one-piece-analysis.net Open in urlscan Pro
157.112.183.110 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://one-piece-analysis.net/
Effective URL:
https://one-piece-analysis.net/
Submission Tags: @phish_report
Submission: On February 25 via api (February 25th 2024, 6:26:19 am UTC) from FI — Scanned from NZ

Summary HTTP 155 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 13 domains to perform 155 HTTP transactions. The main IP is 157.112.183.110, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is one-piece-analysis.net.
TLS certificate: Issued by R3 on December 27th 2023. Valid for: 3 months.

This is the only time one-piece-analysis.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	157.112.183.110 157.112.183.110	131965 (XSERVER X...) (XSERVER Xserver Inc.)
1	2404:6800:400... 2404:6800:4006:80f::200a	15169 (GOOGLE) (GOOGLE)
3	202.226.37.225 202.226.37.225	131965 (XSERVER X...) (XSERVER Xserver Inc.)
29	2404:6800:400... 2404:6800:4006:804::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4006:804::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e6:... 2606:4700:e6::ac40:cf26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2404:6800:400... 2404:6800:4006:814::2002	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4006:814::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c1c::9b	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4006:804::200a	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4006:804::2003	15169 (GOOGLE) (GOOGLE)
20	2404:6800:400... 2404:6800:4006:804::2001	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4006:80a::200a	15169 (GOOGLE) (GOOGLE)
2	172.217.24.34 172.217.24.34	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4006:804::2006	15169 (GOOGLE) (GOOGLE)
1	2406:2600:7:1... 2406:2600:7:100::15	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2406:2600:7:1... 2406:2600:7:100::e	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
8	2404:6800:400... 2404:6800:4009:82b::2003	() ()
4	2404:6800:400... 2404:6800:4006:814::2003	15169 (GOOGLE) (GOOGLE)
2	74.125.24.155 74.125.24.155	15169 (GOOGLE) (GOOGLE)
11	2406:2600:7:1... 2406:2600:7:100::1	() ()
1	182.161.73.132 182.161.73.132	() ()
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2406:2600:7:1... 2406:2600:7:100::1f	() ()
1	2406:2600:7:1... 2406:2600:7:100::f	() ()
2 2	2404:6800:400... 2404:6800:4006:80a::200e	() ()
2	2607:f8b0:400... 2607:f8b0:4007:c::7	() ()
155	27

17 157.112.183.110 (Japan) 1 redirects

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv5269.xserver.jp

one-piece-analysis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:80f::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 202.226.37.225 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: webmail.xserver.jp

webfonts.xserver.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2404:6800:4006:804::2002 (Sydney, Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:804::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:cf26 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2404:6800:4006:814::2002 (Sydney, Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4006:814::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c1c::9b (Singapore, Singapore)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4006:804::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4006:804::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2404:6800:4006:804::2001 (Sydney, Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4006:80a::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.24.34 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f34.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:804::2006 (Sydney, Australia)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:7:100::15 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

ads.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:7:100::e (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

rtb.sg1.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4009:82b::2003 (None, )

ASN- ()

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4006:814::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2406:2600:7:100::1 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.132 (None, )

ASN- ()

cat.sg1.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2406:2600:7:100::1f (None, )

ASN- ()

imageproxy.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:7:100::f (None, )

ASN- ()

csm.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:80a::200e (None, ) 2 redirects

ASN- ()

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4007:c::7 (None, )

ASN- ()

r2---sn-a5meknd6.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 106 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	742 KB
21	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 85 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 548 bid.g.doubleclick.net — Cisco Umbrella Rank: 881	209 KB
19	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	99 KB
17	one-piece-analysis.net 1 redirects one-piece-analysis.net	153 KB
16	criteo.net static.criteo.net imageproxy.as.criteo.net csm.as.criteo.net	138 KB
12	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 362 fonts.googleapis.com — Cisco Umbrella Rank: 32 imasdk.googleapis.com — Cisco Umbrella Rank: 491	306 KB
5	2mdn.net 2 redirects s0.2mdn.net — Cisco Umbrella Rank: 317 gcdn.2mdn.net r2---sn-a5meknd6.c.2mdn.net	64 KB
3	criteo.com ads.as.criteo.com — Cisco Umbrella Rank: 14705 rtb.sg1.as.criteo.com — Cisco Umbrella Rank: 27698 cat.sg1.as.criteo.com	46 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1047	156 KB
3	xserver.jp webfonts.xserver.jp — Cisco Umbrella Rank: 513490	26 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	151 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 226	5 KB
155	13

	Domain	Requested by
29	pagead2.googlesyndication.com	one-piece-analysis.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
20	tpc.googlesyndication.com	googleads.g.doubleclick.net one-piece-analysis.net tpc.googlesyndication.com imasdk.googleapis.com
17	one-piece-analysis.net	1 redirects one-piece-analysis.net
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	static.criteo.net	ads.as.criteo.com cdnjs.cloudflare.com static.criteo.net
8	csi.gstatic.com	imasdk.googleapis.com
7	www.gstatic.com	googleads.g.doubleclick.net
6	imasdk.googleapis.com	googleads.g.doubleclick.net imasdk.googleapis.com
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	imageproxy.as.criteo.net	ads.as.criteo.com
4	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	use.fontawesome.com	one-piece-analysis.net
3	webfonts.xserver.jp	one-piece-analysis.net webfonts.xserver.jp
2	r2---sn-a5meknd6.c.2mdn.net	one-piece-analysis.net
2	gcdn.2mdn.net	2 redirects
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	googleads4.g.doubleclick.net	one-piece-analysis.net
2	www.googletagmanager.com	one-piece-analysis.net www.googletagmanager.com
1	csm.as.criteo.net	ads.as.criteo.com
1	cdnjs.cloudflare.com	ads.as.criteo.com
1	cat.sg1.as.criteo.com	ads.as.criteo.com
1	rtb.sg1.as.criteo.com	googleads.g.doubleclick.net
1	ads.as.criteo.com	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	ajax.googleapis.com	one-piece-analysis.net
155	27

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
b.hatena.ne.jp
getpocket.com
lineit.line.me
line.me
feedly.com
thk.kanzae.net

Subject Issuer	Validity	Valid
www.one-piece-analysis.net R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.xserver.jp SecureCore RSA DV CA	`2023-03-31` - `2024-04-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-30` - `2024-05-02`	3 months	crt.sh
*.sg1.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-27` - `2024-04-30`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.as.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-31` - `2024-03-29`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://one-piece-analysis.net/
Frame ID: 19CB9E396327A48DE3781E54F867C3E3
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_fy2021.html
Frame ID: 91874EA81A3DCBBD9FB759975AF7F68D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&adk=1812271804&adf=3025194257&lmt=1708842374&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fone-piece-analysis.net%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~19&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842373937&bpp=6&bdt=1864&idt=690&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1605503971390&frm=20&pv=2&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=708
Frame ID: 1D9D08952737F3A88672E1AFBB72BDF9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=3256979098&pi=t.aa~a.1132269752~rp.4&w=848&fwrn=4&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=2&bdt=3667&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=1174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=4
Frame ID: FD29AF19BDAF52B35990BF5E90C13E46
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=3256979098&pi=t.aa~a.1132269752~rp.4&w=848&fwrn=1&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3668&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280&nras=3&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=874&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=9
Frame ID: EF8BAFFB36E905363DF903AF0A4EA524
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=2144726269&pi=t.aa~a.1132323683~rp.4&w=848&fwrn=4&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3668&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280%2C848x280&nras=4&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=2431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=12
Frame ID: 44C5B41F121B1EA759DDD1D6DDB17FD4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=2144726269&pi=t.aa~a.1132323683~rp.4&w=848&fwrn=1&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3668&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280%2C848x280%2C848x280&nras=5&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=2131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=15
Frame ID: 507D3AB01E1EBE290ED1AFC3E4439696
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=321250343&pi=t.aa~a.1132325034~rp.4&w=848&fwrn=4&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3668&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280%2C848x280%2C848x280%2C848x280&nras=6&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=3388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=18
Frame ID: 55E21FA9E7726DB85110D5238E1E0218
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=90&adk=3926521470&adf=3734621423&pi=t.aa~a.1132330172~rp.4&w=848&fwrn=4&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x90&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3668&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280%2C848x280%2C848x280%2C848x280%2C848x280&nras=7&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=4345&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=21
Frame ID: 412166C5169B4CA739A0713FB479D6CA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=896890076&pi=t.aa~a.1132322997~rp.4&w=848&fwrn=4&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3668&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280%2C848x280%2C848x280%2C848x280%2C848x280%2C848x90&nras=8&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=5111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=24
Frame ID: D75765326FD9DD6BD33EE0575406A96E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=90&adk=3926521470&adf=1750006210&pi=t.aa~a.1132328238~rp.4&w=848&fwrn=4&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x90&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3667&idt=0&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280%2C848x280%2C848x280%2C848x280%2C848x280%2C848x90%2C848x280&nras=9&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=6068&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=27
Frame ID: A2E5C4E0A34CB4AE052D86E9147605EE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: AF3CA33A96FFE46213BFD8774DADC2C9
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 243AAC03EC6546D865080F479AEC953B
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInM2dQFELjk--kFGIjJrYgCMAE&v=APEucNW17EDzSn6-g1Xk1bsn7vMnVn7HBH1AaMZ01hXxi6s0mqYHd1rj6A_S9rCV18btwdbBPCk9fBXdEpXUVYyz6AKv79WRjQ
Frame ID: 4BB62D0DC7B637DC77DE5D3AEC50DA1D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js
Frame ID: CEF49067B10F89F8F52FD9969222F9BF
Requests: 11 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=ZdrdhwANGkkCD1EtAAw8kG65jurxKzfpW_KcQw&u=%7CFPOQUtqbFmTvgaHxF%2FY719HP24om7MvliU%2BdMR2jKpU%3D%7C&c1=SpNqxMz7C2xV3MMj0aiG5j4TEzGr0uHs0UDsERpM9toExMr_xoAv9xgj4EB7xvAsUQzp8CCz0Z38TnpAzS43FQuEd-BQQ4gRnG1UUJ7LzOSrtU2JNsIFMr23o1isERgi8UFWUSDSFeJKS6Mdm2Ncumg_bPsMWEmIOsTIwIyYJXTlsUg5kzzebXzKOs72XGhcsB0uu9LtUfsUAjg_IORvYaAyOvPg6r9gT1SoQjjf70PD7r3zX0MFnvRmlEIHnwK0hxB1pC7uMN70jAIZZ1E6qy4TaCs9RWAdDjBEpQ7bM9iD1nYkaJ6PPnWZBTFoE1hYlFMKK4lIhKXiXKKohLPgI4-ZR-FFap-u87IMo5a13xpbgvN6X3SXuWWYmK29hribBT8m-ugm-ON7S82UvLSwI_pIzUdocvq3V1Yjivw_0HqVxD_2brcEaQp3HOIgUQGZR2Mqu08MvQItt5A3MPqTi1FZH_3xQTP4NPHEx1sFWvF-GDF1mftjVYHj02oxiGwDoLvgHXjS3HfVoTWxxAETbHTZm8MsxY6Jk6WlYDfjWA_C_aZZi-IRXQuLNqFwIkVGv0XuId2aRa4Y2MAi7Ee3UqL_vEfGCh7YXrdy9LyYtxAKUsWNJtF37n7T0LnUeiQYqNa-FJBVS78cx43QZQGWR015F7m3XnQw9xOL9dGxN38&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmmLXh93aZcm0NK2ivcAPkPmwSJj80bFcuqrwlawBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg2MDIxNDEyMzAyNDY4MDXIAQmpAg3o6wcuBaY-qAMByAMCqgTKAU_QPnklB73AXILZMBkbVq07gIR_6-gR_md5HfTCu-3a5iuOXveOhVE4YDJs-wGPPFZCSjugxtTTepNSzvKFvY9HK5DQkrezlxGGbCVImyFJIUvBRPWnsEr80GvHEl6IPuLwAX1nG15p-FEYCcZDDRACItSuApndnHpttfVewEc6Xl7He5EncSMyaryb7-8s7G_eG0bb_qNk3zrRE2gcRRddrJZgiBL_W49Lj6JeI5HI-pnRNQtt9CQYNoXSWPo0Vp4j36Bvh79fheOABpyN1JHVlLioKaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICACEi9_cE6WIzFp_btxYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0DyvdBAm4HQysVHzU75Zcxhs33Qg%26client%3Dca-pub-8602141230246805%26adurl%3D
Frame ID: 5248CABA3F71F932FCDC32165A29FD7C
Requests: 19 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/5d115d22c534f80a76417856e32eef9c.js?tag=client_fast_engine_2019
Frame ID: 13561FF435B2DA91C763C4C490D3482D
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2647477B8ABD46694E7C3F7CF90950AD
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js
Frame ID: 1E5F8775BAE9A727ECB9466A04E839D1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 9641A113A0E40F3F6372935F9578A197
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 2A8A92FF6DB5E367109B6AE01D7F1471
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ワンピース極限考察 Ohara | 週間少年ジャンプにて連載中のONE PIECEについて独自の考察・検証・研究データから伏線の予想を掲載

Page URL History Show full URLs

http://one-piece-analysis.net/ HTTP 301
https://one-piece-analysis.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

155
Requests

96 %
HTTPS

81 %
IPv6

13
Domains

27
Subdomains

27
IPs

4
Countries

2115 kB
Transfer

5451 kB
Size

8
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/share?text=%E3%83%AF%E3%83%B3%E3%83%94%E3%83%BC%E3%82%B9%E6%A5%B5%E9%99%90%E8%80%83%E5%AF%9F%20Ohara%7C%E9%80%B1%E9%96%93%E5%B0%91%E5%B9%B4%E3%82%B8%E3%83%A3%E3%83%B3%E3%83%97%E3%81%AB%E3%81%A6%E9%80%A3%E8%BC%89%E4%B8%AD%E3%81%AEONE%20PIECE%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6%E7%8B%AC%E8%87%AA%E3%81%AE%E8%80%83%E5%AF%9F%E3%83%BB%E6%A4%9C%E8%A8%BC%E3%83%BB%E7%A0%94%E7%A9%B6%E3%83%87%E3%83%BC%E3%82%BF%E3%81%8B%E3%82%89%E4%BC%8F%E7%B7%9A%E3%81%AE%E4%BA%88%E6%83%B3%E3%82%92%E6%8E%B2%E8%BC%89&url=https://one-piece-analysis.net/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://one-piece-analysis.net/&t=%E3%83%AF%E3%83%B3%E3%83%94%E3%83%BC%E3%82%B9%E6%A5%B5%E9%99%90%E8%80%83%E5%AF%9F%20Ohara%7C%E9%80%B1%E9%96%93%E5%B0%91%E5%B9%B4%E3%82%B8%E3%83%A3%E3%83%B3%E3%83%97%E3%81%AB%E3%81%A6%E9%80%A3%E8%BC%89%E4%B8%AD%E3%81%AEONE%20PIECE%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6%E7%8B%AC%E8%87%AA%E3%81%AE%E8%80%83%E5%AF%9F%E3%83%BB%E6%A4%9C%E8%A8%BC%E3%83%BB%E7%A0%94%E7%A9%B6%E3%83%87%E3%83%BC%E3%82%BF%E3%81%8B%E3%82%89%E4%BC%8F%E7%B7%9A%E3%81%AE%E4%BA%88%E6%83%B3%E3%82%92%E6%8E%B2%E8%BC%89
Title: Facebook

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/add?mode=confirm&url=https://one-piece-analysis.net/&title=%E3%83%AF%E3%83%B3%E3%83%94%E3%83%BC%E3%82%B9%E6%A5%B5%E9%99%90%E8%80%83%E5%AF%9F%20Ohara%7C%E9%80%B1%E9%96%93%E5%B0%91%E5%B9%B4%E3%82%B8%E3%83%A3%E3%83%B3%E3%83%97%E3%81%AB%E3%81%A6%E9%80%A3%E8%BC%89%E4%B8%AD%E3%81%AEONE%20PIECE%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6%E7%8B%AC%E8%87%AA%E3%81%AE%E8%80%83%E5%AF%9F%E3%83%BB%E6%A4%9C%E8%A8%BC%E3%83%BB%E7%A0%94%E7%A9%B6%E3%83%87%E3%83%BC%E3%82%BF%E3%81%8B%E3%82%89%E4%BC%8F%E7%B7%9A%E3%81%AE%E4%BA%88%E6%83%B3%E3%82%92%E6%8E%B2%E8%BC%89
Title: B! Hatena

Search URL Search Domain Scan URL

URL: https://getpocket.com/edit?url=https://one-piece-analysis.net/
Title: Pocket

Search URL Search Domain Scan URL

URL: https://lineit.line.me/share/ui?url=/#/
Title: LINE

Search URL Search Domain Scan URL

URL: https://line.me/R/msg/text/?%E3%83%AF%E3%83%B3%E3%83%94%E3%83%BC%E3%82%B9%E6%A5%B5%E9%99%90%E8%80%83%E5%AF%9F%20Ohara%7C%E9%80%B1%E9%96%93%E5%B0%91%E5%B9%B4%E3%82%B8%E3%83%A3%E3%83%B3%E3%83%97%E3%81%AB%E3%81%A6%E9%80%A3%E8%BC%89%E4%B8%AD%E3%81%AEONE%20PIECE%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6%E7%8B%AC%E8%87%AA%E3%81%AE%E8%80%83%E5%AF%9F%E3%83%BB%E6%A4%9C%E8%A8%BC%E3%83%BB%E7%A0%94%E7%A9%B6%E3%83%87%E3%83%BC%E3%82%BF%E3%81%8B%E3%82%89%E4%BC%8F%E7%B7%9A%E3%81%AE%E4%BA%88%E6%83%B3%E3%82%92%E6%8E%B2%E8%BC%89%0D%0A
Title: LINE

Search URL Search Domain Scan URL

URL: https://feedly.com/index.html#subscription/feed/https%3A%2F%2Fone-piece-analysis.net%2Ffeed%2F
Title: Feedly

