www.nirsoft.net Open in urlscan Pro
138.128.181.29 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.nirsoft.net/utils/
Submission: On November 21 via manual (November 21st 2023, 5:49:31 am UTC) from JP — Scanned from JP

Summary HTTP 108 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 13 domains to perform 108 HTTP transactions. The main IP is 138.128.181.29, located in Ocoee, United States and belongs to DIMENOC, US. The main domain is www.nirsoft.net. The Cisco Umbrella rank of the primary domain is 501184.

This is the only time www.nirsoft.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	138.128.181.29 138.128.181.29	33182 (DIMENOC) (DIMENOC)
1	2404:6800:400... 2404:6800:4004:828::2008	15169 (GOOGLE) (GOOGLE)
28	2404:6800:400... 2404:6800:4004:80f::2002	15169 (GOOGLE) (GOOGLE)
1 2	23.32.12.196 23.32.12.196	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2404:6800:400... 2404:6800:4004:828::200e	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:80b::200e	15169 (GOOGLE) (GOOGLE)
9	2404:6800:400... 2404:6800:4004:824::2002	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4004:813::2004	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:81c::200e	15169 (GOOGLE) (GOOGLE)
1 2	18.176.135.231 18.176.135.231	16509 (AMAZON-02) (AMAZON-02)
15	2404:6800:400... 2404:6800:4004:828::2001	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:826::2002	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4004:808::2006	15169 (GOOGLE) (GOOGLE)
3 3	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
6 9	142.250.207.2 142.250.207.2	15169 (GOOGLE) (GOOGLE)
4 10	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.251.42.166 142.251.42.166	15169 (GOOGLE) (GOOGLE)
2	2600:140b:1a0... 2600:140b:1a00:19::17dc:44ad	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2600:9000:20b... 2600:9000:20bc:a800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:1f13:800... 2600:1f13:800:7782:75f2:caaa:71c1:5647	16509 (AMAZON-02) (AMAZON-02)
108	20

8 138.128.181.29 (Ocoee, United States)

ASN33182 (DIMENOC, US)
PTR: 138-128-181-29.static.hostdime.com

www.nirsoft.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:828::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2404:6800:4004:80f::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.12.196 (Tokyo, Japan) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-12-196.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:828::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:80b::200e (Australia)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4004:824::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:813::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81c::200e (Australia)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.176.135.231 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-135-231.ap-northeast-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2404:6800:4004:828::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:826::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4004:808::2006 (Australia)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 202.233.84.8 (Japan) 3 redirects

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.207.2 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.64.151.101 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.42.166 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:140b:1a00:19::17dc:44ad (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20bc:a800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f13:800:7782:75f2:caaa:71c1:5647 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	490 KB
22	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154	127 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 898 static.adsafeprotected.com — Cisco Umbrella Rank: 587 dt.adsafeprotected.com — Cisco Umbrella Rank: 570	123 KB
10	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	7 KB
9	google.com cse.google.com — Cisco Umbrella Rank: 3113 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 453	175 KB
8	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	229 KB
8	nirsoft.net www.nirsoft.net — Cisco Umbrella Rank: 501184	51 KB
3	microad.jp 3 redirects s-cs.send.microad.jp — Cisco Umbrella Rank: 29338	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	192 KB
2	createjs.com code.createjs.com — Cisco Umbrella Rank: 1549	125 KB
2	addthis.com 1 redirects s7.addthis.com — Cisco Umbrella Rank: 3240	267 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	253 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	80 KB
108	13

	Domain	Requested by
28	pagead2.googlesyndication.com	www.nirsoft.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
15	tpc.googlesyndication.com	googleads.g.doubleclick.net www.nirsoft.net tpc.googlesyndication.com pagead2.googlesyndication.com
10	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
9	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.nirsoft.net
8	s0.2mdn.net	www.nirsoft.net s0.2mdn.net googleads.g.doubleclick.net
8	www.nirsoft.net	www.nirsoft.net
6	dt.adsafeprotected.com	googleads.g.doubleclick.net
6	www.google.com	cse.google.com www.google.com www.nirsoft.net tpc.googlesyndication.com
4	ad.doubleclick.net	www.nirsoft.net
3	static.adsafeprotected.com	googleads.g.doubleclick.net
3	s-cs.send.microad.jp	3 redirects
3	www.googletagservices.com	googleads.g.doubleclick.net www.nirsoft.net
2	code.createjs.com	s0.2mdn.net
2	fw.adsafeprotected.com	1 redirects googleads.g.doubleclick.net
2	cse.google.com	www.nirsoft.net www.google.com
2	s7.addthis.com	1 redirects www.nirsoft.net
1	clients1.google.com	www.nirsoft.net
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.nirsoft.net
108	20

This site contains links to these domains. Also see Links.

Domain
blog.nirsoft.net
www.camunzip.com
www.7-zip.org
www.cleverfiles.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-29` - `2024-04-27`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh

This page contains 18 frames:

Primary Page: http://www.nirsoft.net/utils/
Frame ID: 95089225C8C894E57C61A6F8137E34F2
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: D8C3A90E0BFFCC5FB1AB3334C416653F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=90&slotname=3603023613&adk=1349428559&adf=3481616681&pi=t.ma~as.3603023613&w=728&lmt=1700545766&format=728x90&url=http%3A%2F%2Fwww.nirsoft.net%2Futils%2F&ea=0&wgl=1&dt=1700545766533&bpp=3&bdt=493&idt=194&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=6790167078447&frm=20&pv=2&ga_vid=1222120316.1700545766&ga_sid=1700545767&ga_hid=2130290256&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=312&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532604%2C31079266%2C31079628%2C31078301%2C44807764%2C44808148%2C44808285%2C44809057%2C318512602&oid=2&pvsid=3362615996112443&tmod=1234522195&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=206
Frame ID: 2A0675A258F51CBFF82229D1984EFE0F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1700545766&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2Futils%2F&ea=0&wgl=1&dt=1700545766536&bpp=1&bdt=496&idt=210&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6790167078447&frm=20&pv=1&ga_vid=1222120316.1700545766&ga_sid=1700545767&ga_hid=2130290256&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532604%2C31079266%2C31079628%2C31078301%2C44807764%2C44808148%2C44808285%2C44809057%2C318512602&oid=2&pvsid=3362615996112443&tmod=1234522195&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=213
Frame ID: 00FA27E8F4EF927B0F68EA4E34A1CF72
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&adk=1812271804&adf=3025194257&lmt=1700545766&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.nirsoft.net%2Futils%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&dt=1700545766548&bpp=4&bdt=509&idt=203&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C160x600&nras=1&correlator=6790167078447&frm=20&pv=1&ga_vid=1222120316.1700545766&ga_sid=1700545767&ga_hid=2130290256&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532604%2C31079266%2C31079628%2C31078301%2C44807764%2C44808148%2C44808285%2C44809057%2C318512602&oid=2&pvsid=3362615996112443&tmod=1234522195&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=211
Frame ID: 0AA0725E74F6DA2B2D7F484A14E45DB0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQgL6YlQQYru6e-gEwAQ&v=APEucNUD0jEJdK2pSRxwdbDJApJdoaEIGLc3khbSB-qHPUpM7brEIiZEXgjJXZOHzWXXo9hf_b_HbdRf55Qe2-3dXF9OdnUvTQ
Frame ID: 675BCBDF303B0DFFD586BF41BA6F40F5
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3AThCB-1gYyJHW-gEwAQ&v=APEucNVuoBxCCpS0eQbF74FmUmxek9r5n4WHDoOQbZjw6__Q3E6iyjcxhkoRvSlzuF7KAWtU7giDNGpepJ0lT2-uJUuhuIZBUQ
Frame ID: C68B7DA309C362B4941DAC9638F03578
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: AD8A5E85273187E6B39A788693692563
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11751189510363883864/Ad1-728-90/Ad1-728x90.html?ev=01_250
Frame ID: 3EC36374A76B2848212DB31A2A268262
Requests: 4 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 8C18AD07E1069F42DF34FA0936B581B7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: DE1D4ADDDE75BD2FEF8C049AE4562BD9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8533EF8F2FDB94A7CD49C090DA8B4F19
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3AThCB-1gYnI_W-gEwAQ&v=APEucNUtn2BOY63lGvbZ7Vzaqk2ZNuxKCcyzW46kSr0-6L4_wka3YKyZoOiW2NhoEhLNq1DZ9xosB1tnAAzGsaSUAqnK31G6jg
Frame ID: 3CB9B495D17A1F63434D00DB90B79796
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: D8984BEFBFCCE71FBABFF2BA003D37EF
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2826002408087640599/Ad9-728-90/Ad9-728-90.html?ev=01_250
Frame ID: C4E8DD75B4168C18107FC194CF96F1EA
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 70F4DDE330C26B74234EFDA17BF27145
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 966928465668D28988FF3BB4F08F18CB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 951B1374C69815482DA43C5C748D5B29
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Freeware Tools and System Utilities for Windowssearch

Detected technologies

AddThis (Widgets) Expand

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

108
Requests

81 %
HTTPS

65 %
IPv6

13
Domains

20
Subdomains

20
IPs

3
Countries

1594 kB
Transfer

4435 kB
Size

10
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://blog.nirsoft.net/
Title: Blog

Search URL Search Domain Scan URL

URL: http://www.camunzip.com/
Title: CAM UnZip

Search URL Search Domain Scan URL

URL: http://www.7-zip.org/
Title: 7-Zip archive manager

Search URL Search Domain Scan URL

URL: http://www.cleverfiles.com/disk-drill-windows.html
Title: Freeware data recovery

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://s7.addthis.com/js/250/addthis_widget.js HTTP 308
https://s7.addthis.com/js/250/addthis_widget.js

Request Chain 41

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Request Chain 42

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKWbt3f8t2EsP8hKb-vNU3M&google_cver=1

Request Chain 43

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVxE52gGKmE3i6-0rL7xfQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNXZTeipL8_FuFpGoSCVOQ&google_cver=1

Request Chain 49

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Request Chain 50

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNXZTeipL8_FuFpGoSCVOQ&google_cver=1

Request Chain 51

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVxE52gGKmE3i6-0rL7xfQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNXZTeipL8_FuFpGoSCVOQ&google_cver=1

