae7/9951226358898828224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26

GET
H3 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240124/r20110914/ 56 KB
22 KB 4ms
4ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240124/r20110914/rum_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js?bust=31080743

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79520840ea157a1b43f84eae5937d2e013b12de73621f7dca841c0516b114036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 04:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22173
x-xss-protection: 0
server: cafe
etag: 3718566553368647898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 04:39:07 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6600 862 B
437 B 232ms
232ms Document
text/html 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4573464922099349&output=html&h=189&slotname=1114547601&adk=528440180&adf=2902566794&pi=t.ma~as.1114547601&w=800&lmt=1706700698&rafmt=11&format=800x189&url=https%3A%2F%2Fgenshin-leak.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706700698521&bpp=2&bdt=193&idt=337&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&correlator=1006946935966&rume=1&frm=20&pv=2&ga_vid=1544928421.1706700699&ga_sid=1706700699&ga_hid=563756796&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=1015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080743%2C95323004%2C31061691%2C31061693&oid=2&pvsid=980706753001410&tmod=903848287&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=353

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js?bust=31080743

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d860f2d50a88068a983690d264386537f5dacb7f62ebc8812e06cbfa26d6f1d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://genshin-leak.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 413
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 11:31:39 GMT
expires: Wed, 31 Jan 2024 11:31:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2CA4 862 B
438 B 197ms
197ms Document
text/html 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4573464922099349&output=html&h=189&slotname=1114547601&adk=1799831110&adf=84399023&pi=t.ma~as.1114547601&w=800&lmt=1706700698&rafmt=11&format=800x189&url=https%3A%2F%2Fgenshin-leak.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706700698523&bpp=1&bdt=195&idt=368&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=800x189&correlator=1006946935966&rume=1&frm=20&pv=1&ga_vid=1544928421.1706700699&ga_sid=1706700699&ga_hid=563756796&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080743%2C95323004%2C31061691%2C31061693&oid=2&pvsid=980706753001410&tmod=903848287&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=373

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js?bust=31080743

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe9764c5b83b7297d2bd3dd44ee380f2d3b5414814cb1cfd5d818b8aad31bf74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://genshin-leak.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 11:31:39 GMT
expires: Wed, 31 Jan 2024 11:31:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5B7E 862 B
437 B 306ms
306ms Document
text/html 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4573464922099349&output=html&h=280&slotname=3480872400&adk=2698024083&adf=134347123&pi=t.ma~as.3480872400&w=800&fwrn=4&fwrnh=100&lmt=1706700698&rafmt=1&format=800x280&url=https%3A%2F%2Fgenshin-leak.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706700698524&bpp=1&bdt=197&idt=389&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=800x189%2C800x189&correlator=1006946935966&rume=1&frm=20&pv=1&ga_vid=1544928421.1706700699&ga_sid=1706700699&ga_hid=563756796&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=3870&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080743%2C95323004%2C31061691%2C31061693&oid=2&pvsid=980706753001410&tmod=903848287&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=392

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js?bust=31080743

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea2b0b667c71be191da9cc93dd2f974874536a61bf13b1947aa22ecd254544d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://genshin-leak.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 413
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 11:31:39 GMT
expires: Wed, 31 Jan 2024 11:31:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 c06cc614-f284-4373-8e7b-e334e4dcb9d3 Show response
config.aps.amazon-adsystem.com/configs/ 564 B
830 B 37ms
13ms Script
application/javascript 143.204.86.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/c06cc614-f284-4373-8e7b-e334e4dcb9d3
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-33.nrt12.r.cloudfront.net
Software: CloudFront /
Resource Hash: 588777ca0da5cf32f4ed706fbe98ae2ff9e77d0957abefe2ce4620087618b9d9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:09:26 GMT
via: 1.1 2d905d2c9a6d0b833a673c4fbaea5b54.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: NRT12-C2
age: 1332
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: lBauEs4DMPsg9PBvsvLDPFo0kJ5e__Qk0eOP9Poqk855t9U1NWYdLA==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
310 B 3ms
3ms XHR
text/plain 18.64.126.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fgenshin-leak.com&pubid=c06cc614-f284-4373-8e7b-e334e4dcb9d3
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.126.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-126-129.nrt12.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 06:24:33 GMT
via: 1.1 1ee54fe8d75e768fad3c5263c97be482.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: NRT12-P1
age: 18425
x-cache: Hit from cloudfront
access-control-allow-origin: https://genshin-leak.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: as-asWOVAghMXqioRu_qjBpXccS4_Hw4bOqFb-o-omprEEZhEHneLw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 16ms
5ms XHR
application/javascript 18.64.126.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.126.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-126-129.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 67c8b7e623dc98088ceb29dc1e64b5ea.cloudfront.net (CloudFront)
date: Wed, 31 Jan 2024 00:03:47 GMT
x-amz-cf-pop: NRT12-P1
age: 41272
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: dmz5BqFZW4JZ0Bw5Go4zMgomazhO_8sMon4Y2drxT7f5GbPQQHmilw==

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 816F 862 B
439 B 452ms
452ms Document
text/html 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4573464922099349&output=html&h=280&slotname=3480872400&adk=1782772825&adf=2123904157&pi=t.ma~as.3480872400&w=336&fwrn=4&fwrnh=100&lmt=1706700698&rafmt=1&format=336x280&url=https%3A%2F%2Fgenshin-leak.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706700698526&bpp=1&bdt=198&idt=427&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=800x189%2C800x189%2C800x280&correlator=1006946935966&rume=1&frm=20&pv=1&ga_vid=1544928421.1706700699&ga_sid=1706700699&ga_hid=563756796&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080743%2C95323004%2C31061691%2C31061693&oid=2&pvsid=980706753001410&tmod=903848287&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=431

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js?bust=31080743

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b592e338350011532e086b571cf1775418b5c8c46115c4c25b4c50a36d9de4ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://genshin-leak.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 415
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 11:31:39 GMT
expires: Wed, 31 Jan 2024 11:31:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
195 B 136ms
125ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.6.0&cb=46017714589&lsavail=1

Requested by

Host: flux-cdn.com
URL: https://flux-cdn.com/client/00774/genshinleak_00932.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://genshin-leak.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://genshin-leak.com
date: Wed, 31 Jan 2024 11:31:38 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 prebid Show response
s-rtb-pb.send.microad.jp/ 47 B
514 B 433ms
194ms XHR
application/json 202.233.84.2
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb-pb.send.microad.jp/prebid?spot=002f3ef9590cea3bb9c59c5cae4f1f76&url=https%3A%2F%2Fgenshin-leak.com%2F&referrer=null&bid_id=4bc21483ef6c3d&transaction_id=51192494-da5c-4a92-95b8-6be720a1b94a&media_types=1&cbt=6bd4d080c5ac90018d5f49f572

Requested by

Host: flux-cdn.com
URL: https://flux-cdn.com/client/00774/genshinleak_00932.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genshin-leak.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 11:31:39 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: https://genshin-leak.com
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
179 B 250ms
82ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/00774/genshinleak_00932.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://genshin-leak.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://genshin-leak.com
date: Wed, 31 Jan 2024 11:31:39 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 136 B
472 B 198ms
133ms XHR
text/javascript 18.65.107.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgenshin-leak.com%2F&pid=g1IbeglL4bHpB&cb=0&ws=1600x1200&v=24.117.1925&t=1000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1646272378949-0%22%2C%22s%22%3A%5B%22320x100%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F9176203%2F1780098%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1646272435395-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F9176203%2F1780099%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!i-mobile.co.jp%2C77674%2C1%2C%2C%2C&pubid=c06cc614-f284-4373-8e7b-e334e4dcb9d3&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.107.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-107-133.kix50.r.cloudfront.net
Software: Server /
Resource Hash: 546504d0f71de41c09f23c273e194e717dd41801fbc4d2c2daaa52547b500a6e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:38 GMT
via: 1.1 f107ef530a7cfdd4b675a9b26722ed80.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: KIX50-P2
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://genshin-leak.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 136
x-amz-cf-id: lWkxeqJ3tqA-wysIZnjB1JFO7fsqj9Y0VqR44CevGzOIv31J7K8dVw==

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 65 KB
24 KB 3ms
3ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js?cb=31080756

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b290618c6a5c2dd4b007f08778431d033d20fd379b4e9dc4f173e11e2a965116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 10:34:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24657
x-xss-protection: 0
server: cafe
etag: 1770201614985610734
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 11:34:53 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 87 KB
26 KB 24ms
12ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js?cb=31080756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f71c68db8f50cecab42686d45c685b9fa2710dac74bd8eb50df4689575fc204

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 30 Jan 2024 10:08:32 GMT
server: cloudflare
x-amz-request-id: 0Q6DA7YJPGF3EVR5
age: 3221
etag: W/"b03d5064c95ecd01501cdae49ca9228b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 84e1a128ea9234f9-NRT
x-amz-id-2: TMhr4VlhbS8ZQncxLK0Ja5ANmX339rNxIQUW3pKqpoBqLqwIjeGUPQbKw1aK/DyNQWTwYhtAAo4=

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame EF69 44 KB
28 KB 65ms
65ms Document
text/html 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzwkIhAAAAABsQBYGq_mXIZ_3QaLkty6aCTGad&co=aHR0cHM6Ly9nZW5zaGluLWxlYWsuY29tOjQ0Mw..&hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=31swf12w9ouq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

08853a0f3fbc0c27aa3b44e57c43bc615a8749f2195c51fb7408402af1fe1ba2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YvIcCDRnAVe67k8OauUpSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genshin-leak.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-YvIcCDRnAVe67k8OauUpSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 11:31:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 Collect Show response
a.flux.jp/analytics.collect.v1.CollectService/ 2 B
264 B 13ms
12ms XHR
application/json 34.160.89.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/00774/genshinleak_00932.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.89.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.89.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://genshin-leak.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 11:31:39 GMT
content-encoding: gzip
via: 1.1 google, 1.1 google
accept-encoding: gzip
server: Google Frontend
traceparent: 00-ad665338e5d37436635cfe2ebd4a5feb-7cba7b3a6a4f0f67-00
vary: Origin
content-type: application/json
access-control-allow-origin: https://genshin-leak.com
access-control-expose-headers: Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context: ad665338e5d37436635cfe2ebd4a5feb/8987631497193131879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 651F 862 B
438 B 336ms
335ms Document
text/html 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4573464922099349&output=html&h=600&slotname=3480872400&adk=2281005407&adf=2888125981&pi=t.ma~as.3480872400&w=300&fwrn=1&fwrnh=100&lmt=1706700699&rafmt=4&format=300x600&url=https%3A%2F%2Fgenshin-leak.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706700698526&bpp=1&bdt=199&idt=539&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=800x189%2C800x189%2C800x280%2C336x280&correlator=1006946935966&rume=1&frm=20&pv=1&ga_vid=1544928421.1706700699&ga_sid=1706700699&ga_hid=563756796&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1090&ady=2809&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080743%2C95323004%2C31061691%2C31061693&oid=2&pvsid=980706753001410&tmod=903848287&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=543

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js?bust=31080743

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f38a9c3f3ffc9d3676fad89007a2e07bafaebdc577fac7291c35c30dd3816865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://genshin-leak.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 11:31:39 GMT
expires: Wed, 31 Jan 2024 11:31:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E197 862 B
438 B 169ms
169ms Document
text/html 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4573464922099349&output=html&h=271&slotname=1114547601&adk=1945539098&adf=4129429195&pi=t.ma~as.1114547601&w=1200&lmt=1706700699&rafmt=11&format=1200x271&url=https%3A%2F%2Fgenshin-leak.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706700698527&bpp=1&bdt=199&idt=567&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=800x189%2C800x189%2C800x280%2C336x280%2C300x600&correlator=1006946935966&rume=1&frm=20&pv=1&ga_vid=1544928421.1706700699&ga_sid=1706700699&ga_hid=563756796&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080743%2C95323004%2C31061691%2C31061693&oid=2&pvsid=980706753001410&tmod=903848287&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=571

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js?bust=31080743

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b23af0ab531eb9e07d868e202b59ed0a715b3473c25b2d13f49e2b17269e58c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://genshin-leak.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 413
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 11:31:39 GMT
expires: Wed, 31 Jan 2024 11:31:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1B7C 22 KB
2 KB 89ms
89ms Document
text/html 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4573464922099349&output=html&adk=1812271804&adf=3025194257&lmt=1706700699&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fgenshin-leak.com%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706700698538&bpp=1&bdt=211&idt=571&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=800x189%2C800x189%2C800x280%2C336x280%2C300x600%2C1200x271&nras=1&correlator=1006946935966&rume=1&frm=20&pv=1&ga_vid=1544928421.1706700699&ga_sid=1706700699&ga_hid=563756796&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080743%2C95323004%2C31061691%2C31061693&oid=2&pvsid=980706753001410&tmod=903848287&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&fsb=1&dtd=584

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js?bust=31080743

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ee2380942b507e5d89e359341924fe08f0c91ecda3177f38b694802bede0ce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://genshin-leak.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 2010
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 11:31:39 GMT
expires: Wed, 31 Jan 2024 11:31:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
232 B 817ms
271ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://genshin-leak.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://genshin-leak.com
date: Wed, 31 Jan 2024 11:31:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame EF69 55 KB
24 KB 44ms
3ms Stylesheet
text/css 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzwkIhAAAAABsQBYGq_mXIZ_3QaLkty6aCTGad&co=aHR0cHM6Ly9nZW5zaGluLWxlYWsuY29tOjQ0Mw..&hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=31swf12w9ouq

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 19:17:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 19:17:04 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame EF69 488 KB
194 KB 46ms
6ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

689c72d7718868395eaf4bbe26e9f52e92f16daaa1d5486b53ae3744a996f1e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 19:17:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198255
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 19:17:04 GMT

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 11B7
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_n-baidu_n-Beeswax_smrt
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_n-baidu_n-Beeswax_smrt&dcc=t

306 B
1 KB

182ms
181ms

Document
text/html

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_n-baidu_n-Beeswax_smrt&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

bc2ec85a25ea9fadf7e8984c6edebce893d0988eb245c1d02e85d17f9e9b4005

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://genshin-leak.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 306
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 31 Jan 2024 11:31:39 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: K04FCWTZ0RJNRAJXG8EP

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 31 Jan 2024 11:31:39 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_n-baidu_n-Beeswax_smrt&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 1R4QAPCRJ09R3371T2NB

GET
H3 200 MxL-5nwwlOXLnw48P5Qma8MW4lQG7Q2rhXcL3r2wtjE.js Show response
www.google.com/js/bg/ Frame EF69 17 KB
7 KB 3ms
3ms Script
text/javascript 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/MxL-5nwwlOXLnw48P5Qma8MW4lQG7Q2rhXcL3r2wtjE.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3312fee67c3094e5cb9f0e3c3f94266bc316e25406ed0dab85770bdebdb0b631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzwkIhAAAAABsQBYGq_mXIZ_3QaLkty6aCTGad&co=aHR0cHM6Ly9nZW5zaGluLWxlYWsuY29tOjQ0Mw..&hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=31swf12w9ouq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 115395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6929
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 03:28:24 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame EF69 2 KB
2 KB 2ms
2ms Image
image/png 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 15:40:11 GMT
x-content-type-options: nosniff
age: 71488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 06 Feb 2024 15:40:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EF69 15 KB
16 KB 43ms
2ms Font
font/woff2 2404:6800:4004:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:16:56 GMT
x-content-type-options: nosniff
age: 476083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 23:16:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EF69 15 KB
15 KB 43ms
3ms Font
font/woff2 2404:6800:4004:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:55:06 GMT
x-content-type-options: nosniff
age: 549393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 02:55:06 GMT

GET
H2 200 ca-pub-4573464922099349 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 128ms
86ms Script
application/javascript 2404:6800:4004:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-4573464922099349?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js?bust=31080743