Search URL Search Domain Scan URL

URL: https://thk.kanzae.net/
Title: Thought is free

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://one-piece-analysis.net/ HTTP 301
https://one-piece-analysis.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 137

https://gcdn.2mdn.net/videoplayback/id/46106138759b0065/itag/346/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740378377/sparams/ip,ipbits,expire,id,itag,source,xpc,ctier,acao/signature/0E5B387B4223833C4B5AFB7C92791700FDDD1EFA.9E9E1A056E95E9AE6279D84BE650E43DA98BB370/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-a5meknd6.c.2mdn.net/videoplayback/id/46106138759b0065/itag/346/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740378377/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/6964EF946F84B63BF0C524D1DE0BD8D3E5C6120F.01A29CDBFD22D4A4653E42DDD1AEB58AE45265/key/cms1/cms_redirect/yes/mh/o6/mip/2404:f780:5:dee::c1e/mm/42/mn/sn-a5meknd6/ms/onc/mt/1708842026/mv/u/mvi/2/pl/48/file/file.mp4

Request Chain 142

https://gcdn.2mdn.net/videoplayback/id/46106138759b0065/itag/346/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740378377/sparams/ip,ipbits,expire,id,itag,source,xpc,ctier,acao/signature/49AAFE3849F1196EC5C875F82A216D0B80EE3E46.4B7B8CB7FE31F514AD463678697FBD3C34536425/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-a5meknd6.c.2mdn.net/videoplayback/id/46106138759b0065/itag/346/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740378377/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/44159D9E1AFE7C60F45815AFE98D400627BCE35C.5A116C5F2800FD375FA8DF140DF7B372BAE89D52/key/cms1/cms_redirect/yes/mh/o6/mip/2404:f780:5:dee::c1e/mm/42/mn/sn-a5meknd6/ms/onc/mt/1708842026/mv/u/mvi/2/pl/48/file/file.mp4

155 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
one-piece-analysis.net/
Redirect Chain

http://one-piece-analysis.net/
https://one-piece-analysis.net/

110 KB
25 KB

7927ms
7359ms

Document
text/html

157.112.183.110
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://one-piece-analysis.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.112.183.110 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv5269.xserver.jp
Software: nginx /
Resource Hash: 101bbf1b4901f98195723eb13cc673b1dd88cf2ccd93f36d59c35213de8ca425

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 25 Feb 2024 06:26:11 GMT
link: <https://one-piece-analysis.net/wp-json/>; rel="https://api.w.org/"
server: nginx
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 239
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 25 Feb 2024 06:26:04 GMT
Location: https://one-piece-analysis.net/
Server: nginx

GET
H2 200 icomoon.woff
one-piece-analysis.net/wp-content/themes/luxech/fonts/icomoon/fonts/ 3 KB
2 KB 208ms
205ms Font
application/font-woff 157.112.183.110
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://one-piece-analysis.net/wp-content/themes/luxech/fonts/icomoon/fonts/icomoon.woff
Requested by: Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.112.183.110 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv5269.xserver.jp
Software: nginx /
Resource Hash: e377ff8925158bb9f7814b1bb05572d2051a512c375cd4da6812a455c09b83fb

Request headers

Referer: https://one-piece-analysis.net/
Origin: https://one-piece-analysis.net
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:12 GMT
content-encoding: br
last-modified: Sat, 04 May 2019 20:25:39 GMT
server: nginx
etag: W/"c38-58815aba65bcd"
vary: Accept-Encoding
content-type: application/font-woff
cache-control: max-age=604800
expires: Sun, 03 Mar 2024 06:26:12 GMT

GET
H2 200 cv.css
one-piece-analysis.net/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/ 76 KB
12 KB 207ms
205ms Stylesheet
text/css 157.112.183.110
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://one-piece-analysis.net/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css
Requested by: Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.112.183.110 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv5269.xserver.jp
Software: nginx /
Resource Hash: dbd21434a01bdc63075bfc9259c20b6a06b628267d25ee9683939ed2f088fffd

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-piece-analysis.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:12 GMT
content-encoding: br
last-modified: Mon, 15 Jul 2019 17:18:58 GMT
server: nginx
etag: W/"12ff7-58dbb749c1e63"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 03 Mar 2024 06:26:12 GMT

GET
H2 200 styles.css
one-piece-analysis.net/wp-content/plugins/contact-form-7/includes/css/ 2 KB
896 B 207ms
204ms Stylesheet
text/css 157.112.183.110
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://one-piece-analysis.net/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by: Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.112.183.110 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv5269.xserver.jp
Software: nginx /
Resource Hash: a559ba07f12aeda335ca811bb96b6f57b555815a835fe5f86ad6e7f166190e6d

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-piece-analysis.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:12 GMT
content-encoding: br
last-modified: Mon, 15 Oct 2018 21:54:30 GMT
server: nginx
etag: W/"6cf-5784b7b55be2e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 03 Mar 2024 06:26:12 GMT

GET
H2 200 style.min.css
one-piece-analysis.net/wp-content/plugins/easy-table-of-contents/vendor/icomoon/ 369 B
554 B 207ms
205ms Stylesheet
text/css 157.112.183.110
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://one-piece-analysis.net/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css
Requested by: Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.112.183.110 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv5269.xserver.jp
Software: nginx /
Resource Hash: bd2317f75582f7f94823a6289701498ee4c75d51ce502c09fd4663de07f3dda4

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-piece-analysis.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:12 GMT
last-modified: Sat, 13 Apr 2019 05:01:21 GMT
server: nginx
etag: "171-586624f72271e"
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 369
expires: Sun, 03 Mar 2024 06:26:12 GMT

GET
H2 200 screen.min.css
one-piece-analysis.net/wp-content/plugins/easy-table-of-contents/assets/css/ 5 KB
2 KB 208ms
206ms Stylesheet
text/css 157.112.183.110
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://one-piece-analysis.net/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css
Requested by: Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.112.183.110 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv5269.xserver.jp
Software: nginx /
Resource Hash: d35c809bcd9170b889f996ca93908d12502201718a5c13cf63eecdc5232f1e2d

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-piece-analysis.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:12 GMT
content-encoding: br
last-modified: Sat, 13 Apr 2019 05:01:21 GMT
server: nginx
etag: W/"14d2-586624f72271e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 03 Mar 2024 06:26:12 GMT

GET
H2 200 luxe.async.min.js Show response
one-piece-analysis.net/wp-content/themes/luxeritas/js/ 291 B
486 B 201ms
201ms Script
application/javascript 157.112.183.110
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://one-piece-analysis.net/wp-content/themes/luxeritas/js/luxe.async.min.js?v=1622529530
Requested by: Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.112.183.110 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv5269.xserver.jp
Software: nginx /
Resource Hash: 56659b7cbaefa31cb9e6696d061d90153c050628d3492f5c0fea5f666bc31304

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-piece-analysis.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:12 GMT
last-modified: Tue, 01 Jun 2021 06:38:50 GMT
server: nginx
etag: "123-5c3ae98524aee"
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 291
expires: Sun, 03 Mar 2024 06:26:12 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 540ms
149ms Script
text/javascript 2404:6800:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80f::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-piece-analysis.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 23 Feb 2024 23:49:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Feb 2025 23:49:16 GMT

GET
H2 200 luxe.min.js Show response
one-piece-analysis.net/wp-content/themes/luxeritas/js/ 16 KB
6 KB 202ms
201ms Script
application/javascript 157.112.183.110
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://one-piece-analysis.net/wp-content/themes/luxeritas/js/luxe.min.js?v=1622529530
Requested by: Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.112.183.110 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv5269.xserver.jp
Software: nginx /
Resource Hash: b6b472964d72773fa53ca74a8221b9e93f9793364dfbbe4d8c90b5d86665e84d

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-piece-analysis.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:13 GMT
content-encoding: br
last-modified: Tue, 01 Jun 2021 06:38:50 GMT
server: nginx
etag: W/"3ff8-5c3ae9853930f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 03 Mar 2024 06:26:13 GMT

GET
H/1.1 200
OK xserver.js Show response
webfonts.xserver.jp/js/ 20 KB
8 KB 906ms
204ms Script
application/javascript 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/js/xserver.js
Requested by: Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: b96773c4b9e609994855c2ff9b4463610ee73c5a4a3f11938d88dcc2894d1c16

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-piece-analysis.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 25 Feb 2024 06:26:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Aug 2019 03:18:48 GMT
Server: nginx
ETag: W/"5d522c18-4e15"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 699ms
306ms Script
text/javascript 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fa762517d9900bcc86168a00e7883bf9b33c8a24b1d3ceec924d5e1da43f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-piece-analysis.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51367
x-xss-protection: 0
server: cafe
etag: 10754925912227005945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 25 Feb 2024 06:26:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
69 KB 656ms
266ms Script
application/javascript 2404:6800:4006:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-138299704-1

Requested by

Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c39d9731e3f855358eaf752570f74192450c6f56d9d0978d78cda48f52cf518

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-piece-analysis.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70733
x-xss-protection: 0
last-modified: Sun, 25 Feb 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Feb 2024 06:26:13 GMT

GET
H2 200 luxech.js Show response
one-piece-analysis.net/wp-content/themes/luxech/ 160 B
354 B 202ms
201ms Script
application/javascript 157.112.183.110
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://one-piece-analysis.net/wp-content/themes/luxech/luxech.js?v=1708842364
Requested by: Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.112.183.110 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv5269.xserver.jp
Software: nginx /
Resource Hash: 2cb51c013da8aab090a4545424777417b0ef02a5b0a9565c0aec547b99974e52

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-piece-analysis.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:13 GMT
last-modified: Sat, 04 May 2019 20:25:39 GMT
server: nginx
etag: "a0-58815aba67b0d"
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 160
expires: Sun, 03 Mar 2024 06:26:13 GMT

GET
H2 200 scripts.js Show response
one-piece-analysis.net/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 207ms
205ms Script
application/javascript 157.112.183.110
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://one-piece-analysis.net/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by: Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.112.183.110 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv5269.xserver.jp
Software: nginx /
Resource Hash: 2abe34835f5555333edccab5786c3fb72eb1755110f38d2fdb2c0ae7ed4db6ed

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-piece-analysis.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:12 GMT
content-encoding: br
last-modified: Mon, 15 Oct 2018 21:54:30 GMT
server: nginx
etag: W/"3976-5784b7b55be2e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 03 Mar 2024 06:26:12 GMT

GET
H2 200 cv.js Show response
one-piece-analysis.net/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/ 23 KB
7 KB 207ms
206ms Script
application/javascript 157.112.183.110
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://one-piece-analysis.net/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js
Requested by: Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.112.183.110 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv5269.xserver.jp
Software: nginx /
Resource Hash: cf9b3937b122b2c960947ecd3ba443b93116241f9d703f6ada39a3bccdf59d99

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-piece-analysis.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:12 GMT
content-encoding: br
last-modified: Mon, 15 Jul 2019 17:18:58 GMT
server: nginx
etag: W/"5a72-58dbb749c1e63"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 03 Mar 2024 06:26:12 GMT

GET
H2 200 bj-lazy-load.min.js Show response
one-piece-analysis.net/wp-content/plugins/bj-lazy-load/js/ 2 KB
906 B 207ms
206ms Script
application/javascript 157.112.183.110
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://one-piece-analysis.net/wp-content/plugins/bj-lazy-load/js/bj-lazy-load.min.js
Requested by: Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.112.183.110 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv5269.xserver.jp
Software: nginx /
Resource Hash: 5bc5fe165e8fab88549d56628bcc4ad463235f7f995c0477fb90fc78698be265

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-piece-analysis.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:12 GMT
content-encoding: br
last-modified: Mon, 22 Apr 2019 15:14:48 GMT
server: nginx
etag: W/"664-5871fede9a295"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 03 Mar 2024 06:26:12 GMT

GET
H2 200 wp-embed.min.js Show response
one-piece-analysis.net/wp-includes/js/ 1 KB
1020 B 207ms
206ms Script
application/javascript 157.112.183.110
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://one-piece-analysis.net/wp-includes/js/wp-embed.min.js
Requested by: Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.112.183.110 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv5269.xserver.jp
Software: nginx /
Resource Hash: 37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-piece-analysis.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:12 GMT
content-encoding: br
last-modified: Wed, 17 May 2023 03:54:35 GMT
server: nginx
etag: W/"5a3-5fbdba5691ddf"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 03 Mar 2024 06:26:12 GMT

GET
H/1.1 200
OK checkdigit Show response
webfonts.xserver.jp/advance/ref/ja/107/ 1 B
314 B 844ms
202ms XHR
text/plain 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/advance/ref/ja/107/checkdigit?K18MUcZzRRA%3D
Requested by: Host: webfonts.xserver.jp
URL: https://webfonts.xserver.jp/js/xserver.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://one-piece-analysis.net/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: cache
Date: Sun, 25 Feb 2024 06:26:13 GMT
Server: nginx
ETag: "typesquare-use-cache"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Content-Type: text/plain;;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=8640000
Connection: keep-alive

GET
H2 200 wp-emoji-release.min.js Show response
one-piece-analysis.net/wp-includes/js/ 12 KB
5 KB 202ms
202ms Script
application/javascript 157.112.183.110
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://one-piece-analysis.net/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.112.183.110 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv5269.xserver.jp
Software: nginx /
Resource Hash: d9160bf5ee2c9435a62c8b1d991b7f419417cab5d5a37eefcee79767a292b4b7

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-piece-analysis.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:13 GMT
content-encoding: br
last-modified: Thu, 15 Apr 2021 03:56:10 GMT
server: nginx
etag: W/"2eaf-5bffad800ffb3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 03 Mar 2024 06:26:13 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif

GET
H2 200 ohara-header04.jpg
one-piece-analysis.net/wp-content/uploads/2019/05/ 84 KB
84 KB 201ms
201ms Image
image/jpeg 157.112.183.110
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://one-piece-analysis.net/wp-content/uploads/2019/05/ohara-header04.jpg
Requested by: Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.112.183.110 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv5269.xserver.jp
Software: nginx /
Resource Hash: 8fffb63986a6b0ba1db1a4a4ea570a2113db31f81b816d6fed40a86dc5fe5426

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-piece-analysis.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:13 GMT
last-modified: Thu, 02 May 2019 21:19:49 GMT
server: nginx
etag: "14f68-587ee31b1effe"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 85864
expires: Sun, 03 Mar 2024 06:26:13 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ 72 KB
73 KB 900ms
590ms Font
font/woff2 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Requested by: Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

Referer: https://one-piece-analysis.net/
Origin: https://one-piece-analysis.net
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:13 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "fb493903265cad425ccdf8e04fc2de61"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsT6tq7J3EBez%2F%2BP3a2CQZj03ufCtAUzvqGdXdyCIjTDbgwmEyIrmGMvRxjHvgso6b1ju0SlUhegNSxy05TobW3H3J7Yr6vVVQ8Vc0fx7xU4px6HfrRlBQ2L2v1t4XJNjCKJDl7w3ubyJGIXQndeFs4a"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 85ade021bec789bf-SIN
alt-svc: h3=":443"; ma=86400
content-length: 73852

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ 14 KB
15 KB 900ms
591ms Font
font/woff2 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-regular-400.woff2
Requested by: Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92ba7bfaa43a35c94353e96860d99376313ee9b5fce6124d4e64067280f9a841

Request headers

Referer: https://one-piece-analysis.net/
Origin: https://one-piece-analysis.net
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:13 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "bdadb6ce95c5a2e7b673940721450d3c"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLBTkxREzPVAB1n6hp7lUHVvAx%2BqHMLgi9i5Tn46rrdyPt1zmQgnKSWkoGU9cjXSTgPdzJeQEbV3FYh7NvutlDwzpD%2BHXawW6ZwmeE8dz6RMnVsDhMp1b5O8yHcwCE%2BUrPG0AZqEwKiclgCXfImpnzya"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 85ade021beca89bf-SIN
alt-svc: h3=":443"; ma=86400
content-length: 14844

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ 68 KB
69 KB 739ms
429ms Font
font/woff2 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-brands-400.woff2
Requested by: Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05dbc51654b96590d176c27efbcef2cf4ac0497499a9f28b731b73eea399070c

Request headers

Referer: https://one-piece-analysis.net/
Origin: https://one-piece-analysis.net
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:13 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "659c4d58b00226541ef95c3a76e169c5"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LceslwkeRcto05NzdIkcay%2F23StPgJfttYIYM5QM7sY2t%2F6BzqvrMV7xH4DSF%2Fk1Hf3Ue23t3iLfBzAqj9lT4VIV9pSZCZ2LSiEkWvzjSEyUfscLDksQNcssDR%2FG%2FVnn3UK4vdPZarBrX1RrKEl1oCt7"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 85ade021becb89bf-SIN
alt-svc: h3=":443"; ma=86400
content-length: 69608

GET
H2 200 style.async.min.css
one-piece-analysis.net/wp-content/themes/luxeritas/ 1 KB
840 B 356ms
356ms Stylesheet
text/css 157.112.183.110
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://one-piece-analysis.net/wp-content/themes/luxeritas/style.async.min.css?v=1622529521
Requested by: Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/wp-content/themes/luxeritas/js/luxe.async.min.js?v=1622529530
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.112.183.110 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv5269.xserver.jp
Software: nginx /
Resource Hash: 3c7b2f4a154198721450f6edeabc8ecfc41a4ea7a2a63ec43b90be7e4274966f

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-piece-analysis.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:13 GMT
content-encoding: br
last-modified: Tue, 01 Jun 2021 06:38:50 GMT
server: nginx
etag: W/"525-5c3ae98524aee"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 03 Mar 2024 06:26:13 GMT

GET
H/1.1 200
OK ab.woff
webfonts.xserver.jp/ 17 KB
18 KB 576ms
403ms Font
font/woff 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/ab.woff
Requested by: Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: e2fa69feab176160c642026437a980e8d82132c225290fcfb0c50a333dd31552

Request headers

Referer: https://one-piece-analysis.net/
Origin: https://one-piece-analysis.net
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 25 Feb 2024 06:26:13 GMT
Last-Modified: Fri, 26 Feb 2021 05:26:27 GMT
Server: nginx
ETag: "60388683-4578"
X-Cache-Status: HIT
Access-Control-Max-Age: 31536000
Access-Control-Allow-Methods: GET
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17784

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/ 408 KB
138 KB 324ms
323ms Script
text/javascript 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_fy2021.js?bust=31081330

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45578885955e108fc7f91d20fd95c853684cfcf975645ef157bd78c1015837e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-piece-analysis.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141547
x-xss-protection: 0
server: cafe
etag: 9877058301032885334
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 06:26:14 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/ Frame 9187 9 KB
5 KB 543ms
151ms Document
text/html 2404:6800:4006:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://one-piece-analysis.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

age: 39993
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Feb 2024 19:19:41 GMT
etag: 3890843268177463596
expires: Sat, 09 Mar 2024 19:19:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
81 KB 266ms
265ms Script
application/javascript 2404:6800:4006:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7W2NTMT80Q&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-138299704-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