Request Chain 59

https://fw.adsafeprotected.com/rfw/bgd/1712960/75657834/xbbe/creative/adj?p=APEucNU4MbeYv14VXKc5dTbGIOFxPmGs5C_kQB5sdRWXfvLPbJ4DVt4&d=CokBAKAmf-DRLDO-VdlseIBL1D1SEZANClJ19gnlTAPh5r9baAeeVZh5H_HdPro7Pd2mjDthKqXGNwfGSmM75hPLld-ZZrgtbvSOjCZtGF2OAZGo9MAF4AiOfJFweQN5GQ0s4nF3QjbJj-Qo-ooEHWsRliQ9TOUQX96X0B5K9ZUv2oAYC1YwEBhvNP8S-RQAoCZ_4Bqi-rub9CTmxjq_KRfKXCruUrqGqf0PR09jATB_mNBIYRYeplX1L94rRu7ytsg-vDtvRmXScfkb36lHgZYVJkpzTwYK9PymGlLBHILOGpsBUiEUKZAuBrjPWvblpw4L9rBtt-BOU2CpjG2RAbeI0hy2ER3YVNtY9UkbvEXtdv2JLmjeAjbuWvrmsVfL1TI1CDRCqWX2WUc1Wq5QGiSLIdYIp5-hZ-B4rcsUGbaHDn6Dzzck2eX2X3EDhZSUdDHsy8PTs_k-OuKlEiPPrW4DKi-PsdKiH5q6G95lcCVntRpPmgPF5s9w9YyfdK6NMEDZkA4YFyezFJjzYv92rpw-3e0oFIbeP8g_gtwtgebYTBC9dK4bRtujUWsck8VbIXCBHmAagZj7DHC9fZbj9NVYpGg9LA_iIu2wtdxBfQnCfJznr-3t34xgIa2ccAxmH91vAuKpi4bJ2JZx1vsvEp_QLoAIuUeONCJE1cK5emabV_9_tfe2AS5YGbml4vQSN3Og9DGFVUMjCLHaBUzYgq5UWsZ2Xni6_UP1nHuWkjpMScvNSLNuxgnWU6Sz2dVKY9sqN14DCAZcCzQGkCWfaAlVLbIW7WfzXle84iU4loANIMm0txzWFcYJA7BLP4Io3KS6THeq7BCMXZDNr4gHjkTkGbPTJ3FiSjOBbll4xYYvT6sGRO_b_Q4xzixhdKC8Py_4F7NM0yde1UfwXa4a9zanQNJcuv06vVsR6N0BvHLzafbwK1Iv-4XkBtRLB_HNIsdpZU0OVYbwBpeqfX0ZryE05AmaQIuJKhuhLm5y5w2WFYo9Fj0RuSnjlSlxwBFNOUCva_R4gLmCrrBHQXFC5L89sxXECnOz9ZQEZbge3q9dvWhJ7JkzlJ5jtMljkgbO6IV8byLBg-gbJDsnPKqZFxYOb-4M3RdS-oc5C5W1YJo_7Mj0iW4sNWq3iAt-CumK6hfmugZF80O9siSXGlo3-X-9BONsxpl5ALwWUabcO00FXFgvE2nUpndqMQwux1hYXTUlBlEt3UbH6oJUrCw38ONF5KKbxbDhuxFcsHadqWG2LvhXEq9Y2g75Eb-20YlZaXoP4SGQtRNcFZATatM5J19TWqc82mJPHTdrR9RyrTyJYSTqDQJbMMksTFYsUsC7bgR7Z2XOlDGioGeP4ecwYRYr84ZxsYoKC9eDzBStGO7jtIs95B9Qe-B4F3I_q27LQ5TiuQohyu4DfIAnVEoVN1Gi0LE5hTwzk2qKKD9-pfLzuDnTvUOeq2Cndbr2VbsoQ4GUQTnDAsKmwkYeGwqA5nezSO5c25nnrGhXWAxe7YvmJBMEh1Tt9sbTFbFbLae86f0b2ihFuakaL66NwAqxg19yX0EXr_Ntt-g-At54OLEGs5Sk5K219UGZ3DmleHTonq8nSu0LaTuJSYClVdEX2Ua6POPjyHAnbwCjX5XrJHR62MNdff5qqoB3izq77-6m-kK2DeYvGUEGfHAHxIRrooXLgcA5ILnvE56YXVquJ0OsBEDBmNn3fr_6Vcs7NmaSe6r-oo4MTUEN7XFPV9VqeKoizJ1yZybd63U2kRWxturu_E1hmzCdjzzjs51TspHM6d8o550CkzmRVEOXBN4jEc9kaVuyUSAF2WCtbTQejjtbBFnv_voNCmfjrAKzBlwdIB5IA1ozf4l1iwhmG0FgWWLZxUECEzxDgspAYpiyKoQmqQvUcYUvBuFLoyaPoCDG7NuFHfu8UWKut6RUXYURwL9dz-l5KVFlIfFKqUJzJzWGXEq4gYSb8T3B0DjYG7BlHR06wxTJSb32-6P2_yyJe7N9TutQgCwv3aYz7bwjs66kMxghrcs4mnxohx7ow65vXhvqCcMGQO1ZuJlDQ2WsrxUoRIEmWePRKvmQ8AAaEHyloO1guwRtnqrOtXpZZ7klROT7LFHFWUENqxC8GG3EwS08HVF2SLc-1YomTbn4vFGT7EsxuU5vHO2Px8WaYTH9u5GLEPmnsQpWA7OC8FW-ZtupNq4LpewrZf8ELx7aRIoV0JqWxw5c_1K0AR3-64grid3BUkbcw5PLTx6IXPs3CIIN3_FbsuGZV2zihJ8StDImF8apbFn9v86zm8nchs16cSavJcCTiEdjBnhMcZx3PUgO9sbPLHNVS_DEV-Ho0OJrMtfIDrJs7fwo7awpoSp9qYMli_C4URPMeflCmg6ByB49eELMeHrWAB2ONjYFNPzWNXtBFt_CT41grtjU9V4HyYCI5Zdk4n1zqiia5m47Ay4WWeYWppR5K-9yCzNyF1WjbQnmNNINw2iGlzckqeNT8x7tlsx8_6SptLyj8P-ev2EH4iPmHXqZrSURcUr7i1-JTL68cAw4BksbMxL8wnxpetbPoTf1_CVtzHycMg3ksw_53XqLjGgbkAPUU2kqoJo3s-hbArEzXPqOMOv0OJKCyZN4zuBEQkBQJrgNNDS8BeSQv9mSyfzpBJjiqzMawf9otpcCzb0VJtGaN3ym3GOl5R6HziWOwyPTzDIITsFYIpa2ETd9uh67fML0R1Ra_1OSB3SkP0nh63C-HuyY95G-lfkvKjt0nCRaDxl4i0wvvRIwaylzKscof15wq05GMA15rzArF_SxGQ4e8sp6Odfhy28I6iTg5qn-Ib0gIfsWqSzaBoVjySDdi2nFp43jurJLck42D0YpAFHclaoReWOOnQnLmnTIEap4P4wJV8W3hnGg2nMk-x8sICnNuClie42YF8lo2OfkuZBDiYkeejgVNZN11z_USWiPzPdcbtGW77H_oEWc-JCv-cs5JimNEayiM7zLEmY_NT_6xNvrJDkjobRoyzz8x71A94OScNArXR8LSaqX940kVk3U6w6tk5u9nMc35dp6mzuESrX29lCaVGCKa5yfhwWf0FDHCZe2Iyop2cGHyMF4KBGFYpHEOI878v1IHKMBCgmpx7yBp-t7HTXG90qxY_0sfdBGcnDG29z3_FIlTOxtw8qbH6bLCUDyRVlPi88yXi3Qt7F6ds_Hj1wSZZDbnug3lAPFMgh_N0Lf_QKXAoJv9K_uCkELEMHwcruiut-cxNvF-ndbsxJJ31PWlwYR1jd5tUsyUmdHwrGvCDg4aTMxGtALOQYINt4ftdKIgHo_lmkYE4CbIhpAWJ5F4Fp4It-2OrtTrRfzRp44ejep2cerBW-Ro0lIQVSjURuxAx1WOHNAuF_RB6pa-dfMjoVp8KJHmBO-9tIywJ9e7zs7JEsEjnX8sBjYHs6qqJK-wcCI1e40fICQJzmwsOlg-UwS45xLr_ZmfcTmAHrHXN8tYHXVafGUhCL1jrHC1NZiazxgXcNcyID7_c13cSejIvNbQONa0f_4fl_XyTbbh3DVl9HsPxbfwpTK0O-I2CHjZ-PIUp4Yp6X214HV2w_J6tlzjRrivNyqH8Foucj8DYq1CNtEg863y-n6N9qazc-Z4ez2J4lGT0QAqaBrT1tp1m9fPj2r_I3TKkpDIPB0EPGfmQ4MY7V08X6slfNiIsizyQdP20sM48WTAlN-GYiEet_fv2l3Lszz5dkPVcZ5zksBXx9q6cRIWUZ8vK8lE1Nz4TAYZxpUCAQSTgDICaaNQn7bsVXSHl8g_5Qmh_CJRGRdC8ffDprATTHhTLQf10k9hl-S5OWK_-XaQCkJamoX2HdtYaYcwSh9PcR8NZPYLEzZMxP66ICZhBgBYAE&bundleId=&ias_dspID=3&ias_campId=1014618290&ias_pubId=pub-5286073190998405&ias_chanId=1&ias_placementId=20726558297&bidurl=http://www.nirsoft.net/utils/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jUgJIfq3QH6JVjW_ig4OiD&adsafe_url=http%3A%2F%2Fwww.nirsoft.net&adsafe_type=y&adsafe_url=http%3A%2F%2Fwww.nirsoft.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5286073190998405%26output%3Dhtml%26h%3D600%26slotname%3D8544847776%26adk%3D2347419153%26adf%3D3905112207%26pi%3Dt.ma~as.8544847776%26w%3D160%26lmt%3D1700545766%26format%3D160x600%26url%3Dhttp%253A%252F%252Fwww.nirsoft.net%252Futils%252F%26ea%3D0%26wgl%3D1%26dt%3D1700545766536%26bpp%3D1%26bdt%3D496%26idt%3D210%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D728x90%26correlator%3D6790167078447%26frm%3D20%26pv%3D1%26ga_vid%3D1222120316.1700545766%26ga_sid%3D1700545767%26ga_hid%3D2130290256%26ga_fc%3D1%26u_tz%3D540%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D5%26ady%3D613%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C42532604%252C31079266%252C31079628%252C31078301%252C44807764%252C44808148%252C44808285%252C44809057%252C318512602%26oid%3D2%26pvsid%3D3362615996112443%26tmod%3D1234522195%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Dd%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D23%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26dtd%3D213&adsafe_type=d&adsafe_jsinfo=,id:fad61a1f-157f-79c1-4813-c4a079fc7323,c:uC6drO,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-64c75c46cc-7kqlt,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tWdKJIk+11%7C121%7C1221%7C123%7C13*.1712960-75657834%7C131%7C14,idMap:13*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:16,oid:bb52b9de-8831-11ee-82ee-9a0c3c7b5ab0,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/passback_160x600.js

Request Chain 77

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=NDk1ZTNkYjIwZDZmYmU4ZTM0NWRiMTUyNTNkMDAxNjM=

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNXZTeipL8_FuFpGoSCVOQ&google_cver=1

Request Chain 79

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVxE52gGKmE3i6-0rL7xfQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNXZTeipL8_FuFpGoSCVOQ&google_cver=1

108 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.nirsoft.net/utils/ 162 KB
41 KB 368ms
201ms Document
text/html 138.128.181.29
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.nirsoft.net/utils/
Protocol: HTTP/1.1
Server: 138.128.181.29 Ocoee, United States, ASN33182 (DIMENOC, US),
Reverse DNS: 138-128-181-29.static.hostdime.com
Software: Apache /
Resource Hash: 676621f8bc0324df0e1f6d18cd9281524379d88cf85224ce87497cd0a1bce9a1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 41899
Content-Type: text/html; charset=UTF-8
Date: Tue, 21 Nov 2023 05:49:25 GMT
Keep-Alive: timeout=4, max=50
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK main.css
www.nirsoft.net/ 7 KB
2 KB 321ms
160ms Stylesheet
text/css 138.128.181.29
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.nirsoft.net/main.css
Requested by: Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/
Protocol: HTTP/1.1
Server: 138.128.181.29 Ocoee, United States, ASN33182 (DIMENOC, US),
Reverse DNS: 138-128-181-29.static.hostdime.com
Software: Apache /
Resource Hash: 1fc7ceb533a021747396d0773be419b8432c309db898995af87bf5a7b0c68b0b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.nirsoft.net/utils/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 05:49:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Jan 2020 06:22:16 GMT
Server: Apache
ETag: "126d6c-1c14-59bff7f2a5600-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=50
Content-Length: 1568

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
80 KB 89ms
44ms Script
application/javascript 2404:6800:4004:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P2Q08WF7BK

Requested by

Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

01bf2cd3e061b11cc201ed4b4b67f9a778aa0506be5de658a4184b04736395e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.nirsoft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:49:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81157
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 21 Nov 2023 05:49:26 GMT

GET
H/1.1 200
OK nirsoft2.gif
www.nirsoft.net/ 4 KB
4 KB 320ms
160ms Image
image/gif 138.128.181.29
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.nirsoft.net/nirsoft2.gif
Requested by: Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/
Protocol: HTTP/1.1
Server: 138.128.181.29 Ocoee, United States, ASN33182 (DIMENOC, US),
Reverse DNS: 138-128-181-29.static.hostdime.com
Software: Apache /
Resource Hash: 0c4f483b95cfce5c4e78f32946ed302502f365c272094950b254b6226c16c7f5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.nirsoft.net/utils/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 05:49:26 GMT
Last-Modified: Mon, 06 Sep 2004 14:43:52 GMT
Server: Apache
ETag: "126d5f-e6e-3e36ce8cf3a00"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=50
Content-Length: 3694

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
52 KB 126ms
82ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a20a0cacf291f7a92ee4a8247dcb9e30b18e6cadd6906049fd6ac6b0ba9cc246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.nirsoft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52983
x-xss-protection: 0
server: cafe
etag: 17421609155544250331
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 05:49:26 GMT

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/250/
Redirect Chain

http://s7.addthis.com/js/250/addthis_widget.js
https://s7.addthis.com/js/250/addthis_widget.js

0
0

13ms
6ms

Script
text/plain

23.32.12.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s7.addthis.com/js/250/addthis_widget.js
Requested by: Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/
Protocol: H2
Server: 23.32.12.196 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-12-196.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.nirsoft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

Date: Tue, 21 Nov 2023 05:49:26 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/250/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H/1.1 200
OK update.gif
www.nirsoft.net/ 195 B
469 B 320ms
160ms Image
image/gif 138.128.181.29
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.nirsoft.net/update.gif
Requested by: Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/
Protocol: HTTP/1.1
Server: 138.128.181.29 Ocoee, United States, ASN33182 (DIMENOC, US),
Reverse DNS: 138-128-181-29.static.hostdime.com
Software: Apache /
Resource Hash: 2c412f0cb2d38668c389ef16f48a043f138c7c7a0e483316bf59481281a9a50f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.nirsoft.net/utils/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 05:49:26 GMT
Last-Modified: Sat, 21 Sep 1996 06:35:10 GMT
Server: Apache
ETag: "126d5c-c3-2fef73865e380"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=50
Content-Length: 195