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3fa606a79f3a4eaf9d1a365d501472dcf6d130b975dd71e4efb83edd3c50c5a3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Xhox58224Oj3_yjE2NAGNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Xhox58224Oj3_yjE2NAGNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsOoxSXFEKQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5k4vr5kkgBiNSB-J_mK6RsQ7_DxYHkTPp2VLWI66-mC6ayXgZitYjorHxDH1U1nzQFivnXTWTXXT2fdcmY66x4gjnk-nTUFiBezzmBdDcRTAmewzgHilugZrJOA2Cl9BmsAEH_OnMH6G4h96mewRgFx2e1zrHVALMTDMfv-i7VsAjfeblzDCAAx7VvI"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame EF69 102 B
133 B 42ms
42ms Other
text/javascript 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

99953d3788a76b3b5392d7c3c2fc57a741f5d5c2b263616fdd07938aa2aa1b5b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzwkIhAAAAABsQBYGq_mXIZ_3QaLkty6aCTGad&co=aHR0cHM6Ly9nZW5zaGluLWxlYWsuY29tOjQ0Mw..&hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=31swf12w9ouq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 31 Jan 2024 11:31:39 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfeu&evt=place&vh=1200&eid=44759876%2C44759927%2C44759837%2C31080743%2C95323004%2C31061691%2C31061693&hl=ja&pvc=980706753001410

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 11:31:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVX5hY_rLEzjpD1cnvvV3C0svWFn-9EloHnNUc9R4ZT3GSAaAXFSqgPUo7w8mqGkxcQidn7JH34xQyqys4xHp0x9fyj0fFArwNxK7dhwSU-KB3nZPFIXgATin-2fnQv9HEFRhQQUA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 98ms
97ms Script
application/javascript 2404:6800:4004:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVX5hY_rLEzjpD1cnvvV3C0svWFn-9EloHnNUc9R4ZT3GSAaAXFSqgPUo7w8mqGkxcQidn7JH34xQyqys4xHp0x9fyj0fFArwNxK7dhwSU-KB3nZPFIXgATin-2fnQv9HEFRhQQUA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NzAwNjk5LDQyMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9nZW5zaGluLWxlYWsuY29tLyIsbnVsbCxbWzgsImxNSXpkQUtLREVZIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

da6e94cff57b6ffa63d447b0b9cd3ef41aa18e76665ca2a28fffaf202d1873ba

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_lm1X-oEi5WB1ijQmeJq2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_lm1X-oEi5WB1ijQmeJq2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KkhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5k4vr5kkgBiNSB-J_mK6RsQ7_DxYHkTPp2VLWI66-mC6ayXgZitYjorHxDH1U1nzQFivnXTWTXXT2fdcmY66x4gjnk-nTUFiBezzmBdDcRTAmewzgHilugZrJOA2Cl9BmsAEH_OnMH6G4h96mewRgFx2e1zrHVALMTDMfv-i7VsAhuObX_DCAAplVu2"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
13 KB 347ms
347ms Fetch
text/plain 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=980706753001410&correlator=285898639826025&eid=31079957%2C31080756%2C44807747%2C31061691%2C31061693&output=ldjh&gdfp_req=1&vrg=202401290101&ptt=17&impl=fifs&gdpr=0&iu_parts=9176203%3A22690263081%2C1780099&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D7305682edfb62e53%3AT%3D1706700698%3ART%3D1706700698%3AS%3DALNI_Mas9zBm1vvGVVlQveBh2j2q20vhrQ&gpic=UID%3D00000cf51a3d67c5%3AT%3D1706700698%3ART%3D1706700698%3AS%3DALNI_Ma9DhnNjsOtNH5Png1M2yyDKW247w&abxe=1&dt=1706700699452&lmt=1706700699&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgenshin-leak.com%2F&rumc=980706753001410&rume=1&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=1544928421.1706700699&ga_sid=1706700699&ga_hid=563756796&ga_fc=false&a3p=EhsKDGlkNS1zeW5jLmNvbRiB66f61TFIAFICCGQ.&dlt=1706700698327&idt=641&prev_scp=amznbid%3D2%26amznp%3D2&cust_params=flux_test_flag%3Dprd%26publisher_id%3D932%26amznbid%3D0%26amznp%3D0&adks=3909960419&frm=20&eo_id_str=ID%3D5db5d448e0577264%3AT%3D1706700698%3ART%3D1706700698%3AS%3DAA-AfjbcuEXAs2UCM0-CyHNIZdPH

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js?cb=31080756

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40a7ea541c36536ad5fca6cf407a41be1b8d81dd7b46018c7ff124a0274a6417

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:39 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13600
x-xss-protection: 0
google-lineitem-id: 5938573565
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138383084063
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://genshin-leak.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0D5D 6 KB
3 KB 164ms
47ms Document
text/html 2404:6800:4004:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js?cb=31080756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://genshin-leak.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 11:31:39 GMT
expires: Thu, 30 Jan 2025 11:31:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 Collect Show response
a.flux.jp/analytics.collect.v1.CollectService/ 2 B
47 B 13ms
12ms XHR
application/json 34.160.89.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/00774/genshinleak_00932.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.89.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.89.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://genshin-leak.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 11:31:39 GMT
content-encoding: gzip
via: 1.1 google, 1.1 google
accept-encoding: gzip
server: Google Frontend
traceparent: 00-74b05433fbbc4ac2f8f44a7faa742846-407c4cf44b3c010a-00
vary: Origin
content-type: application/json
access-control-allow-origin: https://genshin-leak.com
access-control-expose-headers: Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context: 74b05433fbbc4ac2f8f44a7faa742846/4646673527657464074
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26

GET
H3 200 AGSKWxUbhMx6lRcsojBYOpNjyo7yqRK3fOdn8lnUBNTynP5uV35drl_cMEfloOnQQr0xZGYvjxjF4YzNJ-uUlweNjCKLCrFYjxpaKNNmE3G_QUxpp9Ov4ByBC6dZ6ON58k5GNpINnCDmlg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 65ms
65ms Script
application/javascript 2404:6800:4004:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUbhMx6lRcsojBYOpNjyo7yqRK3fOdn8lnUBNTynP5uV35drl_cMEfloOnQQr0xZGYvjxjF4YzNJ-uUlweNjCKLCrFYjxpaKNNmE3G_QUxpp9Ov4ByBC6dZ6ON58k5GNpINnCDmlg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NzAwNjk5LDU0MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vZ2Vuc2hpbi1sZWFrLmNvbS8iLG51bGwsW1s4LCJsTUl6ZEFLS0RFWSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fdafe9f076a878e2145cdf295bfaccbc7c5ab210549f0dbf5587a91cb09e7fb8

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-mfk3nfXFUYN4rK0qQdyCTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-mfk3nfXFUYN4rK0qQdyCTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KAhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5k4vr5kkgBiNSB-J_mK6RsQ7_DxYHkTPp2VLWI66-mC6ayXgZitYjorHxDH1U1nzQFivnXTWTXXT2fdcmY66x4gjnk-nTUFiBezzmBdDcRTAmewzgHilugZrJOA2Cl9BmsAEH_OnMH6G4h96mewRgFx2e1zrHVALMTDMfv-i7VsAhs-XZzGBAAiYlue"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame EF69 13 KB
9 KB 84ms
84ms XHR
application/json 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfzwkIhAAAAABsQBYGq_mXIZ_3QaLkty6aCTGad

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

becdc2c72a1ea4dcf3334433d9397170fd5102cb65958c6696a92d29fa5c7fc0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzwkIhAAAAABsQBYGq_mXIZ_3QaLkty6aCTGad&co=aHR0cHM6Ly9nZW5zaGluLWxlYWsuY29tOjQ0Mw..&hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=31swf12w9ouq
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 31 Jan 2024 11:31:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 31 Jan 2024 11:31:39 GMT

GET
H2 200 container.html Show response
f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9023 6 KB
3 KB 184ms
182ms Document
text/html 2404:6800:4004:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js?cb=31080756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://genshin-leak.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 11:31:39 GMT
expires: Thu, 30 Jan 2025 11:31:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame BE2B 1 KB
2 KB 166ms
165ms Document
text/html 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_n-sharethrough_smrt_rbd_n-baidu&fv=1.0&a=cm&cm3ppd=1&dmt=3

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_n-baidu_n-Beeswax_smrt&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

ba42c7cd09dc15bc8b0d4e9b3a9145383c568a6eb78734ec01ba2ae1307a4568

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_n-baidu_n-Beeswax_smrt&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1165
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 31 Jan 2024 11:31:40 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 5HASQ9G5GXBC0420EVAF

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9023 24 KB
7 KB 52ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com
URL: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 21:25:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 396371
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 25 Jan 2025 21:25:29 GMT

GET
H2 200 spot.js Show response
imp-adedge.i-mobile.co.jp/script/v1/ Frame 9023 106 KB
31 KB 97ms
6ms Script
application/javascript 2600:9000:21ee:9800:1f:2964:4340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20220104
Requested by: Host: f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com
URL: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ee:9800:1f:2964:4340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ea189595b420be847b22742aa75b35879debfcabbc512c07840aedc37ef02331

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:07:33 GMT
content-encoding: gzip
via: 1.1 74a38b6b30d367d5d09102d078a87856.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 21:44:36 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: NRT20-C4
age: 1448
x-powered-by: ASP.NET
etag: W/"0fac15b454eda1:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
x-amz-cf-id: H3LxoDt8ie8ituIM7_i5McVog1awryC5-piyYtJQxvEe1t-9KhHuFQ==

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9023 205 KB
65 KB 115ms
72ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com
URL: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706532320618808"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 11:31:40 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BE2B
Redirect Chain

https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1
https://s.amazon-adsystem.com/ecm3?id=AAIYn07LdF8AABRMThB01Q&ex=beeswax.com

43 B
479 B

169ms
169ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=AAIYn07LdF8AABRMThB01Q&ex=beeswax.com

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_n-sharethrough_smrt_rbd_n-baidu&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Jan 2024 11:31:40 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VSN5J1XFCGGNPMWHQ1TY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=AAIYn07LdF8AABRMThB01Q&ex=beeswax.com
Date: Wed, 31 Jan 2024 11:31:40 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BE2B
Redirect Chain

https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7e85e7a988201aj600ls1pj4rx

43 B
479 B

326ms
169ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7e85e7a988201aj600ls1pj4rx

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_n-sharethrough_smrt_rbd_n-baidu&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Jan 2024 11:31:40 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: V2KZBEEWEK4Z9RJSFZC4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 31 Jan 2024 11:31:40 GMT
via: 1.1 google
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7e85e7a988201aj600ls1pj4rx
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 / Show response
match.sharethrough.com/jwumXNuB/v1/ Frame D4CB 842 B
1 KB 820ms
70ms Document
text/html 52.76.134.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_n-sharethrough_smrt_rbd_n-baidu&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.134.18 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-134-18.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 7edf1410494ab3425aa2b28869c7e99b9ac6335d018a7469e8f6e199c9456f93

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-length: 842
date: Wed, 31 Jan 2024 11:31:40 GMT

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 44DA
Redirect Chain

https://ssbsync-us.smartadserver.com/api/sync?callerId=2
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6608134191370834693&gdpr=0&gdpr_consent=

43 B
479 B

173ms
173ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6608134191370834693&gdpr=0&gdpr_consent=

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_n-sharethrough_smrt_rbd_n-baidu&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 31 Jan 2024 11:31:40 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 0Z01J71NX7JTCMFN4KMM

Redirect headers

content-length: 0
date: Wed, 31 Jan 2024 11:31:40 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6608134191370834693&gdpr=0&gdpr_consent=

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7C3B 281 B
554 B 14ms
4ms Document
text/html 23.45.58.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_n-sharethrough_smrt_rbd_n-baidu&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.58.82 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-45-58-82.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 31 Jan 2024 11:31:40 GMT
ETag: "20524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9023 0
0 45ms
45ms Fetch
image/gif 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsskDZ2bBvS7qr1xFeg0R559OFIitVnBlhAPFd-HbtVPduXCYWQAumqQj8IWA71Uc5WhY2TVEzArtapQjE_-i-JJFcXCrRCCFaQR-8x3YPDeGv1NemU-SW7K3xjVqpKE17SstkTdCgujREd1VOjUnV3ZsPEPt3i2vgGptS46v8z0V1KbXzZBZ4xjW5MyuNH7hOLwZXm88wOF2ly8e8tiPPM5Lx5VVzrkFKTzJl1niFdRSI52fy7zHi6yhKWgxBWPy9KeVjtZNEfSAxwU3vByX7Q35hMlGoBlRlIGTXk4wa0K-197IuMEer0zGZ5ufV4bXoKi6YixmThK9oBnDIkVsMNclULdRfwAQpUEmyE3Kvv1Z_4g&sai=AMfl-YQPjnfMCThe62EGj9oHpZfpq1esm0GdrqSnPIkmJ3kso_f0L1cGONWtShYFA6f0HVKUDHS02B1LKOxZQLVyPqoxlTb_1klSOgM0_uZIYid1cZ_Jvo5I79N5IhJyeQ&sig=Cg0ArKJSzO8w7mO5ffgmEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com
URL: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7C3B 39 KB
11 KB 3ms
3ms Script
text/html 23.45.58.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.58.82 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-45-58-82.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e310a3b34be9a8f7706d19f6369de09281bbe86917a6585e372f819b0c6abfd6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 11:31:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Jan 2024 16:36:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=18251
Connection: keep-alive
Content-Length: 10901
Expires: Wed, 31 Jan 2024 16:35:51 GMT

GET
H/1.1 200
OK spot.ashx Show response
ssp-bidapi.i-mobile.co.jp/api/v1/ Frame 9023 471 B
945 B 675ms
12ms XHR
text/javascript 54.238.5.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-bidapi.i-mobile.co.jp/api/v1/spot.ashx?ver=1.2.26&type=banner&url=https://genshin-leak.com/&direct=0&fif=0&sf=1&cof=1&dfp=0&amp=0&sp=0&ios=0&pid=77674&mid=545515&asid=1780099&spec=0&nemu=0
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20220104
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.5.160 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-5-160.ap-northeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 33720d12f086395b6d753fbcee250319354c903dae11d992b4bf3a08a051765c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Jan 2024 11:31:40 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 434
Expires: -1

GET
DATA 200
OK truncated
/ Frame 9023 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a8860b55ae8877973b791238268ae544b2f251366a2fe483e0d8c9e7015e8ae