020887c1eac1edb0ea15fdb887565515670c282fb3d7f13a3772e09082f2efbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-piece-analysis.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83062
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 25 Feb 2024 06:26:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 539ms
149ms Script
text/javascript 2404:6800:4006:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-138299704-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-piece-analysis.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Feb 2024 05:16:39 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4175
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 25 Feb 2024 07:16:39 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
175 B 244ms
244ms Ping
text/plain 2404:6800:4006:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-7W2NTMT80Q&gtm=45je42l0v9121961179za220&_p=1708842373001&gcd=13l3l3l3l1&npa=0&dma=0&cid=1313278765.1708842374&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1708842374&sct=1&seg=0&dl=https%3A%2F%2Fone-piece-analysis.net%2F&dt=%E3%83%AF%E3%83%B3%E3%83%94%E3%83%BC%E3%82%B9%E6%A5%B5%E9%99%90%E8%80%83%E5%AF%9F%20Ohara%20%7C%20%E9%80%B1%E9%96%93%E5%B0%91%E5%B9%B4%E3%82%B8%E3%83%A3%E3%83%B3%E3%83%97%E3%81%AB%E3%81%A6%E9%80%A3%E8%BC%89%E4%B8%AD%E3%81%AEONE%20PIECE%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6%E7%8B%AC%E8%87%AA%E3%81%AE%E8%80%83%E5%AF%9F%E3%83%BB%E6%A4%9C%E8%A8%BC%E3%83%BB%E7%A0%94%E7%A9%B6%E3%83%87%E3%83%BC%E3%82%BF%E3%81%8B%E3%82%89%E4%BC%8F%E7%B7%9A%E3%81%AE%E4%BA%88%E6%83%B3%E3%82%92%E6%8E%B2%E8%BC%89&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=13016
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7W2NTMT80Q&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4006:814::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-piece-analysis.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 06:26:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://one-piece-analysis.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
92 B 244ms
244ms XHR
text/plain 2404:6800:4006:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2021383465&t=pageview&_s=1&dl=https%3A%2F%2Fone-piece-analysis.net%2F&ul=en-us&de=UTF-8&dt=%E3%83%AF%E3%83%B3%E3%83%94%E3%83%BC%E3%82%B9%E6%A5%B5%E9%99%90%E8%80%83%E5%AF%9F%20Ohara%20%7C%20%E9%80%B1%E9%96%93%E5%B0%91%E5%B9%B4%E3%82%B8%E3%83%A3%E3%83%B3%E3%83%97%E3%81%AB%E3%81%A6%E9%80%A3%E8%BC%89%E4%B8%AD%E3%81%AEONE%20PIECE%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6%E7%8B%AC%E8%87%AA%E3%81%AE%E8%80%83%E5%AF%9F%E3%83%BB%E6%A4%9C%E8%A8%BC%E3%83%BB%E7%A0%94%E7%A9%B6%E3%83%87%E3%83%BC%E3%82%BF%E3%81%8B%E3%82%89%E4%BC%8F%E7%B7%9A%E3%81%AE%E4%BA%88%E6%83%B3%E3%82%92%E6%8E%B2%E8%BC%89&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=687634407&gjid=482249368&cid=1313278765.1708842374&tid=UA-138299704-1&_gid=666186929.1708842375&_r=1&gtm=457e42l0za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=1531555393

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://one-piece-analysis.net/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 06:26:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://one-piece-analysis.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1D9D 307 KB
76 KB 756ms
755ms Document
text/html 2404:6800:4006:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&adk=1812271804&adf=3025194257&lmt=1708842374&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fone-piece-analysis.net%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~19&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842373937&bpp=6&bdt=1864&idt=690&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1605503971390&frm=20&pv=2&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=708

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_fy2021.js?bust=31081330

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

baa3188197987e13c0cbcead9e1a4dcf1a913cc9ffbd39bccb2f3edfc510def3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://one-piece-analysis.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 77398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 06:26:15 GMT
expires: Sun, 25 Feb 2024 06:26:15 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
350 B 450ms
150ms XHR
text/plain 2404:6800:4003:c1c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-138299704-1&cid=1313278765.1708842374&jid=687634407&gjid=482249368&_gid=666186929.1708842375&_u=YADAAUAAAAAAACAAI~&z=539364905

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://one-piece-analysis.net/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 25 Feb 2024 06:26:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://one-piece-analysis.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/ 166 KB
56 KB 303ms
303ms Script
text/javascript 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/reactive_library_fy2021.js?bust=31081330

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_fy2021.js?bust=31081330

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdb6138b404bc4db22fc4f7b6509db53e9ba35686b24b966d9c7193d8b6dd0a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one-piece-analysis.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57364
x-xss-protection: 0
server: cafe
etag: 18349163504489520026
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 06:26:15 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FD29 32 KB
14 KB 853ms
853ms Document
text/html 2404:6800:4006:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=3256979098&pi=t.aa~a.1132269752~rp.4&w=848&fwrn=4&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=2&bdt=3667&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=1174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_fy2021.js?bust=31081330

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46ff0ed4f4efbe4900246aaf1020dd44c2039c41aeeeb74e5d12ecec9fe9ac5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://one-piece-analysis.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 14460
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 06:26:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EF8B 77 KB
25 KB 793ms
793ms Document
text/html 2404:6800:4006:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=3256979098&pi=t.aa~a.1132269752~rp.4&w=848&fwrn=1&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3668&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280&nras=3&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=874&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_fy2021.js?bust=31081330

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

924fd78693c23f832a31fa65ca6cf6da3ae3e203529bafcf111faee2a66dbfe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://one-piece-analysis.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 25868
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 06:26:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 44C5 98 KB
43 KB 648ms
648ms Document
text/html 2404:6800:4006:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=2144726269&pi=t.aa~a.1132323683~rp.4&w=848&fwrn=4&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3668&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280%2C848x280&nras=4&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=2431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_fy2021.js?bust=31081330

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6996722cd5a77514d17cc6fe1bf929c7367478582ac17c9e79536af4323d63a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://one-piece-analysis.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 43766
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 06:26:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 507D 880 B
438 B 886ms
885ms Document
text/html 2404:6800:4006:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=2144726269&pi=t.aa~a.1132323683~rp.4&w=848&fwrn=1&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3668&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280%2C848x280%2C848x280&nras=5&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=2131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=15

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_fy2021.js?bust=31081330

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16ac0da036e9fbc94ecd6e91f4117db635d5edd019493fd4955640725f1524d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://one-piece-analysis.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 417
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 06:26:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 55E2 880 B
432 B 838ms
838ms Document
text/html 2404:6800:4006:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=321250343&pi=t.aa~a.1132325034~rp.4&w=848&fwrn=4&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3668&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280%2C848x280%2C848x280%2C848x280&nras=6&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=3388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_fy2021.js?bust=31081330

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbef215c25038579ca799010857cb00b9fcd22a92a7dfab6b8f9906cc7cf2c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://one-piece-analysis.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 411
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 06:26:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4121 880 B
437 B 532ms
532ms Document
text/html 2404:6800:4006:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=90&adk=3926521470&adf=3734621423&pi=t.aa~a.1132330172~rp.4&w=848&fwrn=4&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x90&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3668&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280%2C848x280%2C848x280%2C848x280%2C848x280&nras=7&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=4345&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=21

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_fy2021.js?bust=31081330

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1e17fa307631464f90c1619671ded722cb9263f8076af6b7c3dd12101bbbca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://one-piece-analysis.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 416
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 06:26:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D757 880 B
435 B 475ms
475ms Document
text/html 2404:6800:4006:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=896890076&pi=t.aa~a.1132322997~rp.4&w=848&fwrn=4&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3668&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280%2C848x280%2C848x280%2C848x280%2C848x280%2C848x90&nras=8&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=5111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=24

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_fy2021.js?bust=31081330

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83958f19fcd69af88e7a0b3fb786a7f1a03e391568d5634cdd06a1698afbd360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://one-piece-analysis.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 06:26:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A2E5 880 B
437 B 534ms
534ms Document
text/html 2404:6800:4006:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=90&adk=3926521470&adf=1750006210&pi=t.aa~a.1132328238~rp.4&w=848&fwrn=4&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x90&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3667&idt=0&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280%2C848x280%2C848x280%2C848x280%2C848x280%2C848x90%2C848x280&nras=9&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=6068&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=27

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_fy2021.js?bust=31081330

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4faf7f5ab76343462ce1c207f913dd3a9da41f72b6f58962c929ea7a17102299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://one-piece-analysis.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 416
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 06:26:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/ Frame AF3C 9 KB
4 KB 149ms
149ms Document
text/html 2404:6800:4006:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_fy2021.js?bust=31081330

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://one-piece-analysis.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

age: 39288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Feb 2024 19:31:28 GMT
etag: 3890843268177463596
expires: Sat, 09 Mar 2024 19:31:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/ Frame 243A 9 KB
4 KB 149ms
148ms Document
text/html 2404:6800:4006:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_fy2021.js?bust=31081330

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://one-piece-analysis.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

age: 39288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Feb 2024 19:31:28 GMT
etag: 3890843268177463596
expires: Sat, 09 Mar 2024 19:31:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame AF3C 2 KB
880 B 636ms
241ms Stylesheet
text/css 2404:6800:4006:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b11d5d358b3753b9e7896ab1b32faafa06b108088b8f026cef635b98704b6fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Feb 2024 06:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Sun, 25 Feb 2024 06:26:16 GMT

GET
H2 200 more_vert_white_48dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AF3C 233 B
348 B 541ms
149ms Image
image/png 2404:6800:4006:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/more_vert_white_48dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b68d6252e63c5207f080a8969aa75600d5d252f67d454fd9a0a8a7e3e89d0686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 00:00:18 GMT
x-content-type-options: nosniff
age: 109558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 23 Feb 2025 00:00:18 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AF3C 205 B
650 B 540ms
149ms Image
image/png 2404:6800:4006:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 00:04:35 GMT
x-content-type-options: nosniff
age: 109301
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 23 Feb 2025 00:04:35 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AF3C 604 B
695 B 542ms
150ms Image
image/png 2404:6800:4006:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 23 Feb 2024 23:49:38 GMT
x-content-type-options: nosniff
age: 110198
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 22 Feb 2025 23:49:38 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/ Frame AF3C 15 KB
7 KB 543ms
150ms Script
text/javascript 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61d8691097f35768bf7d91d6cd291fcfb2bb2cb5334ae145faf11e652e0ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 19:23:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39781
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6496
x-xss-protection: 0
server: cafe
etag: 2240975554753911238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 19:23:15 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/ Frame AF3C 22 KB
9 KB 555ms
162ms Script
text/javascript 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce8c05a7248a3803ffc6d3a871f42b125e2358c700a59e082501d81d5c94400b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 04:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9139
x-xss-protection: 0
server: cafe
etag: 14231659491099539135
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Mar 2024 04:04:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame 243A 23 KB
9 KB 762ms
380ms Script
text/javascript 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 23:28:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:28:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 243A 9 KB
832 B 624ms
243ms Stylesheet
text/css 2404:6800:4006:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a3f9828ea2351588dcc8d8436e36935bbf9e1d1bfdc6c7d839d4bc6840490e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Feb 2024 06:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Sun, 25 Feb 2024 06:26:16 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240221_RC00/ Frame 243A 15 KB
3 KB 543ms
151ms Stylesheet
text/css 2404:6800:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240221_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 00:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 11:41:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Feb 2025 00:08:25 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240221_RC00/ Frame 243A 379 KB
132 KB 557ms
166ms Script
text/javascript 2404:6800:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240221_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

015177ede5cebef1a117764f9332347b175fa4335c5a81be264085d4d6b65b07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 23 Feb 2024 23:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109912
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134698
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 11:41:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Feb 2025 23:54:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 243A 20 KB
8 KB 685ms
305ms Script
text/javascript 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 23:23:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:23:51 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4BB6 0
16 B 287ms
287ms Document
text/html 2404:6800:4006:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CInM2dQFELjk--kFGIjJrYgCMAE&v=APEucNW17EDzSn6-g1Xk1bsn7vMnVn7HBH1AaMZ01hXxi6s0mqYHd1rj6A_S9rCV18btwdbBPCk9fBXdEpXUVYyz6AKv79WRjQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=2144726269&pi=t.aa~a.1132323683~rp.4&w=848&fwrn=4&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3668&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280%2C848x280&nras=4&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=2431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=2144726269&pi=t.aa~a.1132323683~rp.4&w=848&fwrn=4&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3668&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280%2C848x280&nras=4&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=2431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=12
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 06:26:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame CEF4 23 KB
9 KB 149ms
148ms Script
text/javascript 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 23:32:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:32:02 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/ Frame CEF4 8 KB
3 KB 346ms
346ms Script
text/javascript 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 13:53:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59549
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 13:53:47 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CEF4 0
0 432ms
205ms Fetch
image/gif 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv6ykGci2LK0ShBal1WpslQLmfcYM4PHydksZty-y7jG3SlDgtMFG8EgliJUD1tqR5ri7MPxrw-Nch_L7vUYn1y4nQSFVRystTEB-15dcSfBfmhdNtoxNwfjAza0dIC2E_tGktfQqNoZOlEOm3MMNxk0PqjgQ86VirDquKWhtLbSRRgkHEOTU7yyJHBj0Dem_m-VSjeBPUneqj92pCxm7fWYIIkovnVKz3rVxEJgYb_eCUdW2OU_xRBn0iWz2DWA0FyCj1WkeyyRyjprKfCBrT570c18ZAXTAaODuWejfEGiciekvYB3KHPKsQCAHd-XcXcfEBFF7qIZ_kZ3MISou6HoZPb-z0SHbQu0Ofc3FdsIOE5XV0vQOZ_bdbpUgWr662_z87MfbcnyqMlkiBX4knzfgnQ80guSItws4tlAqhZgyPp0btJiwea6dAU9Jm4YxYH34HS0TQ5Wee3U62HhAN9RMl98WtTvq0pGJTu0KQtsWCpAD6s2JMeTOvZUTaMwGqL_5tsMGrIMCicJtTv6atCz_8cMGkcARR1AjJRX_A-IKVSpmw6M_eNW-7vpzvzmIWNmMZb_1mKwaTTvqkPHJYPfTBGETsRflLFSrAXll4cJ8kvzaxdUrcR70fdAAydClmoGeb4Jn_8tK21wmYdFDVKsS0FpUSIifNTjRC4O-U-jeROc8NPy7V_SWTfBYoh3LCMiENciJJYmsnSodDoe6mslhNvtpQWj9eF_VmlAgiEQ_dwmzX3xODyVrAH5Vsf4DGM91uTz6UfzAn9_mAmuNaCC_d5tklIVOQyED4f7d1cl4mqNJ92EIOGTYYne_RCfvTCaq0eKRk6had1NAZ8jE_COBzO92dzMyLzs-qzBgp1LI73Ev3XOR_Q8gzqrNVDaMjY5k-I4ATk7W2UrmmDHY1bGDBN6Y3ruLD64usZfQOd-b-A3B0yWVfOJ85QHRF_wfUE1-IgRGWu9K6qJ6RiiOdzr-Eos0KyxPXOn9YjzVnvZMXqe41qflJWf_pYxMq_u0UJUg-o7Z2EaEEYHBvlXiCbWae-ONiYkH6fzmU2pdXSzMrgVu3Dk2JgzVPYYBAZR6qPHYgUIaI-a0_kpY4rXOX1lxazQ82MNgI_f2YtxHMtUzk0D8rnwOjWOaSWTExsi19P-QoJ6j7zJLbyvcAlrG9iZ2dT3IWyenqeDg_-IJMZrXKI8MdM25eW8GVgsVZkKSuJ0sLmNI6HqhISRdT7v9IPdsyLKg_TqPgmpRmMePjvCBFOIv3Z42t86yocAlQluFGMce_UvygiYtjHW1iz-YlmiUxI3Qgb7DhKPlclppbpPj5lCuDelX3AC0t_V7OvVEnpE5uXLVkAS_oJyZxSS-QnJ19gGj6AN8GUSFUbw5Am4qyMsoiW5yvEtNCyOiFQIPQ&sai=AMfl-YRQvirJzTqreP3mlI4r8lwAQr6UaM6IZImUlB2nxLjJ4D0Sb6U1s5SRxuDZlU-A3oaSSQSHdWrzZ1CFLxGtNx8qiyWFkyDOt2qzDZwRbjutD1d6gWK_VU2P7OVBe16NfPw1yA4qLnTx_bN8jBq9V8d2pYeYkA3A6k8ROqdx1Gca5VvkYF6cWEwd47E_oMXpOCGmDgK4pjODRlqCYQVPJVCzc_tKLIGcEQhpXcd7vrIP8UmujmzfhWY1rCseRwLtoo-qUvutCtgG9kUidGrWgr8_xZGuxhUjFAh3XU3DCOWpCYLiEuV4csUX1oJEw-P4CaV77LaI8o0FleFRgo_IeUDaTTgrdQ3nzP4l1ckpPWdBdly6FhpGZktnMXyFxXY6XFuvBPyh9qFZ5R4282j30x7ovdp_gg89BNqxQIEG9gks_76DlnSCeVKHwlor_BiTIi9Mup9dvX1t9m6fzAzdqiq_wuwvsaub1dSBYNr2kTeNNniFo2dlfII&sig=Cg0ArKJSzKiYg0kRFjN4EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240221.30365&arae=0&ftch=1&adurl=

Requested by

Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 25 Feb 2024 06:26:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame CEF4 41 KB
14 KB 590ms
415ms Script
text/javascript 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 00:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109165
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Feb 2025 00:06:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame CEF4 3 KB
1 KB 583ms
408ms Script
text/javascript 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 23:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26605
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:02:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame CEF4 20 KB
8 KB 500ms
326ms Script
text/javascript 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 23:23:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:23:51 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame CEF4 204 KB
61 KB 148ms
148ms Script
text/javascript 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 05:43:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 06:43:12 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CEF4 42 B
63 B 345ms
344ms Image
image/gif 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BaSNTdnZDyhyln9w3QozERVXsUeoXZUuxK6nFt5wZDaBKe0acBCWH5DazhzPw4YpoZZKQwzycbcj2qMcI-YuZqmxtg5KoVSDXOuu1_bFrwoT4Ld1Y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 06:26:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1776908174474561748
s0.2mdn.net/simgad/ Frame CEF4 62 KB
63 KB 546ms
148ms Image
image/png 2404:6800:4006:804::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1776908174474561748