GET
H/1.1 200
OK new.gif
www.nirsoft.net/ 157 B
431 B 161ms
160ms Image
image/gif 138.128.181.29
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.nirsoft.net/new.gif
Requested by: Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/
Protocol: HTTP/1.1
Server: 138.128.181.29 Ocoee, United States, ASN33182 (DIMENOC, US),
Reverse DNS: 138-128-181-29.static.hostdime.com
Software: Apache /
Resource Hash: e089c1557fe00b5d01938d97d6c577182ee7b43a8e2f05880f157231b8943bf2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.nirsoft.net/utils/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 05:49:26 GMT
Last-Modified: Wed, 05 Jun 2002 20:11:48 GMT
Server: Apache
ETag: "1241bc-9d-3a2b1705a2900"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=49
Content-Length: 157

POST
H2 204 collect
www.google-analytics.com/g/ 0
253 B 78ms
41ms Ping
text/plain 2404:6800:4004:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-P2Q08WF7BK&gtm=45je3b81v9134922855&_p=1700545766365&gcd=11l1l1l1l1&dma=0&cid=1222120316.1700545766&ul=en-us&sr=1600x1200&_s=1&sid=1700545766&sct=1&seg=0&dl=http%3A%2F%2Fwww.nirsoft.net%2Futils%2F&dt=Freeware%20Tools%20and%20System%20Utilities%20for%20Windows&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=716
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P2Q08WF7BK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:828::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.nirsoft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.nirsoft.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 6 KB
3 KB 151ms
66ms Script
text/javascript 2404:6800:4004:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-5286073190998405:5399172980

Requested by

Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

c6e64c1cd75bb07f21740c2dd0514603cbf0644a4dddd96899ec39ed3a8ffa67

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-mALdkRgF3XFWgwgUoihCSw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.nirsoft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-mALdkRgF3XFWgwgUoihCSw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Tue, 21 Nov 2023 05:49:26 GMT
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2451
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=

GET
H/1.1 200
OK menubg.png
www.nirsoft.net/ 448 B
723 B 160ms
160ms Image
image/png 138.128.181.29
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.nirsoft.net/menubg.png
Requested by: Host: www.nirsoft.net
URL: http://www.nirsoft.net/main.css
Protocol: HTTP/1.1
Server: 138.128.181.29 Ocoee, United States, ASN33182 (DIMENOC, US),
Reverse DNS: 138-128-181-29.static.hostdime.com
Software: Apache /
Resource Hash: 4ea8411870894a09ff7165d06aab69c2be05ffea87cdb1b5fb3b5594f11f6f06

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.nirsoft.net/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 05:49:26 GMT
Last-Modified: Sun, 12 Jan 2020 19:55:26 GMT
Server: Apache
ETag: "1200ca-1c0-59bf6bd6f4780"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=49
Content-Length: 448

GET
H/1.1 200
OK menutomain.gif
www.nirsoft.net/ 805 B
1 KB 161ms
160ms Image
image/gif 138.128.181.29
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.nirsoft.net/menutomain.gif
Requested by: Host: www.nirsoft.net
URL: http://www.nirsoft.net/main.css
Protocol: HTTP/1.1
Server: 138.128.181.29 Ocoee, United States, ASN33182 (DIMENOC, US),
Reverse DNS: 138-128-181-29.static.hostdime.com
Software: Apache /
Resource Hash: 03fb3f62f575f7aece5107379da9667099547635980c20ee48c3a85a1ae1b7c2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.nirsoft.net/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 05:49:26 GMT
Last-Modified: Sat, 21 Apr 2007 15:17:30 GMT
Server: Apache
ETag: "126d84-325-42ea0ef395680"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=49
Content-Length: 805

GET
H/1.1 200
OK toptomain.gif
www.nirsoft.net/ 805 B
1 KB 160ms
160ms Image
image/gif 138.128.181.29
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.nirsoft.net/toptomain.gif
Requested by: Host: www.nirsoft.net
URL: http://www.nirsoft.net/main.css
Protocol: HTTP/1.1
Server: 138.128.181.29 Ocoee, United States, ASN33182 (DIMENOC, US),
Reverse DNS: 138-128-181-29.static.hostdime.com
Software: Apache /
Resource Hash: 432863150465290850edbb508d7e1e8c95320c0b34737f2f81cbf7589b6064d8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.nirsoft.net/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 05:49:26 GMT
Last-Modified: Sat, 21 Apr 2007 15:31:48 GMT
Server: Apache
ETag: "12332e-325-42ea1225d6100"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=49
Content-Length: 805

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
135 KB 104ms
103ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b584f823a8583514d3c8ae1a90ec8006b2441a045fd8095ef2c44bb425b5f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.nirsoft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138500
x-xss-protection: 0
server: cafe
etag: 16590292881251747262
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 05:49:26 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame D8C3 9 KB
4 KB 46ms
2ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.nirsoft.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 10481
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 02:54:45 GMT
etag: 16674218716276178799
expires: Tue, 05 Dec 2023 02:54:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/2b35e7a15e0e30e2/ 314 KB
105 KB 130ms
89ms Script
text/javascript 2404:6800:4004:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/2b35e7a15e0e30e2/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-5286073190998405:5399172980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbf7eb98f997a8df116c6515ce77a2e76be2dafbdbc62cd7feade398544ac0a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.nirsoft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106943
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 17:44:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 21 Nov 2023 05:49:26 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/2b35e7a15e0e30e2/ 41 KB
9 KB 99ms
58ms Stylesheet
text/css 2404:6800:4004:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/2b35e7a15e0e30e2/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-5286073190998405:5399172980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.nirsoft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9068
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 17:44:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 21 Nov 2023 05:49:26 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 43ms
3ms Stylesheet
text/css 2404:6800:4004:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-5286073190998405:5399172980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.nirsoft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:26:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 21 Nov 2023 06:16:25 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2A06 103 KB
43 KB 402ms
401ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=90&slotname=3603023613&adk=1349428559&adf=3481616681&pi=t.ma~as.3603023613&w=728&lmt=1700545766&format=728x90&url=http%3A%2F%2Fwww.nirsoft.net%2Futils%2F&ea=0&wgl=1&dt=1700545766533&bpp=3&bdt=493&idt=194&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=6790167078447&frm=20&pv=2&ga_vid=1222120316.1700545766&ga_sid=1700545767&ga_hid=2130290256&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=312&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532604%2C31079266%2C31079628%2C31078301%2C44807764%2C44808148%2C44808285%2C44809057%2C318512602&oid=2&pvsid=3362615996112443&tmod=1234522195&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=206

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3ac70ceec5c93b89371c9facc4817744abb5cf244151241c7dc360823ab375e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.nirsoft.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44004
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 05:49:27 GMT
expires: Tue, 21 Nov 2023 05:49:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 00FA 33 KB
13 KB 356ms
356ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1700545766&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2Futils%2F&ea=0&wgl=1&dt=1700545766536&bpp=1&bdt=496&idt=210&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6790167078447&frm=20&pv=1&ga_vid=1222120316.1700545766&ga_sid=1700545767&ga_hid=2130290256&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532604%2C31079266%2C31079628%2C31078301%2C44807764%2C44808148%2C44808285%2C44809057%2C318512602&oid=2&pvsid=3362615996112443&tmod=1234522195&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=213

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af14b0cd512e7e43cafa798ef2b6d320cfff4c815cfe90e73baf42c13cdd980a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.nirsoft.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12847
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 05:49:27 GMT
expires: Tue, 21 Nov 2023 05:49:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0AA0 134 KB
48 KB 476ms
475ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&adk=1812271804&adf=3025194257&lmt=1700545766&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.nirsoft.net%2Futils%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&dt=1700545766548&bpp=4&bdt=509&idt=203&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C160x600&nras=1&correlator=6790167078447&frm=20&pv=1&ga_vid=1222120316.1700545766&ga_sid=1700545767&ga_hid=2130290256&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532604%2C31079266%2C31079628%2C31078301%2C44807764%2C44808148%2C44808285%2C44809057%2C318512602&oid=2&pvsid=3362615996112443&tmod=1234522195&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=211

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5040a2d8558298e59fb8441c5da47fa9bd6eeeacf1a3431c2406388383953c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.nirsoft.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 49331
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 05:49:27 GMT
expires: Tue, 21 Nov 2023 05:49:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 143 KB
53 KB 48ms
46ms Script
text/javascript 2404:6800:4004:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/2b35e7a15e0e30e2/cse_element__en.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2404:6800:4004:80b::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9211b98042b17907d74bb76aa84613fe8d9dec0208003af8082899a662a00c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.nirsoft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 05:49:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
ETag: "12933309866110392501"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Accept-Ranges: bytes
Link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
Expires: Tue, 21 Nov 2023 05:49:26 GMT

GET
H2 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 3ms
2ms Image
image/png 2404:6800:4004:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/2b35e7a15e0e30e2/default+en.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/cse/static/element/2b35e7a15e0e30e2/default+en.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 05:49:32 GMT
x-content-type-options: nosniff
age: 518394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 14 Nov 2024 05:49:32 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 2ms
2ms Image
image/png 2404:6800:4004:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.nirsoft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 01:42:03 GMT
x-content-type-options: nosniff
age: 274043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1372
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 17 Nov 2024 01:42:03 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
127 B 44ms
3ms Image
text/plain 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Requested by: Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/
Protocol: HTTP/1.1
Server: 2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.nirsoft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 05:49:26 GMT
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 00FA 42 B
63 B 39ms
38ms Image
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cj7J6fcUrENGemta6fX1zdJlNtygrSZgvmxMk1cML_BBbEXu-ktgifisuZfbAb1RYez5YSFv4Br_KGj3Gh13Mmm953gafuT2a4DVYIbZtDCqGgGyg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1700545766&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2Futils%2F&ea=0&wgl=1&dt=1700545766536&bpp=1&bdt=496&idt=210&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6790167078447&frm=20&pv=1&ga_vid=1222120316.1700545766&ga_sid=1700545767&ga_hid=2130290256&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532604%2C31079266%2C31079628%2C31078301%2C44807764%2C44808148%2C44808285%2C44809057%2C318512602&oid=2&pvsid=3362615996112443&tmod=1234522195&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=213