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9023 0
0 85ms
42ms Fetch
image/gif 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZ48DJSTrvBPeV4xHF_8c4Q4UWkxlk__J2U8LdAZs7DjkYWD4PybFGlwu0_BwSGqn8pseKwjMpUW_Mw3Vz2mSzSDQDCKjWy44CQBytKewJ5OYVePY1OKYiBw689JSRitFXp2w47Q73aC63is7IrUQV83WNKpLXFK_tJSOqQTaZK8y3-GssuQvoh98sjMqDeCtHxVCgpa81zEwczVCi2Id9nOUOKH_NdmUdsedBV9S3hhL2A0C2v9vnM3S0gg6VDTSnPnumvhrP5rg8RLsSHv80To-SXlA7plOMv64y2OvqJdVkz3VWRUmnDBWuRPzGY-2GJHdMhsl8fu8hoCaHpTMhb5GTvFx9VjWJmGSmEaN5V73HSAI&sai=AMfl-YTpSo7M_0o1YyssRDv8nVOy3TOigIqWv0gVf07GD_fDjclnMg-JMG7aQcWC26n8raM4SttKOHwzYIShZzowDjMK4aL2c95U9TqR9oFrJLuMfeIz_7i08eBVvn7b4w&sig=Cg0ArKJSzE_MGtQmITxJEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 31 Jan 2024 11:31:40 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 9023 65 KB
24 KB 3ms
3ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com
URL: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b290618c6a5c2dd4b007f08778431d033d20fd379b4e9dc4f173e11e2a965116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 10:46:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2701
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24657
x-xss-protection: 0
server: cafe
etag: 1770201614985610734
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 11:46:39 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9023 0
234 B 87ms
43ms Ping
image/gif 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~ls1pj4gy&chm=1&c=980706753001410&ctx=2&qqid=CKa6ucfDh4QDFU2C6QUdqUsP7Q&met.4=fb.5r~lb.az~ol.b5~idt.6u~dt.-az&met.1=1.ls1pj45j~6.1~7.1~8.1~9.1~10.1~12.3~13.55~14.57~15.5c~16.b0~17.b0~18.b1~19.b1~20.b1~21.b5~22.b2~23.b2&met.7=CBsQCBgBKAEwuwE4kQNoA3C5AXiJF4AB3RSIAZIwsAEBuAED~CBEQChgBIM8BKM8BMIQCODRQ3QFYggJg3gFoggJwgwJ4rjSAAYIyiAGLvQGwAQG4AQM~CBsQCiDQAThi~CFEQChgBINABKNABMOcCOJcBUNEBWPoBYNIBaPsBcMMCeM2IBIABoYYEiAGt6QywAQG4AQM~CCIQBBgBII4CKI4CMLwCOC5ojgJwuwJ4rAKwAQG4AQM~CCgQChgBIJIDKJIDMJcDOARokwNwlgN4_cIBgAHRwAGIAc2FBLABAbgBAw&met.3=113.bg_2~112.bf_3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 11:31:40 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_choices._Ad125. Show response
fundingchoicesmessages.google.com/f/AGSKWxXlnEJ4FY9jc7tBeVjdwhVWsPcgN8qqvwKgESuwNhtolXTFJxnhPwayGy9pINnU3763OJZt73mdxufICzQ_ZjatoSZc-UZe9x2VEb2n8TzpmeMsxHSEXrSc0rOZJjHRbaNMkx9Zh7B0dJJxpfma2Z7aNHrtS... 54 B
110 B 48ms
47ms Script
application/javascript 2404:6800:4004:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXlnEJ4FY9jc7tBeVjdwhVWsPcgN8qqvwKgESuwNhtolXTFJxnhPwayGy9pINnU3763OJZt73mdxufICzQ_ZjatoSZc-UZe9x2VEb2n8TzpmeMsxHSEXrSc0rOZJjHRbaNMkx9Zh7B0dJJxpfma2Z7aNHrtSbds19uFYc4U8F0eUpnYkh_f8o1i0Yqo/_.ad.final./eroad2./ad_req./ad_choices._Ad125.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwUwk8S3lvqCRjdd4FHf7_IJcArdw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74206dbfa24b340e54e7e2aef6dfa8c3c8883b1e3745d5edbfcb8ee0eba3cfd4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wiLshFINpDs5eHdWKQxp8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-wiLshFINpDs5eHdWKQxp8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KMhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5k4vr5kkgBiNSB-J_mK6RsQ7_DxYHkTPp2VLWI66-mC6ayXgZitYjorHxDH1U1nzQFivnXTWTXXT2fdcmY66x4gjnk-nTUFiBezzmBdDcRTAmewzgHilugZrJOA2Cl9BmsAEH_OnMH6G4h96mewRgFx2e1zrHVALMTDMef-i7VsAhNmPOphBAAqi1s3"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 65 KB
24 KB 2ms
2ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b290618c6a5c2dd4b007f08778431d033d20fd379b4e9dc4f173e11e2a965116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24657
x-xss-protection: 0
server: cafe
etag: 1770201614985610734
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 12:24:02 GMT

POST
H3 204 AGSKWxUpUpdgu2jwewQ64_oOsi3A7V_RXms3ATTIq7M0TZE352HtYRrZw4GJDJN3vpBnMI3cLUYgZuDYq9rbcwQY7s0NJLZxvdhSBejKmwsmjD5OzTtkWQrkxI2G1Q-CSgSM8b1cxlctFQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 92ms
51ms XHR
text/html 2404:6800:4004:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUpUpdgu2jwewQ64_oOsi3A7V_RXms3ATTIq7M0TZE352HtYRrZw4GJDJN3vpBnMI3cLUYgZuDYq9rbcwQY7s0NJLZxvdhSBejKmwsmjD5OzTtkWQrkxI2G1Q-CSgSM8b1cxlctFQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vZt-075KJnyj8gflDHGy8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://genshin-leak.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 11:31:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-vZt-075KJnyj8gflDHGy8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw15BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQDistvnWOuAWIiHY879F2vZBGY03VvECADsPyB5"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://genshin-leak.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUpUpdgu2jwewQ64_oOsi3A7V_RXms3ATTIq7M0TZE352HtYRrZw4GJDJN3vpBnMI3cLUYgZuDYq9rbcwQY7s0NJLZxvdhSBejKmwsmjD5OzTtkWQrkxI2G1Q-CSgSM8b1cxlctFQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 81ms
46ms XHR
text/html 2404:6800:4004:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUpUpdgu2jwewQ64_oOsi3A7V_RXms3ATTIq7M0TZE352HtYRrZw4GJDJN3vpBnMI3cLUYgZuDYq9rbcwQY7s0NJLZxvdhSBejKmwsmjD5OzTtkWQrkxI2G1Q-CSgSM8b1cxlctFQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HX50ls9oi0X0OPmDBzIjYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://genshin-leak.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 11:31:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HX50ls9oi0X0OPmDBzIjYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQDistvnWOuAWIiHY879F2vZBA6snDefEQDrCSB_"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://genshin-leak.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUpUpdgu2jwewQ64_oOsi3A7V_RXms3ATTIq7M0TZE352HtYRrZw4GJDJN3vpBnMI3cLUYgZuDYq9rbcwQY7s0NJLZxvdhSBejKmwsmjD5OzTtkWQrkxI2G1Q-CSgSM8b1cxlctFQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 49ms
49ms XHR
text/html 2404:6800:4004:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUpUpdgu2jwewQ64_oOsi3A7V_RXms3ATTIq7M0TZE352HtYRrZw4GJDJN3vpBnMI3cLUYgZuDYq9rbcwQY7s0NJLZxvdhSBejKmwsmjD5OzTtkWQrkxI2G1Q-CSgSM8b1cxlctFQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fdhptz6gPmU0eHAcj_gRPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://genshin-leak.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 11:31:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-fdhptz6gPmU0eHAcj_gRPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmII1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQDistvnWOuAWIiHY879F2vZBH58ubKYEQDy1yFM"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://genshin-leak.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUpUpdgu2jwewQ64_oOsi3A7V_RXms3ATTIq7M0TZE352HtYRrZw4GJDJN3vpBnMI3cLUYgZuDYq9rbcwQY7s0NJLZxvdhSBejKmwsmjD5OzTtkWQrkxI2G1Q-CSgSM8b1cxlctFQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 46ms
46ms XHR
text/html 2404:6800:4004:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUpUpdgu2jwewQ64_oOsi3A7V_RXms3ATTIq7M0TZE352HtYRrZw4GJDJN3vpBnMI3cLUYgZuDYq9rbcwQY7s0NJLZxvdhSBejKmwsmjD5OzTtkWQrkxI2G1Q-CSgSM8b1cxlctFQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-br0MPSISfMWKKNVmH1y5EA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://genshin-leak.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 11:31:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-br0MPSISfMWKKNVmH1y5EA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmII0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQDistvnWOuAWIiHY879F2vZBG5s2raYEQDxIyDN"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://genshin-leak.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUkQmwaF1YLkFYmIX3ulnjQQ-xVqQQcGbSYJUr8E2yH7qtNiC38Ap5TSJEwMJWTNETNb3EQFFHgoBgD1J1XHGIdzXKDZkQrr5h68p0nmSij1-nvkKH1UsAHOrdDex9AX4ZmWg6SMA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 61ms
61ms Script
application/javascript 2404:6800:4004:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUkQmwaF1YLkFYmIX3ulnjQQ-xVqQQcGbSYJUr8E2yH7qtNiC38Ap5TSJEwMJWTNETNb3EQFFHgoBgD1J1XHGIdzXKDZkQrr5h68p0nmSij1-nvkKH1UsAHOrdDex9AX4ZmWg6SMA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NzAwNzAwLDMxODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9nZW5zaGluLWxlYWsuY29tLyIsbnVsbCxbWzgsImxNSXpkQUtLREVZIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c04562626233081c29a5fff86c859bda040ca68cf37ae29ccfec4ade8614033

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-HvdVpEE88f_mE7FEOrdp1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-HvdVpEE88f_mE7FEOrdp1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KYhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5k4vr5kkgBiNSB-J_mK6RsQ7_DxYHkTPp2VLWI66-mC6ayXgZitYjorHxDH1U1nzQFivnXTWTXXT2fdcmY66x4gjnk-nTUFiBezzmBdDcRTAmewzgHilugZrJOA2Cl9BmsAEH_OnMH6G4h96mewRgFx2e1zrHVALMTDMef-i7VsAhfWvlzFCAAnbFur"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWcKuVF0XBJSZ5Qdkp03RflpEqeEEYJFxrZPGwz-NVkw5AR_W0wrhFdlD5UAf7if52XBgRMFvpD3TaaR8pD3BaE4YUzYdgD3NE6XayzaXBwEndvTLk0c3y5OKvkMzZt5jDKaDhzWg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 44ms
43ms XHR
text/html 2404:6800:4004:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWcKuVF0XBJSZ5Qdkp03RflpEqeEEYJFxrZPGwz-NVkw5AR_W0wrhFdlD5UAf7if52XBgRMFvpD3TaaR8pD3BaE4YUzYdgD3NE6XayzaXBwEndvTLk0c3y5OKvkMzZt5jDKaDhzWg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cQiCJcSI6aSrTJXCTB2aqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://genshin-leak.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 11:31:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-cQiCJcSI6aSrTJXCTB2aqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQDistvnWOuAWIiHY879F2vZBBasnn2MEQDtJiCN"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://genshin-leak.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUpUpdgu2jwewQ64_oOsi3A7V_RXms3ATTIq7M0TZE352HtYRrZw4GJDJN3vpBnMI3cLUYgZuDYq9rbcwQY7s0NJLZxvdhSBejKmwsmjD5OzTtkWQrkxI2G1Q-CSgSM8b1cxlctFQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 44ms
43ms XHR
text/html 2404:6800:4004:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUpUpdgu2jwewQ64_oOsi3A7V_RXms3ATTIq7M0TZE352HtYRrZw4GJDJN3vpBnMI3cLUYgZuDYq9rbcwQY7s0NJLZxvdhSBejKmwsmjD5OzTtkWQrkxI2G1Q-CSgSM8b1cxlctFQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Rn9d_MDdltHK6XWbIxD66w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://genshin-leak.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 11:31:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-Rn9d_MDdltHK6XWbIxD66w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw1ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQDistvnWOuAWIiHY879F2vZBH5c-3SMEQDxxyFr"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://genshin-leak.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 7C3B 7 B
777 B 338ms
77ms XHR
application/json 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: c80248407eff6cf595ce43a76c04e23f
Expires: 0

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ Frame 9023 6 KB
3 KB 32ms
2ms Script
application/javascript 2600:140b:1c00:e::17cb:853e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20220104
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1c00:e::17cb:853e Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a4ff1a40b43ba34c62af7cf45052ceb1c13245f71b78d2f95e608cdf40f0cdb9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: L0stj9fu2baJtFSqDN5xi.x1sC_BpRf6
content-encoding: gzip
date: Wed, 31 Jan 2024 11:31:40 GMT
last-modified: Tue, 28 Nov 2023 07:46:54 GMT
etag: "e6a2a84ae62614db599e7097dbb3813f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2438
expires: Wed, 31 Jan 2024 14:31:40 GMT

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ Frame 9023 28 B
226 B 28ms
12ms XHR
application/json 2600:1901:0:e207::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=1012275&vid=01HNFMKZ6NYWXJMWG9D23R5S84
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 5f27dd7badc7ff500f4b15907ebe54f3e2af6df41a5b8f99a87b35157d8af43a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com
date: Wed, 31 Jan 2024 11:31:40 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28
content-type: application/json

GET
H2 200 ad_spot.ashx Show response
spnativeapi-tls.i-mobile.co.jp/api/ Frame 9023 2 KB
3 KB 67ms
30ms Script
text/javascript 2600:9000:2047:3200:1f:5b22:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spnativeapi-tls.i-mobile.co.jp/api/ad_spot.ashx?partnerId=77674&mediaId=545515&spotId=1780099&asn=1&num=7&callback=imobile_jsonp_callback_1360b1c6acb5&tagv=1.2.26&imuid=h.6ec75b58a99ee392
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20220104
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2047:3200:1f:5b22:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 05551592efaf925b30194933ffe93af0aa9032ddb16f7ec516735202036d1309

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:40 GMT
via: 1.1 5679bad9948e0817bf2f8ca7f1f7729c.cloudfront.net (CloudFront)
server: Microsoft-IIS/8.5
x-amz-cf-pop: KIX56-C1
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: private
content-length: 2390
x-amz-cf-id: J397LlbQ4RXtLnd0brgMaiPIV7G_MxDQ2uDN8ryOiD6FSQseo762ng==

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame D4CB 43 B
479 B 277ms
170ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=9e6d962c-b3b2-4fbe-8ff9-f0814bb09b10

Requested by

Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Jan 2024 11:31:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3SY2WSCVD3RMWC20TMVH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame D4CB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=OWU2ZDk2MmMtYjNiMi00ZmJlLThmZjktZjA4MTRiYjA5YjEw
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=

68 B
279 B

71ms
71ms

Image
image/png

52.76.134.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 52.76.134.18 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-134-18.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:41 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Wed, 31 Jan 2024 11:31:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame D4CB
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=288b79c4-ee13-40b7-8aa3-1052520177f6&gdpr=0&gdpr_consent=

68 B
279 B

69ms
69ms

Image
image/png

52.76.134.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=288b79c4-ee13-40b7-8aa3-1052520177f6&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 52.76.134.18 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-134-18.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:40 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

location: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=288b79c4-ee13-40b7-8aa3-1052520177f6&gdpr=0&gdpr_consent=
date: Wed, 31 Jan 2024 11:31:40 GMT
server: Kestrel
content-length: 323

GET
H2

200

v1
match.sharethrough.com/sync/ Frame D4CB
Redirect Chain

https://x.bidswitch.net/sync?ssp=sharethrough&user_id=9e6d962c-b3b2-4fbe-8ff9-f0814bb09b10&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365
https://x.bidswitch.net/ul_cb/sync?ssp=sharethrough&user_id=9e6d962c-b3b2-4fbe-8ff9-f0814bb09b10&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dshar...
https://x.bidswitch.net/sync?dsp_id=354&user_id=25e7f08a74b84fbf94244e0eb5459202&ssp=sharethrough&bsw_param=5708f775-8e41-4837-bcb7-8d7594360f46&gdpr=0&consent=&gdpr_pd=1&expires=7
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=5708f775-8e41-4837-bcb7-8d7594360f46&seat_user_id=&seat_key=&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=

68 B
279 B

72ms
71ms

Image
image/png

52.76.134.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=5708f775-8e41-4837-bcb7-8d7594360f46&seat_user_id=&seat_key=&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 52.76.134.18 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-134-18.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:41 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=5708f775-8e41-4837-bcb7-8d7594360f46&seat_user_id=&seat_key=&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=
Date: Wed, 31 Jan 2024 11:31:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

v1
match.sharethrough.com/sync/ Frame D4CB
Redirect Chain

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2...
https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id...
https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=cff8cad7-7c1b-0a54-3772-d2ccb42e81ad