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2006 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d64e1f140ab5d5beab005ef46d0407aecb2bb1e8bcac0dd7acc4e511020f3207

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

expires: Sun, 23 Feb 2025 00:07:35 GMT
date: Sat, 24 Feb 2024 00:07:35 GMT
x-content-type-options: nosniff
age: 109121
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63931
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 07:20:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame EF8B 23 KB
9 KB 624ms
458ms Script
text/javascript 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=3256979098&pi=t.aa~a.1132269752~rp.4&w=848&fwrn=1&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3668&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280&nras=3&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=874&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 23:28:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:28:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EF8B 9 KB
832 B 500ms
334ms Stylesheet
text/css 2404:6800:4006:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=3256979098&pi=t.aa~a.1132269752~rp.4&w=848&fwrn=1&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3668&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280&nras=3&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=874&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a3f9828ea2351588dcc8d8436e36935bbf9e1d1bfdc6c7d839d4bc6840490e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Feb 2024 06:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Sun, 25 Feb 2024 06:26:16 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240221_RC00/ Frame EF8B 15 KB
3 KB 333ms
156ms Stylesheet
text/css 2404:6800:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240221_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=3256979098&pi=t.aa~a.1132269752~rp.4&w=848&fwrn=1&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3668&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280&nras=3&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=874&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 00:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 11:41:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Feb 2025 00:08:25 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240221_RC00/ Frame EF8B 379 KB
132 KB 763ms
586ms Script
text/javascript 2404:6800:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240221_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=3256979098&pi=t.aa~a.1132269752~rp.4&w=848&fwrn=1&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3668&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280&nras=3&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=874&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

015177ede5cebef1a117764f9332347b175fa4335c5a81be264085d4d6b65b07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 23 Feb 2024 23:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109912
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134698
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 11:41:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Feb 2025 23:54:24 GMT

GET
H2 200 afr.php Show response
ads.as.criteo.com/delivery/r/ Frame 5248 128 KB
46 KB 924ms
337ms Document
text/html 2406:2600:7:100::15
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.as.criteo.com/delivery/r/afr.php?z=ZdrdhwANGkkCD1EtAAw8kG65jurxKzfpW_KcQw&u=%7CFPOQUtqbFmTvgaHxF%2FY719HP24om7MvliU%2BdMR2jKpU%3D%7C&c1=SpNqxMz7C2xV3MMj0aiG5j4TEzGr0uHs0UDsERpM9toExMr_xoAv9xgj4EB7xvAsUQzp8CCz0Z38TnpAzS43FQuEd-BQQ4gRnG1UUJ7LzOSrtU2JNsIFMr23o1isERgi8UFWUSDSFeJKS6Mdm2Ncumg_bPsMWEmIOsTIwIyYJXTlsUg5kzzebXzKOs72XGhcsB0uu9LtUfsUAjg_IORvYaAyOvPg6r9gT1SoQjjf70PD7r3zX0MFnvRmlEIHnwK0hxB1pC7uMN70jAIZZ1E6qy4TaCs9RWAdDjBEpQ7bM9iD1nYkaJ6PPnWZBTFoE1hYlFMKK4lIhKXiXKKohLPgI4-ZR-FFap-u87IMo5a13xpbgvN6X3SXuWWYmK29hribBT8m-ugm-ON7S82UvLSwI_pIzUdocvq3V1Yjivw_0HqVxD_2brcEaQp3HOIgUQGZR2Mqu08MvQItt5A3MPqTi1FZH_3xQTP4NPHEx1sFWvF-GDF1mftjVYHj02oxiGwDoLvgHXjS3HfVoTWxxAETbHTZm8MsxY6Jk6WlYDfjWA_C_aZZi-IRXQuLNqFwIkVGv0XuId2aRa4Y2MAi7Ee3UqL_vEfGCh7YXrdy9LyYtxAKUsWNJtF37n7T0LnUeiQYqNa-FJBVS78cx43QZQGWR015F7m3XnQw9xOL9dGxN38&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmmLXh93aZcm0NK2ivcAPkPmwSJj80bFcuqrwlawBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg2MDIxNDEyMzAyNDY4MDXIAQmpAg3o6wcuBaY-qAMByAMCqgTKAU_QPnklB73AXILZMBkbVq07gIR_6-gR_md5HfTCu-3a5iuOXveOhVE4YDJs-wGPPFZCSjugxtTTepNSzvKFvY9HK5DQkrezlxGGbCVImyFJIUvBRPWnsEr80GvHEl6IPuLwAX1nG15p-FEYCcZDDRACItSuApndnHpttfVewEc6Xl7He5EncSMyaryb7-8s7G_eG0bb_qNk3zrRE2gcRRddrJZgiBL_W49Lj6JeI5HI-pnRNQtt9CQYNoXSWPo0Vp4j36Bvh79fheOABpyN1JHVlLioKaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICACEi9_cE6WIzFp_btxYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0DyvdBAm4HQysVHzU75Zcxhs33Qg%26client%3Dca-pub-8602141230246805%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=3256979098&pi=t.aa~a.1132269752~rp.4&w=848&fwrn=4&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=2&bdt=3667&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=1174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::15 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

1845fb4fd24e74ec953ee1b8b411cfacb0625ac790632a34874f16810a18b8f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 06:26:17 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=nfPoiAA0_IQj5x8A8O7EqUXEQHNzTWTSbbZufZLIYpQbhPgT5k3_R1wwT1fD1QrrURvxPp95PyvUhQs6CUoym_w33b58mhaVZIDO2R-W7DS3D1q0bA_78Adeb1wk7D3YAj6lNoxS2xhRxtQizc6xf4SPJfneJGjgzET24CMjewgCKzJvQwL7DDEyYljz_VASv8jVTIagXXM8H0fzJinK9KBln8aO3sIDmshcXfdRl0i25o9RqpgConj2kKa3TObhN7kL_Q"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 40379262
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame FD29 3 KB
1 KB 521ms
408ms Script
text/javascript 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=3256979098&pi=t.aa~a.1132269752~rp.4&w=848&fwrn=4&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=2&bdt=3667&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=1174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 23:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26605
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:02:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame FD29 20 KB
8 KB 302ms
188ms Script
text/javascript 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=3256979098&pi=t.aa~a.1132269752~rp.4&w=848&fwrn=4&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=2&bdt=3667&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=1174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 23:23:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:23:51 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame FD29 204 KB
61 KB 158ms
158ms Script
text/javascript 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=3256979098&pi=t.aa~a.1132269752~rp.4&w=848&fwrn=4&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=2&bdt=3667&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=1174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 05:43:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 06:43:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame EF8B 20 KB
8 KB 454ms
356ms Script
text/javascript 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=3256979098&pi=t.aa~a.1132269752~rp.4&w=848&fwrn=1&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3668&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280&nras=3&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=874&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 23:23:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:23:51 GMT

GET
H2 200 5d115d22c534f80a76417856e32eef9c.js Show response
www.gstatic.com/mysidia/ Frame 1356 8 KB
4 KB 246ms
245ms Script
text/javascript 2404:6800:4006:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5d115d22c534f80a76417856e32eef9c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 23 Feb 2024 23:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3749
x-xss-protection: 0
last-modified: Fri, 23 Feb 2024 01:43:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 May 2024 23:53:49 GMT

GET
H2 200 5fd44f088fd3bdae1982d37bc55a926a.js Show response
www.gstatic.com/mysidia/ Frame 1356 93 KB
32 KB 149ms
149ms Script
text/javascript 2404:6800:4006:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5fd44f088fd3bdae1982d37bc55a926a.js?tag=leadgen/frosmoth_text

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d768447276f397ce2049a57fffb80cccd4480b16fdd31b713a43e50c54bd0f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 00:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32584
x-xss-protection: 0
last-modified: Fri, 23 Feb 2024 01:43:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 24 May 2024 00:07:31 GMT

GET
H2 200 3aefb1395b5cd932b652c0f938bd33ff.js Show response
www.gstatic.com/mysidia/ Frame 1356 19 KB
8 KB 301ms
300ms Script
text/javascript 2404:6800:4006:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3aefb1395b5cd932b652c0f938bd33ff.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c189028aa34513d253447c08e7e3fc818027930a787ae4b5f1c2cb9dfa0a2ca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 23 Feb 2024 23:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7968
x-xss-protection: 0
last-modified: Fri, 23 Feb 2024 01:43:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 May 2024 23:55:11 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1356 795 B
369 B 248ms
243ms Stylesheet
text/css 2404:6800:4006:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500%2C600&text=%E3%81%9B%E3%82%B5%E5%90%88%E3%82%A4%E3%81%84%E3%82%8F%E5%95%8F%E3%81%8A%E3%83%88%E3%82%92%E8%A6%8B%E3%82%8B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

96f23eb160d9c4d2d459d66905062e1941cc625c2c657bfdd1ac2b8b8c406e73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Feb 2024 06:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Sun, 25 Feb 2024 06:26:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1356 26 KB
2 KB 255ms
251ms Stylesheet
text/css 2404:6800:4006:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600%7COpen%20Sans%3A400%2C500%7CRoboto%3A400%7CGoogle%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cef8a88db2fa13828a16a570e80a6f2fadce3d885a0bac08aefebe044f06c096

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Feb 2024 06:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Sun, 25 Feb 2024 06:26:17 GMT

GET
H3 200 mdc_list_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 1356 27 KB
6 KB 149ms
148ms Script
text/javascript 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_list_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 04:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
server: cafe
etag: 4758454654811317262
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 26 Feb 2024 04:25:04 GMT

GET
H3 200 mdc_menu_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 1356 51 KB
11 KB 151ms
150ms Script
text/javascript 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 04:26:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11146
x-xss-protection: 0
server: cafe
etag: 2759356358486721826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 26 Feb 2024 04:26:42 GMT

GET
H3 200 mdc_menu_surface.min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 1356 18 KB
5 KB 165ms
163ms Script
text/javascript 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_surface.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 17:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4739
x-xss-protection: 0
server: cafe
etag: 18373107336927916518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 25 Feb 2024 17:37:54 GMT

GET
H3 200 mdc_select_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 1356 103 KB
18 KB 167ms
164ms Script
text/javascript 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_select_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 13:32:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18791
x-xss-protection: 0
server: cafe
etag: 10996637669125113147
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 25 Feb 2024 13:32:46 GMT

GET
H3 200 mdc_textfield_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 1356 58 KB
10 KB 177ms
174ms Script
text/javascript 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_textfield_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 11:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67649
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10107
x-xss-protection: 0
server: cafe
etag: 7588401036457704084
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 25 Feb 2024 11:38:48 GMT

GET
H3 200 mdc_list_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 1356 31 KB
3 KB 153ms
150ms Stylesheet
text/css 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_list_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 14:09:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3021
x-xss-protection: 0
server: cafe
etag: 18113988596513574663
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 25 Feb 2024 14:09:25 GMT

GET
H3 200 mdc_menu_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 1356 3 KB
791 B 154ms
152ms Stylesheet
text/css 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 21:40:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31533
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 766
x-xss-protection: 0
server: cafe
etag: 14497039402300002370
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 25 Feb 2024 21:40:44 GMT

GET
H3 200 mdc_menu_surface_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 1356 2 KB
636 B 153ms
151ms Stylesheet
text/css 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_surface_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 02:07:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 611
x-xss-protection: 0
server: cafe
etag: 18268606943400439583
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 26 Feb 2024 02:07:54 GMT

GET
H3 200 mdc_select_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 1356 37 KB
4 KB 156ms
153ms Stylesheet
text/css 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_select_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 10:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73090
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3940
x-xss-protection: 0
server: cafe
etag: 17986137158686949241
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 25 Feb 2024 10:08:07 GMT

GET
H3 200 mdc_textfield_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 1356 51 KB
5 KB 155ms
153ms Stylesheet
text/css 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_textfield_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 21:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4595
x-xss-protection: 0
server: cafe
etag: 17552977722549843295
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 25 Feb 2024 21:22:26 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 1356 2 KB
880 B 223ms
220ms Script
text/javascript 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 23:28:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:28:39 GMT

GET
H2 200 72acafc7381a374e875f2810be119754.js Show response
www.gstatic.com/mysidia/ Frame 1356 22 KB
9 KB 318ms
315ms Script
text/javascript 2404:6800:4006:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/72acafc7381a374e875f2810be119754.js?tag=exit_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d72cc43cd292571dac7823e1a28a82927b237c9637f7b81fcd4b1f248092fdc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 00:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
last-modified: Thu, 22 Feb 2024 18:27:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 24 May 2024 00:09:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame 1356 23 KB
9 KB 227ms
225ms Script
text/javascript 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 23:28:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:28:39 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 1356 3 KB
1 KB 242ms
240ms Script
text/javascript 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 23:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26606
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:02:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 1356 20 KB
8 KB 207ms
205ms Script
text/javascript 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 23:23:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:23:51 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1356 204 KB
61 KB 181ms
179ms Script
text/javascript 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 05:43:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 06:43:12 GMT

GET
DATA 200
OK truncated
/ Frame FD29 360 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0184c29a407346d3e5b1141151c8ffaba1a9d9bd4352ce7d911405070f145389

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FD29 0
19 B 289ms
288ms Image
text/html 2404:6800:4006:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cs29Mh93aZcm0NK2ivcAPkPmwSJj80bFcuqrwlawBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg2MDIxNDEyMzAyNDY4MDXIAQmpAg3o6wcuBaY-qAMByAMCqgTHAU_QPnklB73AXILZMBkbVq07gIR_6-gR_md5HfTCu-3a5iuOXveOhVE4YDJs-wGPPFZCSjugxtTTepNSzvKFvY9HK5DQkrezlxGGbCVImyFJIUvBRPWnsEr80GvHEl6IPuLwAX1nG15p-FEYCcZDDRACItSuApndnHpttfVewEc6Xl7He5EncSMyaryb7-8s7G_eG0bb_qNk3zrRE2gcRRdd7pRBGvcx0vG0BtPAyMdSObDFP5xn2jzwvnaEwjOKSLI7OEv--UCABpyN1JHVlLioKaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICACEi9_cE6WIzFp_btxYQDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTg2MDIxNDEyMzAyNDY4MDUYAA&sigh=5ihST7i50T4&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_Q1EmfVVTof1R4OQCgXvCAqe2GPKQJVjAq7qN0Z2QjDudvAh9sDj5BD2nznwe65xPwx7lYdEBS-uw0WU7SWwi9vUHLPEJjPbOJT8YAQ&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=3256979098&pi=t.aa~a.1132269752~rp.4&w=848&fwrn=4&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=2&bdt=3667&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=1174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=3256979098&pi=t.aa~a.1132269752~rp.4&w=848&fwrn=4&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=2&bdt=3667&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=1174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=4
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 25 Feb 2024 06:26:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.sg1.as.criteo.com/google/auction/ Frame FD29 0
126 B 930ms
243ms Image
text/plain 2406:2600:7:100::e
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.sg1.as.criteo.com/google/auction/notify?profile=14&payload=kuX5GNL5RNAGmAJi-C0SAgAAAB2dNlkMPu2n9MP6-xCH3dpl6G5VID1hwQljHwAAEgAACgpBUVVCRGdFQkRn&wp=ZdrdhwANGkkCD1EtAAw8kG65jurxKzfpW_KcQw&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=3256979098&pi=t.aa~a.1132269752~rp.4&w=848&fwrn=4&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=2&bdt=3667&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=1174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:17 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 239770
server: Kestrel
content-length: 0

GET
DATA 200
OK truncated
/ Frame CEF4 449 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0748a70b6ac2b9554135f02117261f79011ae0266dc0e85568a614726d16214

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2647 38 KB
13 KB 148ms
147ms Document
text/html 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
age: 108330
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Feb 2024 00:20:47 GMT
expires: Sun, 23 Feb 2025 00:20:47 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 243A 0
234 B 1622ms
499ms Ping
image/gif 2404:6800:4009:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lt14mp3a&c=305775390550&slotId=152887695275&qqid=COfP5vXtxYQDFWdRDwIdu60LDg&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240221_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:82b::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 06:26:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 243A 11 KB
11 KB 538ms
148ms Font
font/woff2 2404:6800:4006:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 23 Feb 2024 23:57:07 GMT
x-content-type-options: nosniff
age: 109750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11040
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Feb 2025 23:57:07 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 243A 11 KB
11 KB 716ms
328ms Font
font/woff2 2404:6800:4006:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 23 Feb 2024 23:49:15 GMT
x-content-type-options: nosniff
age: 110222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11028
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Feb 2025 23:49:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 243A 0
28 B 283ms
283ms Image
image/gif 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CHL5eht3aZef0LueivcAPu9uucMDOsIp2lKids-oSxMi1q64BEAEg5I_mc2Cr7LGF4BigAf-1geYqyAEFqQJ2aX51S8ukPqgDAcgDmwSqBP4BT9ApRfej6W_QfgpgwF7_1hujK0Ds5T_LSKxOaV_UZdku1-bx3mcPCK92fB4nPUaSteLUAaNJfgbKzxj3rc2XkqMufV3PL4zChbnBGlfJ7dOJZDbtBGNcgdCKHOwqX7cVixd7VdIb0yL_tK_3zFrkYYXY4u5O2ktQCfaOz_loABrNf6ZTDXxNsJOiwTNpbQS_2GOQOjSVJDqwymbS-LlnF-fUWlj1E-07QDhJ7W0x6Se0xTYBPgRn9-2-HqukOyLcOlll8kD9G3pXXq4Jxa_Fl8h-34lx-uxjUQqJ-I8m7mduM75eaay1m0ZOsWTyFTXsJdiyYxucCNgvpJuLmHPABLTD_OjVBOAEA4gFwcuaok6QBgGgBnbYBgKAB__t0cUFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHAKAI3No9sAgC0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WMzw5PXtxYQDgAoByAsB4AsBgAwBqg0CTlqwE67d4hbIE47NreQD0BMA2BMKghQYGhZvbmUtcGllY2UtYW5hbHlzaXMubmV0iBQC2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1708842377369&ai=CHL5eht3aZef0LueivcAPu9uucMDOsIp2lKids-oSxMi1q64BEAEg5I_mc2Cr7LGF4BigAf-1geYqyAEFqQJ2aX51S8ukPqgDAcgDmwSqBP4BT9ApRfej6W_QfgpgwF7_1hujK0Ds5T_LSKxOaV_UZdku1-bx3mcPCK92fB4nPUaSteLUAaNJfgbKzxj3rc2XkqMufV3PL4zChbnBGlfJ7dOJZDbtBGNcgdCKHOwqX7cVixd7VdIb0yL_tK_3zFrkYYXY4u5O2ktQCfaOz_loABrNf6ZTDXxNsJOiwTNpbQS_2GOQOjSVJDqwymbS-LlnF-fUWlj1E-07QDhJ7W0x6Se0xTYBPgRn9-2-HqukOyLcOlll8kD9G3pXXq4Jxa_Fl8h-34lx-uxjUQqJ-I8m7mduM75eaay1m0ZOsWTyFTXsJdiyYxucCNgvpJuLmHPABLTD_OjVBOAEA4gFwcuaok6QBgGgBnbYBgKAB__t0cUFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHAKAI3No9sAgC0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WMzw5PXtxYQDgAoByAsB4AsBgAwBqg0CTlqwE67d4hbIE47NreQD0BMA2BMKghQYGhZvbmUtcGllY2UtYW5hbHlzaXMubmV0iBQC2BQB0BUB-BYBgBcB6BcF