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 00FA 0
20 B 38ms
38ms Image
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=398752696034436379&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 00FA 89 KB
31 KB 63ms
62ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:49:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31498
x-xss-protection: 0
server: cafe
etag: 4296746511219988724
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 05:49:27 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1712960/75657834/xbbe/creative/ Frame 00FA 263 KB
80 KB 154ms
8ms Script
application/javascript 18.176.135.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1712960/75657834/xbbe/creative/adj?p=APEucNU4MbeYv14VXKc5dTbGIOFxPmGs5C_kQB5sdRWXfvLPbJ4DVt4&d=CokBAKAmf-DRLDO-VdlseIBL1D1SEZANClJ19gnlTAPh5r9baAeeVZh5H_HdPro7Pd2mjDthKqXGNwfGSmM75hPLld-ZZrgtbvSOjCZtGF2OAZGo9MAF4AiOfJFweQN5GQ0s4nF3QjbJj-Qo-ooEHWsRliQ9TOUQX96X0B5K9ZUv2oAYC1YwEBhvNP8S-RQAoCZ_4Bqi-rub9CTmxjq_KRfKXCruUrqGqf0PR09jATB_mNBIYRYeplX1L94rRu7ytsg-vDtvRmXScfkb36lHgZYVJkpzTwYK9PymGlLBHILOGpsBUiEUKZAuBrjPWvblpw4L9rBtt-BOU2CpjG2RAbeI0hy2ER3YVNtY9UkbvEXtdv2JLmjeAjbuWvrmsVfL1TI1CDRCqWX2WUc1Wq5QGiSLIdYIp5-hZ-B4rcsUGbaHDn6Dzzck2eX2X3EDhZSUdDHsy8PTs_k-OuKlEiPPrW4DKi-PsdKiH5q6G95lcCVntRpPmgPF5s9w9YyfdK6NMEDZkA4YFyezFJjzYv92rpw-3e0oFIbeP8g_gtwtgebYTBC9dK4bRtujUWsck8VbIXCBHmAagZj7DHC9fZbj9NVYpGg9LA_iIu2wtdxBfQnCfJznr-3t34xgIa2ccAxmH91vAuKpi4bJ2JZx1vsvEp_QLoAIuUeONCJE1cK5emabV_9_tfe2AS5YGbml4vQSN3Og9DGFVUMjCLHaBUzYgq5UWsZ2Xni6_UP1nHuWkjpMScvNSLNuxgnWU6Sz2dVKY9sqN14DCAZcCzQGkCWfaAlVLbIW7WfzXle84iU4loANIMm0txzWFcYJA7BLP4Io3KS6THeq7BCMXZDNr4gHjkTkGbPTJ3FiSjOBbll4xYYvT6sGRO_b_Q4xzixhdKC8Py_4F7NM0yde1UfwXa4a9zanQNJcuv06vVsR6N0BvHLzafbwK1Iv-4XkBtRLB_HNIsdpZU0OVYbwBpeqfX0ZryE05AmaQIuJKhuhLm5y5w2WFYo9Fj0RuSnjlSlxwBFNOUCva_R4gLmCrrBHQXFC5L89sxXECnOz9ZQEZbge3q9dvWhJ7JkzlJ5jtMljkgbO6IV8byLBg-gbJDsnPKqZFxYOb-4M3RdS-oc5C5W1YJo_7Mj0iW4sNWq3iAt-CumK6hfmugZF80O9siSXGlo3-X-9BONsxpl5ALwWUabcO00FXFgvE2nUpndqMQwux1hYXTUlBlEt3UbH6oJUrCw38ONF5KKbxbDhuxFcsHadqWG2LvhXEq9Y2g75Eb-20YlZaXoP4SGQtRNcFZATatM5J19TWqc82mJPHTdrR9RyrTyJYSTqDQJbMMksTFYsUsC7bgR7Z2XOlDGioGeP4ecwYRYr84ZxsYoKC9eDzBStGO7jtIs95B9Qe-B4F3I_q27LQ5TiuQohyu4DfIAnVEoVN1Gi0LE5hTwzk2qKKD9-pfLzuDnTvUOeq2Cndbr2VbsoQ4GUQTnDAsKmwkYeGwqA5nezSO5c25nnrGhXWAxe7YvmJBMEh1Tt9sbTFbFbLae86f0b2ihFuakaL66NwAqxg19yX0EXr_Ntt-g-At54OLEGs5Sk5K219UGZ3DmleHTonq8nSu0LaTuJSYClVdEX2Ua6POPjyHAnbwCjX5XrJHR62MNdff5qqoB3izq77-6m-kK2DeYvGUEGfHAHxIRrooXLgcA5ILnvE56YXVquJ0OsBEDBmNn3fr_6Vcs7NmaSe6r-oo4MTUEN7XFPV9VqeKoizJ1yZybd63U2kRWxturu_E1hmzCdjzzjs51TspHM6d8o550CkzmRVEOXBN4jEc9kaVuyUSAF2WCtbTQejjtbBFnv_voNCmfjrAKzBlwdIB5IA1ozf4l1iwhmG0FgWWLZxUECEzxDgspAYpiyKoQmqQvUcYUvBuFLoyaPoCDG7NuFHfu8UWKut6RUXYURwL9dz-l5KVFlIfFKqUJzJzWGXEq4gYSb8T3B0DjYG7BlHR06wxTJSb32-6P2_yyJe7N9TutQgCwv3aYz7bwjs66kMxghrcs4mnxohx7ow65vXhvqCcMGQO1ZuJlDQ2WsrxUoRIEmWePRKvmQ8AAaEHyloO1guwRtnqrOtXpZZ7klROT7LFHFWUENqxC8GG3EwS08HVF2SLc-1YomTbn4vFGT7EsxuU5vHO2Px8WaYTH9u5GLEPmnsQpWA7OC8FW-ZtupNq4LpewrZf8ELx7aRIoV0JqWxw5c_1K0AR3-64grid3BUkbcw5PLTx6IXPs3CIIN3_FbsuGZV2zihJ8StDImF8apbFn9v86zm8nchs16cSavJcCTiEdjBnhMcZx3PUgO9sbPLHNVS_DEV-Ho0OJrMtfIDrJs7fwo7awpoSp9qYMli_C4URPMeflCmg6ByB49eELMeHrWAB2ONjYFNPzWNXtBFt_CT41grtjU9V4HyYCI5Zdk4n1zqiia5m47Ay4WWeYWppR5K-9yCzNyF1WjbQnmNNINw2iGlzckqeNT8x7tlsx8_6SptLyj8P-ev2EH4iPmHXqZrSURcUr7i1-JTL68cAw4BksbMxL8wnxpetbPoTf1_CVtzHycMg3ksw_53XqLjGgbkAPUU2kqoJo3s-hbArEzXPqOMOv0OJKCyZN4zuBEQkBQJrgNNDS8BeSQv9mSyfzpBJjiqzMawf9otpcCzb0VJtGaN3ym3GOl5R6HziWOwyPTzDIITsFYIpa2ETd9uh67fML0R1Ra_1OSB3SkP0nh63C-HuyY95G-lfkvKjt0nCRaDxl4i0wvvRIwaylzKscof15wq05GMA15rzArF_SxGQ4e8sp6Odfhy28I6iTg5qn-Ib0gIfsWqSzaBoVjySDdi2nFp43jurJLck42D0YpAFHclaoReWOOnQnLmnTIEap4P4wJV8W3hnGg2nMk-x8sICnNuClie42YF8lo2OfkuZBDiYkeejgVNZN11z_USWiPzPdcbtGW77H_oEWc-JCv-cs5JimNEayiM7zLEmY_NT_6xNvrJDkjobRoyzz8x71A94OScNArXR8LSaqX940kVk3U6w6tk5u9nMc35dp6mzuESrX29lCaVGCKa5yfhwWf0FDHCZe2Iyop2cGHyMF4KBGFYpHEOI878v1IHKMBCgmpx7yBp-t7HTXG90qxY_0sfdBGcnDG29z3_FIlTOxtw8qbH6bLCUDyRVlPi88yXi3Qt7F6ds_Hj1wSZZDbnug3lAPFMgh_N0Lf_QKXAoJv9K_uCkELEMHwcruiut-cxNvF-ndbsxJJ31PWlwYR1jd5tUsyUmdHwrGvCDg4aTMxGtALOQYINt4ftdKIgHo_lmkYE4CbIhpAWJ5F4Fp4It-2OrtTrRfzRp44ejep2cerBW-Ro0lIQVSjURuxAx1WOHNAuF_RB6pa-dfMjoVp8KJHmBO-9tIywJ9e7zs7JEsEjnX8sBjYHs6qqJK-wcCI1e40fICQJzmwsOlg-UwS45xLr_ZmfcTmAHrHXN8tYHXVafGUhCL1jrHC1NZiazxgXcNcyID7_c13cSejIvNbQONa0f_4fl_XyTbbh3DVl9HsPxbfwpTK0O-I2CHjZ-PIUp4Yp6X214HV2w_J6tlzjRrivNyqH8Foucj8DYq1CNtEg863y-n6N9qazc-Z4ez2J4lGT0QAqaBrT1tp1m9fPj2r_I3TKkpDIPB0EPGfmQ4MY7V08X6slfNiIsizyQdP20sM48WTAlN-GYiEet_fv2l3Lszz5dkPVcZ5zksBXx9q6cRIWUZ8vK8lE1Nz4TAYZxpUCAQSTgDICaaNQn7bsVXSHl8g_5Qmh_CJRGRdC8ffDprATTHhTLQf10k9hl-S5OWK_-XaQCkJamoX2HdtYaYcwSh9PcR8NZPYLEzZMxP66ICZhBgBYAE&bundleId=&ias_dspID=3&ias_campId=1014618290&ias_pubId=pub-5286073190998405&ias_chanId=1&ias_placementId=20726558297&bidurl=http://www.nirsoft.net/utils/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jUgJIfq3QH6JVjW_ig4OiD
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1700545766&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2Futils%2F&ea=0&wgl=1&dt=1700545766536&bpp=1&bdt=496&idt=210&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6790167078447&frm=20&pv=1&ga_vid=1222120316.1700545766&ga_sid=1700545767&ga_hid=2130290256&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532604%2C31079266%2C31079628%2C31078301%2C44807764%2C44808148%2C44808285%2C44809057%2C318512602&oid=2&pvsid=3362615996112443&tmod=1234522195&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=213
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.176.135.231 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-135-231.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: eeda44ab7da374615ac9526ede305035d1ec7bae70ef6073a70d4889388b5e76

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 00FA 3 KB
1 KB 45ms
3ms Script
text/javascript 2404:6800:4004:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 03:56:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 03:56:17 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 00FA 20 KB
9 KB 45ms
2ms Script
text/javascript 2404:6800:4004:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:54:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 02:54:48 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 00FA 202 KB
64 KB 114ms
66ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 05:49:27 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 675B 448 B
217 B 47ms
46ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQgL6YlQQYru6e-gEwAQ&v=APEucNUD0jEJdK2pSRxwdbDJApJdoaEIGLc3khbSB-qHPUpM7brEIiZEXgjJXZOHzWXXo9hf_b_HbdRf55Qe2-3dXF9OdnUvTQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1700545766&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2Futils%2F&ea=0&wgl=1&dt=1700545766536&bpp=1&bdt=496&idt=210&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6790167078447&frm=20&pv=1&ga_vid=1222120316.1700545766&ga_sid=1700545767&ga_hid=2130290256&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532604%2C31079266%2C31079628%2C31078301%2C44807764%2C44808148%2C44808285%2C44809057%2C318512602&oid=2&pvsid=3362615996112443&tmod=1234522195&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=213
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 05:49:27 GMT
expires: Tue, 21 Nov 2023 05:49:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A06 42 B
63 B 41ms
41ms Image
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DvwBOTob5PdtDRaBHKE1bwtagr_z9e2Jnc1TsgPWnk1QKJg96zPujoKLOIQ1bGjc8Rqj_E4_yQHfqBFeC5m8t_xKeyWs9wqlgxK9xpXjiGx6kjKm4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=90&slotname=3603023613&adk=1349428559&adf=3481616681&pi=t.ma~as.3603023613&w=728&lmt=1700545766&format=728x90&url=http%3A%2F%2Fwww.nirsoft.net%2Futils%2F&ea=0&wgl=1&dt=1700545766533&bpp=3&bdt=493&idt=194&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=6790167078447&frm=20&pv=2&ga_vid=1222120316.1700545766&ga_sid=1700545767&ga_hid=2130290256&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=312&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532604%2C31079266%2C31079628%2C31078301%2C44807764%2C44808148%2C44808285%2C44809057%2C318512602&oid=2&pvsid=3362615996112443&tmod=1234522195&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=206

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C68B 448 B
217 B 48ms
48ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3AThCB-1gYyJHW-gEwAQ&v=APEucNVuoBxCCpS0eQbF74FmUmxek9r5n4WHDoOQbZjw6__Q3E6iyjcxhkoRvSlzuF7KAWtU7giDNGpepJ0lT2-uJUuhuIZBUQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=90&slotname=3603023613&adk=1349428559&adf=3481616681&pi=t.ma~as.3603023613&w=728&lmt=1700545766&format=728x90&url=http%3A%2F%2Fwww.nirsoft.net%2Futils%2F&ea=0&wgl=1&dt=1700545766533&bpp=3&bdt=493&idt=194&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=6790167078447&frm=20&pv=2&ga_vid=1222120316.1700545766&ga_sid=1700545767&ga_hid=2130290256&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=312&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532604%2C31079266%2C31079628%2C31078301%2C44807764%2C44808148%2C44808285%2C44809057%2C318512602&oid=2&pvsid=3362615996112443&tmod=1234522195&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=206
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 05:49:27 GMT
expires: Tue, 21 Nov 2023 05:49:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 2A06 111 KB
39 KB 55ms
4ms Script
text/javascript 2404:6800:4004:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:808::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12253
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 02:25:14 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 2A06 7 KB
3 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:54:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 02:54:48 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 2A06 23 KB
9 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 02:54:49 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2A06 41 KB
14 KB 7ms
5ms Script
text/javascript 2404:6800:4004:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 02:54:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2A06 3 KB
1 KB 7ms
6ms Script
text/javascript 2404:6800:4004:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 03:56:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 03:56:17 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2A06 20 KB
8 KB 3ms
2ms Script
text/javascript 2404:6800:4004:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:54:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 02:54:48 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A06 202 KB
64 KB 112ms
111ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 05:49:27 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 675B
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
188 B

42ms
42ms

Image
image/png

142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQgL6YlQQYru6e-gEwAQ&v=APEucNUD0jEJdK2pSRxwdbDJApJdoaEIGLc3khbSB-qHPUpM7brEIiZEXgjJXZOHzWXXo9hf_b_HbdRf55Qe2-3dXF9OdnUvTQ

Protocol

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 21 Nov 2023 05:49:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 675B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKWbt3f8t2EsP8hKb-vNU3M&google_cver=1

43 B
737 B

17ms
17ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKWbt3f8t2EsP8hKb-vNU3M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQgL6YlQQYru6e-gEwAQ&v=APEucNUD0jEJdK2pSRxwdbDJApJdoaEIGLc3khbSB-qHPUpM7brEIiZEXgjJXZOHzWXXo9hf_b_HbdRf55Qe2-3dXF9OdnUvTQ
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPkNEYwQfTyywKUd7sUCFza5%2BQ8shou2%2Buvpk3CwehvQGCC%2BBYwqWEt0eRAWmvhbdUOsnkFTuYV1LryfJrv%2FFJLiVivgmJQqfDXg8uSbqvH%2F8UzshbGIfEMrVRZhIPPtCfD0J1Y4QN1Ciw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8296a6457bd48a8d-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKWbt3f8t2EsP8hKb-vNU3M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 675B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVxE52gGKmE3i6-0rL7xfQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNXZTeipL8_FuFpGoSCVOQ&google_cver=1