68 B
279 B

72ms
72ms

Image
image/png

52.76.134.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=cff8cad7-7c1b-0a54-3772-d2ccb42e81ad
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 52.76.134.18 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-134-18.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:41 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

date: Wed, 31 Jan 2024 11:31:41 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=cff8cad7-7c1b-0a54-3772-d2ccb42e81ad
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 main.jpg
spimgv1.i-mobile.co.jp/a4615/01HBAREJMYPJ6S2GDAD6XNJG6V/ Frame 6843 27 KB
28 KB 45ms
9ms Image
image/jpeg 2600:9000:2112:9a00:19:8e9:d580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spimgv1.i-mobile.co.jp/a4615/01HBAREJMYPJ6S2GDAD6XNJG6V/main.jpg
Requested by: Host: f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com
URL: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2112:9a00:19:8e9:d580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9604d7cc1b5c628181ff3700d5ca7c9bc8d319b429e2c75e4f61ffdf81d9211d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 08:35:53 GMT
via: 1.1 8110bc7c6980a471e8c87441835f36be.cloudfront.net (CloudFront)
last-modified: Wed, 27 Sep 2023 07:25:29 GMT
server: AmazonS3
x-amz-cf-pop: NRT51-C1
age: 10549
etag: "45e409969e02ddf8e272af4ef051a9cd"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 27924
x-amz-cf-id: ov1-za4s_kcSvNHvau56raf6vZBiOk0w7hjFsVsWJ6uLBrJEj-Gr0Q==

GET
H/1.1 200
OK imp_count.ashx Show response
ssp-bidapi.i-mobile.co.jp/ajax/imp/ Frame 9023 12 B
638 B 4ms
3ms XHR
text/plain 54.238.5.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-bidapi.i-mobile.co.jp/ajax/imp/imp_count.ashx?pid=77674&mid=545515&asid=1780099&bidid=b11cdd46-2884-42f0-9d1d-be4cc7afaae5&demander_type=1&demander_id=1&spec=0&nemu=0
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20220104
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.5.160 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-5-160.ap-northeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Jan 2024 11:31:40 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 132
Expires: -1

GET
H2 200 ad_imp_count.ashx
spnativeapi-tls.i-mobile.co.jp/api/ Frame 9023 120 B
429 B 23ms
21ms Image
image/png 2600:9000:2047:3200:1f:5b22:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spnativeapi-tls.i-mobile.co.jp/api/ad_imp_count.ashx?pid=77674&mid=545515&asid=1780099&advid=7037903&asn=1&imuid=h.6ec75b58a99ee392
Requested by: Host: genshin-leak.com
URL: https://genshin-leak.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2047:3200:1f:5b22:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 11:31:40 GMT
via: 1.1 5679bad9948e0817bf2f8ca7f1f7729c.cloudfront.net (CloudFront)
server: Microsoft-IIS/8.5
x-amz-cf-pop: KIX56-C1
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
content-type: image/png
cache-control: no-cache, no-store
content-length: 120
x-amz-cf-id: c9QHHXoFsvXksedMhFA9ppVN8tPtcE0AbzeLX-VK0xnC-SdbeGI0bg==
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7C3B
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LS1PJ50K-J-201M
https://s.amazon-adsystem.com/ecm3?id=LS1PJ50K-J-201M&ex=d-rubiconproject.com&status=ok

43 B
479 B

169ms
169ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LS1PJ50K-J-201M&ex=d-rubiconproject.com&status=ok

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_n-sharethrough_smrt_rbd_n-baidu&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Jan 2024 11:31:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VQJG9BKME939G6P54594
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LS1PJ50K-J-201M&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0ef743da9b7e7268fce5cacf31fd0f0c
Expires: 0

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 17ms
8ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: flux-cdn.com
URL: https://flux-cdn.com/client/00774/genshinleak_00932.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 07 Nov 2023 09:08:30 GMT
server: nginx
etag: W/"6549fe8e-17704"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Feb 2024 11:31:41 GMT

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 15ms
7ms XHR
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 07 Nov 2023 09:08:30 GMT
server: nginx
etag: W/"6549fe8e-17704"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Feb 2024 11:31:41 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 7C3B
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/KL8s6gLjjq8YUBjIfeWzIw?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-eY8bcEJE2oKFOd6I0f7QxlNA3jFC1GEIh77OxA--~A

42 B
871 B

242ms
77ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-eY8bcEJE2oKFOd6I0f7QxlNA3jFC1GEIh77OxA--~A
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_n-sharethrough_smrt_rbd_n-baidu&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: d335433bbbe0efeac67146df47932f6f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 31 Jan 2024 11:31:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-eY8bcEJE2oKFOd6I0f7QxlNA3jFC1GEIh77OxA--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7C3B
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFMxUEo1MEstSi0yMDFN
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBz6mdl83vGh09wQcEYfr7o&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxUEo1MEstSi0yMDFN&google_push=

170 B
188 B

42ms
41ms

Image
image/png

216.58.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxUEo1MEstSi0yMDFN&google_push=

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_n-sharethrough_smrt_rbd_n-baidu&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

Server

216.58.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s01-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 11:31:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxUEo1MEstSi0yMDFN&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d264e84c9dc1a645a3048554992c5d82
Expires: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 7C3B
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS1PJ50K-J-201M

0
514 B

252ms
106ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS1PJ50K-J-201M
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_n-sharethrough_smrt_rbd_n-baidu&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:40 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 119CADA2272B4134BC182F0CAE1FDCDD Ref B: TYAEDGE0714 Ref C: 2024-01-31T11:31:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQPDkOMvQxOhXgDzWIOQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS1PJ50K-J-201M
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 550b0c1400f70e56269f7c1848fb3166
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 7C3B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEUkdDmkdT0fCLLTvLVmOe0&google_cver=1

42 B
871 B

399ms
78ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEUkdDmkdT0fCLLTvLVmOe0&google_cver=1
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_n-sharethrough_smrt_rbd_n-baidu&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 0ed95c36ed1932be3ba76fc523a6e179
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 31 Jan 2024 11:31:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEUkdDmkdT0fCLLTvLVmOe0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7C3B
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWIxMzE0YzYxMWIyMDRhOGFjZGI4ZjZjNGExMGNhMDc4MGFkMTRiZQ

170 B
188 B

45ms
44ms

Image
image/png

216.58.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWIxMzE0YzYxMWIyMDRhOGFjZGI4ZjZjNGExMGNhMDc4MGFkMTRiZQ

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_n-sharethrough_smrt_rbd_n-baidu&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

Server

216.58.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s01-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 11:31:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWIxMzE0YzYxMWIyMDRhOGFjZGI4ZjZjNGExMGNhMDc4MGFkMTRiZQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d335433bbbe0efeac67146df47932f6f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 7C3B 43 B
855 B 848ms
315ms Image
image/gif 54.239.33.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_n-sharethrough_smrt_rbd_n-baidu&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Jan 2024 11:31:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7CKKBE834N3Z5BD5V4BY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7C3B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
https://s.amazon-adsystem.com/ecm3?id=LS1PJ50K-J-201M&ex=d-rubiconproject.com&status=ok

43 B
479 B

174ms
173ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LS1PJ50K-J-201M&ex=d-rubiconproject.com&status=ok

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_n-sharethrough_smrt_rbd_n-baidu&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Jan 2024 11:31:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WN1Q9V3T9TSBYNKWG4MR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LS1PJ50K-J-201M&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6690dc791bf02dde8c4051a04cfd7bb8
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7C3B
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZKjMZ3BnRoCrxqxBHmsgzw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZKjMZ3BnRoCrxqxBHmsgzw

43 B
479 B

178ms
177ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZKjMZ3BnRoCrxqxBHmsgzw

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_n-sharethrough_smrt_rbd_n-baidu&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Jan 2024 11:31:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1K1RG23Y0G8866RKP86K
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZKjMZ3BnRoCrxqxBHmsgzw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e2b6b837307e4a2cb84d126fbaf2cea2
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 7C3B
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=288b79c4-ee13-40b7-8aa3-1052520177f6&gdpr=0&gdpr_consent=&expires=30

42 B
871 B

384ms
78ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=288b79c4-ee13-40b7-8aa3-1052520177f6&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_n-sharethrough_smrt_rbd_n-baidu&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: d264e84c9dc1a645a3048554992c5d82
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=288b79c4-ee13-40b7-8aa3-1052520177f6&gdpr=0&gdpr_consent=&expires=30
date: Wed, 31 Jan 2024 11:31:41 GMT
server: Kestrel
content-length: 289

GET
H/1.1 200
OK rp
match.prod.bidr.io/cookie-sync/ Frame 7C3B 43 B
433 B 8ms
2ms Image
image/gif 52.196.50.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_n-sharethrough_smrt_rbd_n-baidu&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.196.50.30 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-196-50-30.ap-northeast-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 31 Jan 2024 11:31:41 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

magnite
prebid.a-mo.net/setuid/ Frame 7C3B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
https://prebid.a-mo.net/setuid/magnite?uid=LS1PJ50K-J-201M

0
451 B

1034ms
195ms

Image
text/plain

131.153.206.100
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/magnite?uid=LS1PJ50K-J-201M
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_n-sharethrough_smrt_rbd_n-baidu&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Server: 131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:42 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid.a-mo.net/setuid/magnite?uid=LS1PJ50K-J-201M
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: beb52df1a5a4b2f2cb3f37642c514298
Expires: 0

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 7C3B
Redirect Chain

https://token.rubiconproject.com/token?pid=37556&a=1
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LS1PJ50K-J-201M
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LS1PJ50K-J-201M

95 B
427 B

48ms
46ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LS1PJ50K-J-201M

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_n-sharethrough_smrt_rbd_n-baidu&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:41 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Wed, 31 Jan 2024 11:31:41 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LS1PJ50K-J-201M
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
capi.connatix.com/us/ Frame 7C3B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=19564
https://capi.connatix.com/us/pixel?puid=LS1PJ50K-J-201M&pId=11&gdpr=&gdpr_consent=&us_privacy=
https://capi.connatix.com/us/pixel?puid=LS1PJ50K-J-201M&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

82 B
82 B

129ms
127ms

Image
image/gif

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/us/pixel?puid=LS1PJ50K-J-201M&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by: Host: genshin-leak.com
URL: https://genshin-leak.com/
Protocol: H2
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 84e1a13b0e11af82-NRT
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 31 Jan 2024 11:31:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
location: https://capi.connatix.com/us/pixel?puid=LS1PJ50K-J-201M&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 84e1a13a3cdaaf82-NRT
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2

200

setuid
ib.adnxs.com/prebid/ Frame 7C3B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LS1PJ50K-J-201M

43 B
1 KB

537ms
109ms

Image
image/gif

103.43.90.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LS1PJ50K-J-201M

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_n-sharethrough_smrt_rbd_n-baidu&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

Server

103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 11:31:42 GMT
an-x-request-uuid: 130ce581-0c5f-4101-adb5-a5fc5cced0c4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 146.70.201.202; 146.70.201.202; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LS1PJ50K-J-201M
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d335433bbbe0efeac67146df47932f6f
Expires: 0

GET
H2

200

cksync
hb.yahoo.net/ Frame 7C3B
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LS1PJ50K-J-201M&redir=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LS1PJ50K-J-201M&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1taE9YT1cxRTJ1RUxmeUpaN21vUEZVbXVjOF9yaFlqQn5B&ovsid=LS1PJ50K-J-201M&dpid=58160

57 B
648 B

113ms
30ms

Image
image/gif

23.192.45.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS1taE9YT1cxRTJ1RUxmeUpaN21vUEZVbXVjOF9yaFlqQn5B&ovsid=LS1PJ50K-J-201M&dpid=58160

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Server

23.192.45.98 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-192-45-98.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Wed, 31 Jan 2024 11:31:42 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Wed, 31 Jan 2024 11:31:42 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1taE9YT1cxRTJ1RUxmeUpaN21vUEZVbXVjOF9yaFlqQn5B&ovsid=LS1PJ50K-J-201M&dpid=58160
date: Wed, 31 Jan 2024 11:31:42 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 7C3B
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=c12f94d5-d22e-42dc-871a-371f6e20950c&expires=30

42 B
871 B

158ms
157ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=c12f94d5-d22e-42dc-871a-371f6e20950c&expires=30
Requested by: Host: genshin-leak.com
URL: https://genshin-leak.com/
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 550b0c1400f70e56269f7c1848fb3166
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=c12f94d5-d22e-42dc-871a-371f6e20950c&expires=30
Date: Wed, 31 Jan 2024 11:31:42 GMT
Connection: keep-alive
X-CI-RTID: 3b5b4d35-5d3b-4277-95b6-98d83478f996
Content-Length: 144
Content-Type: text/html; charset=utf-8

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9023 42 B
174 B 46ms
45ms Fetch
image/gif 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnp5_sYMdFoXoE_8KvUEQYnSBInHqgTxVwceikW-76a__O0xHjtASJfSMIei_i3_MuDGo_Ru2tCMFJOvzzbhhJE9GvPV5VjsGzWA5FMl3X-9727WpmDSLAIrfsbaMnaDOgQ0zzBFnXF9rf-yUp5t8Ydmyp&sig=Cg0ArKJSzFt0qoSMzin_EAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3909960419&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170670070000&rst=1706700699847&rpt=397&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 11:31:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ae46b1f460ee46f789c27b264a6cb421-9-768x432.png
genshin-leak.com/wp-content/uploads/2024/01/ 53 KB
53 KB 9ms
7ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2024/01/ae46b1f460ee46f789c27b264a6cb421-9-768x432.png
Requested by: Host: genshin-leak.com
URL: https://genshin-leak.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: 9768abf86debff5fd077b1080d6f8ef3237d7000a81752556c727d4ab14429c1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:43 GMT
last-modified: Sat, 27 Jan 2024 14:52:46 GMT
server: nginx
etag: "65b518be-d274"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 53876
expires: Sun, 31 Mar 2024 11:31:43 GMT

GET
H2 200 gfggfsf-640x360.jpg
genshin-leak.com/wp-content/uploads/2024/01/ 4 KB
4 KB 12ms
11ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2024/01/gfggfsf-640x360.jpg
Requested by: Host: genshin-leak.com
URL: https://genshin-leak.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: dd22a6ef345434cec2be92f55c4f967c2b0396462b8a7bfa4c93896b1157cb66

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:43 GMT
last-modified: Sat, 27 Jan 2024 16:50:37 GMT
server: nginx
etag: "65b5345d-110e"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 4366
expires: Sun, 31 Mar 2024 11:31:43 GMT

GET
H2 200 gfdfdddddd-640x360.webp
genshin-leak.com/wp-content/uploads/2024/01/ 28 KB
28 KB 13ms
12ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://genshin-leak.com/wp-content/uploads/2024/01/gfdfdddddd-640x360.webp

Requested by

Host: genshin-leak.com
URL: https://genshin-leak.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

035da22ce9de1220ba637fd8fd1dab2ec457a5bb4a458ee08966db6e06579406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:43 GMT
x-content-type-options: nosniff
x-debug-non-text: 1
content-length: 28636
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Sat, 27 Jan 2024 16:14:33 GMT
server: nginx
vary: Accept-Encoding,User-Agent
content-type: image/webp
cache-control: max-age=1
x-pst-nginx-cache: MISS
x-debug-too-large: 0
x-debug-donot-cache: 0
x-upstream-content-length: 28636
accept-ranges: bytes
expires: Wed, 31 Jan 2024 11:31:44 GMT

GET
H2 200 9c5a6a34fc45b6230ed23bf4ee37a4b7-640x360.jpg
genshin-leak.com/wp-content/uploads/2022/09/ 16 KB
16 KB 8ms
7ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2022/09/9c5a6a34fc45b6230ed23bf4ee37a4b7-640x360.jpg
Requested by: Host: genshin-leak.com
URL: https://genshin-leak.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: c9ce3161fe47d04081561dff4f5c54bb6afec120425a606d7446f484ab88c74d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:43 GMT
last-modified: Thu, 29 Sep 2022 08:13:27 GMT
server: nginx
etag: "633553a7-3e76"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 15990
expires: Sun, 31 Mar 2024 11:31:43 GMT