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 06:26:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 243A 0
54 B 1606ms
499ms Ping
image/gif 2404:6800:4009:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lt14mp3u&c=305775390550&slotId=152887695275&qqid=COfP5vXtxYQDFWdRDwIdu60LDg&fb=outstream-lima&ulv=1&cll=1&met.4=arp_a_s.241&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240221_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:82b::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 06:26:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 243A 33 KB
18 KB 508ms
189ms XHR
text/xml 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CLHjTycoaUF1ZObJJbI5bXyBynOzD1FuNQbzyBtNwBnkFpSVb1QvPBUUZ5pqlfaMjUBObZJ50lc9ZchhsQTsj4-HaQAg&cry=1&dbm_d=AKAmf-BX9fAXoh5dPj7HFc-AykGXz9bMIzFtTX5_iOloyP2drnuePyT00BIzJIRRweMApja1XszD9heKx99t-bczJcj9avUOXyXn-pJYmS-TfF7IQ5I0boWQaWWLcyWs9oIJqX6D0p3dltdclG0u-OcLKUi8jb_-WAnHF0_v6XmXT4B3LJVFWD93JWiYG-0egApCAV4G-Zoy9E2WvL4em9N7JlE7--GokmkeUUahYBTNUhMEfq6rQhOp6Y2TQHRmDl2o_vTGV22Ma5llLaV-XeRFdlI_Pg0r0bJxT79sNdbn-DVHm1BSgV6msqXJaPWtBOoB33dQxb-wueyOCP9KLdhOcmJ93Gm9QUKGBsNoxavmpmUPJ96mEWd9sAHkMow5GAue5ROhchv9iqYMbSW2i-E_8LAfGcrsS83wJ4zWaU1h3CY9LZvKg9L3tIA6ePctU2XeQZeJLEDX4huAkAzqB6wlKhk2ozMNSHxGaeu6deJrDggraYQYaAd0BAUKAckdb7p-lXYb6nNC5abMzrpW27i_ASxCynOtRE9HCiW1G2J8FdsbGaaia95a6ZX9GIKKENJ5Mqj0XAnYUNMo_fC4MRoxyqwq2iKQmTCEX23mDz29GzBhpgHB5NV8w14TiPQeDo4iwupKfFYtOVsTwFfmWlJnzfkuLHLaoQBExZz6Qo_I4HeMvE72ZDfAxnIePKsCJeoCEI8d7OETAy6Wr4sEn8TBiP_mU8rk3UGDeY6ywXj6zwKeDQhwpsar7G5F96bJNJ65UHJfcXAH3nqYaamw7m-1NVxl9PSt4MeHI_bxoK2rONbNYMCQ7EP4yLt5N8JzXoWDSVE1p63No7hoD_x_XfQ_dxaON7pG-vUGFOCapmro7tgiISm99D-9ceusm47pzwQf2WaPQaDgUulP-pXqPeHh1FEqwfV88UcmPRJUMheShSVQBTc-sD7ohht6YD_AiTL9p5q1RwQ2XECRHp5S2fhlGP66UK-SrjGKB5sEOicwQWYlvk543ohi3TzJ6LC3Tf-lueRwDrWhOSHgJBfSgedWxHf2eFUWoONHG25ue11X-HvQmCd93R5oHvPvF4qSGF85R6k1H0rLQRi_vuXjAxgdYdN9VrZLClsjBYbInJRr2RUcwFZoUCgb-ZY6Ai8lDe67w5_KkTIDxPnT2qpg0uyGQogMsU-ejXlOt1u3nE7U1j_DWKX-qbqy57t5642A7SiPUWydCRhGEQ6tt5WVHyXxC4h0VZvKGX8Y6h7_M2jS3V4RVT8cQpic_y-4wgZQIkx-8i5ZmpoBhXaY6nxLDqiqJt1KoExilXYvFjz8W1u3NHMcO95pLJaW8cpLRIZfjtt_-LPH-EFUNK8GAhOBeKyglIQ5dIUf6YwIzSmike-NBR0_T-3zMxulaClLG6g2CDZOZr0DCVE2RRTqDty60YrWRYC-2m9DODDz0bw5fN4c70HaECmdOjIegs9P34vhZWKLtY4J4MRB1TYc94gTbZ6-LmsBDNCxsSLof8Gmyb1BRqmTr89rmMFdOekrI9GuNtWhmNm7HN41hZQ3biZl77Gf-_AUSLgAk_MNIJqwwR9SElHOtZONpUk0HttlMiWO1Td92JCnyxF8UZhpbb0InNc_dqmEMWxi8PwuPVgpBYxzJpSnMmC1jFL352rAptXhLkB6GstetQq1mg_zmt99aT_mv9omOhhvrbvipDKFgv68t-3l7_BfZ7at6eWvQZqNr1SDzbQB7tXYH913rZxxGQ77qRxvFkvjNDo0F2Bcc8xOh3C5XrQ3EmQsEo9uO4V0V5e9gc9X0D7kOjsd8ejXINeMA7ez3exTnRvuPvP80tWPzNKg2-4OkGDijJaL2rSHQ5tjjyzxJIyu-L6IDluOnWmGZIHcIQAXSum88fXeXEdQ7uvAiBoJsl2RYO7AdJFvta4gaoSNGLdtx3enK1CI1uLdPezQWEuE9V62ynBbCPMvoqLdld6_BgquQJ3VaT730_L4GgzY5zNNEpacWHo7jc7SFkPE-HPKgTxvCyRXtgLffYgPwzuhZMsiJ-ifx3hXuNJdhkkFdLdgH_hGvVbrHES_qEwbVQKuqhKz3z6qUxbgeOYiRxdhjGKDdTdrRc-Ywn518_1385sCCvzjcX2lxqe9TAHlFsNdhDzN1jTx6Oo6D25yTUsCcjtUOo23VzpCfG6dmRS98bdta8RjQPVwteviCZgkm6DZ1U45Tk-HURDZ5Bfv9S2ScW2lZSVOttKMfyuy84lWLXE5dGfqg6i7PLzU7TisKUu6xNPz_f7yOOcYxUsUEC0eZOI2-H7ey7umwOq7FM106hg8lATGtVeZOMG0VFcr2Er5qbO7Ioc4TfF4rQFqMCA3FG-2HX2fS5wnAfHG9wadGdMVOewQXmSJr4wFlo8tPvIEzSfdbVbnA-EtGLZ_9rCCWxEGcg_cJb6Gfhddut0RFF-msYm6j4Ny2O-c-45PXqpKCTNjUuVQfLDiKBVSRBdhSfkkWDoIQYGLjgTpE5lBOogTTY8SU-aWU25DM0x9u6RDTYsHlGNt604xDG0T3doMyYBW2RWeYTlOEAzf9NDKI7Uql0r5QXCokLpTcm7PWj4Ph0hxVXY1G4_vwtw6003xzl2o2qluGW38vN1MMwouLQlVP_gAF4FXFithpgVMPwnRvccAZ_r6ogvRC5Auk2lZS8P719Az4yrAI2KbKpVBLQWjr0F7as2X-Nuzm9SStQ04BS0_kEu8nLBbIevwRko_q6VMPry1lTMYh6yM6kqlXglKpuLFMvXe4SDemKHDFnkVD9XVYME8hlZgwSPNT4F6siLugCu2UaJyAqQ58YJnYnDNJwJNh57u1RChdx-FblLDw1BhI8ZwzYlxMlgIRpFiTDN7jXIbUwoEcso_zBWYNn4tNxKR7WUeEoHo81yjHdy4BWOyUZH4eCxMt5qAOxfimnirQfLa7MRXd_mn-q5iRlqWadycMSW1BzrEeZPCZVMBflVgISQuuhwuZCxLqQTNf-JOs9zcJSsTPhRhX3XYDt4gw5zOxmKuwwAVlG5WmH94QcUUOT2DpwWxa6_HkLeznFNq7PtLXi_zxhvV8jeZTue7sZjj-NEVybLUktUOdrKVvStYvLO3FC3YDaP4WXYhqRvl59X569eOSruzDO_2YRKZm09GjznRMzNW1p2OaalbRl1uZbNRwy_pupxKTus-UKQ4bzC1PoyU-d2fQhehvNbt-T4BDfUVXc6TJ6pB5ptOIN9Timp3rl5Zf6AzqPKpgmS8PyoEyIpOf9_B_8Yu13Qw7PhnpirEq6BGJK4bwOGLSm6VzytPlILJJp40UbMOSVehl6kUoigIiVUyLS7MztCPn6_UXwxuZnTbmkFMDvB1IXsw2M9kPhHkijVQqLCZmsgCby0lDqA-d59j1JB1Oo8NYmuaYUA9Fh5Jw0j59NOy1Wt5-dELpz3o-ylogM8An4wc_lAK49EdpUV8m7gr_bCFo9lhSrPuKFsGkQh7j_rIFD445t3CMEEuwFE0IoRJk_0qj4CcmKH7iDHSGBwEma9oZwny5jzycQ-pzmeiix7trpOFBMkGehqqLq0nmJT8svtwvUWmbZyiyHUOv6kSuoKneW63K8zLjK9iVAPoKR783kKcZM-BEgSRuzo0nUIYh4JCHIbuiTSsIyf1L_FI1_188E6TxxFqyOlYh9nFnyT0YXXhegFzUPXneV_LyDjn4OUXy_1O11f_vHD0poWmcuQ5C3D-UPjhJ2NiF0NDPoviGvkSrfmXyG68dphXkTlX3Md9SoCAch5PZMPlB5Lkmg6uPBd_igkwxdKFQUTLLxvALzYOfE3ls1QCUCxsWhOCFMqQ3TFK2fLTISKeYlCJQq7gFv3sNs5comwjmY4wUx7k9lvLGuUogI244nx9oztqbxB5IpPSCCqkLJDy-H3D8m-IdNGYiuXnRUF92OXhYv9q-ULByl9QAJjiSYu-VhwS99g_t97BOET4LDhE4vnnC_k7Vv9Ko6IoTsPXLFpVes3nGnpxcAP0qr7Xut6nH_1uMM1ReVJOqznFj0GKtITo79chJGcuWP85MnUP7Ljhj1PjXh3yXulP_K6EtwGRqLqfzRo&cid=CAQSTwAvHhf_eDe7bYrfu0quPVyXMhbOO4Ojf-iqdfcHTUuTbVMcqD57XYJXnvjlt2IexKexqk4WJslwrV3IfVW4Yze39C5NYCa6Dq_auaiG_ikYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240221_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

f578cafca6d5300adac6e8338fc6091c68d696d9b6f7ccdd4fb4411f849f496c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18218
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CEF4 0
0 207ms
206ms Fetch
image/gif 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv6ykGci2LK0ShBal1WpslQLmfcYM4PHydksZty-y7jG3SlDgtMFG8EgliJUD1tqR5ri7MPxrw-Nch_L7vUYn1y4nQSFVRystTEB-15dcSfBfmhdNtoxNwfjAza0dIC2E_tGktfQqNoZOlEOm3MMNxk0PqjgQ86VirDquKWhtLbSRRgkHEOTU7yyJHBj0Dem_m-VSjeBPUneqj92pCxm7fWYIIkovnVKz3rVxEJgYb_eCUdW2OU_xRBn0iWz2DWA0FyCj1WkeyyRyjprKfCBrT570c18ZAXTAaODuWejfEGiciekvYB3KHPKsQCAHd-XcXcfEBFF7qIZ_kZ3MISou6HoZPb-z0SHbQu0Ofc3FdsIOE5XV0vQOZ_bdbpUgWr662_z87MfbcnyqMlkiBX4knzfgnQ80guSItws4tlAqhZgyPp0btJiwea6dAU9Jm4YxYH34HS0TQ5Wee3U62HhAN9RMl98WtTvq0pGJTu0KQtsWCpAD6s2JMeTOvZUTaMwGqL_5tsMGrIMCicJtTv6atCz_8cMGkcARR1AjJRX_A-IKVSpmw6M_eNW-7vpzvzmIWNmMZb_1mKwaTTvqkPHJYPfTBGETsRflLFSrAXll4cJ8kvzaxdUrcR70fdAAydClmoGeb4Jn_8tK21wmYdFDVKsS0FpUSIifNTjRC4O-U-jeROc8NPy7V_SWTfBYoh3LCMiENciJJYmsnSodDoe6mslhNvtpQWj9eF_VmlAgiEQ_dwmzX3xODyVrAH5Vsf4DGM91uTz6UfzAn9_mAmuNaCC_d5tklIVOQyED4f7d1cl4mqNJ92EIOGTYYne_RCfvTCaq0eKRk6had1NAZ8jE_COBzO92dzMyLzs-qzBgp1LI73Ev3XOR_Q8gzqrNVDaMjY5k-I4ATk7W2UrmmDHY1bGDBN6Y3ruLD64usZfQOd-b-A3B0yWVfOJ85QHRF_wfUE1-IgRGWu9K6qJ6RiiOdzr-Eos0KyxPXOn9YjzVnvZMXqe41qflJWf_pYxMq_u0UJUg-o7Z2EaEEYHBvlXiCbWae-ONiYkH6fzmU2pdXSzMrgVu3Dk2JgzVPYYBAZR6qPHYgUIaI-a0_kpY4rXOX1lxazQ82MNgI_f2YtxHMtUzk0D8rnwOjWOaSWTExsi19P-QoJ6j7zJLbyvcAlrG9iZ2dT3IWyenqeDg_-IJMZrXKI8MdM25eW8GVgsVZkKSuJ0sLmNI6HqhISRdT7v9IPdsyLKg_TqPgmpRmMePjvCBFOIv3Z42t86yocAlQluFGMce_UvygiYtjHW1iz-YlmiUxI3Qgb7DhKPlclppbpPj5lCuDelX3AC0t_V7OvVEnpE5uXLVkAS_oJyZxSS-QnJ19gGj6AN8GUSFUbw5Am4qyMsoiW5yvEtNCyOiFQIPQ&sai=AMfl-YRQvirJzTqreP3mlI4r8lwAQr6UaM6IZImUlB2nxLjJ4D0Sb6U1s5SRxuDZlU-A3oaSSQSHdWrzZ1CFLxGtNx8qiyWFkyDOt2qzDZwRbjutD1d6gWK_VU2P7OVBe16NfPw1yA4qLnTx_bN8jBq9V8d2pYeYkA3A6k8ROqdx1Gca5VvkYF6cWEwd47E_oMXpOCGmDgK4pjODRlqCYQVPJVCzc_tKLIGcEQhpXcd7vrIP8UmujmzfhWY1rCseRwLtoo-qUvutCtgG9kUidGrWgr8_xZGuxhUjFAh3XU3DCOWpCYLiEuV4csUX1oJEw-P4CaV77LaI8o0FleFRgo_IeUDaTTgrdQ3nzP4l1ckpPWdBdly6FhpGZktnMXyFxXY6XFuvBPyh9qFZ5R4282j30x7ovdp_gg89BNqxQIEG9gks_76DlnSCeVKHwlor_BiTIi9Mup9dvX1t9m6fzAzdqiq_wuwvsaub1dSBYNr2kTeNNniFo2dlfII&sig=Cg0ArKJSzKiYg0kRFjN4EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=859&vt=11&dtpt=858&dett=2&cstd=0&cisv=r20240221.30365&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1356 0
28 B 284ms
283ms Image
image/gif 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoMCAEqCHBvcnRyYWl0CgoIAioGc2VydmVyChgIBCoUbXlzaWRpYV9yZWxlYXNlX3Byb2QKLhohZGlzcGxheV9sZWFkX2Zvcm1fcXVlc3Rpb25fbnVtYmVyIQAAAAAAABBAMAEKDRArIQAAAAAAQFBAMAESGkNPSFA1dlh0eFlRREZXZFJEd0lkdTYwTERnIhVsZWFkZ2VuL2Zyb3Ntb3RoX3RleHQoLA==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 06:26:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 243A 459 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74035b412798b3422ce4ed5a58d2d9b8fd2bf5e58a8cb36b3a5dc9fecef18250

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
H3 200 p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1E5F 51 KB
19 KB 149ms
148ms Script
text/javascript 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a797e70bc52226063fae939bcd9f69b525838d0d9a466c30ed6a9defe8bf8244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 23:50:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19860
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Feb 2025 23:50:08 GMT