43 B
739 B

15ms
14ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNXZTeipL8_FuFpGoSCVOQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQgL6YlQQYru6e-gEwAQ&v=APEucNUD0jEJdK2pSRxwdbDJApJdoaEIGLc3khbSB-qHPUpM7brEIiZEXgjJXZOHzWXXo9hf_b_HbdRf55Qe2-3dXF9OdnUvTQ
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fRznJMKxfQ%2Fs6CsgIsvcgtd696%2Fiw%2FzQhcRjbq6nX%2BBk0eIkok0VunWShE0qMcwVIZDq0QIVPA%2F5DyutJ83N2SQXTMfXm8KOVO68kteniDtNiKGEfF%2BKsz4mozT8FteLwu2%2FBDrWPU%2Fjfg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8296a6458be18a8d-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNXZTeipL8_FuFpGoSCVOQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame AD8A 38 KB
13 KB 2ms
2ms Document
text/html 2404:6800:4004:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 10478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 02:54:49 GMT
expires: Wed, 20 Nov 2024 02:54:49 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2A06 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 938ff31ad3963e3df245897d7f5e97ca349f5c2f66ca4dd59802f0a20a9a6b0f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 00FA 0
20 B 36ms
35ms Ping
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9639373275134&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 00FA 0
20 B 40ms
40ms Ping
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9639373275134&version=m202309260101&ct=76&x=1&cor=398752696034436350

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 00FA 16 KB
12 KB 75ms
75ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ANK6kWXP9oQiWt3uUBrWRr0JHIjrIn57p-f94T9UDODsQdB9mwJy5lq2RGioWROlHkha9nJwlj9BeUgOQ_63Ne6HHdgq6xApBjV1uQxXYXaTtvT_UptR5iFryArPfgE85QQ_ulAm32yoXvTFPWfzE0mwhDyUkfjU7YDs9-3YGHSYHoYys&cry=1&dbm_d=AKAmf-DIOZGdxMiASPR-XJszzApQJBGAMrzFNfRz5BoVruOo2YFAj0EbDHqc_7jJAyRsgIyJxbBUyUXJKKi6Sj9zs7LTxOWI8MA7UJ09YMAQV-GzRJwpNfvlu_Arc-c4zcc2pF14Dwe0J7D8405H4qSscFQ0JyQL8zzSmie6G0SAUNyUuoMgLL2nijApJkQuUFXT5XV3K7NS7L_hV6AUtFXG--Uz74e6ZBO8-GBKydqLvdOV8PJOPPNO-MOSIJC_p4mvXaKHO2licjqZIQo1Ql2mcRa_ECvuoR9iLIjzmMyBTQT5X_B2IRrKZXjwPUV5ucx9aofxL_PHQQQV_ci7Le0o3NdpEXZPGDMDnpeypkt-vXJ3EQ0K26BgdNx69TzLfCsj7x8Qz7DsjZ1_bDyV47_bbtqydnW59jd_nc8o75GK51cfrEnGPwWG6c3T1A8M-dMQzoe8yxI1p9L0DWS2vEeNVvs8QRfKPDmZlyrw90Hr3SKVXbok_j8Xh1FBeM4qvh6wOW-_bn1VHT7eePDoLo-Yqc11o_-uFVcTMJ1a2f4Ou4AUsMAy1KBJuIpbSln_fkagbujpAH3gYxuFRv09b58hBbYQegGGd5DSw_tGm4FTAqRX7H1f-IeX890HMIestfIilGcEnwgA4hjfaRJTHWJizV_swxc7BadcOypex70vJn_DnLMR1kg9jIHLXay50scUCI6CihP7_Ns_uR_fv4BGMHCp3OntnmjRr4Ubr1Lm_Xadvs9HjSmdHo-knFRpfo3g6ho4WLcFUhsBp5FPpeferPuD1BaXbdt5lMe5epL_B06AvlSdCnppB35wwTGGsMtZMKijefAObFIUHd-IPTWKXnbuJwmwZCM-7j2MdDRvShHFrtoiEY1WUw3MwUX-03R_mZa8HAh76E24jgYa45M8o8TDRBBPoveG2JMRRU23mZ7peQdsjj2OjrtxrLB_mDOE-suh7e-Cedia0FIMyNScYUo2lwJ7VE4GFttgrILEPTb6dRvfLQtoYEBRzGxVmC6MMEu9FJFJU8bjxblAeXn6AN9bARg8_rmfaYEgSE4HyNJ6FlcXFqeSch95ZNUM0uOFcak2QYeH-vl6HKi4JCEtlj8aSwnxtT1KNPJvMWdUhI77kCcf4GzZTqww2hwatP4WqixPwyuRycToJuh8UooXov32JQHQw7_FJypkd-bC5dGQlj9VPBsGEpniW-5cwaPiunq1702S7jeanYW9_ud1gjBxypU573YKea9EY4DBmQkEaWFkxjG3dCJo2M1BWiLD9hjeizkWS91mSdawy-HpvBa4thYM-eZ7OGLN_JVzjaaBOiQ8-9ozY54Im-00zEnxs2Zm9IPQsmUMZxyfsdct9nVn8M5YoU2qnki6aZjcJevRb-AB5qcJEn2Q4VjamvCy7B8sBQaYivYuThUGfP2LMHEHyKFDp656LphHEya8pOZwtNd4-BKQp8G0zERvzjsgQO-BXeYlW8A38yP_UNZGpfCb0zlYwwX_2o82dAPyrHwpGNQuHRoMPDmdvX0h3Zxp2ZEY0aCp2XRFu5ribUky_-hTIPUPrx9RdgUS4ceIjiOjDIpsJhASiEsyOwfhOcA7fik89Q1jMcjEXoTdZ2kxZ82D_MfL69-CVJxVcBPRvPl-G3aknzVBeoCe1I5ymbBbsyyG8as6RO1qkVWuHLvCxG-LIHpzFsY8dk9_YHILIYw1otgPOeQMeSKDV7SR7OxZpemA_fznaFPpNok3wzQcnxPdiV-gT54kDK-lyfPqhk-keJHvwSESSkQXngYChck36BkTsbNKgxFxkBDa2WolJxiihFzTHK_bazF28PTeBVv819c5EuE1D-aiN5FXv_h9Qw-hhN4wwOlHp_RwBgkFgO17Lcn2c71t8rXRrVWafWAdqAFXDVpApO61ldtNLR4TwmxL1irL6nEO4E9pZTCWffZigddLmZEdFKoFI5eM4nhPlbe5yeJOjoKEn4QkQS_J_atkE8mBa7KMeGH3Ep69cBc2c9n4PNLXEJg9v6CmvQW1qOCapJfENZI0Nv4_oaLB09_I9EOfOC9rtLDAEn35VB5l8jkVz5HHX56lvdxaHBeWoKh13fPKAV6vrSqHvNIPiyaT_sWP7T0bl2sK556VKXM-nabwJCw2lMOQQyQYrF6fsqYTfNHmR6yBTc4PfJXVf6mzRjJh-jIkrnwaPiocFbZghSfJzo-sAKeaEEviQPzF6pxeAcspro4j71D63VqyCjMhPIA41OFY1fxcFYDsGHOqhW7RMvLM-xnfpQbTxPOy5rzhd057q7_boPUNMq9EmCXlLpmjyWpSmlvHQ1XOqST7to_c_Pe8QxcFZhHvVi__vRKh1OXSjojAY2ZS645kWFwjrOB9BZMdScge-dvTQCWB-alFIJ56C8v_GmGUphlCcfpKjeaMrF1rnM61lC7mLl2sI8-1q0mceUG4bxfubPVg2-Ljlb0uN9uV3UUlJ3NZqm45tw1yKKjkUvVpZA3PqPLx3qnMiSEa9WmLidVwfqE1925ktduza4Bfy5KUxoSoC5FBHcjncw_99joUtRb4jQ5JkqvKJZXDy96Av9DbYd5lTGFNpAIVQ4Uu7ZRL762VOn6SUPP1XFnAT_AO_-LfF3PQIUrRwWtYmCMfUl34K7HLi1IlP4vvX89KtQwlyvbYUUmIJjNt9bgbs1EbxLAxw-KaVqVfW-zNvDqJ4arqD5OBYfYIUsN7GFRIzIZfAdHs7daSbPbdpjickOHo5fvRslE9VKUpkgyombgGwyM1TOT6KKOZhcHFlnk2o0Y6Anpl7bMbrM-R-i9kKwqnLkNfKmXC26179XNF7FxTYrOXkujwLjBZrAucVOlzEAeNVyj6jSSyYVfpMVNAac3yKOk02cxeYSvn5vGQOz575bg9nSrxLRGquv6F50w1FRKdl5o47DR7Icc0Qnl0v8ZAwERKPkOmcZLMBJzElm1SMwuTvfL51HSxIsAOtudrP0mvpxI-SsVCaT6UP5pkJ85VQhgdQUvytDJU1jjN22HeBJ4egh86f2W1YDuALX_Cc6JRQlJunHv7xEM1W55wOA0nKG4FAwyDs2NI&cid=CAQSTgDICaaNQn7bsVXSHl8g_5Qmh_CJRGRdC8ffDprATTHhTLQf10k9hl-S5OWK_-XaQCkJamoX2HdtYaYcwSh9PcR8NZPYLEzZMxP66ICZhBgB&dc_eid=31079495&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.nirsoft.net%2F&ds=l&xdt=1&iif=1&cor=398752696034436350&adk=2923430907&idt=68&cac=0&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

609cf048b6aa91df56c11a306c563ebca0fe699da61fb3d2dcaef69799bc329b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1700545766&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2Futils%2F&ea=0&wgl=1&dt=1700545766536&bpp=1&bdt=496&idt=210&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6790167078447&frm=20&pv=1&ga_vid=1222120316.1700545766&ga_sid=1700545767&ga_hid=2130290256&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532604%2C31079266%2C31079628%2C31078301%2C44807764%2C44808148%2C44808285%2C44809057%2C318512602&oid=2&pvsid=3362615996112443&tmod=1234522195&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=213
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12472
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C68B
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
188 B

41ms
40ms

Image
image/png

142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3AThCB-1gYyJHW-gEwAQ&v=APEucNVuoBxCCpS0eQbF74FmUmxek9r5n4WHDoOQbZjw6__Q3E6iyjcxhkoRvSlzuF7KAWtU7giDNGpepJ0lT2-uJUuhuIZBUQ

Protocol

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 21 Nov 2023 05:49:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C68B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNXZTeipL8_FuFpGoSCVOQ&google_cver=1

43 B
732 B

19ms
19ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNXZTeipL8_FuFpGoSCVOQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3AThCB-1gYyJHW-gEwAQ&v=APEucNVuoBxCCpS0eQbF74FmUmxek9r5n4WHDoOQbZjw6__Q3E6iyjcxhkoRvSlzuF7KAWtU7giDNGpepJ0lT2-uJUuhuIZBUQ
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqLOy7mfXfA%2Fab%2BDmwn91nm8tOrlrHC6Wz0DCRxwKqaJS41rQANt2nekn3lD48n4hovDPUVqXDaLDlL0WsgjVOJX3yfQQ2%2FjhN08CqyLGsP7nWms9QvUqKviLlzASMCrs5oy9OVL0g9wvg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8296a6457bd68a8d-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNXZTeipL8_FuFpGoSCVOQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C68B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVxE52gGKmE3i6-0rL7xfQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNXZTeipL8_FuFpGoSCVOQ&google_cver=1

43 B
737 B

20ms
20ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNXZTeipL8_FuFpGoSCVOQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3AThCB-1gYyJHW-gEwAQ&v=APEucNVuoBxCCpS0eQbF74FmUmxek9r5n4WHDoOQbZjw6__Q3E6iyjcxhkoRvSlzuF7KAWtU7giDNGpepJ0lT2-uJUuhuIZBUQ
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cj%2B4LotKMKdIpmYDZY2xUg3nBXxhPQxN484kgcMnji6RDvv2nHmHJ86WYTWqIlUIc4MFlkn2ZLfeMsvLby%2FlPIsVt9zPhk1Uq%2BfodgCAtfN%2Bi8oIfEVyNtuC%2BMWvD3Qujc%2FcXuNmKpcEEg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8296a645cc108a8d-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNXZTeipL8_FuFpGoSCVOQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame AD8A 39 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:54:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 02:54:50 GMT

GET
H3 200 Ad1-728x90.html Show response
s0.2mdn.net/sadbundle/11751189510363883864/Ad1-728-90/ Frame 3EC3 6 KB
2 KB 41ms
3ms Document
text/html 2404:6800:4004:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11751189510363883864/Ad1-728-90/Ad1-728x90.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