GET
H2 200 Genshin-Impact-Chiori-1-1-640x360.jpg
genshin-leak.com/wp-content/uploads/2024/01/ 18 KB
18 KB 11ms
10ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2024/01/Genshin-Impact-Chiori-1-1-640x360.jpg
Requested by: Host: genshin-leak.com
URL: https://genshin-leak.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: b0de415378581336105f6fb93dbf3a81ec45cca6afdfdd3f5c8f17efb26161fe

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:43 GMT
last-modified: Fri, 05 Jan 2024 19:48:55 GMT
server: nginx
etag: "65985d27-46e4"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 18148
expires: Sun, 31 Mar 2024 11:31:43 GMT

GET
H2 200 GA0xWCJaQAAV8lf-640x360.jpg
genshin-leak.com/wp-content/uploads/2024/01/ 28 KB
29 KB 12ms
11ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2024/01/GA0xWCJaQAAV8lf-640x360.jpg
Requested by: Host: genshin-leak.com
URL: https://genshin-leak.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: 40169ff519e0be79ba32fecb0d3c23aee04f395d6b30263320ff38f915836015

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:43 GMT
last-modified: Sat, 13 Jan 2024 16:56:00 GMT
server: nginx
etag: "65a2c0a0-713a"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 28986
expires: Sun, 31 Mar 2024 11:31:43 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame F8DB 870 B
660 B 109ms
99ms Fetch
application/json 104.244.42.136

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=ba2a0c504f886846786f09113f2030294fc640fa

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fgenshin-leak.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 -, , ASN (),

Reverse DNS

Software

tsa_m /

Resource Hash

8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time: 96
date: Wed, 31 Jan 2024 11:31:42 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Wed, 31 Jan 2024 11:31:43 GMT
server: tsa_m
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 1885725a4361fb2e
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7469935968
x-connection-hash: 8cbbf1e348d9313e358c99b223bd69a4c5dc253e37da6fb11dca33cf4ae9e489
content-length: 338

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 53ms
53ms XHR
application/json 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240124&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js?bust=31080743

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdbbfe994439ea81e4d9d24ec1b91200bac86c555920304e6e7f62dcaa8235e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12057
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 549A 14 KB
6 KB 14ms
4ms Document
text/html 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=genshin-leak.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

b55ae315a560d7a64689db2b74fb981aaaed1b88f492e7f563e3b32283772bf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://genshin-leak.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 11:31:43 GMT
server: Kestrel
server-processing-duration-in-ticks: 305754
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 38ms
38ms Image
image/gif 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=genshin-leak.com&doc=complete&pg_h=4430&pg_w=1600&pg_hs=4430&c=3&aa_c=0&av_h=186.333&av_w=912&av_a=129760&s=70&all_s=70&b=3151.703&all_b=3151.703&d=0.126&all_d=0.126&ard=0.055&all_ard=0.055&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 11:31:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 549A
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=genshin-leak.com&sn=ChromeSyncframe&so=0&topUrl=genshin-leak.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=aliXU3xqcnErNkVqNVNpU3pNRGgweXp0YXZmM2Z1ektlUzhRdFc4MWxhZ2xOYlFBMTlZNDNTY2prV09iYjl1MjBQcUtmR09ENHI0TS9oSGZWWDA3WjJ1L3o5MzFRaFFPeHpscmJtVXJCQ3ZZbDltdjU4UzZjTmR3cTcvS2...

463 B
689 B

22ms
4ms

Fetch
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=aliXU3xqcnErNkVqNVNpU3pNRGgweXp0YXZmM2Z1ektlUzhRdFc4MWxhZ2xOYlFBMTlZNDNTY2prV09iYjl1MjBQcUtmR09ENHI0TS9oSGZWWDA3WjJ1L3o5MzFRaFFPeHpscmJtVXJCQ3ZZbDltdjU4UzZjTmR3cTcvS2FTd0s1Sngra0V4NEJ2NkJlZzFpYy9hNEtnTnJnNENreVFTN2RwcTQ5eTdwK1hMaWJmT1J6V2dQcHdEamMzajNGMnVTdEl2NzRWNzkyaGsyV2YzVG5NdkIzQ3Z2TmlTVUdSOXY1aElCUHdpVjlNNFRhUnRaeHBjT3RaT095SVovUzI1M3F5bVVzQ2IvMmhJSnpHcVNrUHN1d1k5cm5YcXc4Tk9YbFpLZUpKWnR3Sks3b1dTMD18&cppv=2

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

98963253cf8167ce246773d8c6d144cc380d09982dffa3b07ee453a916d0f536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 11:31:42 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1691217
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 31 Jan 2024 11:31:43 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=aliXU3xqcnErNkVqNVNpU3pNRGgweXp0YXZmM2Z1ektlUzhRdFc4MWxhZ2xOYlFBMTlZNDNTY2prV09iYjl1MjBQcUtmR09ENHI0TS9oSGZWWDA3WjJ1L3o5MzFRaFFPeHpscmJtVXJCQ3ZZbDltdjU4UzZjTmR3cTcvS2FTd0s1Sngra0V4NEJ2NkJlZzFpYy9hNEtnTnJnNENreVFTN2RwcTQ5eTdwK1hMaWJmT1J6V2dQcHdEamMzajNGMnVTdEl2NzRWNzkyaGsyV2YzVG5NdkIzQ3Z2TmlTVUdSOXY1aElCUHdpVjlNNFRhUnRaeHBjT3RaT095SVovUzI1M3F5bVVzQ2IvMmhJSnpHcVNrUHN1d1k5cm5YcXc4Tk9YbFpLZUpKWnR3Sks3b1dTMD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 297871
content-length: 0
expires: 0

GET
H2 200 GA0xWCJaQAAV8lf-640x360.jpg
genshin-leak.com/wp-content/uploads/2024/01/ 28 KB
29 KB 9ms
6ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2024/01/GA0xWCJaQAAV8lf-640x360.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: 40169ff519e0be79ba32fecb0d3c23aee04f395d6b30263320ff38f915836015

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:43 GMT
last-modified: Sat, 13 Jan 2024 16:56:00 GMT
server: nginx
etag: "65a2c0a0-713a"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 28986
expires: Sun, 31 Mar 2024 11:31:43 GMT

GET
H2 200 chiori-640x360.jpg
genshin-leak.com/wp-content/uploads/2024/01/ 19 KB
20 KB 12ms
9ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2024/01/chiori-640x360.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: 8b9e28b9db6c1712b979dc891aa94760790ae2e028fb4bb36680bdaa0ac1136b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:43 GMT
last-modified: Tue, 30 Jan 2024 15:34:45 GMT
server: nginx
etag: "65b91715-4ddc"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 19932
expires: Sun, 31 Mar 2024 11:31:43 GMT

GET
H2 200 image-640x360.webp
genshin-leak.com/wp-content/uploads/2024/01/ 36 KB
36 KB 18ms
16ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://genshin-leak.com/wp-content/uploads/2024/01/image-640x360.webp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www153.onamae.ne.jp

Software

nginx /

Resource Hash

f826cd090304196fd59af62cd00baea3112cec9ae76885f0dc0b7adcd678e516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:43 GMT
x-content-type-options: nosniff
x-debug-non-text: 1
content-length: 36782
x-xss-protection: 1; mode=block
x-signature-wexal: KUSANAGI
last-modified: Mon, 29 Jan 2024 12:56:44 GMT
server: nginx
vary: Accept-Encoding,User-Agent
content-type: image/webp
cache-control: max-age=1
x-pst-nginx-cache: MISS
x-debug-too-large: 0
x-debug-donot-cache: 0
x-upstream-content-length: 36782
accept-ranges: bytes
expires: Wed, 31 Jan 2024 11:31:44 GMT

GET
H2 200 GEBt0LFakAA4BxB-640x360.jpg
genshin-leak.com/wp-content/uploads/2024/01/ 46 KB
46 KB 12ms
10ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2024/01/GEBt0LFakAA4BxB-640x360.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: 8dcb7c6f7c0a10aa3c6a10e8cb9e34832aa7b3f729c6b36ef1b08532d3d27291

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:43 GMT
last-modified: Fri, 19 Jan 2024 14:02:31 GMT
server: nginx
etag: "65aa80f7-b7f0"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 47088
expires: Sun, 31 Mar 2024 11:31:43 GMT

GET
H2 200 8647ca670e81c100b94a5caf713a1118-640x360.jpg
genshin-leak.com/wp-content/uploads/2024/01/ 27 KB
27 KB 13ms
11ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2024/01/8647ca670e81c100b94a5caf713a1118-640x360.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: 8c028ae3a8f1e2c6d35ae9660f4f777f6cf0317bcc25aa94b52cc86f4c9a56b8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:43 GMT
last-modified: Sat, 27 Jan 2024 15:20:12 GMT
server: nginx
etag: "65b51f2c-6c10"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 27664
expires: Sun, 31 Mar 2024 11:31:43 GMT

GET
H2 200 FqwG903acAIPU0X-640x360.jpg
genshin-leak.com/wp-content/uploads/2024/01/ 9 KB
9 KB 14ms
12ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2024/01/FqwG903acAIPU0X-640x360.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: b62a43859fc6ed44a2a3ebbebd1b814af159f6f84cf02c3940580516757a8715

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:43 GMT
last-modified: Mon, 29 Jan 2024 03:13:28 GMT
server: nginx
etag: "65b717d8-225e"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 8798
expires: Sun, 31 Mar 2024 11:31:43 GMT

GET
H2 200 ae46b1f460ee46f789c27b264a6cb421-10-640x360.jpg
genshin-leak.com/wp-content/uploads/2024/01/ 48 KB
48 KB 14ms
13ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2024/01/ae46b1f460ee46f789c27b264a6cb421-10-640x360.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: 70f3598dfcef4c758a897287d6669c96f45b10789b510d7ab238e02f6762240b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:43 GMT
last-modified: Sun, 28 Jan 2024 21:00:46 GMT
server: nginx
etag: "65b6c07e-be20"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 48672
expires: Sun, 31 Mar 2024 11:31:43 GMT

GET
H2 200 ae46b1f460ee46f789c27b264a6cb421-9-768x432.png
genshin-leak.com/wp-content/uploads/2024/01/ 53 KB
53 KB 16ms
14ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2024/01/ae46b1f460ee46f789c27b264a6cb421-9-768x432.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: 9768abf86debff5fd077b1080d6f8ef3237d7000a81752556c727d4ab14429c1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:43 GMT
last-modified: Sat, 27 Jan 2024 14:52:46 GMT
server: nginx
etag: "65b518be-d274"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 53876
expires: Sun, 31 Mar 2024 11:31:43 GMT

GET
H2 200 gfggfsf-640x360.jpg
genshin-leak.com/wp-content/uploads/2024/01/ 4 KB
4 KB 16ms
15ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2024/01/gfggfsf-640x360.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: dd22a6ef345434cec2be92f55c4f967c2b0396462b8a7bfa4c93896b1157cb66

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:43 GMT
last-modified: Sat, 27 Jan 2024 16:50:37 GMT
server: nginx
etag: "65b5345d-110e"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 4366
expires: Sun, 31 Mar 2024 11:31:43 GMT

GET
H2 200 gfggfsf-240x135.jpg
genshin-leak.com/wp-content/uploads/2024/01/ 1 KB
1 KB 16ms
15ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2024/01/gfggfsf-240x135.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: e27e37aeca1350fd2a11043ec4f36d66b38c3456748c7829109766aeb3c55001

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:43 GMT
last-modified: Sat, 27 Jan 2024 16:50:37 GMT
server: nginx
etag: "65b5345d-42e"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1070
expires: Sun, 31 Mar 2024 11:31:43 GMT

GET
H2 200 jhhgjjhgfjhffjjj-240x135.jpg
genshin-leak.com/wp-content/uploads/2023/12/ 4 KB
4 KB 16ms
15ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2023/12/jhhgjjhgfjhffjjj-240x135.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: 768720f9e7ebf3774c629dfab1fdbd0dc36bb93720d4780aebbb31c2f619f691

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:43 GMT
last-modified: Fri, 29 Dec 2023 02:03:17 GMT
server: nginx
etag: "658e28e5-1038"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 4152
expires: Sun, 31 Mar 2024 11:31:43 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 71ms
70ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js?bust=31080743