GET
H3 200 p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2647 51 KB
19 KB 156ms
156ms Script
text/javascript 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a797e70bc52226063fae939bcd9f69b525838d0d9a466c30ed6a9defe8bf8244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 23:50:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19860
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Feb 2025 23:50:08 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame EF8B 0
54 B 1507ms
500ms Ping
image/gif 2404:6800:4009:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lt14mp6q&c=2427723012968&slotId=1213861506484&qqid=COPMrPbtxYQDFRJTDwIdjcgLjw&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240221_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:82b::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 06:26:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EF8B 11 KB
11 KB 450ms
171ms Font
font/woff2 2404:6800:4006:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 23 Feb 2024 23:57:07 GMT
x-content-type-options: nosniff
age: 109750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11040
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Feb 2025 23:57:07 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EF8B 11 KB
11 KB 574ms
295ms Font
font/woff2 2404:6800:4006:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 23 Feb 2024 23:49:15 GMT
x-content-type-options: nosniff
age: 110222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11028
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Feb 2025 23:49:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EF8B 0
28 B 284ms
284ms Image
image/gif 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C2uJDh93aZaPtN5KmvcAPjZGv-AjAzrCKdpSonbPqEsTItauuARABIOSP5nNgq-yxheAYoAH_tYHmKsgBBakCdml-dUvLpD6oAwHIA5sEqgT9AU_QXdRJMNET669Q4kvtwyi4vkP97ZBAJBMoHK3G14VF6LqYKhDqA7Z8qbZOvGUhZecJl59-JPtSRUnq5QrkimEqjAgX4ncfqtjde7UN6ktBRtV2w_8jPOFcSnhWWtdumyE8IYRpvwht-K8eFpAt89Z0RETzVrA01GDiZFA0JYI5RWjkTEpYdhjDMhXrVMDfm-Z-Anljx-_S8yhbm1_aAv3N590E3NQoTxaj0NOBTMCm1N1jRPdKd_kVJU-wFMpXtrzZ1F-QfCk8TWIv3w8FixiWZeyQD4b41jindUKjX-NvIuMIt8cK9pAEHvFk6jZ7Rvox_9WRAAQPFo-71fzABLTD_OjVBOAEA4gFwcuaok6QBgGgBnbYBgKAB__t0cUFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHAKAI3No9sAgC0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WJODq_btxYQDgAoByAsB4AsBgAwBqg0CTlqwE67d4hbIE47NreQD0BMA2BMKghQYGhZvbmUtcGllY2UtYW5hbHlzaXMubmV0iBQC2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1708842377486&ai=C2uJDh93aZaPtN5KmvcAPjZGv-AjAzrCKdpSonbPqEsTItauuARABIOSP5nNgq-yxheAYoAH_tYHmKsgBBakCdml-dUvLpD6oAwHIA5sEqgT9AU_QXdRJMNET669Q4kvtwyi4vkP97ZBAJBMoHK3G14VF6LqYKhDqA7Z8qbZOvGUhZecJl59-JPtSRUnq5QrkimEqjAgX4ncfqtjde7UN6ktBRtV2w_8jPOFcSnhWWtdumyE8IYRpvwht-K8eFpAt89Z0RETzVrA01GDiZFA0JYI5RWjkTEpYdhjDMhXrVMDfm-Z-Anljx-_S8yhbm1_aAv3N590E3NQoTxaj0NOBTMCm1N1jRPdKd_kVJU-wFMpXtrzZ1F-QfCk8TWIv3w8FixiWZeyQD4b41jindUKjX-NvIuMIt8cK9pAEHvFk6jZ7Rvox_9WRAAQPFo-71fzABLTD_OjVBOAEA4gFwcuaok6QBgGgBnbYBgKAB__t0cUFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHAKAI3No9sAgC0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WJODq_btxYQDgAoByAsB4AsBgAwBqg0CTlqwE67d4hbIE47NreQD0BMA2BMKghQYGhZvbmUtcGllY2UtYW5hbHlzaXMubmV0iBQC2BQB0BUB-BYBgBcB6BcF

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=3256979098&pi=t.aa~a.1132269752~rp.4&w=848&fwrn=1&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3668&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280&nras=3&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=874&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 06:26:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame EF8B 0
54 B 1501ms
501ms Ping
image/gif 2404:6800:4009:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lt14mp72&c=2427723012968&slotId=1213861506484&qqid=COPMrPbtxYQDFRJTDwIdjcgLjw&fb=outstream-lima&ulv=1&cll=1&met.4=arp_a_s.1ce&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240221_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:82b::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 06:26:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame EF8B 33 KB
18 KB 442ms
229ms XHR
text/xml 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DiVkLjpG0iNhG8Y7b3KbtLswrf47FEG147LvYglXVD8yiVpvrG5IGVK_L4vgwkEHm_323VFXRM4qqxmSHUKGBX1e4nEA&cry=1&dbm_d=AKAmf-CPBbj3I3_8BxxW1f1JX5ta-5ePw8QOSaMLJlLYybzTAkKmOiIcPQJeDzk5tmZAVz-TD3D7gmRRldVm51UUmOFL7uBIlNLDBFp21E6BW5Ven5JdTWYiNUOfd2dIjkRdxUoaRHP8xR47o1-G_6YH-lmwKjx4AgkqzTxovSoOe5erBPIaq40ol23KIOCLqcDKmZlUF-wihq_M9DK5A8Ru2w3euJsAwJr0TV3Fv34gSvZzKeR8meNqv-PlPGuakx4azQ5NsIsGeVYh4OyuJssWanQ9wcaLqzw6zRSxwWhUeZqR2MGLNXAlyk0s9UvYfdjtkkQDHnLFLmg19oF93NRaVueifwgK2Lar-i2sXJ7o8iXEryE_8W5N19xpBF5vEFwBGHepgn1SSa2mKIM4YX45qB2fQMxPY2AjsscJmKtkq28j199xJEhQuFEQMZiwpFLZ1slcAGB9O3afaxNLiii6dMLFrdQmXPbUY0lJLYLBq6hQPjpwtjoeBlmKo-F12N3BuB0Elcb2XLnJJYS7GxbLavnHlkOPd5gVSmMXNBaZ4tiMshn8hV8mkGSf_QFz93SNTZ-Dbf-QC6_Csrh6b1INvO95vRMwguL7_KXhCHVmMON3gvbe6hOrCyI0Jmkt6QcAY7WsJF6imjZ29NNjsc_SRJZmC4F7j9fWmCBtJTpsYtc1KP-2Zfp1-Y-3ZUYMA5xRnbrJT-rM8gADB3M8TUvoyvKz--JF8W5fcmaVAWI69p_MK5Wv37LABRduksu_69qX7TJxexw63LGNeoXkOj0RcxKlS-ymPGy4EUVnEXgMtjq-1sWLeLihx7jBalm-_WAzU2yKHIoD3THLqPyhTUrMVlwKJNaIyAgJU_DZo6BBwLHFPsVHPb6cvGX1lqFaGI6Lg8v8nvr5lqs6ORC_zt505mC42MiFbuyqu3_GhqR38q8Wup0HXeV5tFWKBsPRGeJ5ngRaWlXTysUg9nSk5UYKFBGvjgoD3db6Ff98OgRmoBZHGdNJ-ooDHLZ2DTPeN-3LdPL8ehrmUYooLr2j_sGuCuyg6Njs1mcMrfY9N0NFQQ4QoDH6_qgxwiW_pVgRCq7WEHeTnk4AIgtyuII_LLVUKH-opOqPHrzPqCelOYZCEfiMLS2hjfUlG7NoM9jsIJMYGrTCWXRkZ9ztLz1VVaIdammKwciNU25jJwBsmmP00B-IJmy7wYlORIkkqrZDLC-k7-9u5LxkGph7xPqRRdi5ryjYCtajRDAl1V4Hnig9YcIpIhMIOLS-l1w4ADkNMM4895wnvBaGV__J-mczYrHqWoUtE04hzLIslVjg1yX8NPbhO0Zvibsv7_ozJGiRQqPB8kSjdp1Oupaj91sosyAfwg0BRKi4vfXwWs2NO1xM26VEIqVnuWYo-O84z_ayVf7xvpOWtsY34edfu3lwckhSMbQNuB9SuT4II-W27ijJRZwCt-k-kpX2Qc4AXviAuZXVtqWHSKSUUpoNcbMLkrjGgbx_znF29HyA6yWRT8jbeINKrtAHmJ8ELjt88G3rps-7FEK3aiHs4mi37Y13NGZT_40TJ8ZON0hBr3UHA5aDbo6j32LLeB6FL_P84ihI-UK3X6yvLGRU3RUJdqdyIQUYSo0kr4o3xPFzBm2mJrlNaejGB7Q8Pijv33125anU1mHpkkE57RZ9rvyCnOrtxBJONIhcTpajW1hGI-cPx8CA9TyWF7GdfIOwJM30T7EFh53YAP9uPzQpUhGa406Zl0F5lMQvY5eRAoh9eSnk3TsoW-vS-OYC-aleLdZLWZAUYqIg9E2OQFsugEcZ56b6_vtfLteSbtHz9DS_kOgT983Jk7XbvjcEFhwVjYcg_RfsI3QIe6_LXObylmGt9Y5eXq1r-kE875fE4fD0DGdSedy6oF10K0gG2wgBBjexnFsxo7Xc92TCnSYsC5xPEnvNFRLAt1zOegWnP6N_DCm0qYY3vQ_RRMyEwfslpJPOnDemnhAZVW6nB7kOUhL2kckjpOMTPopR51LZxFCHv0qDYOfN_Rx8xH5qxQe8u5kqZfCvTnY4jBITaHPl5BQtIxT3VsV2YDKqIeDfjzaB9dSmIvPZxdzpFPVD_K40WvFu_O3JbXzBXpDhpP_gAuRfueRaTZgd2YI0efWtSBAdeGzJ5pi0nR3zaWtLZPdEFo00FHCkasT_P89Hb39K6eYhmPVMjYfji72QhaRbbzypbyRtABc6daf_VFkJPPvhJVbVUtt88K5M2mCmyX-8ydzqnAmF5ftHQ2rqgqOplg5BFx0BG4v7nmE1-QN8m0Jl9TqAxUTnwmmaCfSYeR0pYEuP4v1hW06C0iQejxKZePH4YhT89QYSglVVmpTPhZy265Sr7w5o8FYK6hwDFS-ID7vHXjhx1O48VWvcq-UK5vnEDuPqEPUGznB_nvGlOlaqGUGKMWMtdSfqgi6SxUyefhBTadCU2jy1IchE_fISNr2v02QPL94E03WiBL34CnIJblxhVDfjldVONopkl3oROBTWV93VkytF8B9UwFkMe-tsEV7rX9PafVnd8Xh1owfU8VGOXAQkyNuqyXb94t2-R4n-LpZ_D6D37Z5K0VjTws3z1UxvP-dfrtHyN3pWXEJl9sJGV9HdQvboxO6B_AD-tgbnr0Q4MjlZrL_0-Yd4z43CL1lsOLavT4k6s30hnnjlwr08UcI08AEu1KyfOQewJIvlAbK-AGDCQ6sNDvYg_YhycRe2mVhm-ebAH_dbTeI1RjhGc_pNVChf_fkIIz97DdVYYUl2ohXVOnpqHFT8pi7SuCZAo5JOrAwNg8r2j7D1HRA8XTycW55PHxwVh39092ZUBZCHPbU9Hg_mEVHiE2TutVh-73AiPSzsv9ipD-tj4Gzh7Du5AJNyYIsw9G6G-8x-Pk5qlv13j7CcsAT1c3I6huKOm_juAQ8RkPkvVezgIVvxZ-Qu2D38x9nOxQNH0H2bX_Ng9QpdSCEbnvNab2OQWhih1AGkpEv8a0yYBR-abjBjebqCJJfLLw7ciB3rLjJrntnDa_GRfPaIXrrgsn8H2SuZRfSwtcPWfGw-UXq8htRQ7FzSVqNErGeMPoCwAqEHtmBcVaPwDm4Ab_YgW8FXK5J1RE2qN894CzKB3NHIoWDfBH26mq_N1C04lNbpVATTAaDidWcWF38r6lVl5k8Y2SG31ozKs7H5qLb9KwskaXeMDM3610CNrPRdjJLh-_icEMWy-FWAGz6Yimsljlsd9O51zMgD0YLo4pq_EFk_zVi_VANRV5VJeOYFygc3-nPAt_TfBZfDjAW4PnHB-v15moeIsqUuYSor4VwfBx-eOh7eD3xZsub3jaoPn9994GXCV-6fzv47RChVham4iDm28p2Px7IBSD8__jEwLNi-c2BQf-Du4uFAhKbGOnOEcR0uiGbK4wWriTVkA9B62VTpwNF-tQ2_FY0CUevH3WIBGKehCPg2et5BNhSsPFqlNcjoyd9ob3aHoAfeHc3RTX2Px3StmPxfaIpr_Re1dcIA6t0oaS3F4t_MF6bXpQWn5IyfwSevLE51ybPlvzVkegkQ-UbLXlLZAdOQNVDUvyT6y7O6Bou9eIL6aQNJS45skM5t6IoBuiSmB30Nv3Gs2jIdsPT-SmsoXz1kjMlAA1QPVRBzGRWWVCxPUBp63Fc3zy23QE9JKev6JhcJNPh1Gq6q6MDGbpGYAzVQWRoYbQ_M-EPeBgFEHS8dGqv2W9qiqsQbiCWtxgiO2HAethdvxy2GFCcOyi_5ZlMKuoGWSgEUzXKOXdpJeBWhmahTcXoVUR1XGIHMDwkpBVN9pmbxoHcC-OO6UtklCO_ECtwLThS7n4LCMH2t0CwCBAK7f5yAOTVRARZgws1cZ0zxCrkyzbWePrN5ZgGFn0p3dUaRrXWAF6dKgk-Gxol4pSyqHEZLNYiRjUKCUoNrqGMLhF09mA3aD47Pfd947Zjuf18GeK_MsDSAn-JEEprMXcOkzL2EqtoULRttSq6-PFSnmWWa-OmEwNuOQGOSoolGllsUnaa3LWcEztyzUjLqF7Si3kzQGziKbpDugb1ugSDqlEuQc8M4N867Y1FtzBpSQKFn2HA&cid=CAQSTgAvHhf_D132p2neQGWupTOdLX8UuEBjNyCCYvXCGFNZRGQHueYBS4AItRyB583g2moGh4nZYIxTuY00NoZm8ScTNU5fNKiTFi5QlMQcahgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240221_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

a206dda57d3d902e05bdd2f81e630bfc7a5b8466b005f418c4cac972ccf2c600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18052
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame EF8B 362 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c10c20dc366f6efd3b77d4597bfb7ca290f3751a6dc202a645b15d3d25a13a19

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5248 2 KB
1 KB 728ms
247ms Image
image/svg+xml 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZdrdhwANGkkCD1EtAAw8kG65jurxKzfpW_KcQw&u=%7CFPOQUtqbFmTvgaHxF%2FY719HP24om7MvliU%2BdMR2jKpU%3D%7C&c1=SpNqxMz7C2xV3MMj0aiG5j4TEzGr0uHs0UDsERpM9toExMr_xoAv9xgj4EB7xvAsUQzp8CCz0Z38TnpAzS43FQuEd-BQQ4gRnG1UUJ7LzOSrtU2JNsIFMr23o1isERgi8UFWUSDSFeJKS6Mdm2Ncumg_bPsMWEmIOsTIwIyYJXTlsUg5kzzebXzKOs72XGhcsB0uu9LtUfsUAjg_IORvYaAyOvPg6r9gT1SoQjjf70PD7r3zX0MFnvRmlEIHnwK0hxB1pC7uMN70jAIZZ1E6qy4TaCs9RWAdDjBEpQ7bM9iD1nYkaJ6PPnWZBTFoE1hYlFMKK4lIhKXiXKKohLPgI4-ZR-FFap-u87IMo5a13xpbgvN6X3SXuWWYmK29hribBT8m-ugm-ON7S82UvLSwI_pIzUdocvq3V1Yjivw_0HqVxD_2brcEaQp3HOIgUQGZR2Mqu08MvQItt5A3MPqTi1FZH_3xQTP4NPHEx1sFWvF-GDF1mftjVYHj02oxiGwDoLvgHXjS3HfVoTWxxAETbHTZm8MsxY6Jk6WlYDfjWA_C_aZZi-IRXQuLNqFwIkVGv0XuId2aRa4Y2MAi7Ee3UqL_vEfGCh7YXrdy9LyYtxAKUsWNJtF37n7T0LnUeiQYqNa-FJBVS78cx43QZQGWR015F7m3XnQw9xOL9dGxN38&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmmLXh93aZcm0NK2ivcAPkPmwSJj80bFcuqrwlawBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg2MDIxNDEyMzAyNDY4MDXIAQmpAg3o6wcuBaY-qAMByAMCqgTKAU_QPnklB73AXILZMBkbVq07gIR_6-gR_md5HfTCu-3a5iuOXveOhVE4YDJs-wGPPFZCSjugxtTTepNSzvKFvY9HK5DQkrezlxGGbCVImyFJIUvBRPWnsEr80GvHEl6IPuLwAX1nG15p-FEYCcZDDRACItSuApndnHpttfVewEc6Xl7He5EncSMyaryb7-8s7G_eG0bb_qNk3zrRE2gcRRddrJZgiBL_W49Lj6JeI5HI-pnRNQtt9CQYNoXSWPo0Vp4j36Bvh79fheOABpyN1JHVlLioKaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICACEi9_cE6WIzFp_btxYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0DyvdBAm4HQysVHzU75Zcxhs33Qg%26client%3Dca-pub-8602141230246805%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Feb 2025 06:26:18 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 5248 2 KB
1 KB 720ms
240ms Image
image/svg+xml 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Feb 2025 06:26:18 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5248 308 B
636 B 720ms
241ms Image
image/svg+xml 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:18 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 19 Feb 2025 06:26:18 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 5248 293 B
621 B 721ms
242ms Image
image/svg+xml 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:18 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 19 Feb 2025 06:26:18 GMT

GET
H2 200 lg.php
cat.sg1.as.criteo.com/delivery/ Frame 5248 43 B
348 B 755ms
155ms Image
image/gif 182.161.73.132

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=adPtRKATVZXJ-D2iBMVoQIrTlIFCR9US4i15jUf2b7gsj-WlqqfevRKN0XGNJLtGnnfUYlBYMbvq8uNpZlmkjmASvFHtspdgPt2QP8Dps2LYrrvXGSPZJT5oylsexMQYYk5ly8yvlxeyfzTkQ1oddBVgNTLR2zxdSn4DMfjZGyPfa_bzsb1yNjxwS_JlR3mzaAFw_lTf0K7ydQVuZ3fdK0TuNCJ3RxtB9WPrdJZwCTyse20nd0hd31bw0ADwkhN_np3opf5GyMHR0cyEdJhHpc-xY_JQjJwFCl21QQh2SsdHbe4ENZ7UdkNcU2mxi_ldl8oXtedSw_CbT4TujWB-NdjdwSjeDOK6ouaK0CT4qbrh00UqPAwqab77j47K1ddDXw95-R9WcnbQtC3lH2SoffJUAHzecX6odZ8YUZPCV4grqO6T