166d2a5d45d0ae31ee9329464ff4d2e26fd14a595c384e0c103e5c00fc630ceb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 66950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2312
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 11:13:37 GMT
expires: Tue, 19 Nov 2024 11:13:37 GMT
last-modified: Mon, 09 Oct 2023 14:03:01 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 2A06 0
0 147ms
49ms Fetch
image/gif 142.251.42.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssnJBdOXjQxkAE6Hqk7a3600RPsz827pjQ1gXLnOQt0_xAW5y499F0bmSTuVrVtuVXFZqtjFWC2aqIZApxhzlP-oELoVVAAnKjccScTN5rgOd4pD8DYw2pqqVDYvanBBgej37uj4OU4RAYzO0e78EoGh1ruZs6FYLfUIozj5jGvQyqFtVZ43tf1hjpXVUeX2FAnwRy9YMfJ7w0xj3qYW-Uw8AY7Cxb4UuaMMa6VeY2tPcTJi4xefjlGNx42-QXNwZYlloP5xuN0MkmZNalrCDZLRXIUMZVXiygyec6-0uRqkq4T-NqNCNbvMYkaoGLHXTD3rhCEs4wVmZQbm0nPhFl9oGQAJAUP0cx0U2SV7Bg7zmcrW6OwOXPOhXmQI-SQTi5mmN0AoJur0F04G1iy_gMvSNqqMIi46yFMOonZyCUnCBURhhoXWbBycOfh7NTdcoKvhg-d-NnH2bv2dt4YUgUFajuoAdFBeuTqkfU-l7aeIEs1lTx1OLjC7iYydy_F1_SZWsICZi2y8xffZNyhZXqy9LhCRyagx9-VODpW6QOJ0VOfRbX1itri6H8_RpddSoqIdbIZpFVxcRfSJnRcvWJRZTHSdDuAsPUciZ8Q6eE1ucivQdiwa4RqidrmI4zjNUz3SKlUJdZlomJySsaHGMSpUyhg4vvm9Ep7ciP8m-2wHmzS7BtMSBCZzaw9ltnzm8bBYELgPQyLgvTts6ePzhu_0n0dnU0LF1YIJJP80XRnZxUf50PhlnIy4yP1ScS8nYrEbZN0RFuQV3neEfL-1AxMPQcDmhjbdrs8kGiMFKbkx5TvEQagpKmXctyH8Y4UKupcJSsCHnH8XJ1fFgXH5d7oidAvhv1C63XQueueYONiFOh1dIpONCnyE7r_EfW1sNyGVHuZLPJ9zVneL5jpVupml4EgRKrLgtVCP95ebuYG7ABVNeqkCtBogTCCimUt8mYq5XzL-wDJPKQB1eXzpW1Y5BoXfIZ-IGfBnySLx2ZgfqJ8FuVoMg7dNYkYT_QtBOxgewy6H3LBLuPtBmVOOKdEOTFiFcuGt_Bogt0lepEiXXkTdVkY3-OylMJvmBDEAhWD4TtBrE_av-JsegwwAiE5wZ5lxvRJMoP6p_4O88U8ocEZfCEucERisJelKtqtVWeJrcLiJe6Upkw_9MWvY16JJHR2cEXizASD_RE7VVMQmmxAiV6IaMIno5eWjKv4adcltV_4WXKt8zuI3zwZT_F-pCYvJkv4JRWQoKpCiBKN91d79dyr9USwF8rVWPtKzl7sJTL8AREoSUIPiPZOqfGI91XVR8g&sai=AMfl-YRAZxl-4-XpQ8IkClfIjBzpL0Fx486VJl7B2pa0EcU0RtKMZV_twZkOXoW7YzQ7NwLLmFW1sJy1-q-EAnhXTP9tkxRfMu5d7-olOMjYZ-H3k2v2vqO-Syg08m_Pn8mLfxjf4w8-z-EE6R3dnu2gjXIWhsuHc6ZnUw256adZHk7oNuFNi9qKlVlQQsiAY_dOFQIEWqqEhVo45KUpDl_rtkYG-FEikyIGCyP1i0aZmj2yG7r2ECyp3LJYbVNJBo2WLrNKOyiNiMRwcph3D5c65FwouN73cuom-Ovtb8MxQhM1fZMVsiisZ383mtABv5mupcvWwwIJFvgz0TCoyuP6ELWr5Cr_4UbtSW6vi54iWbddvp5XI_FZjLU2CSEmltb7ij9A-4bcE0LI7j665yiLZKw4Ft2hVJFexS7q4n-KQzyPtOn_naNDQu-FJK1rJsooh7LPxmDbPOm44rqU-XrYgKv7wHzywOfxNM3VG0xs9x4K-vXeKaX7fDWRei2v-6fEoi46&sig=Cg0ArKJSzPDj2Is9pWwTEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jb3N0YXIuY29t&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=81&cbvp=1&cstd=78&cisv=r20231109.96332&arae=0&ftch=1&adurl=

Requested by

Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 21 Nov 2023 05:49:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 160 KB
55 KB 84ms
84ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14829fc12a3fddd5b9d78e30efa5146e5993361de33e42f119b2f4de9123438f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.nirsoft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:49:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55804
x-xss-protection: 0
server: cafe
etag: 958910917490928034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 05:49:27 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 3EC3 236 KB
63 KB 41ms
13ms Script
text/javascript 2600:140b:1a00:19::17dc:44ad
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11751189510363883864/Ad1-728-90/Ad1-728x90.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:140b:1a00:19::17dc:44ad Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:49:27 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Tue, 21 Nov 2023 06:04:27 GMT

GET
H3 200 Ad1-728x90.js Show response
s0.2mdn.net/sadbundle/11751189510363883864/Ad1-728-90/ Frame 3EC3 8 KB
2 KB 2ms
2ms Script
application/x-javascript 2404:6800:4004:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11751189510363883864/Ad1-728-90/Ad1-728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11751189510363883864/Ad1-728-90/Ad1-728x90.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d235d0b09bcdfd06355640082ead2f9f31cc721390eab0d946cf0a3aa742e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11751189510363883864/Ad1-728-90/Ad1-728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 11:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66957
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2381
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 14:03:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Nov 2024 11:13:30 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 00FA 41 KB
14 KB 2ms
2ms Script
text/javascript 2404:6800:4004:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ANK6kWXP9oQiWt3uUBrWRr0JHIjrIn57p-f94T9UDODsQdB9mwJy5lq2RGioWROlHkha9nJwlj9BeUgOQ_63Ne6HHdgq6xApBjV1uQxXYXaTtvT_UptR5iFryArPfgE85QQ_ulAm32yoXvTFPWfzE0mwhDyUkfjU7YDs9-3YGHSYHoYys&cry=1&dbm_d=AKAmf-DIOZGdxMiASPR-XJszzApQJBGAMrzFNfRz5BoVruOo2YFAj0EbDHqc_7jJAyRsgIyJxbBUyUXJKKi6Sj9zs7LTxOWI8MA7UJ09YMAQV-GzRJwpNfvlu_Arc-c4zcc2pF14Dwe0J7D8405H4qSscFQ0JyQL8zzSmie6G0SAUNyUuoMgLL2nijApJkQuUFXT5XV3K7NS7L_hV6AUtFXG--Uz74e6ZBO8-GBKydqLvdOV8PJOPPNO-MOSIJC_p4mvXaKHO2licjqZIQo1Ql2mcRa_ECvuoR9iLIjzmMyBTQT5X_B2IRrKZXjwPUV5ucx9aofxL_PHQQQV_ci7Le0o3NdpEXZPGDMDnpeypkt-vXJ3EQ0K26BgdNx69TzLfCsj7x8Qz7DsjZ1_bDyV47_bbtqydnW59jd_nc8o75GK51cfrEnGPwWG6c3T1A8M-dMQzoe8yxI1p9L0DWS2vEeNVvs8QRfKPDmZlyrw90Hr3SKVXbok_j8Xh1FBeM4qvh6wOW-_bn1VHT7eePDoLo-Yqc11o_-uFVcTMJ1a2f4Ou4AUsMAy1KBJuIpbSln_fkagbujpAH3gYxuFRv09b58hBbYQegGGd5DSw_tGm4FTAqRX7H1f-IeX890HMIestfIilGcEnwgA4hjfaRJTHWJizV_swxc7BadcOypex70vJn_DnLMR1kg9jIHLXay50scUCI6CihP7_Ns_uR_fv4BGMHCp3OntnmjRr4Ubr1Lm_Xadvs9HjSmdHo-knFRpfo3g6ho4WLcFUhsBp5FPpeferPuD1BaXbdt5lMe5epL_B06AvlSdCnppB35wwTGGsMtZMKijefAObFIUHd-IPTWKXnbuJwmwZCM-7j2MdDRvShHFrtoiEY1WUw3MwUX-03R_mZa8HAh76E24jgYa45M8o8TDRBBPoveG2JMRRU23mZ7peQdsjj2OjrtxrLB_mDOE-suh7e-Cedia0FIMyNScYUo2lwJ7VE4GFttgrILEPTb6dRvfLQtoYEBRzGxVmC6MMEu9FJFJU8bjxblAeXn6AN9bARg8_rmfaYEgSE4HyNJ6FlcXFqeSch95ZNUM0uOFcak2QYeH-vl6HKi4JCEtlj8aSwnxtT1KNPJvMWdUhI77kCcf4GzZTqww2hwatP4WqixPwyuRycToJuh8UooXov32JQHQw7_FJypkd-bC5dGQlj9VPBsGEpniW-5cwaPiunq1702S7jeanYW9_ud1gjBxypU573YKea9EY4DBmQkEaWFkxjG3dCJo2M1BWiLD9hjeizkWS91mSdawy-HpvBa4thYM-eZ7OGLN_JVzjaaBOiQ8-9ozY54Im-00zEnxs2Zm9IPQsmUMZxyfsdct9nVn8M5YoU2qnki6aZjcJevRb-AB5qcJEn2Q4VjamvCy7B8sBQaYivYuThUGfP2LMHEHyKFDp656LphHEya8pOZwtNd4-BKQp8G0zERvzjsgQO-BXeYlW8A38yP_UNZGpfCb0zlYwwX_2o82dAPyrHwpGNQuHRoMPDmdvX0h3Zxp2ZEY0aCp2XRFu5ribUky_-hTIPUPrx9RdgUS4ceIjiOjDIpsJhASiEsyOwfhOcA7fik89Q1jMcjEXoTdZ2kxZ82D_MfL69-CVJxVcBPRvPl-G3aknzVBeoCe1I5ymbBbsyyG8as6RO1qkVWuHLvCxG-LIHpzFsY8dk9_YHILIYw1otgPOeQMeSKDV7SR7OxZpemA_fznaFPpNok3wzQcnxPdiV-gT54kDK-lyfPqhk-keJHvwSESSkQXngYChck36BkTsbNKgxFxkBDa2WolJxiihFzTHK_bazF28PTeBVv819c5EuE1D-aiN5FXv_h9Qw-hhN4wwOlHp_RwBgkFgO17Lcn2c71t8rXRrVWafWAdqAFXDVpApO61ldtNLR4TwmxL1irL6nEO4E9pZTCWffZigddLmZEdFKoFI5eM4nhPlbe5yeJOjoKEn4QkQS_J_atkE8mBa7KMeGH3Ep69cBc2c9n4PNLXEJg9v6CmvQW1qOCapJfENZI0Nv4_oaLB09_I9EOfOC9rtLDAEn35VB5l8jkVz5HHX56lvdxaHBeWoKh13fPKAV6vrSqHvNIPiyaT_sWP7T0bl2sK556VKXM-nabwJCw2lMOQQyQYrF6fsqYTfNHmR6yBTc4PfJXVf6mzRjJh-jIkrnwaPiocFbZghSfJzo-sAKeaEEviQPzF6pxeAcspro4j71D63VqyCjMhPIA41OFY1fxcFYDsGHOqhW7RMvLM-xnfpQbTxPOy5rzhd057q7_boPUNMq9EmCXlLpmjyWpSmlvHQ1XOqST7to_c_Pe8QxcFZhHvVi__vRKh1OXSjojAY2ZS645kWFwjrOB9BZMdScge-dvTQCWB-alFIJ56C8v_GmGUphlCcfpKjeaMrF1rnM61lC7mLl2sI8-1q0mceUG4bxfubPVg2-Ljlb0uN9uV3UUlJ3NZqm45tw1yKKjkUvVpZA3PqPLx3qnMiSEa9WmLidVwfqE1925ktduza4Bfy5KUxoSoC5FBHcjncw_99joUtRb4jQ5JkqvKJZXDy96Av9DbYd5lTGFNpAIVQ4Uu7ZRL762VOn6SUPP1XFnAT_AO_-LfF3PQIUrRwWtYmCMfUl34K7HLi1IlP4vvX89KtQwlyvbYUUmIJjNt9bgbs1EbxLAxw-KaVqVfW-zNvDqJ4arqD5OBYfYIUsN7GFRIzIZfAdHs7daSbPbdpjickOHo5fvRslE9VKUpkgyombgGwyM1TOT6KKOZhcHFlnk2o0Y6Anpl7bMbrM-R-i9kKwqnLkNfKmXC26179XNF7FxTYrOXkujwLjBZrAucVOlzEAeNVyj6jSSyYVfpMVNAac3yKOk02cxeYSvn5vGQOz575bg9nSrxLRGquv6F50w1FRKdl5o47DR7Icc0Qnl0v8ZAwERKPkOmcZLMBJzElm1SMwuTvfL51HSxIsAOtudrP0mvpxI-SsVCaT6UP5pkJ85VQhgdQUvytDJU1jjN22HeBJ4egh86f2W1YDuALX_Cc6JRQlJunHv7xEM1W55wOA0nKG4FAwyDs2NI&cid=CAQSTgDICaaNQn7bsVXSHl8g_5Qmh_CJRGRdC8ffDprATTHhTLQf10k9hl-S5OWK_-XaQCkJamoX2HdtYaYcwSh9PcR8NZPYLEzZMxP66ICZhBgB&dc_eid=31079495&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.nirsoft.net%2F&ds=l&xdt=1&iif=1&cor=398752696034436350&adk=2923430907&idt=68&cac=0&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 02:54:49 GMT