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 31 Jan 2024 11:31:43 GMT

GET
H/1.1 200
OK button.856debeac157d9669cf51e73a08fbc93.js Show response
platform.twitter.com/js/ 8 KB
3 KB 3ms
3ms Script
application/javascript 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/73A4) /
Resource Hash: 426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 11:31:43 GMT
Content-Encoding: gzip
Age: 4385410
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2620
Last-Modified: Mon, 11 Dec 2023 17:19:47 GMT
Server: ECS (tkb/73A4)
Etag: "fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 47ms
46ms Ping
image/gif 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~ls1pj3ib&c=980706753001410&e=31079957%2C31080756%2C44807747%2C31061691%2C31061693&ctx=1&met.3=164.sd_1~165.sc_2~164.se~165.se_1~247.sf~248.sf~164.sg~165.sf_1~247.sg~247.sh~248.sh~164.sh~165.sh~247.sh~248.sh~164.sh~165.sh_1~164.si~165.sh~166.rx_w~1001.ss_1__1~164.su~165.ss_2~166.sz_2~166.t1_3~166.t5_2~166.t7_2~166.tc_3~166.tk_4~1032.11o~326.11t_2~832.11v~868.11v~216.11o_8~215.11o_8~843.11m_a~889.121~639.12c~1032.12m~326.12n~832.12o~868.12o~216.12m_2~215.12m_2~889.12p~639.12x~1032.138~326.138~832.139~868.139~216.137_2~215.137_2~889.13a~639.13t~1032.14c~326.14d~832.14d~868.14d~216.14c_2~215.14c_2~889.14f~639.14n~947.14y~86.14z~947.14z~1.14z_1~1.14z~90.150~88.150~88.150~89.150~90.150~88.150~88.150~89.150~74.150_2~44.152~947.152~43.152~74.153~44.153~947.153~43.153~947.153~6.153~947.153~14.153~947.153~5.153~91.153~947.153~573.154~598.154~54.154~598.154~54.154~947.157~947.157~573.157~54.157~598.157~54.157~598.157~54.157~947.15d~574.15d~598.15d~598.15d~76.153_f~947.15k~573.15k~598.15k~54.15k~598.15k~54.15k~947.15k~38.15k~51.15l~49.15l~49.15l~51.15l~49.15l~49.15l~76.15k_1~95.15o_1~95.15p~95.15p~95.15p~947.15p~1.15p~947.15p~1.15p~77.14y_r~724.15q~724.15q_1~724.15s~724.15s~894.15v~112.15x_2~1032.17f~326.17i~832.17i~868.17i~216.17f_3~215.17f_3~889.17j~639.17p~1032.189~326.189~832.189~868.189~216.189_1~215.189_1~889.18c~639.18h~1032.18n~326.18n~832.18n~868.18n~216.18n_1~215.18n_1~889.190~639.191&met.9=1.yh~2.14r&met.7=CBsQCMABt9mYmgs~CAEQChgBILsGKLsGML0HOIIBUL8GWOcGYMAGaOgGcLMHeLiTA4ABjJEDiAHblgmwAQG4AQPAAd6Ov5sB~CBsQCiC7BjjeAsABkqDbnw8~CDsQChgBILsGKLsGMNYHOJsBUN4GWIgHYN8GaIkHcNMHePDoAYABxOYBiAHGiwawAQG4AQPAAeLN6pYJ~CBsQByC7BjgewAGi6JzrDQ~CBsQByC7BjgiwAGP9uOgCg~CBsQByC7BjgdwAG_4462Dg~CBsQByC7BjgZwAHRzK2mDw~CBsQByC8BjgQwAGtlNSoDg~CBsQByC8BjgYwAHUuufODQ~CBsQByC8BjgYwAGa6rrfBQ~CBsQByC8BjgYwAG5g-CLBg~CBsQByC8BjgYwAGN0ePFDA~CBsQByC8BjgYwAHuta1B~CBsQByC8BjgZwAHsrOebCQ~CBsQByC8BjgawAH-8rCnDw~CBsQByC8BjgawAGCwJyAAw~CBsQByC8BjgPwAGftsaaCg~CBsQByC8BjgawAGuhJ12~CBsQByC8BjgawAHF8c7sCw~CBsQByDVBjgXwAGLw8IM~CBsQByDVBjgXwAGWhICdBA~CBsQChgBINUGKNUGMIkHODRQ2QZYggdg2gZogwdwiAd4qPUBgAH88gGIAcC8BbABAbgBA8ABpbffOQ~CBsQCiDVBjgUwAG4uObWCw~CBsQCiDVBjgXwAH9zryZBg~CBsQCiDVBjgYwAHa44eFCQ~CBsQCiDVBjgKwAHC1Mn5DQ~CBsQCiDaBjg6wAGD0JfkBA~CBsQCiDaBjiDAcABluSn1AM~CBsQCiDaBjgQwAHd0suSBA~CBsQCiDaBjgVwAGXr_ftBg~CBsQCiDaBjgVwAH08-PgAg~CBsQCiDaBjgVwAGByeKCAw~CBsQCiDaBjgWwAHWgqvDBQ~CBsQCiDbBjgWwAH_qLHEAw~CBsQCiDbBjgWwAHT6ZrPDQ~CBsQCiDbBjgWwAG0-b_CBQ~CBsQCiDbBjgXwAHB1PuTDA~CBsQCiDbBjgYwAH5y5KAAg~CBsQCiDbBjgXwAHupeSGDA~CBsQCiDbBjgTwAG9uq7iAw~CBsQCiDbBjgUwAHKo_36AQ~CBsQCiDbBjgSwAHAy9mmBg~CBsQChgBINsGKNsGMLYHOFvAAdWLvZIM~CBsQCiDbBjgTwAG72bKjCQ~CBsQCiDbBjgYwAGG_s_eCg~CBsQCiDbBjgYwAHlmrSzBA~CAEQChgBINsGKNsGMMgHOGxQ3QZYgwdg3gZogwdwvAd4sJMDgAGEkQOIAcmWCbABAbgBA8AB3o6_mwE~CBsQAiD_BjgLwAGAnvaXBw~CAMQChgBIPsHKPsHMLsJOMEBaPwHcMQIeOHOCIABtcwIiAGorBmwAQG4AQPAAeLumq0G~CCgQBRgBIIwIKIwIMJMIOAdokAhwkgh4nSOAAfEgiAH-R7ABAbgBA8ABor6ikgI~CBsQDSDMCTg5wAHjqP_QBA~CEMQChgBINoJKNoJMOEJOAdo2wlw3Al4icQIgAHdwQiIAZqhG7ABAbgBA8AB16Gv3AY~CBsQCiDcCTgdwAGH0_WlDQ~CBsQAiD9CTgEwAGUlMXkCQ~CBsQAiCSCjgHwAH568BU~CBsQChgBIJ0KKJ0KMNEKODTAAb-j19cK~CBsQBiC_CjgWwAHN4tb1Ag~CBsQBiDACjgKwAHa8buoAg~CBsQBiDACjgOwAHwlsnTBQ~CBsQBiDACjgQwAHEk9X1CQ~CBsQBiDACjgQwAHAoNjPAg~CBsQBiDACjgRwAH5i4WyBA~CBsQBiDACjgWwAG4kNWmDw~CBsQBiDACjgXwAHPpKnnDQ~CBsQBiDACjgXwAGMm6vzAw~CBsQBiDACjgMwAGs1q63DQ~CBsQDSDDCjh_wAHdpZz5Cg~CBwQChgBINIKKNIKMNkKOAdo0wpw2Ap4ya8BgAGdrQGIAe_CA7ABAbgBA8ABlITZ4ws~CBsQCiCoCzgmwAGf6Oe0CA~CBsQDSCqCzgEwAHc16HUDA~CBsQDSCqCzgRwAGDwojKCw~CBkQChgBIN4LKN4LMOILOARo3gtw4Qt4_cIBgAHRwAGIAc2FBLABAbgBA8ABlN3A2AU~CBsQCiDkCzgZwAHZ7qPBCQ~CBsQDSCXDDgOwAHdpZz5Cg~CAUQBRgBIPMKKPMKMLoMOMcBaPQKcLkMeMoFgAGeA4gB3gawAQG4AQPAAZDHsvAI~CBsQDSDVCziJAcAB88ekNw~CAUQBRgBIN4KKN4KMMgMOOoBaN8KcMcMeMkFgAGdA4gB3gawAQG4AQPAAZDHsvAI~CBsQDSDcCzjHAcABw5PWmgE~CBsQDSDWCzj6AcABofTsmAg~CAUQBRgBINUMKNUMMLANOFto1gxwrw14hhKAAdoPiAHhsgGwAQG4AQPAAZDHsvAI~CAUQBRgBIIgLKIgLMLsNOLQCaIgLcLsNeMkFgAGdA4gB3gawAQG4AQPAAZDHsvAI~CBsQBRgBIPULKPULMLAOOLwCwAH7vKLmAQ~CAUQBRgBIL0MKL0MMOgNOKsBaL4McOcNeMkFgAGdA4gB3gawAQG4AQPAAZDHsvAI~CBwQBhgBIIEOKIEOMKwOOCtogw5wqw54rAKwAQG4AQPAAZSE4rUO~CEAQChgBIN8NKN8NMO0OOI4BUOENWIkOYOMNaIkOcN8OeKjfA4AB_NwDiAGptguwAQG4AQPAAejD07QG~CBsQDSDVCziyA8ABsMqo2A8~CAUQBRgBIKEMKKEMMPIOONECaKIMcPEOeMoFgAGeA4gB3gawAQG4AQPAAZDHsvAI~CAUQBRgBILELKLELMPYOOMYDaLILcPYOeMsFgAGfA4gB3gawAQG4AQPAAZDHsvAI~CD8QChgBIP8OKP8OMOIPOGJogA9w4Q94-Q2AAc0LiAG4FrABAbgBA8AB3dLOqg0~CBsQDSDwDzgNwAHdpZz5Cg~CD8QChgBIPoPKPoPML0QOENo-g9wuxB41ieAAaoliAHXUrABAbgBA8AB1L-GiAs~CBsQBRgBIKgPKKgPMM4QOKYBUPEPWJ0QYPIPaJ4QcM0QeIkXgAHdFIgBkjCwAQG4AQPAAaOCvJQC~CA8QBBgBIKUPKKUPMIUSOOACaKYPcIASeMxsgAGgaogBq4UCsAEBuAEDwAG_3prrBg~CBsQDSDcDDixBsABlvr1ugo~CBsQBRgBIKoSKKoSMOQTOLsBaK0ScOMTeIkXgAHdFIgBkjCwAQG4AQPAAaOCvJQC~CBkQChgBIM4VKM4VMNEVOANozxVw0RV4_cIBgAHRwAGIAc2FBLABAbgBA8ABlN3A2AU~CD8QChgBIM4VKM4VMP8VODHAAavcyL0K~CD8QDRgBINYVKNYVMKgWOFLAAfOUobYN~CD8QDRgBIM8VKM8VMK0WOF3AAfOUobYN~CD8QDRgBIIAWKIAWMLIWODPAAfOUobYN~CD8QDRgBIIAWKIAWMLMWODPAAfOUobYN~CD8QChgBIIEWKIEWMMAWOD9oghZwvxZ4xw-AAZsNiAGTGrABAbgBA8ABkPS4nQs~CD8QDRgBIMkWKMkWMPgWOC_AAazy5PMN~CD8QDRgBIMwWKMwWMPkWOC3AAfOUobYN~CBsQCiDHGzgVwAHt9PiCBw~CBsQDSDiGzgSwAHt9PiCBw~CBsQBSCpDTiiFMABlMyh2Ao~CBsQBiDOLTgLwAHd7puOAQ~CBsQBiDOLTgLwAGI07iaDA~CBsQBiDOLTgMwAGf_49i~CBsQBiDOLTgMwAHct8bWDw~CBsQBiDOLTgNwAHfh_iWBQ~CBsQBiDOLTgOwAH8nLu4Dg~CBsQCDidMcABt9mYmgs~CBsQBSDsCTirJ8ABifL9nQc~CBsQBSCcMTghwAGh2_b2AQ~CBsQBiC3MTgLwAHfh_iWBQ~CBsQBiC3MTgNwAHAoNjPAg~CBsQBiC3MTgOwAH5i4WyBA~CBsQBiC3MTgPwAHPpKnnDQ~CBsQBiC3MTgPwAGMm6vzAw~CBsQBiC3MTgRwAGs1q63DQ~CBsQBiC3MTgUwAG4kNWmDw~CBsQBiC3MTgUwAHd7puOAQ~CBsQBiC5MTgSwAGf_49i~CBsQBiC5MTgSwAGJ-_ngDw~CBsQBiC5MTgTwAHNopyPDg~CBwQBhgBIKcxKKcxMM4xOCdopzFwzTF4rAKwAQG4AQPAAZSE4rUO~CCcQDRgBIJkxKJkxMM8xODZomjFwzzF4xWCAAZleiAHqfLABAbgBA8AB8_LLrgs~CCcQChgBINExKNExMJgyOEfAAeLBm9oF&met.10=1_1.CAAQABiAmHUg6AsoAA~1_2.CAAQABiAmHUg6AsoAQ&met.1=1.ls1pj2cd~6.3f~7.3i~8.3i~9.3i~10.3t~11.3k~12.3t~13.mw~14.n4~15.my~16.qh~17.10w~18.10x~19.4uw~20.4uw~21.4v1~22.pp~23.pp&qqid.2=CKa6ucfDh4QDFU2C6QUdqUsP7Q
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240124/r20110914/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 11:31:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 95DA 13 KB
5 KB 3ms
2ms Document
text/html 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://genshin-leak.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 354016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 09:11:28 GMT
expires: Sun, 26 Jan 2025 09:11:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B027 829 B
559 B 40ms
40ms Document
text/html 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ffe663e13b2e116f78823b615f3d9c491dee753e52287396c8a5185f986630ea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-alWHImmg6gEXmZkBRqEOpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genshin-leak.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-alWHImmg6gEXmZkBRqEOpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 11:31:44 GMT
expires: Wed, 31 Jan 2024 11:31:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK follow_button.2f70fb173b9000da126c79afe2098f02.ja.html Show response
platform.twitter.com/widgets/ Frame 2747 38 KB
15 KB 2ms
2ms Document
text/html 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.2f70fb173b9000da126c79afe2098f02.ja.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/73A4) /
Resource Hash: c480c5fccc0edd127f84da8c42a26f9835596d6fd91743bea025445ea5860bee

Request headers

Referer: https://genshin-leak.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4385406
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 14249
Content-Type: text/html; charset=utf-8
Date: Wed, 31 Jan 2024 11:31:44 GMT
Etag: "c991f3ffcb9c7623e2755ad4e86921b5+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:47 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (tkb/73A4)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
150 B 98ms
98ms Image
image/gif 104.244.42.136

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fgenshin-leak.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22genshin_sokuhoo%22%2C%22widget_creator_screen_name%22%3A%22genshin_sokuhoo%22%2C%22language%22%3A%22ja%22%2C%22message%22%3A%22l%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1706700704024%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=ba2a0c504f886846786f09113f2030294fc640fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 -, , ASN (),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time: 95
date: Wed, 31 Jan 2024 11:31:43 GMT
strict-transport-security: max-age=631138519
last-modified: Wed, 31 Jan 2024 11:31:44 GMT
server: tsa_m
vary: Origin
content-type: image/gif
x-transaction-id: e4ef33ab9c54abe7
cache-control: must-revalidate, max-age=600
perf: 7469935968
x-connection-hash: 8cbbf1e348d9313e358c99b223bd69a4c5dc253e37da6fb11dca33cf4ae9e489
content-length: 43