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.132 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 06:26:17 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1820627
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2647 0
28 B 283ms
283ms Image
image/gif 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Byu3fh93aZd_4N4ufvcAP08K5uAYAAAAAOAHgBAI&bg=!eXqlejXNAAbA870Z4PM7ADQBe5WfOGxwe4FuU4dO3ICl1rVK-XMtiNOfr6jgnKOsDl3si1YGRHODe-h-_f6RNi9TwoVKAgAAAEFSAAAAA2gBB5kDASANE0zIw87evDOqPhP__PtawG3JbYdkvaRHlcVh79QephYCvRJRpbNEEa6FQSCySkc0ks2r734C3sbwMqf2-091Sb2Q4hjYaHcyvqmbfTbeVNzIRlybZtwTQ_9N2E4zcbmOqlkckyEXvKZN7OBXciCwVu4OS42wAPmRtrt7FBCgJSsH1piE-i9sK-FoJGpg5_asATVa0cA3a2bdZkRtp0PYiwD0W93bLmDkdJYDOafq7pkDE_822fyYyy0iBQzX-3R1UQh6v0NUgnwFVI0-lCdDSYRbQy4mBymDUlLquOQVcf6at-or6QaAGWYFFLd0i6tepPTr2lfDmEFlP4fiouJYwaT17Q2JJJc_wQJo2n4vbEKk6LG91XZzRF-fugQT-o5gxjkVyL-0yjIcJ-8ll8-uJjLVNLeqdDzkvJM8EvtUenF6nQG9xkgbhLjUYDJi-TVwy4iNvg8cF8_CeFLsuCC-CbYETOD5LMoBIxn5pv9YWzWfOshHqd6P9_tB18BBiWudSHyEp5REh2LkwUXFAiPgj9k6HfC2cLC6lKvxK9X7Xd27HzOnrnDFTSsBtdxxkdN57ChCwoLIVV-OUk9MUDy4Cu97wmT5sk4S4V1NOdOsCBRSCXZ7NfEDgPCc7I0I_s8blFzjOahv-JlN8mRXrsGFmeY2DBLfpFkUlZb_Ahqi_2MDaGLLnJJ12ftluzftYC4_HumY0hM65FNsfVTYutC6MCMBs46AO3wUdp3jWPtz3_RdQMQ2G_Do81_jiZDCUJ43LEEWBM0v-qOc9gWPDjdJy9Sk6k2SVfW_V3joY3-hXyM504mJWwo2HixQ--_qKWG8A4l22N6-pLr6RrCvUSQvRbh8K_VCpBXK7aRoBYrHiFjTQKQP-OLwDoG_oDQ_8xWUzicUGUwRflgXKBJIHqhE8JnEMtoEDcU2IUL2oht5q6EyeJIM4Fw1K5J-TZJqyaUk2CVnXARRCCbc9nhVrrGAXFINXQGnlW2KdIgoV3UQO2xo1PG5VevOw4ry8e7t2TU

Requested by

Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 06:26:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5248 12 KB
5 KB 107ms
42ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4727021
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Esi2Ij9CYCwyVGBiM9V6rHIoVovw4qVpPgMJBiLYB4UNO8ZxGo3EJH5nUkCpHJBNoR7NpQFejoEXieThUVWtYYZ1sQTTy0CoO4TdXeqOxsRoUVGo2cv0S7rxyvKYdLtl%2FIRrl5ADX8JWxiSSI6PNzcNz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85ade03d69d0508c-AKL
expires: Fri, 14 Feb 2025 06:26:17 GMT

GET
H2 200 nunitosans-700.css
static.criteo.net/design/googlefont/nunitosans/ Frame 5248 2 KB
808 B 426ms
242ms Stylesheet
text/css 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

27a8c6042dcb878ffd6f98485b4f4a151217f31b344bcbdf7079a2dc30095776

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:50 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f06a-67a"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Feb 2025 06:26:18 GMT

GET
H2 200 nunitosans-400.css
static.criteo.net/design/googlefont/nunitosans/ Frame 5248 2 KB
808 B 421ms
238ms Stylesheet
text/css 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

f8a7a2c0722117661ca84a437b362e2bda0c1f88365c9f38993e4e166c8fd186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:49 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f069-67a"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Feb 2025 06:26:18 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5248 12 KB
6 KB 287ms
286ms Script
text/javascript 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Feb 2025 06:26:18 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 5248 15 KB
15 KB 1395ms
808ms Image
image/png 2406:2600:7:100::1f

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?h=556&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F107460%2F4956229%2F213a1ed3857e4ad1affae11f5293ad97_b877c97b-109b-482f-9cda-2ee006b6aceb.png&v=3&w=196&rid=4&s=3YCJH4BEtD4dzpjaRLtw6dfi

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

ff26a1bec1aa9d02ceb20b26dcf0421d1a88f7e5c7a9456c1724d7d164f320c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:18 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 15604
expires: Sat, 08 Feb 2025 02:50:10 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 5248 51 KB
51 KB 1085ms
498ms Image
image/webp 2406:2600:7:100::1f

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F5%2F4%2F5416ba66-9fdd-4b6c-ba47-620da397b7a5-036cff7d2980bd42446fa4d8cf4c2e98.jpg&v=3&w=800&rid=4&s=FfvejlBbbcl1GP_9L4Xae6PQ&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

5f1cb4f89e345290b585cd71bbb1c4e908a396ce2c656ec10984e9b1ca1eac70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:17 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 52316
expires: Mon, 17 Feb 2025 17:31:58 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 5248 14 KB
15 KB 1469ms
883ms Image
image/webp 2406:2600:7:100::1f

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F4%2F4%2F445bbe41-14ed-444b-b1a1-f5d244f3376e-840fca1ee2b00a1d4ad4b140d9055762.jpeg&v=3&w=800&rid=4&s=ti5OWRSJowYTcAAEArLRaHYn&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

5274ec6a6e406c28555742f361f015ac4d50b1e0ac1a11d3d1c3a193c6a83940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:17 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 14778
expires: Wed, 12 Feb 2025 05:33:41 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 5248 8 KB
8 KB 1505ms
919ms Image
image/webp 2406:2600:7:100::1f

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2Ff%2F8%2Ff878eee3-3f50-457e-bf8e-a5511fd1884b-b72f81bb3600b42386a016f82bc69255.jpeg&v=3&w=800&rid=4&s=5Jbps_MMbKaykMTmEf2IXwoX&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

5b93b3437105b2b36974574307f71d13cae8bcc75563a963f3b66a0596f1e393

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:18 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 8122
expires: Wed, 12 Feb 2025 03:36:49 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame 5248 0
128 B 824ms
238ms Ping
text/plain 2406:2600:7:100::f

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.as.criteo.net/all?cppv=3&cpp=nfPoiAA0_IQj5x8A8O7EqUXEQHNzTWTSbbZufZLIYpQbhPgT5k3_R1wwT1fD1QrrURvxPp95PyvUhQs6CUoym_w33b58mhaVZIDO2R-W7DS3D1q0bA_78Adeb1wk7D3YAj6lNoxS2xhRxtQizc6xf4SPJfneJGjgzET24CMjewgCKzJvQwL7DDEyYljz_VASv8jVTIagXXM8H0fzJinK9KBln8aO3sIDmshcXfdRl0i25o9RqpgConj2kKa3TObhN7kL_Q&sds=2&rev=90712&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::f -, , ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 25 Feb 2024 06:26:17 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5248 2 KB
1 KB 239ms
238ms Image
image/svg+xml 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Feb 2025 06:26:18 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5248 2 KB
1 KB 239ms
239ms Image
image/svg+xml 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Feb 2025 06:26:18 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 243A 0
54 B 1054ms
501ms Ping
image/gif 2404:6800:4009:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lt14mp4a&c=305775390550&slotId=152887695275&qqid=COfP5vXtxYQDFWdRDwIdu60LDg&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240221_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:82b::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 06:26:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 243A 41 KB
15 KB 150ms
150ms Script
text/javascript 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240221_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 23 Feb 2024 23:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109822
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Feb 2025 23:55:55 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-a5meknd6.c.2mdn.net/videoplayback/id/46106138759b0065/itag/346/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740378377/sparams/acao,ctier,expire,id,... Frame 243A
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/46106138759b0065/itag/346/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740378377/sparams/ip,ipbits,expire,id,itag,so...
https://r2---sn-a5meknd6.c.2mdn.net/videoplayback/id/46106138759b0065/itag/346/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740378377/sparams/acao,ctier,ex...

0
0

898ms
349ms

Fetch
video/mp4

2607:f8b0:4007:c::7

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-a5meknd6.c.2mdn.net/videoplayback/id/46106138759b0065/itag/346/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740378377/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/6964EF946F84B63BF0C524D1DE0BD8D3E5C6120F.01A29CDBFD22D4A4653E42DDD1AEB58AE45265/key/cms1/cms_redirect/yes/mh/o6/mip/2404:f780:5:dee::c1e/mm/42/mn/sn-a5meknd6/ms/onc/mt/1708842026/mv/u/mvi/2/pl/48/file/file.mp4

Requested by

Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/

Protocol

HTTP/1.1

Server

2607:f8b0:4007:c::7 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 25 Feb 2024 06:26:19 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1282231
Last-Modified: Mon, 12 Feb 2024 01:14:06 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sun, 25 Feb 2024 06:26:19 GMT

Redirect headers

date: Sun, 25 Feb 2024 06:26:18 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 673
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-a5meknd6.c.2mdn.net/videoplayback/id/46106138759b0065/itag/346/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740378377/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/6964EF946F84B63BF0C524D1DE0BD8D3E5C6120F.01A29CDBFD22D4A4653E42DDD1AEB58AE45265/key/cms1/cms_redirect/yes/mh/o6/mip/2404:f780:5:dee::c1e/mm/42/mn/sn-a5meknd6/ms/onc/mt/1708842026/mv/u/mvi/2/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 243A 453 B
594 B 246ms
244ms Image
image/png 2404:6800:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-8602141230246805

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
expires: Sun, 25 Feb 2024 07:16:18 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 243A 0
54 B 1043ms
502ms Ping
image/gif 2404:6800:4009:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lt14mpjn&c=305775390550&slotId=152887695275&qqid=COfP5vXtxYQDFWdRDwIdu60LDg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=500&br=487&mt=video%2Fmp4&vs=720x406&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=346&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.2jl~atrd.2jr~videopreviewvisible.2ju&ua_e=1&ple=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240221_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:82b::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 06:26:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame EF8B 0
54 B 916ms
503ms Ping
image/gif 2404:6800:4009:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lt14mp79&c=2427723012968&slotId=1213861506484&qqid=COPMrPbtxYQDFRJTDwIdjcgLjw&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240221_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:82b::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 06:26:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame EF8B 41 KB
15 KB 149ms
148ms Script
text/javascript 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240221_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 23 Feb 2024 23:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109823
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Feb 2025 23:55:55 GMT

HEAD
H/1.1

200
OK

https://gcdn.2mdn.net/videoplayback/id/46106138759b0065/itag/346/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740378377/sparams/ip,ipbits,expire,id,itag,so...
https://r2---sn-a5meknd6.c.2mdn.net/videoplayback/id/46106138759b0065/itag/346/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740378377/sparams/acao,ctier,ex...

0
0

899ms
350ms

Fetch
video/mp4

2607:f8b0:4007:c::7

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-a5meknd6.c.2mdn.net/videoplayback/id/46106138759b0065/itag/346/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740378377/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/44159D9E1AFE7C60F45815AFE98D400627BCE35C.5A116C5F2800FD375FA8DF140DF7B372BAE89D52/key/cms1/cms_redirect/yes/mh/o6/mip/2404:f780:5:dee::c1e/mm/42/mn/sn-a5meknd6/ms/onc/mt/1708842026/mv/u/mvi/2/pl/48/file/file.mp4

Requested by

Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/

Protocol

HTTP/1.1

Server

2607:f8b0:4007:c::7 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 25 Feb 2024 06:26:19 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1282231
Last-Modified: Mon, 12 Feb 2024 01:14:06 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sun, 25 Feb 2024 06:26:19 GMT

Redirect headers

date: Sun, 25 Feb 2024 06:26:18 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 675
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-a5meknd6.c.2mdn.net/videoplayback/id/46106138759b0065/itag/346/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740378377/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/44159D9E1AFE7C60F45815AFE98D400627BCE35C.5A116C5F2800FD375FA8DF140DF7B372BAE89D52/key/cms1/cms_redirect/yes/mh/o6/mip/2404:f780:5:dee::c1e/mm/42/mn/sn-a5meknd6/ms/onc/mt/1708842026/mv/u/mvi/2/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame EF8B 453 B
514 B 149ms
148ms Image
image/png 2404:6800:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-8602141230246805

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240221_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:18 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Feb 2024 07:16:18 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame EF8B 0
54 B 911ms
503ms Ping
image/gif 2404:6800:4009:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lt14mpnl&c=2427723012968&slotId=1213861506484&qqid=COPMrPbtxYQDFRJTDwIdjcgLjw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=500&br=487&mt=video%2Fmp4&vs=720x406&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=346&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1ss~atrd.1sv~videopreviewvisible.1sw&ua_e=1&ple=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240221_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:82b::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 06:26:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 9641 23 KB
8 KB 148ms
148ms Document
text/html 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
age: 109914
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Feb 2024 23:54:24 GMT
expires: Sat, 22 Feb 2025 23:54:24 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 2A8A 23 KB
8 KB 149ms
148ms Document
text/html 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
age: 109914
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Feb 2024 23:54:24 GMT
expires: Sat, 22 Feb 2025 23:54:24 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 nunitosans-400-latin.woff2
static.criteo.net/design/googlefont/nunitosans/ Frame 5248 17 KB
17 KB 715ms
239ms Font
application/octet-stream 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css
Origin: https://ads.as.criteo.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:49 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f069-4254"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Feb 2025 06:26:18 GMT

GET
H2 200 nunitosans-700-latin.woff2
static.criteo.net/design/googlefont/nunitosans/ Frame 5248 17 KB
17 KB 1064ms
596ms Font
application/octet-stream 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css
Origin: https://ads.as.criteo.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Feb 2024 06:26:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:50 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f06a-42dc"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Feb 2025 06:26:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 243A 0
0 287ms
287ms Fetch
text/html 2404:6800:4006:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPUPSht3aZef0LueivcAPu9uucMDOsIp2lKids-oSxMi1q64BEAEg5I_mc2Cr7LGF4BigAf-1geYqyAEFqQJ2aX51S8ukPqgDAaoE-wFP0ClF96Ppb9B-CmDAXv_WG6MrQOzlP8tIrE5pX9Rl2S7X5vHeZw8Ir3Z8Hic9RpK14tQBo0l-BsrPGPetzZeSoy59Xc8vjMKFucEaV8nt04lkNu0EY1yB0Ioc7CpftxWLF3tV0hvTIv-0r_fMWuRhhdji7k7aS1AJ9o7P-WgAGs1_plMNfE2wk6LBM2ltBL_YY5A6NJUkOrDKZtL4uWcX59RaWPUT7TtAOEntbTHpJ7TFNgE-BGf37b4e86Wh10-oH_dIgHNHrtl4fJzhfVD3T97SAfmZxmm5AKDgTdBjQ7yEWHFHtDM__kM55nk1GfSdLSQ_z-fzOytEZ8AEtMP86NUE4AQDiAXBy5qiTpIFCwgiEAMYA0iy-aICkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ22AYCgAf_7dHFBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcA8gcKEITMBhilidSHAqAI3No9sAgC0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WMzw5PXtxYQDgAoByAsB2gwRCgsQoOfZ9e_ey-v-ARICAQOwE67d4hbIE47NreQD0BMA2BMKghQYGhZvbmUtcGllY2UtYW5hbHlzaXMubmV0iBQC2BQB0BUBgBcBshccChoIABIUcHViLTg2MDIxNDEyMzAyNDY4MDUYAOgXBQ&sigh=dboM6npLbFM&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_eDe7bYrfu0quPVyXMhbOO4Ojf-iqdfcHTUuTbVMcqD57XYJXnvjlt2IexKexqk4WJslwrV3IfVW4Yze39C5NYCa6Dq_auaiG_ikYAQ&vt=10&cbvp=2&vis=1&nis=5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1
Attribution-Reporting-Eligible: event-source
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 25 Feb 2024 06:26:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9641 51 KB
19 KB 148ms
148ms Script
text/javascript 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a797e70bc52226063fae939bcd9f69b525838d0d9a466c30ed6a9defe8bf8244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 23:50:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19860
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Feb 2025 23:50:08 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EF8B 0
0 288ms
287ms Fetch
text/html 2404:6800:4006:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBAFAh93aZaPtN5KmvcAPjZGv-AjAzrCKdpSonbPqEsTItauuARABIOSP5nNgq-yxheAYoAH_tYHmKsgBBakCdml-dUvLpD6oAwGqBPoBT9Bd1Ekw0RPrr1DiS-3DKLi-Q_3tkEAkEygcrcbXhUXoupgqEOoDtnyptk68ZSFl5wmXn34k-1JFSerlCuSKYSqMCBfidx-q2N17tQ3qS0FG1XbD_yM84VxKeFZa126bITwhhGm_CG34rx4WkC3z1nRERPNWsDTUYOJkUDQlgjlFaORMSlh2GMMyFetUwN-b5n4CeWPH79LzKFubX9oC_c3n3QTc1ChPFqPQ04FMwKbU3WNE90p3-RUlF7GOP8Qk-ktunx4g_bJrsLr73ZDrnzZoZBhsrPI-Mo5tgFXSx72VBSeZ34xSKAmWc-_KGmP-D6ejAer7OQL2rcAEtMP86NUE4AQDiAXBy5qiTpIFCwgiEAMYA0iy-aICkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ22AYCgAf_7dHFBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcA8gcKEN7TBRilidSHAqAI3No9sAgC0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WJODq_btxYQDgAoByAsB2gwQCgoQ4NPP6O7L26ZgEgIBA7ATrt3iFsgTjs2t5APQEwDYEwqCFBgaFm9uZS1waWVjZS1hbmFseXNpcy5uZXSIFALYFAHQFQGAFwGyFxwKGggAEhRwdWItODYwMjE0MTIzMDI0NjgwNRgA6BcF&sigh=OukSVe4feZM&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_D132p2neQGWupTOdLX8UuEBjNyCCYvXCGFNZRGQHueYBS4AItRyB583g2moGh4nZYIxTuY00NoZm8ScTNU5fNKiTFi5QlMQcahgB&vt=10&cbvp=2&vis=1&nis=5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=3256979098&pi=t.aa~a.1132269752~rp.4&w=848&fwrn=1&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3668&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280&nras=3&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=874&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=3256979098&pi=t.aa~a.1132269752~rp.4&w=848&fwrn=1&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=1&bdt=3668&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280&nras=3&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=874&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=9
Attribution-Reporting-Eligible: event-source
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 25 Feb 2024 06:26:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A8A 51 KB
19 KB 148ms
148ms Script
text/javascript 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a797e70bc52226063fae939bcd9f69b525838d0d9a466c30ed6a9defe8bf8244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 24 Feb 2024 23:50:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19860
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Feb 2025 23:50:08 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9641 0
28 B 287ms
287ms Image
image/gif 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BKmWpid3aZabSMMCe3LUPrtKvmAoAAAAAOAHgBAI&bg=!Hh2lHVLNAAbA870Z4PM7ADQBe5WfODUW9umWxVGYpYJxF1yPCf21V19HWRoDanChDpo0Io_Y04yEjZZKhBXJiJQYNkuSAgAAAEVSAAAAA2gBB5kC7zcBFgQaUl3vsLQMoQ9OKZ1gTsIbz-f6BuiGHRdNBPljDNmuZ2XVxa9oZfd9v_O8QHU0vTgmg0FdgUoVfQU2W-9y9lFmu7pdc1vhfZRocRA5XjDNnrY83SsASalP_of9dOytMdWx-hHta3ccka93aBBF_A4qtxjs1YvcahOhMMHZJsn5dduo9Ko0FPhyaEoVL03g0dXNcYQEWmtAQ9zhTjUlIZHRq9vk1Vmq1mepWRpQFqRNxAHrG9O8qIeOjT_8eDgsXNGKsqSTQZqMPZYPETmJidt_rgoff0XaD2fbmSFmbH5rqf7WwiCmGU5LQj2P6oX58kSfq3SZ6uqofh4WkHk75STKmB9yP0TV9eV5wYwuGb11mEzFoUIql-789dBoKmROtfgONCK93StoDMtR-14lheZ178iOVbSgYuW1K-fX4u4Z1KjITzj_c7bjIQvI-jsNKEIauWliXuu3y4N7HdlUbv0ntGiC6KRCT5dRWBsQvMUjE88gTsHd_Q8-QFNgQclVxkzifW5yMsTUhKXG9epluM9p4LoIhEek-yXf1KSl_KALEgokWH1V0A1NepJBtkgSS2963iS3uTcFYzkx38VmGhZ_vlHpiR6tMFsHyQ2lAS78lV3P7EemXu8mDW2IAVd8IludawifOGEj2CmSNXtMWttjR1wA9lfsVbKxIE1IkLLHxmvFj2a5RqfB54TV9cYTjR47dksReQWPELV-KgX-McaXOQPmg9KU-LGsjweP1VIqRJcKJFEPTB7idgt_I8QGUL0Hq_WUwg3LzTcPmNHES0u8QVS9LncNW-jkYKcFuMqmKiQTVxVxDXbwaqdaYwhXFaTcs109osmAf6FVQUSfrYmxZKt-VMpAffSUC68bXZSAYAq7nuLDRdW7F8fgv09bdDfI2zgar3Axfs5gq1cVmfQTY98xImgsUklO_bILPrDJMRtqR0rP0Y4pxAdUHjG3uXJ6W0ln9qDk8IzvLeyZMiNCRvcFjMgbAdzhXyg