GET
H2

200

passback_160x600.js Show response
static.adsafeprotected.com/ Frame 00FA
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1712960/75657834/xbbe/creative/adj?p=APEucNU4MbeYv14VXKc5dTbGIOFxPmGs5C_kQB5sdRWXfvLPbJ4DVt4&d=CokBAKAmf-DRLDO-VdlseIBL1D1SEZANClJ19gnlTAPh5r9baAeeVZh5H_HdPro...
https://static.adsafeprotected.com/passback_160x600.js

3 KB
2 KB

292ms
129ms

Script
application/javascript

2600:9000:20bc:a800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_160x600.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1700545766&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2Futils%2F&ea=0&wgl=1&dt=1700545766536&bpp=1&bdt=496&idt=210&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6790167078447&frm=20&pv=1&ga_vid=1222120316.1700545766&ga_sid=1700545767&ga_hid=2130290256&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532604%2C31079266%2C31079628%2C31078301%2C44807764%2C44808148%2C44808285%2C44809057%2C318512602&oid=2&pvsid=3362615996112443&tmod=1234522195&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=213
Protocol: H2
Server: 2600:9000:20bc:a800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95e9b520e4fa4708a1c77240f74659b7964412a25f37c656cb1cb05cfed6b324

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1700545766&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2Futils%2F&ea=0&wgl=1&dt=1700545766536&bpp=1&bdt=496&idt=210&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6790167078447&frm=20&pv=1&ga_vid=1222120316.1700545766&ga_sid=1700545767&ga_hid=2130290256&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532604%2C31079266%2C31079628%2C31078301%2C44807764%2C44808148%2C44808285%2C44809057%2C318512602&oid=2&pvsid=3362615996112443&tmod=1234522195&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=213
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 11:10:19 GMT
x-amz-version-id: 8Lk6nwqXh6k6nfZmyjbOHVq75QkTtjZi
content-encoding: gzip
via: 1.1 87136170926d082ce5ff23d5ad5be32c.cloudfront.net (CloudFront)
x-amz-cf-pop: YVR50-C1
age: 499149
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:36 GMT
server: AmazonS3
etag: W/"e27cc778cdbd4fb2ab2c39d090d5c119"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: Ys0L5fyI8v7DscXDQF5J9dPcl-_NDvZnI5pnDyylw4eXd39HN5KU3w==

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
server: nginx
x-server-name: app02.jp.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/passback_160x600.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 8C18 91 KB
23 KB 329ms
118ms Script
application/javascript 2600:9000:20bc:a800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1700545766&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2Futils%2F&ea=0&wgl=1&dt=1700545766536&bpp=1&bdt=496&idt=210&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6790167078447&frm=20&pv=1&ga_vid=1222120316.1700545766&ga_sid=1700545767&ga_hid=2130290256&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532604%2C31079266%2C31079628%2C31078301%2C44807764%2C44808148%2C44808285%2C44809057%2C318512602&oid=2&pvsid=3362615996112443&tmod=1234522195&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=213
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20bc:a800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 19:12:12 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 87136170926d082ce5ff23d5ad5be32c.cloudfront.net (CloudFront)
x-amz-cf-pop: YVR50-C1
age: 6086236
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: EPGiT-DwtmKIK1pkVrhEBBjPktZYWqtqDhbKKQU_VgNo5XWoiDLhGw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 00FA 43 B
215 B 397ms
115ms Image
image/gif 2600:1f13:800:7782:75f2:caaa:71c1:5647
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1712960&asId=fad61a1f-157f-79c1-4813-c4a079fc7323&tv=%7Bc:uC6dsi,pingTime:-3,time:46,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:46,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWdKJIk+11%7C121%7C1221%7C123%7C13*.1712960-75657834%7C131%7C14,idMap:13*,rmeas:1,rend:0,renddet:IMG.us,siq:17%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1700545766&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2Futils%2F&ea=0&wgl=1&dt=1700545766536&bpp=1&bdt=496&idt=210&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6790167078447&frm=20&pv=1&ga_vid=1222120316.1700545766&ga_sid=1700545767&ga_hid=2130290256&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532604%2C31079266%2C31079628%2C31078301%2C44807764%2C44808148%2C44808285%2C44809057%2C318512602&oid=2&pvsid=3362615996112443&tmod=1234522195&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=213
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:75f2:caaa:71c1:5647 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 00FA 43 B
216 B 393ms
114ms Image
image/gif 2600:1f13:800:7782:75f2:caaa:71c1:5647
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1712960&asId=fad61a1f-157f-79c1-4813-c4a079fc7323&tv=%7Bc:uC6dsk,pingTime:-6,time:48,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:48,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B42~0%5D,as:%5B42~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWdKJIk+11%7C121%7C1221%7C123%7C13*.1712960-75657834%7C131%7C14,idMap:13*,rmeas:1,rend:0,renddet:IMG.us,siq:17%7D&tpiLookup=ao:www.nirsoft.net&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1700545766&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2Futils%2F&ea=0&wgl=1&dt=1700545766536&bpp=1&bdt=496&idt=210&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6790167078447&frm=20&pv=1&ga_vid=1222120316.1700545766&ga_sid=1700545767&ga_hid=2130290256&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532604%2C31079266%2C31079628%2C31078301%2C44807764%2C44808148%2C44808285%2C44809057%2C318512602&oid=2&pvsid=3362615996112443&tmod=1234522195&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=213
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:75f2:caaa:71c1:5647 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 00FA 43 B
215 B 388ms
115ms Image
image/gif 2600:1f13:800:7782:75f2:caaa:71c1:5647
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1712960&asId=fad61a1f-157f-79c1-4813-c4a079fc7323&tv=%7Bc:uC6dsr,pingTime:-2,time:55,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:626,beZ:627,mfA:630,cmA:631,inA:631,inZ:634,prA:635,prZ:638,si:643,poA:644,poZ:663,cmZ:663,mfZ:663,loA:674,loZ:676,ltA:682,ltZ:682%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:55,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B49~0%5D,as:%5B49~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWdKJIk+11%7C121%7C1221%7C123%7C13*.1712960-75657834%7C131%7C14,idMap:13*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:17,sinceFw:37,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1700545766&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2Futils%2F&ea=0&wgl=1&dt=1700545766536&bpp=1&bdt=496&idt=210&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6790167078447&frm=20&pv=1&ga_vid=1222120316.1700545766&ga_sid=1700545767&ga_hid=2130290256&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532604%2C31079266%2C31079628%2C31078301%2C44807764%2C44808148%2C44808285%2C44809057%2C318512602&oid=2&pvsid=3362615996112443&tmod=1234522195&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=213
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:75f2:caaa:71c1:5647 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame DE1D 9 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.nirsoft.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 81281
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 07:14:46 GMT
etag: 16674218716276178799
expires: Mon, 04 Dec 2023 07:14:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 8533 38 KB
13 KB 3ms
3ms Document
text/html 2404:6800:4004:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 10478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 02:54:49 GMT
expires: Wed, 20 Nov 2024 02:54:49 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Ad1_728x90_atlas_1.png
s0.2mdn.net/sadbundle/11751189510363883864/Ad1-728-90/images/ Frame 3EC3 64 KB
64 KB 4ms
2ms Image
image/png 2404:6800:4004:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11751189510363883864/Ad1-728-90/images/Ad1_728x90_atlas_1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbb7930cf111dc18dd2d6a4b7826c8cee96943ab29d03f12e2127db78d4575f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11751189510363883864/Ad1-728-90/Ad1-728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:01:07 GMT
x-content-type-options: nosniff
age: 434900
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65480
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 14:03:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 05:01:07 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 2A06 0
0 44ms
43ms Fetch
image/gif 142.251.42.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssnJBdOXjQxkAE6Hqk7a3600RPsz827pjQ1gXLnOQt0_xAW5y499F0bmSTuVrVtuVXFZqtjFWC2aqIZApxhzlP-oELoVVAAnKjccScTN5rgOd4pD8DYw2pqqVDYvanBBgej37uj4OU4RAYzO0e78EoGh1ruZs6FYLfUIozj5jGvQyqFtVZ43tf1hjpXVUeX2FAnwRy9YMfJ7w0xj3qYW-Uw8AY7Cxb4UuaMMa6VeY2tPcTJi4xefjlGNx42-QXNwZYlloP5xuN0MkmZNalrCDZLRXIUMZVXiygyec6-0uRqkq4T-NqNCNbvMYkaoGLHXTD3rhCEs4wVmZQbm0nPhFl9oGQAJAUP0cx0U2SV7Bg7zmcrW6OwOXPOhXmQI-SQTi5mmN0AoJur0F04G1iy_gMvSNqqMIi46yFMOonZyCUnCBURhhoXWbBycOfh7NTdcoKvhg-d-NnH2bv2dt4YUgUFajuoAdFBeuTqkfU-l7aeIEs1lTx1OLjC7iYydy_F1_SZWsICZi2y8xffZNyhZXqy9LhCRyagx9-VODpW6QOJ0VOfRbX1itri6H8_RpddSoqIdbIZpFVxcRfSJnRcvWJRZTHSdDuAsPUciZ8Q6eE1ucivQdiwa4RqidrmI4zjNUz3SKlUJdZlomJySsaHGMSpUyhg4vvm9Ep7ciP8m-2wHmzS7BtMSBCZzaw9ltnzm8bBYELgPQyLgvTts6ePzhu_0n0dnU0LF1YIJJP80XRnZxUf50PhlnIy4yP1ScS8nYrEbZN0RFuQV3neEfL-1AxMPQcDmhjbdrs8kGiMFKbkx5TvEQagpKmXctyH8Y4UKupcJSsCHnH8XJ1fFgXH5d7oidAvhv1C63XQueueYONiFOh1dIpONCnyE7r_EfW1sNyGVHuZLPJ9zVneL5jpVupml4EgRKrLgtVCP95ebuYG7ABVNeqkCtBogTCCimUt8mYq5XzL-wDJPKQB1eXzpW1Y5BoXfIZ-IGfBnySLx2ZgfqJ8FuVoMg7dNYkYT_QtBOxgewy6H3LBLuPtBmVOOKdEOTFiFcuGt_Bogt0lepEiXXkTdVkY3-OylMJvmBDEAhWD4TtBrE_av-JsegwwAiE5wZ5lxvRJMoP6p_4O88U8ocEZfCEucERisJelKtqtVWeJrcLiJe6Upkw_9MWvY16JJHR2cEXizASD_RE7VVMQmmxAiV6IaMIno5eWjKv4adcltV_4WXKt8zuI3zwZT_F-pCYvJkv4JRWQoKpCiBKN91d79dyr9USwF8rVWPtKzl7sJTL8AREoSUIPiPZOqfGI91XVR8g&sai=AMfl-YRAZxl-4-XpQ8IkClfIjBzpL0Fx486VJl7B2pa0EcU0RtKMZV_twZkOXoW7YzQ7NwLLmFW1sJy1-q-EAnhXTP9tkxRfMu5d7-olOMjYZ-H3k2v2vqO-Syg08m_Pn8mLfxjf4w8-z-EE6R3dnu2gjXIWhsuHc6ZnUw256adZHk7oNuFNi9qKlVlQQsiAY_dOFQIEWqqEhVo45KUpDl_rtkYG-FEikyIGCyP1i0aZmj2yG7r2ECyp3LJYbVNJBo2WLrNKOyiNiMRwcph3D5c65FwouN73cuom-Ovtb8MxQhM1fZMVsiisZ383mtABv5mupcvWwwIJFvgz0TCoyuP6ELWr5Cr_4UbtSW6vi54iWbddvp5XI_FZjLU2CSEmltb7ij9A-4bcE0LI7j665yiLZKw4Ft2hVJFexS7q4n-KQzyPtOn_naNDQu-FJK1rJsooh7LPxmDbPOm44rqU-XrYgKv7wHzywOfxNM3VG0xs9x4K-vXeKaX7fDWRei2v-6fEoi46&sig=Cg0ArKJSzPDj2Is9pWwTEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jb3N0YXIuY29t&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=289&vt=11&dtpt=208&dett=3&cstd=78&cisv=r20231109.96332&arae=0&ftch=1&adurl=

Requested by

Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:49:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3CB9 448 B
216 B 44ms
44ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3AThCB-1gYnI_W-gEwAQ&v=APEucNUtn2BOY63lGvbZ7Vzaqk2ZNuxKCcyzW46kSr0-6L4_wka3YKyZoOiW2NhoEhLNq1DZ9xosB1tnAAzGsaSUAqnK31G6jg