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 95DA 39 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 02:38:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Jan 2025 02:38:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B027 0
0 46ms
46ms Image
text/html 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240124&jk=980706753001410&rc=05AEqpVBnHBfu6UGkez7Mr4OK6_j9_bYT01KUSC5GWU671ljy1ED9r3EmWAOw5qgwYS5llZSAV0ToKu85pvDDGZNeZlc7wcM-UcPDDQSVgp-ZxMhQkR2UX9rDhczQEMrNu90N6BQw4zQ5ALmG-llAcZB5_oZrf-COtFGCqflNCzsdmOvJettEmEMWBJNhHksL5aazC3oQUwA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 GB0UasTW4AAy_-J-240x135.jpg
genshin-leak.com/wp-content/uploads/2023/12/ 5 KB
5 KB 3ms
2ms Image
image/webp 118.27.100.23
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genshin-leak.com/wp-content/uploads/2023/12/GB0UasTW4AAy_-J-240x135.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.100.23 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: www153.onamae.ne.jp
Software: nginx /
Resource Hash: feda658ccca23ab245a3838d0abca6495c3380fc804585c0b07225ff1e1849fc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:44 GMT
last-modified: Wed, 20 Dec 2023 20:37:58 GMT
server: nginx
etag: "658350a6-12ac"
vary: Accept
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 4780
expires: Sun, 31 Mar 2024 11:31:44 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 95DA 0
10 B 2ms
1ms Image
text/plain 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?txvo7w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 11:31:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 47ms
47ms Ping
image/gif 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~ls1pj3lj&ctx=0&met.3=112.195_1~168.19f~168.19f~168.19f~168.19f~168.19f_2~168.19f_2~168.19h~168.19h~168.19h~168.19h~168.19h~168.19h~168.19h~168.19h~168.19h~168.19h~168.19h~168.19l~168.19l~168.19l~168.19l~168.19l~168.19l~168.19l~168.19l~168.19l_3~168.19t~168.19t~168.19t~168.19t~168.19t~168.19t~168.19t~168.19t_1~168.19t_1~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19z~168.19z~168.19z~168.19z~168.19z~168.19z~168.19z~168.19z~168.19z~168.19z~168.19z~168.19z~168.19z~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a0~168.1a1~168.1a1~168.1a1~168.1a1~168.1a1~947.1b9~38.1b9~947.1b9~573.1b9~598.1b9~54.1b9~598.1b9~54.1b9~51.1b9~51.1b9~49.1b9~49.1b9~51.1ba~51.1ba~49.1ba~49.1ba~947.1bb~86.1bb~76.1bb~947.1bb~38.1bb~947.1bb~573.1bb~598.1bb~54.1bb~598.1bb~54.1bb~51.1bb~51.1bb~51.1bb~51.1bb~76.1bb_1~993.1cz_3__2~992.1d3__2~994.1d3__2~991.1cy_5__2~1073.1d3__2~990.1cs_b__2~353.1cq_d~947.1d3~573.1d3~598.1d3~598.1d3~453.1d3_1~947.1d4~573.1d4~598.1d4~598.1d4~453.1d4_1~947.1d5~573.1d5~598.1d5~598.1d5~453.1d5_1~947.1d6~573.1d6~598.1d6~598.1d6~453.1d6_1~947.1d7~573.1d7~598.1d7~598.1d7~454.1d7_1~947.1d8~573.1d8~598.1d8~598.1d8~454.1d8_1~947.1d9~573.1d9~598.1d9~598.1d9~454.1d9_1~947.1d9~573.1d9~598.1d9~598.1d9~453.1d9_1~947.1da~573.1da~598.1da~598.1da~753.1dc~168.1dz~168.1dz~168.1dz~168.1dz~168.1dz~168.1dz~168.1dz~168.1dz~168.1dz_2~168.1dz_2~168.1e0~168.1e0~168.1e0~168.1e0~168.1e0~168.1e0~168.1e0~168.1e0~168.1e0~168.1e0~168.1e0~168.1e0~168.1e0~168.1e0~168.1e0~168.1e0~168.1e1~168.1e1~168.1e1~168.1e1~168.1e1~168.1e1~168.1e1~168.1e1~168.1e1~168.1e1~168.1e1~168.1e1~168.1e1~168.1e1~168.1e1~168.1e1~168.1e1~168.1e1~168.1e1~168.1e1~168.1e1~168.1e1~168.1e1~168.1e1~168.1e1~168.1e1~168.1ex~168.1ex~168.1ex~168.1ex~168.1ex~168.1ex~168.1ex~168.1ex~168.1ex~168.1ex~168.1ex~168.1ex~168.1ex~168.1ex~168.1ex~168.1ex~168.1ex~168.1ex~168.1ex~168.1ex~168.1ex_1~168.1ex_1~168.1ey~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~168.1ez~947.1hx~947.1hy~947.1hy~573.1hy~54.1hy~598.1hy~54.1hy~598.1hy~649.1hy~947.1hy~573.1hy~54.1hy~598.1hy~54.1hy~598.1hy~598.1hy~649.1hy~947.1hy~11.1hz_1~76.1hx_2~725.1i0~725.1i0~894.1i1~1132.1i5_8~808.1id~808.1ie~598.1ie~579.1ie~596.1ie~591.1ie~581.1ie~583.1ie~705.1ie_1~168.1j5~168.1j5~168.1j6~168.1j6~168.1j6~168.1j6~168.1j6~168.1j6~168.1j6~168.1j6~168.1j6~168.1j6~168.1j6~168.1j6~168.1j6~168.1j6~168.1j6_1~168.1j6_1~168.1j7~168.1j7~168.1j7~168.1j7~168.1j7~168.1j7~168.1j7~168.1j7~168.1j7~168.1j7~168.1j7~168.1j7~168.1j7~168.1j7~168.1j7~168.1j7~168.1j7~168.1j7~168.1j7~168.1j7~168.1j7~168.1j7~168.1j7~168.1j7~168.1j8~168.1j8~168.1j8~168.1j8~168.1j8~168.1j8~168.1j8~168.1j8~168.1j8~168.1j8~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1ja~168.1jb~168.1jb~168.1jb~168.1jb~168.1jb~168.1jb~168.1jb~168.1jb~168.1jb~168.1jb~168.1jb~168.1jb~168.1jb~168.1jb~168.1jb~168.1jb~168.1jb~646.1s8_3~800.1sc_1~800.1sd~800.1sd~800.1se~800.1se~647.1se_1~965.1sh_2~801.1td~801.1td~825.1td~355.1td~825.1td~598.1td~54.1td~708.1td~416.20l~680.20l~824.20l~824.20l~680.20p~824.20p~824.20p~413.20p~680.20p~824.20p~824.20p~680.221~415.24a~844.24b~844.24b~680.24b~824.24b~824.24c~783.24j~1121.24j&met.10=1_1.CAAQABgAIJgPKAA~1_2.CAAQABgAIJgPKAA~1_5.CAAQABiAmHUgxQ8oAA~1_6.CIDlCBCA5QgYgJh1IMUPKAE&met.9=9.0~3_6.1id~7_6.0~4_6.1s8~5_6.1sz~6_6.24b
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 11:31:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 41ms
40ms Image
text/html 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240124&jk=980706753001410&bg=!5Oel56jNAAa8BdJLnAU7ADQBe5WfOIWQKlXL81S-WOtvPJdQ2h_V55OLe0L1OZ6nC_xgimT3LKUFQVR88ryAoBjAaZ3fAgAAARlSAAAAAmgBBwoAl0Tos77j2I5ejcKU4Dk0ueBxHh9j6ezSPucQVUycbvoK6OlYkvWUrqQZWmMrzq7ck0p1kzN-GLZ9EOYPDLcLfpqAZND9Gfy_1sjw_sEgElsOA6dW_dWTTid1g1TiWISXC_WMRPFvs3fV1ApbQ_GgtTpxPRQacccJQuRHlIktTMNPZDETmyBcC6mw5cQkwCYeAjEvwxIhfMaZAq5HhaOdXSd664CKLGqY217ig69ml4L3N7TuWZ9VIPqqSKI6J6IA7ccsQQIk4bWCrDJcG3fCwloyHtvatNjM4oY2cBmYHWO29DLRcKdRJ1g2Vbm2fHeypZoJVmLwARs6R5sMKmij4PoqEuFFFLfmqO_RK9Tg-H3-LtzDKWiPtAQgUxlkOS7tge7wuL5x82nNwyeFAmzIMKUMB5wS7ZQK4Rd2HZpOATyN1i0u1-d1ClDcc4sxqxRc-ByHWWVkLlzmuaT74VfQHFJEVtR4H7zPHRJtDy7sO0HZu1xCPAcXB4C0VlJrQ0CphkO6pq2Wr0jq1psN6aBHCpOzOS_ti623rwHWd_65eTv-1YltBOkVwAWI9g9J6puys_AC9dHUcvOZybg6PjTnp8EalwtUkrZL9glqSDg-vPOlKj9R9EmsKmwkzhtpknV6jKnvoA0gN-I7XzyyEBJnW_v9_6aRWtb2jZ7MObpcnflGAsN8seM2WZcMUus53hDhuAmUfLmhVlf7kcYXhWCCHVVAeSshgfl8U3_07clTVjMjOa75ndh_6zlVb-L8vflYQccwHo2NHO0vBgCg_5pfxaer0QgLHmAmjVzftTc74LU_YBXaRHUi9QpeX2FoDE-Xa6XsgHkwfiOovGedLhDMtFbC9kLSP1kKrFHG5B6PVulohqcdAWu3PZuc5Bj2PTpM4rG8oxEA2Av5HxPO2iyfkRowrgxcuValqtpzccFcWplU4xsrK7nePWmM2MRSX35wR3rOrEndzEQJlCPfhEogcQi9RayQ519pp2p-6BTWHofb9exhCRngwZ1LqmJ6vqiteJf4Jsf_zERGdVV1SE8D-W2ECsKkBydJOKWJT-stF9kwn1db-sO_dbLsXakCrMqGMziiX_T9MoJ7f-0hWfyuSR4nJ683oulioA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 41ms
41ms Ping
image/gif 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=2~ls1pj7av&c=980706753001410&e=31079957%2C31080756%2C44807747%2C31061691%2C31061693&ctx=1&met.7=CBsQARgBIJoyKJoyMMoyODDAAaSg_KUH~CBsQCiCHMjgDwAHsx4T9CA~CCcQBRgBIJsyKJsyMJIzOHfAAZmVn6AL~CBsQBSD7MjgkwAHtmdbvDg~CBsQBRgBIJ4yKJ4yMKczOIkBwAHPxtriAQ~CBsQBiDNMzgDwAHa9e4a~CBsQBiD7MjhkwAGQuYjLCQ~CBsQARgBIOgzKOgzMJg0ODDAAaSg_KUH
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240124/r20110914/rum_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 11:31:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 37ms
37ms Ping
image/gif 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~ls1pj4he&ctx=0&met.3=112.251_1~94.4ux~947.4v9~573.4v9~598.4v9~598.4v9~113.4v7_3~113.4vb~113.4vb~680.4wp~680.4xz~680.526~680.52f
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://genshin-leak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 11:31:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 22:24:12	Name: _GRECAPTCHA Value: 09AEqpVBleQ9Z0omOe9Gmp7rc6MNLKHjFmR-6HSwfCcMAIGjkqzB5nrG7gyw0ZqmXfhUQ8deJ8N3Ce0NqUiR9KS94
genshin-leak.com/	1970-01-20 20:14:36	Name: _flux_dataharbor Value: 1
.genshin-leak.com/	1970-01-21 03:26:36	Name: __gads Value: ID=7305682edfb62e53:T=1706700698:RT=1706700698:S=ALNI_Mas9zBm1vvGVVlQveBh2j2q20vhrQ
.genshin-leak.com/	1970-01-21 03:26:36	Name: __gpi Value: UID=00000cf51a3d67c5:T=1706700698:RT=1706700698:S=ALNI_Ma9DhnNjsOtNH5Png1M2yyDKW247w
.genshin-leak.com/	1970-01-20 22:24:12	Name: __eoi Value: ID=5db5d448e0577264:T=1706700698:RT=1706700698:S=AA-AfjbcuEXAs2UCM0-CyHNIZdPH
.doubleclick.net/	1970-01-21 03:41:00	Name: IDE Value: AHWqTUlV493ba-SjoK2lLRHS0kTGhN0wo07u2jpYdM7G6riUoi2MOx2kWOhnlHdffVo
.doubleclick.net/	1970-01-20 18:05:01	Name: test_cookie Value: CheckForPermission
.send.microad.jp/	1970-01-20 20:14:36	Name: TR Value: cecf5c024c0b1db6be54dc74ffee846f
.amazon-adsystem.com/	1970-01-20 23:56:22	Name: ad-id Value: AxdBK2MiMESms6OdSTrekxg
.amazon-adsystem.com/	1970-01-21 03:41:00	Name: ad-privacy Value: 0
.bidr.io/	1970-01-21 03:33:30	Name: bito Value: AAIYn07LdF8AABRMThB01Q
.bidr.io/	1970-01-21 03:33:30	Name: bitoIsSecure Value: ok
.genshin-leak.com/	1970-01-21 02:50:36	Name: FCNEC Value: %5B%5B%22AKsRol-Tm2hqiAeLkG5yXrMkwfoN5a8h5T_lkFcUBlohTzTRL29AIbZ5QZwleEE81jiOEW2hVNb8zNTrrrobPe40-PXbDMBjr4WAqjQQPzpcsRS-oPzddVymGWeqzSiuqTW83HvThxJ_sp6ZQB-kXHtPjPChxkV7Pg%3D%3D%22%5D%5D
.smartadserver.com/	1970-01-21 03:35:15	Name: pid Value: 6608134191370834693
.mediago.io/	1970-01-21 02:50:36	Name: __mguid_ Value: 09dd4f7e85e7a988201aj600ls1pj4rx
.sharethrough.com/	1970-01-20 18:48:12	Name: stx_user_id Value: 9e6d962c-b3b2-4fbe-8ff9-f0814bb09b10
.adsrvr.org/	1970-01-21 02:52:03	Name: TDID Value: 288b79c4-ee13-40b7-8aa3-1052520177f6
.openx.net/	1970-01-21 02:50:36	Name: i Value: d23700b3-67d8-084e-280f-3c6edac21038\|1706700700
.rubiconproject.com/	1970-01-21 02:50:36	Name: khaos Value: LS1PJ50K-J-201M
.adsrvr.org/	1970-01-21 02:52:03	Name: TDCPM Value: CAESGwoMc2hhcmV0aHJvdWdoEgsIpL_7oseW0TwQBRIWCgdydWJpY29uEgsI9qXbpMeW0TwQBRgFIAIoAjILCOqW-8_dltE8EAU4AQ..
.yahoo.com/	1970-01-21 02:50:58	Name: A3 Value: d=AQABBJ0vumUCEDRDSNqEApWGrzOOUdtyiFYFEgEBAQGBu2XEZQAAAAAA_eMAAA&S=AQAAAlnCURjZ5OFiUAcrw9ld0-4
.rubiconproject.com/	1970-01-20 20:14:36	Name: receive-cookie-deprecation Value: 1
.bidswitch.net/	1970-01-21 02:50:36	Name: tuuid Value: 5708f775-8e41-4837-bcb7-8d7594360f46
.bidswitch.net/	1970-01-21 02:50:36	Name: c Value: 1706700701
.bidswitch.net/	1970-01-21 02:50:36	Name: tuuid_lu Value: 1706700701
.linkedin.com/	1970-01-21 02:50:36	Name: bcookie Value: "v=2&c33eadcb-309b-42c3-8a4f-df31ebef759a"
.linkedin.com/	1970-01-20 18:06:27	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=3077:u=1:x=1:i=1706700701:t=1706787101:v=2:sig=AQH4cNVAS3CbA28Po26KXXWpxA1dU4p9"
.tapad.com/	1970-01-20 19:31:24	Name: TapAd_TS Value: 1706700701649
.tapad.com/	1970-01-20 19:31:24	Name: TapAd_DID Value: 1819f9ea-dc6d-4f3b-b780-aed42eae0f62
.admixer.net/	1970-01-20 20:14:36	Name: am-uid Value: 25e7f08a74b84fbf94244e0eb5459202
.tapad.com/	1970-01-20 19:31:24	Name: TapAd_3WAY_SYNCS Value:
.connatix.com/	1970-01-20 18:48:12	Name: cnx_userId Value: 9f2e7b71af8c493b85343fadb3d8279f
.analytics.yahoo.com/	1970-01-21 02:50:36	Name: IDSYNC Value: "18vk~2ghn:19e0~2ghn"
.hb.yahoo.net/	1970-01-20 22:24:12	Name: visitor-id Value: 3497023021271433000V10
.hb.yahoo.net/	1970-01-21 02:50:36	Name: data-mag Value: LS1PJ50K-J-201M~~63
.adnxs.com/	1970-01-20 20:14:36	Name: anj Value: dTM7k!M40DF7/.XF']wIg2GTymt7B7!]tbP6j2F-.aDyjByG0>mcD(4cwy9GBPzS#fQC2*D/GmzG^=xQQEVk`!#qiW!ww@%
.adnxs.com/	1970-01-21 03:41:00	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:14:36	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxTMVBKNTBLLUotMjAxTSIsImV4cGlyZXMiOiIyMDI0LTA0LTMwVDExOjMxOjQyWiJ9fSwiYmlydGhkYXkiOiIyMDI0LTAxLTMxVDExOjMxOjQyWiJ9
.prebid.a-mo.net/	1970-01-20 18:06:27	Name: _sv3_7 Value: 1
.a-mo.net/	1970-01-21 02:50:36	Name: amuid2 Value: 411cbc32-a1b7-4d37-84c3-17ed93beb773
.prebid.a-mo.net/	1970-01-21 02:50:36	Name: sd_amuid2 Value: 411cbc32-a1b7-4d37-84c3-17ed93beb773
.ipredictive.com/	1970-01-21 02:50:36	Name: cu Value: c12f94d5-d22e-42dc-871a-371f6e20950c\|1706700702430
.rubiconproject.com/	1970-01-21 02:50:36	Name: audit Value: 1\|0cD0ZsO0c044ISMHZTOvkr550VEww/ykHA8AbIGMX2IRdwtRav1lhkIn7HLav1NMJhH1PxzmPKMiZ07GJqnMnujPGTiJ9gcmpmvllXEtYN4=
.criteo.com/	1970-01-21 03:26:36	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 03:26:36	Name: uid Value: 4d06f659-5cb7-4af0-81da-5cc981d8c44c
.genshin-leak.com/	1970-01-21 03:26:36	Name: cto_bundle Value: tsavQV9sZm5QdUZJdEl5RW1nYXgyT2gwMVFxdkpiRHZOQ3BkRWthUWM0ZE8wVmZ0JTJGYjBEWUxRRkRwRzZwNnFRdEl2ZzJyQiUyRmI3Q1kxR1ZSWkNmZGclMkYwUzBlcVpwZlkwaHFmJTJGMGthNCUyRmlwY3V2c2tZbkhLdEQ1cHUwd3dVWW40ZEpHQVV5eWxVd3clMkY1ZUlyeThEUVJyQ3dreVZTNVBiWlQlMkJsTnRnT1hJek1MWHRMayUzRA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.flux.jp
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
adtest.pages.dev
ajax.googleapis.com
audiencedata.im-apps.net
bidder.criteo.com
c.amazon-adsystem.com