Requested by

Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 06:26:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A8A 0
28 B 288ms
287ms Image
image/gif 2404:6800:4006:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bl51qid3aZeb0MLLDssUPtOGvgAkAAAAAOAHgBAI&bg=!BgWlBUrNAAbA870Z4PM7ADQBe5WfOAuGJW5qQzg0haxtfwo7cbyuZQAVmUd5R8a7Gg_xl8mZza2Dbd5H7VP8UW_sIjgTAgAAAD5SAAAABWgBB5kC9Zs4JPQDtXc3R28Q4_Al64Uw_zKNTKx8s14iXWJ__AJ5zZkkP7O669v1qhfQDTsaNrGfYJrhgrN5pmb0viWWNIyt-tARc5171XgD6KYOEshOH__44tJyoShslmfYqflCwXaL144MXgncLltvefhmatJQDA3zfaynn8CLQxxGAIA4RtoPS2aSfT_6SgfpnqYfW3EgtNnufRBJrbiPTCDrmBNOZIwSgEcFi3jVWWs23pE2d14g9hyQcfi2O63Umk56ex4SfzmozTDMlqoMDg0D6sGPUIulioo603Tkdzbs_1rB91wlmgpyoKinoavqmMgxmxLT-WsX6v2U2gU8iZ335R3ss1jzrExQuI3aOi7Qet8H9i5M3APaBz1lkW1yMthwt5pshbWQrKNAvo8gB9zRCdJ1SSWST3f25KtyKU2lJk-q8-XTq_jy2XRZjiqqBtQeuntKqBPjiIZPh13FKb___MY_ilTMn6di2ojwrb-RMooEeZ6JDlz_XC2XcFYRIP_0sB3ng1hctgMVvddOkvOLRyWbm3AWCU1MAnsZzmYeleKgEe55id5G3iVHWXmakegak3W0VrbOE5dPWRd3S_bNshUN9XE-UKnmZMLLUa506odzFGJ2HIAGCB2MZ9UthOCw_bbme5PM5t02KeOXjr9WDvXGFuKPOIB8pBI0oauShIeZggxL0QxtoYlbGyAQIOl2HphySfyq9aCj_J_KqoOJpZjt3xKOM_oQwJGQQ20sONP_xzSQ2YYSHVf7cEfT9uoDddgoxFyWOmNVtZCHgIdMZgsvfqaUp-teaRL0-PP2me74JUQv4MCFqSFWWhaS97-A_uON6a4FH09jIhBHcPvRcFOMWyIAwZxYzTky9XAxaavAWi8sKIFRh8mvBOHve-7nu5rfTxRdXxmdTnkRFg2OY6YCgn7BdKrQYplzSlxFU4s4J0fOhuKczQkbaF8TeI38cz8qmhrw2LbtLIDXh1G9HMq_iPOy22bUPYePLa6ljRsWZQMIi7w

Requested by

Host: one-piece-analysis.net
URL: https://one-piece-analysis.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 06:26:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET height-white-beard-09-320x180.png
one-piece-analysis.net/wp-content/uploads/2019/04/ 0
0

GET model-of-ryokugyu-00-320x180.png
one-piece-analysis.net/wp-content/uploads/ 0
0

GET sodar
pagead2.googlesyndication.com/getconfig/ 0
0

GET file.mp4
r2---sn-a5meknd6.c.2mdn.net/videoplayback/id/46106138759b0065/itag/346/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740378377/sparams/acao,ctier,expire,id,... Frame 243A 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: one-piece-analysis.net
URL: https://one-piece-analysis.net/wp-content/uploads/2019/04/height-white-beard-09-320x180.png

Domain: one-piece-analysis.net
URL: https://one-piece-analysis.net/wp-content/uploads/model-of-ryokugyu-00-320x180.png

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240221&st=env

Domain: r2---sn-a5meknd6.c.2mdn.net
URL: https://r2---sn-a5meknd6.c.2mdn.net/videoplayback/id/46106138759b0065/itag/346/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740378377/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/6964EF946F84B63BF0C524D1DE0BD8D3E5C6120F.01A29CDBFD22D4A4653E42DDD1AEB58AE45265/key/cms1/cms_redirect/yes/mh/o6/mip/2404:f780:5:dee::c1e/mm/42/mn/sn-a5meknd6/ms/onc/mt/1708842026/mv/u/mvi/2/pl/48/file/file.mp4

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.one-piece-analysis.net/	1970-01-21 04:16:42	Name: _ga_7W2NTMT80Q Value: GS1.1.1708842374.1.0.1708842374.0.0.0
.one-piece-analysis.net/	1970-01-21 04:16:42	Name: _ga Value: GA1.2.1313278765.1708842374
.one-piece-analysis.net/	1970-01-20 18:42:08	Name: _gid Value: GA1.2.666186929.1708842375
.one-piece-analysis.net/	1970-01-20 18:40:42	Name: _gat_gtag_UA_138299704_1 Value: 1
.doubleclick.net/	1970-01-20 18:40:43	Name: test_cookie Value: CheckForPermission
.one-piece-analysis.net/	1970-01-21 04:02:18	Name: __gads Value: ID=10a4fc6a8dde73bc:T=1708842375:RT=1708842375:S=ALNI_MbeqQoXo5n-PFYQ97kUxjydEqaovg
.one-piece-analysis.net/	1970-01-21 04:02:18	Name: __gpi Value: UID=00000d143509f5ee:T=1708842375:RT=1708842375:S=ALNI_MbDQg3wsY-rNexHJBWcV2q5vNhlYA
.one-piece-analysis.net/	1970-01-20 22:59:54	Name: __eoi Value: ID=7aed43b4339ee6f6:T=1708842375:RT=1708842375:S=AA-AfjaVv0kNPHj56Kg6OZ8x7cwB

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://one-piece-analysis.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://one-piece-analysis.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://one-piece-analysis.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://one-piece-analysis.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://one-piece-analysis.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://one-piece-analysis.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://one-piece-analysis.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://one-piece-analysis.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8602141230246805&output=html&h=280&adk=3168943184&adf=3256979098&pi=t.aa~a.1132269752~rp.4&w=848&fwrn=4&fwrnh=100&lmt=1708842375&rafmt=1&to=qs&pwprc=2804086361&format=848x280&url=https%3A%2F%2Fone-piece-analysis.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708842375740&bpp=2&bdt=3667&idt=-M&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1605503971390&frm=20&pv=1&ga_vid=1313278765.1708842374&ga_sid=1708842375&ga_hid=2021383465&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=161&ady=1174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081317%2C44798934%2C95322745%2C95325069%2C31081330%2C95322180%2C95324155%2C95324161%2C95325793&oid=2&pvsid=4187509938131867&tmod=1765759697&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=4 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://one-piece-analysis.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://one-piece-analysis.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://one-piece-analysis.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://one-piece-analysis.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://one-piece-analysis.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://one-piece-analysis.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://one-piece-analysis.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://one-piece-analysis.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://one-piece-analysis.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://one-piece-analysis.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://one-piece-analysis.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.as.criteo.com
ajax.googleapis.com
bid.g.doubleclick.net
cat.sg1.as.criteo.com
cdnjs.cloudflare.com
csi.gstatic.com
csm.as.criteo.net
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imageproxy.as.criteo.net
imasdk.googleapis.com
one-piece-analysis.net
pagead2.googlesyndication.com
r2---sn-a5meknd6.c.2mdn.net
rtb.sg1.as.criteo.com
s0.2mdn.net
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
use.fontawesome.com
webfonts.xserver.jp
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
one-piece-analysis.net
pagead2.googlesyndication.com
r2---sn-a5meknd6.c.2mdn.net
157.112.183.110
172.217.24.34
182.161.73.132
202.226.37.225
2404:6800:4003:c1c::9b
2404:6800:4006:804::2001
2404:6800:4006:804::2002
2404:6800:4006:804::2003
2404:6800:4006:804::2006
2404:6800:4006:804::2008
2404:6800:4006:804::200a
2404:6800:4006:80a::200a
2404:6800:4006:80a::200e
2404:6800:4006:80f::200a
2404:6800:4006:814::2002
2404:6800:4006:814::2003
2404:6800:4006:814::200e
2404:6800:4009:82b::2003
2406:2600:7:100::1
2406:2600:7:100::15
2406:2600:7:100::1f
2406:2600:7:100::e
2406:2600:7:100::f
2606:4700::6811:180e
2606:4700:e6::ac40:cf26
2607:f8b0:4007:c::7
74.125.24.155
015177ede5cebef1a117764f9332347b175fa4335c5a81be264085d4d6b65b07
0184c29a407346d3e5b1141151c8ffaba1a9d9bd4352ce7d911405070f145389
020887c1eac1edb0ea15fdb887565515670c282fb3d7f13a3772e09082f2efbb
04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff
05dbc51654b96590d176c27efbcef2cf4ac0497499a9f28b731b73eea399070c
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d
0c39d9731e3f855358eaf752570f74192450c6f56d9d0978d78cda48f52cf518
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
101bbf1b4901f98195723eb13cc673b1dd88cf2ccd93f36d59c35213de8ca425
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16ac0da036e9fbc94ecd6e91f4117db635d5edd019493fd4955640725f1524d3
1845fb4fd24e74ec953ee1b8b411cfacb0625ac790632a34874f16810a18b8f3
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
27a8c6042dcb878ffd6f98485b4f4a151217f31b344bcbdf7079a2dc30095776
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
2abe34835f5555333edccab5786c3fb72eb1755110f38d2fdb2c0ae7ed4db6ed
2cb51c013da8aab090a4545424777417b0ef02a5b0a9565c0aec547b99974e52
2fa762517d9900bcc86168a00e7883bf9b33c8a24b1d3ceec924d5e1da43f441
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f
37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38
389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5
39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b
3c7b2f4a154198721450f6edeabc8ecfc41a4ea7a2a63ec43b90be7e4274966f
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
45578885955e108fc7f91d20fd95c853684cfcf975645ef157bd78c1015837e3
46ff0ed4f4efbe4900246aaf1020dd44c2039c41aeeeb74e5d12ecec9fe9ac5d
4b61d8691097f35768bf7d91d6cd291fcfb2bb2cb5334ae145faf11e652e0ef6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4faf7f5ab76343462ce1c207f913dd3a9da41f72b6f58962c929ea7a17102299
5274ec6a6e406c28555742f361f015ac4d50b1e0ac1a11d3d1c3a193c6a83940
56659b7cbaefa31cb9e6696d061d90153c050628d3492f5c0fea5f666bc31304
5b93b3437105b2b36974574307f71d13cae8bcc75563a963f3b66a0596f1e393
5bc5fe165e8fab88549d56628bcc4ad463235f7f995c0477fb90fc78698be265
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f1cb4f89e345290b585cd71bbb1c4e908a396ce2c656ec10984e9b1ca1eac70
5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
74035b412798b3422ce4ed5a58d2d9b8fd2bf5e58a8cb36b3a5dc9fecef18250
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7a3f9828ea2351588dcc8d8436e36935bbf9e1d1bfdc6c7d839d4bc6840490e3
83958f19fcd69af88e7a0b3fb786a7f1a03e391568d5634cdd06a1698afbd360
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8fffb63986a6b0ba1db1a4a4ea570a2113db31f81b816d6fed40a86dc5fe5426
924fd78693c23f832a31fa65ca6cf6da3ae3e203529bafcf111faee2a66dbfe6
92ba7bfaa43a35c94353e96860d99376313ee9b5fce6124d4e64067280f9a841
96f23eb160d9c4d2d459d66905062e1941cc625c2c657bfdd1ac2b8b8c406e73
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a206dda57d3d902e05bdd2f81e630bfc7a5b8466b005f418c4cac972ccf2c600
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a559ba07f12aeda335ca811bb96b6f57b555815a835fe5f86ad6e7f166190e6d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a797e70bc52226063fae939bcd9f69b525838d0d9a466c30ed6a9defe8bf8244
b11d5d358b3753b9e7896ab1b32faafa06b108088b8f026cef635b98704b6fe5
b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec
b68d6252e63c5207f080a8969aa75600d5d252f67d454fd9a0a8a7e3e89d0686
b6b472964d72773fa53ca74a8221b9e93f9793364dfbbe4d8c90b5d86665e84d
b96773c4b9e609994855c2ff9b4463610ee73c5a4a3f11938d88dcc2894d1c16
baa3188197987e13c0cbcead9e1a4dcf1a913cc9ffbd39bccb2f3edfc510def3
bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192
bd2317f75582f7f94823a6289701498ee4c75d51ce502c09fd4663de07f3dda4
bdb6138b404bc4db22fc4f7b6509db53e9ba35686b24b966d9c7193d8b6dd0a3
c10c20dc366f6efd3b77d4597bfb7ca290f3751a6dc202a645b15d3d25a13a19
c189028aa34513d253447c08e7e3fc818027930a787ae4b5f1c2cb9dfa0a2ca6
ce8c05a7248a3803ffc6d3a871f42b125e2358c700a59e082501d81d5c94400b
cef8a88db2fa13828a16a570e80a6f2fadce3d885a0bac08aefebe044f06c096
cf9b3937b122b2c960947ecd3ba443b93116241f9d703f6ada39a3bccdf59d99
d35c809bcd9170b889f996ca93908d12502201718a5c13cf63eecdc5232f1e2d
d64e1f140ab5d5beab005ef46d0407aecb2bb1e8bcac0dd7acc4e511020f3207
d72cc43cd292571dac7823e1a28a82927b237c9637f7b81fcd4b1f248092fdc0
d768447276f397ce2049a57fffb80cccd4480b16fdd31b713a43e50c54bd0f9e
d9160bf5ee2c9435a62c8b1d991b7f419417cab5d5a37eefcee79767a292b4b7
dbd21434a01bdc63075bfc9259c20b6a06b628267d25ee9683939ed2f088fffd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2fa69feab176160c642026437a980e8d82132c225290fcfb0c50a333dd31552
e377ff8925158bb9f7814b1bb05572d2051a512c375cd4da6812a455c09b83fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e6996722cd5a77514d17cc6fe1bf929c7367478582ac17c9e79536af4323d63a
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168
ec1e17fa307631464f90c1619671ded722cb9263f8076af6b7c3dd12101bbbca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f0748a70b6ac2b9554135f02117261f79011ae0266dc0e85568a614726d16214
f578cafca6d5300adac6e8338fc6091c68d696d9b6f7ccdd4fb4411f849f496c
f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731
f8a7a2c0722117661ca84a437b362e2bda0c1f88365c9f38993e4e166c8fd186
fbef215c25038579ca799010857cb00b9fcd22a92a7dfab6b8f9906cc7cf2c70
fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76
ff26a1bec1aa9d02ceb20b26dcf0421d1a88f7e5c7a9456c1724d7d164f320c6

one-piece-analysis.net Open in urlscan Pro 157.112.183.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

155 Requests

96 %HTTPS

81 %IPv6

13 Domains

27 Subdomains

27 IPs

4 Countries

2115 kBTransfer

5451 kBSize

8 Cookies

8 Outgoing links

Page URL History

Redirected requests

155 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

one-piece-analysis.net Open in urlscan Pro
157.112.183.110 Public Scan

Screenshot
Live screenshot

Full Image

155
Requests

96 %
HTTPS

81 %
IPv6

13
Domains

27
Subdomains

27
IPs

4
Countries

2115 kB
Transfer

5451 kB
Size

8
Cookies

155 HTTP transactions
5 data transactions