capi.connatix.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
csi.gstatic.com
dmp.im-apps.net
eus.rubiconproject.com
f9c6ac6a6b38b1ab962817257fb65cfa.safeframe.googlesyndication.com
flux-cdn.com
fonts.gstatic.com
fundingchoicesmessages.google.com
genshin-leak.com
googleads.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
ib.adnxs.com
id5-sync.com
imp-adedge.i-mobile.co.jp
inv-nets.admixer.net
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mug.criteo.com
new-adtest.pages.dev
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.a-mo.net
px.ads.linkedin.com
s-rtb-pb.send.microad.jp
s.amazon-adsystem.com
securepubads.g.doubleclick.net
spimgv1.i-mobile.co.jp
spnativeapi-tls.i-mobile.co.jp
ssbsync-us.smartadserver.com
ssp-bidapi.i-mobile.co.jp
static.criteo.net
sync.ipredictive.com
syndication.twitter.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
u.openx.net
ups.analytics.yahoo.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
103.132.192.30
103.43.90.178
104.244.42.136
118.27.100.23
13.228.126.19
131.153.206.100
143.204.86.33
162.19.138.120
172.64.146.152
18.64.126.129
18.65.107.133
18.65.125.113
182.161.74.11
202.233.84.2
216.58.220.130
23.105.12.170
23.108.103.8
23.192.45.98
23.45.58.82
2404:6800:4004:813::200e
2404:6800:4004:818::2002
2404:6800:4004:81c::2001
2404:6800:4004:820::2002
2404:6800:4004:822::2003
2404:6800:4004:822::200a
2404:6800:4004:823::2003
2404:6800:4004:825::2001
2404:6800:4004:826::2002
2404:6800:4004:827::2003
2404:6800:4004:827::2004
2406:2600:4::1
2406:2600:4::12
2406:2600:4::b
2406:da18:929:5a00:f9ef:986d:b765:c7ac
2600:140b:1c00:e::17cb:853e
2600:1901:0:e207::
2600:9000:2047:3200:1f:5b22:6e00:93a1
2600:9000:2112:9a00:19:8e9:d580:93a1
2600:9000:21ee:9800:1f:2964:4340:93a1
2606:2800:248:2f:1d8a:787:dc7:17df
2606:4700:10::6816:3456
2606:4700:310c::ac42:2eee
2606:4700:310c::ac42:2ef4
2606:4700::6811:180e
2620:1ec:21::14
2a04:4e42:600::485
34.111.113.62
34.160.89.38
35.208.249.213
35.213.12.39
35.244.159.8
52.196.50.30
52.223.40.198
52.44.239.97
52.46.143.56
52.76.134.18
54.238.5.160
54.239.33.158
69.173.158.64
8.43.72.98
01056e72b910937a0a438ea60dcdbdcfce2b611db3f4eb6ecf652fa750dc2e2a
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
035da22ce9de1220ba637fd8fd1dab2ec457a5bb4a458ee08966db6e06579406
05551592efaf925b30194933ffe93af0aa9032ddb16f7ec516735202036d1309
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08853a0f3fbc0c27aa3b44e57c43bc615a8749f2195c51fb7408402af1fe1ba2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b8eea0e52d5093cf6bb4cc8537812fc51b783398a47a5ccae92d4969fa0d545
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8
13081d86b2f11a8db3398c0532fe59915f1fe03ffb4b9240d578c6a0b76a03eb
147b550854610ad26f8b841045209597cca0f448cbbff44244fa5b40e8507a45
169129c84912473c3eea8cb0783089f986648c26f879f25caf12b9933feedebe
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
190a599874b15bbbbc5b78c10453c3eca3ba3d08d7f2e5ed2dce179b915a9baf
1a4c8e42a550bea6cb1fd0c68b37f874bb487bb2edb6034d520e029b15b57338
1b23af0ab531eb9e07d868e202b59ed0a715b3473c25b2d13f49e2b17269e58c
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c04562626233081c29a5fff86c859bda040ca68cf37ae29ccfec4ade8614033
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1e0a52e09f6a82103811fb05011f1487605df55d406ecaad89c68999d67f8ae0
1e46005535662551e524682a099a0f4bf7f87a7daef48880457458fe8ea6dd0e
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
208e5d881a92d84ae1c0e296c5bafe669ec7ac8f87ede263ff5a84de441bdb55
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
27d11aa536bf9f0c330f1146f55892dacb032bcc7d0858517c876051be97e93a
2a9560ea37def37ead1707ddb6edbcd0aac9aaff1198192962051fca10f00904
2c22d723aede4f7273958026d86cbd3a9f641f3e350c2efd280e61039ab78770
2dd23fed73b24ec27520eba02a41f6328050f53481a9e21e187461fabc4a72b7
2f732d9c781cc53389880d5decdb8063af59c50b3e45096241b667743064574e
2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775
329aeeefeee2b50eae5dddc14955e0ba012894ed834c90a36c955f93a8e383c0
3312fee67c3094e5cb9f0e3c3f94266bc316e25406ed0dab85770bdebdb0b631
33720d12f086395b6d753fbcee250319354c903dae11d992b4bf3a08a051765c
369837f28e2fa0492b55aea5262b31a8b7ac6a465ac04b74d239d1474224f913
3915d12aa9e630a7a8a8c2feaa631e3f542c980bf0aaa18f701772d2490072b5
3d9ec3d7cfd274c1de582f4eb14b3cc6fcfce7df6e5bbf53fb9f29466ce304e1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e89ca0e7df4f0025e2d415c756e4ceba2d51a899391ca81af75aafeaa643c00
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fa606a79f3a4eaf9d1a365d501472dcf6d130b975dd71e4efb83edd3c50c5a3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40169ff519e0be79ba32fecb0d3c23aee04f395d6b30263320ff38f915836015
40422de7715084edba5b090cda29d7e6a8b73a8a473f10de121cc102f3a69c5e
40a7ea541c36536ad5fca6cf407a41be1b8d81dd7b46018c7ff124a0274a6417
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49b0decbc87abc0c5fe97f8928eeff5f7bf1735e612edd1fbdfcff12839e5d4e
4afdbb03e8fc03fe0b25b2e077640428132a9fa6b5ff84db173d4b4a713969e9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ee2380942b507e5d89e359341924fe08f0c91ecda3177f38b694802bede0ce5
4fbf496f4c2c2078749fd1cb879cb5655469fbd68584e270b5e512857b1d33fa
5024a16300b29ab0675f2e78661262030ca745f4fbb7205e2a38b71f0971cb9d
546504d0f71de41c09f23c273e194e717dd41801fbc4d2c2daaa52547b500a6e
552c3e1fde28cdd9785a767c408d81d2b16425e35c74fe3fad7651468c04d495
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
579f02c2c27bd606800243df194c184b8356dae40f997980bbd09238676da51e
588777ca0da5cf32f4ed706fbe98ae2ff9e77d0957abefe2ce4620087618b9d9
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5f27dd7badc7ff500f4b15907ebe54f3e2af6df41a5b8f99a87b35157d8af43a
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
607b0828676eb8a38835dead7770d1c42e12ba7725dc29f7aa653d8a4b76b2bf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
689c72d7718868395eaf4bbe26e9f52e92f16daaa1d5486b53ae3744a996f1e2
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6aecb7eee34482955f6f7660cf98cd9d2eaa65ad363c7def5476e7fc8174f2ea
6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df
6c5288f6621fd5afab0bf8ccc8c94eb6ca60812d324a81e6adcf4c34887eed61
701fee1d1439aae8c04cf542dcd596337df43fb4d6e065b1c71cfaeccc886d43
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
70f3598dfcef4c758a897287d6669c96f45b10789b510d7ab238e02f6762240b
734b8a197f82abbdf3e01bdeec2191cf1f98ff6fdebffccb5458261ecf3fdb7d
74206dbfa24b340e54e7e2aef6dfa8c3c8883b1e3745d5edbfcb8ee0eba3cfd4
75d794673e75d06c3fa0e04cb18aaac9ca34f6153199e5473236a71e5d9868b2
768720f9e7ebf3774c629dfab1fdbd0dc36bb93720d4780aebbb31c2f619f691
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
79520840ea157a1b43f84eae5937d2e013b12de73621f7dca841c0516b114036
7c5fc5fded5d6747d5cffe0c807c260250ed1ae7dccbea886233ca79e1985d71
7edf1410494ab3425aa2b28869c7e99b9ac6335d018a7469e8f6e199c9456f93
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
85e74cf367fdd70c3bdbb603df85574f4f7e9a99b6f77c3e0b4cee1c9fe5105c
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
8875034ea813fa8a38f1e262928f4f2f74712e947efff24d07e49b0ec328ea4a
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8b9e28b9db6c1712b979dc891aa94760790ae2e028fb4bb36680bdaa0ac1136b
8c028ae3a8f1e2c6d35ae9660f4f777f6cf0317bcc25aa94b52cc86f4c9a56b8
8dcb7c6f7c0a10aa3c6a10e8cb9e34832aa7b3f729c6b36ef1b08532d3d27291
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
8f4c82902d7199827496fc047a38d3ef293d882b218cffc3df4f7ecaa0f71810
9160b68ade898c44cd361aa1286df10acc091be9a8e1559eceb22ac13505f405
91bb4f093ce078209b7e4b3d18dee5175dff4e6830c0418fdc3a653b2d37166e
94299b18b49fafa9da0368fd86cf112041db42c51fbcfa25ca4a58d785884c2a
9604d7cc1b5c628181ff3700d5ca7c9bc8d319b429e2c75e4f61ffdf81d9211d
9768abf86debff5fd077b1080d6f8ef3237d7000a81752556c727d4ab14429c1
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
98963253cf8167ce246773d8c6d144cc380d09982dffa3b07ee453a916d0f536
993783f9494454e262a5aa07c7b7631906faafb4c65e5f4e69269abcdbc00606
99953d3788a76b3b5392d7c3c2fc57a741f5d5c2b263616fdd07938aa2aa1b5b
9a8860b55ae8877973b791238268ae544b2f251366a2fe483e0d8c9e7015e8ae
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
9f667c2b0cf8df364288e88526b4fa73cd18e4a4cc9680624fe3768379bb4854
9f71c68db8f50cecab42686d45c685b9fa2710dac74bd8eb50df4689575fc204
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a33ee364a6dccf06173dd2d44a705b450d20f9e4065b2c15c63ccdf47ae32062
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a443980509ae55cf122a2167a6ca2efb42e6f8affba77b15dce260900cd2fe4e
a4ff1a40b43ba34c62af7cf45052ceb1c13245f71b78d2f95e608cdf40f0cdb9
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
a7e0fecf0f06b17eeafbad33deaee7cf63ab6b198ea2d85e41183b084c586abb
a85904e098cd1b968434e3bdcedd5a1465fec7d762b06d54348f334dc51bfc54
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b0de415378581336105f6fb93dbf3a81ec45cca6afdfdd3f5c8f17efb26161fe
b1ec34a915172009f6145254973cc73b62262c21c84a1556a309b21ce6e57914
b231c9545cb39e595055f83d69f7e51f17b452e400ce018baaace1d0901355b2
b290618c6a5c2dd4b007f08778431d033d20fd379b4e9dc4f173e11e2a965116
b55ae315a560d7a64689db2b74fb981aaaed1b88f492e7f563e3b32283772bf9
b592e338350011532e086b571cf1775418b5c8c46115c4c25b4c50a36d9de4ec
b62a43859fc6ed44a2a3ebbebd1b814af159f6f84cf02c3940580516757a8715
b7407f8ff5f749e6e1e2328a66fb7e055df1ffbbfaa03c8f13973ebe8507652c
b88fe97f337699b5c3bb72b8335404045f9572a6fcee179ae5011f2c77a4a3ae
ba42c7cd09dc15bc8b0d4e9b3a9145383c568a6eb78734ec01ba2ae1307a4568
bc2ec85a25ea9fadf7e8984c6edebce893d0988eb245c1d02e85d17f9e9b4005
bc2edd0b58beae3ba4ff5dec705cc4a5b42d9c11b45795c96db18f5fcabfb662
bdbbfe994439ea81e4d9d24ec1b91200bac86c555920304e6e7f62dcaa8235e8
becdc2c72a1ea4dcf3334433d9397170fd5102cb65958c6696a92d29fa5c7fc0
bed09a8a00803109606ceedf62262ffc4a9b964351426df286f842254ec85f43
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c480c5fccc0edd127f84da8c42a26f9835596d6fd91743bea025445ea5860bee
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c97f0adc11ccad69fa8a91e95cc521d6e78f04f1d9362d012ffd47b37b915ba8
c9ce3161fe47d04081561dff4f5c54bb6afec120425a606d7446f484ab88c74d
ca84b00a88fe4f3bd9987656f5810be63c345918ff2d762462c95f892acddfc5
d338a550f43bf4003e6d4dd49ad8f645c6b7b96735f35f2c1561376a32f30d8e
d5858a642cc1b48c3b21af58bde5a4c6493ad2ce7f9fabd787aa1b9f30b00c09
d860f2d50a88068a983690d264386537f5dacb7f62ebc8812e06cbfa26d6f1d8
d86ea4c723d261133261d08077a5185838cd957b5637730b94199da8dfb1f0d5
da6e94cff57b6ffa63d447b0b9cd3ef41aa18e76665ca2a28fffaf202d1873ba
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
daf05f302c6b9637696c0aa655db8adead45a8c48e406de6af9ea5b467937e6e
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd22a6ef345434cec2be92f55c4f967c2b0396462b8a7bfa4c93896b1157cb66
de3d61c93f7c9e8bba2a7a8ba4a5e6bac0282fdddddb9ea518f8f02d07965d3a
df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b
e27e37aeca1350fd2a11043ec4f36d66b38c3456748c7829109766aeb3c55001
e310a3b34be9a8f7706d19f6369de09281bbe86917a6585e372f819b0c6abfd6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
e6b3bde9a96e8af982f7496c4883e4fae2be36b27fd4f7dd0425423ebd8b0470
e7b96c7271f69074ff9a017c54ff372acb3faebeafbd360640fd71e9367b2f66
ea189595b420be847b22742aa75b35879debfcabbc512c07840aedc37ef02331
ea2b0b667c71be191da9cc93dd2f974874536a61bf13b1947aa22ecd254544d8
ea6b03f54820c7ce3aa1378f599c83a4a07fad0d58667c98c586af1119a186d0
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc4b171b413e8799ab98674eb56eac1735c6e2c86255523737f1e19966362e6
f38a9c3f3ffc9d3676fad89007a2e07bafaebdc577fac7291c35c30dd3816865
f826cd090304196fd59af62cd00baea3112cec9ae76885f0dc0b7adcd678e516
fdafe9f076a878e2145cdf295bfaccbc7c5ab210549f0dbf5587a91cb09e7fb8
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
fe9764c5b83b7297d2bd3dd44ee380f2d3b5414814cb1cfd5d818b8aad31bf74
feda658ccca23ab245a3838d0abca6495c3380fc804585c0b07225ff1e1849fc
ffe663e13b2e116f78823b615f3d9c491dee753e52287396c8a5185f986630ea

genshin-leak.com Open in urlscan Pro 118.27.100.23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

199 Requests

88 %HTTPS

45 %IPv6

38 Domains

62 Subdomains

51 IPs

6 Countries

3128 kBTransfer

7063 kBSize

46 Cookies

9 Outgoing links

Page URL History

Redirected requests

199 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 28 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

genshin-leak.com Open in urlscan Pro
118.27.100.23 Public Scan

Screenshot
Live screenshot

Full Image

199
Requests

88 %
HTTPS

45 %
IPv6

38
Domains

62
Subdomains

51
IPs

6
Countries

3128 kB
Transfer

7063 kB
Size

46
Cookies

199 HTTP transactions
28 data transactions