Requested by

Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 05:49:27 GMT
expires: Tue, 21 Nov 2023 05:49:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame D898 111 KB
39 KB 2ms
2ms Script
text/javascript 2404:6800:4004:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:808::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12253
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 02:25:14 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame D898 7 KB
3 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:54:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 02:54:48 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame D898 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 02:54:49 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame D898 41 KB
14 KB 2ms
2ms Script
text/javascript 2404:6800:4004:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 02:54:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D898 3 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 03:56:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 03:56:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D898 20 KB
8 KB 3ms
2ms Script
text/javascript 2404:6800:4004:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:54:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 02:54:48 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D898 202 KB
64 KB 56ms
55ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 05:49:27 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D898 42 B
63 B 40ms
40ms Image
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BhutLlUJ9-CatpTkB607fSx8m5k_uK4gQG7f6A9bKlxKDMjDXc2MtbKdCNunuW4d_q2CZlTAZtb8pQpMWDXJNOkMAOIUlTNz7vRK64KyBPOM5tUKk

Requested by

Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3CB9
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=NDk1ZTNkYjIwZDZmYmU4ZTM0NWRiMTUyNTNkMDAxNjM=

170 B
188 B

41ms
41ms

Image
image/png

142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=NDk1ZTNkYjIwZDZmYmU4ZTM0NWRiMTUyNTNkMDAxNjM=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3AThCB-1gYnI_W-gEwAQ&v=APEucNUtn2BOY63lGvbZ7Vzaqk2ZNuxKCcyzW46kSr0-6L4_wka3YKyZoOiW2NhoEhLNq1DZ9xosB1tnAAzGsaSUAqnK31G6jg

Protocol

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 21 Nov 2023 05:49:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=NDk1ZTNkYjIwZDZmYmU4ZTM0NWRiMTUyNTNkMDAxNjM=
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3CB9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNXZTeipL8_FuFpGoSCVOQ&google_cver=1

43 B
735 B

14ms
14ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNXZTeipL8_FuFpGoSCVOQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3AThCB-1gYnI_W-gEwAQ&v=APEucNUtn2BOY63lGvbZ7Vzaqk2ZNuxKCcyzW46kSr0-6L4_wka3YKyZoOiW2NhoEhLNq1DZ9xosB1tnAAzGsaSUAqnK31G6jg
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZG5Sz7xfPFa%2FFWs6hR6J%2BDEgoGCC6p6qYhe3btLsVpXEfwuB3PlI3zii7Ls2NpM%2FXMSDFCPkhCJ2J9R19yO48saxBcr3yWoJSatr0HkaeJhwmkBNStVG%2FVdbLwPIV1VtdbHlkkvui%2BbYyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8296a6476d308a8d-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNXZTeipL8_FuFpGoSCVOQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3CB9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVxE52gGKmE3i6-0rL7xfQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNXZTeipL8_FuFpGoSCVOQ&google_cver=1

43 B
729 B

15ms
14ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNXZTeipL8_FuFpGoSCVOQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3AThCB-1gYnI_W-gEwAQ&v=APEucNUtn2BOY63lGvbZ7Vzaqk2ZNuxKCcyzW46kSr0-6L4_wka3YKyZoOiW2NhoEhLNq1DZ9xosB1tnAAzGsaSUAqnK31G6jg
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ssJEeI1OqUmg5idYTEElR8GSB4ehPzObOIPyT%2BG4YrCTx1dtj4nfCDenkHkbjo2eyvyAbKsoXn6mfamckBW6cRKDLsRde82R4r7PXotn2P3GsUow%2BvhUsWmE20ZBhBTzo37uKP2mWtjLA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8296a6478d478a8d-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNXZTeipL8_FuFpGoSCVOQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 8533 39 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:54:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 02:54:50 GMT

GET
H3 200 Ad9-728-90.html Show response
s0.2mdn.net/sadbundle/2826002408087640599/Ad9-728-90/ Frame C4E8 6 KB
2 KB 4ms
4ms Document
text/html 2404:6800:4004:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2826002408087640599/Ad9-728-90/Ad9-728-90.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f3175bf0188a834cd7ea07916d3172e99792bcd6b4b0d2de993be9ea3c00fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 434198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2313
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 05:12:49 GMT
expires: Fri, 15 Nov 2024 05:12:49 GMT
last-modified: Mon, 09 Oct 2023 15:48:58 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame D898 0
0 53ms
53ms Fetch
image/gif 142.251.42.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsu4vSdrv57YS7zVwZsBKuKMxOHVtUki-iSq3jtXft5Mik5FJelHzjU6EL4WtRPL3Y9wTxtNiIJYaQ5KIh4MzYNY-3a2Ss123eCPH2QPFfcvj5Clg7TIp58b7GIEWvdo-SgJnFJupbVDScVGVkwHkVabjQ09TEtjxdo3eup7_M2UkzframJSSC8HCYCq27hALAEZyi6mwdn1SKG3PFSlKp-LNo5nMnnT7s8dv65Z-PDSjfhZ_7Hq4Rd57cAwV_9HWh7rLTY5MjIw8xZPs6FpuSurkbKWMvBI-7r7rekuoZf5KBEjndweyRmKFq6Fumc2uW0XHaGbo00U3nNmlSPSPnVZQaD_em56yatxizIfJYEsdpjC71LIGdxwfdg4DEYgtexrcTnnjGeakqgRQAeWC57m9jzyb1dE4FadtXnUS_5zIXN_UA2bSRTei7rmOZmS7vq_lvl7nm0S_gpfkq8lLNxnsU2P5LqUeDFwYEimUvt609C_tP8ZzQmeR38_16jWj4B-x7VKlwGBcG1oCGnOaHADVybk-Dnel7pWt1z4hnA9re1BOUb_7ZGIshd82DsU3L0Ar_p5JMFXUWMtKH8ua6kXijFP1rv-VUHZOmHJCx79ov-kXpO-odi-x2xuchhq4RKPRRxnJ1t9Ro3BT2ONGF-nvLREyu1xVaSK-YeFghpVknzBTbyCQB-N-5nykko_RFqQVaT6ACTjuaTdhFIYJz6zjoxMb1KB1af2XUPdAGloI2uZsoGHh6IJGLLe95fAF28wdobC6PJgP78v5MdqG0JuI2Ukk5iOkUw4u2ep2EXD8hZD4JX8ndhqUf5ZqEAqH3UFqD3MPDGWfzxRqUog7eFuC5BsAubrclW3QEdNNQw7igL1atGdjVBvWjDwJ8QGBRQUGysk16mhCutmaY8tVu0Jli7YG7F0sOyeG0AT7NycwOaSmlCN5lqhq11Hd5ZPl966yZxUeaZb6lQGIY5V6yqaBNsc5gJpShbsmKj3OmjEzn1FWuJMXuWQSXFGlzB-tSAFSIrn6Av4-8Mmnjddfr329wgR9bCGV-ANjxWHZZgIa7LVxfNACf-3l-CnQQW088b_Co2IWZ8XtxtkTMFuvnq9jBA7e2-hFITtv7yKjilBL98qu7elhuJcWLNfoHi2sx7EsF7UewCO0cezzVcQfoW-XHK1fOMWWqtX2D5scUoyPyJ-OjxT5dP9vITLCMColT34yYYkFwkycQCa4sxp78Rdi-v_Obr0ceBUS34Eju786r0gxjxRYoHhksGpTCQo7wxxBk86e7OepCuy8jCHJIxzB0ntbinebBOEKj33ZABIESGn8a0MJ-9dIpQ&sai=AMfl-YRFLB25Z3V-lUEEz-w8DSVT2RNIepYuJt5IE_ARqrLx254iWnendViItzOND1iWUDkvPo483nBDeD2ok2KdUgjmaY5u3KvanqseVo-Q9WoC7dxwLaLJNguLHatI3adL2fdJYCpW6VqeQk5IODUNT6xB2RjXn62VtaIFbwUuy1VQZP6ZvAnwfY4xu16xfrCTVraDVTor0fMwSSJgMC2pboAPTuuenMQ_QAoiSgjqCOmpWpjZcPCNoOCKt9qbwksxmPN2rW41ZMdpm5cbrXmGAcZGnBeGL0HtXFglmogz5igw4wAKpAe4MxpYaM-FJv-tdQ4eNJI_1x23a2cFV-JGM9LjkOzTNmVHQTkKAzkl7Sm9sw3USa3AZy570GhlIYAWPA7BCVByojxdEm0sIDok7roVDiB4XN9T8OFetlKTLzhSBkocn76bqWlK12Bh3OhD1Mg2ITE6LyH-Qk0h7wejqPpwmHBGCAgTKs-a8CRiIBOQGK34DvZ3Ne1xrPaKH279EPIGpNWK8m8&sig=Cg0ArKJSzPlHvFfYaLo8EAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jb3N0YXIuY29t&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=60&cbvp=1&cstd=59&cisv=r20231109.79823&arae=0&ftch=1&adurl=

Requested by

Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 21 Nov 2023 05:49:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D898 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5849b6bfdfd652f15772a44d253a051938d4e62caa3d30a07809b2111c507f82

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 70F4 38 KB
13 KB 2ms
2ms Document
text/html 2404:6800:4004:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 10478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 02:54:49 GMT
expires: Wed, 20 Nov 2024 02:54:49 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame C4E8 236 KB
63 KB 12ms
12ms Script
text/javascript 2600:140b:1a00:19::17dc:44ad
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2826002408087640599/Ad9-728-90/Ad9-728-90.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:140b:1a00:19::17dc:44ad Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:49:27 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Tue, 21 Nov 2023 06:04:27 GMT

GET
H3 200 Ad9-728-90.js Show response
s0.2mdn.net/sadbundle/2826002408087640599/Ad9-728-90/ Frame C4E8 11 KB
3 KB 3ms
2ms Script
application/x-javascript 2404:6800:4004:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2826002408087640599/Ad9-728-90/Ad9-728-90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2826002408087640599/Ad9-728-90/Ad9-728-90.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60c82f984270443760c4ac62b3b1f76eee063c4e971addbc448503f081d3b3dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2826002408087640599/Ad9-728-90/Ad9-728-90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 290435
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2820
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 15:48:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Nov 2024 21:08:52 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AD8A 0
20 B 42ms
41ms Image
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BDyAL5kRcZd6LL9uggQPovb7ABwAAAAA4AeAEAg&bg=!HxylHFPNAAZxrfrxUa07ADQBe5WfODESPp1s1gKNF6YC_wMnBhzEMBSvj7Gl-qTXluflzE-NmXa_KQ4zc41oIZuTqaRXAgAAARRSAAAAAmgBB5kC0SgIJBJUH3BXjx4Xn4FICBlDeah1g_pvUa0RpQRbSllKrIL9twd2MxwSwhEdAcXmgqav6-ItaObkZnnrb-LZcmXmcDuEO-cQ7CVEfLjVlo5Ke9NNzsOqv7suDirVDjDmTAz7J8XidBEzjXiLBrpjqRay4RZIDSTuAfihmr0CTQjsULRRbs5qJhK7GTfh1u2U2w68A1MryzbrpXjU_Fj90G51vpHqiRMrXuQGCbIH0DyB2A9mxTvnET7MkHsEPrA194RxqO829akeinvTGN3ngibuv6wROn2GiowRMBC46DwYlguApCQUv-WmyR1z1h2F0kt85KJxQ1Rw6Hi8tPabj7zG2ykt1d_sDOETViqbPLjtcDbKV4AjsAHKlc6dTEwILGK8XlulMs6YpdOYVR62dW0FGY9VX7kvaMid_Xm-fBI1Lc9EpxNVlTmKTPqOkaMymgL7qLLX1dF369FWB4nrhTB6ixjx1BMopWNgyyihfiVgqwsDjdWNd6ppPGu1jpNaknq8scSwfO0DFbk-7-iY_mpV9Zww_7hc8gm1ILvnl-V92bZNHKqOU0ZmqKNIZ5OYZ7QTb-_uu_voxXPC88O0RoKajnDTVwZFxN-rIQwtgfV64cFX49aIC373RegovkEpZS-cP_znLezLkleJh6ODDMzFnqC0_MQpymfw7NTgbP2vd03H8lIm55aQ_VnO08vhUM-LkYVTDX5y8CQhn9cPiI2lqVrQQJS4nb4vMZhscJgH3hRgjjpxft6QgL4v4YWaeegcAlKhf9VIwnRMCt_Ea2IbFs5DY6gBZJzT3ylixNGE3X2E38aW1YoSsHlUzcxlapjoM9FGTDNrJUlSL3hq0Vyds4CEnv6RBwTwmOFufWEscYI0NCbDWvofqLgT0OFmfJUKD_5lsWpJJlRS_mWOE5CwEJIB7aK6WHXkyDOHjKeB28n-NQ01akQ6O9f8wuycEY4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 70F4 39 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:54:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 02:54:50 GMT

GET
H3 200 Ad9_728_90_atlas_1.png
s0.2mdn.net/sadbundle/2826002408087640599/Ad9-728-90/images/ Frame C4E8 77 KB
77 KB 3ms
3ms Image
image/png 2404:6800:4004:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2826002408087640599/Ad9-728-90/images/Ad9_728_90_atlas_1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26268c2c58fda81a27e2ac078e181341dae945b7003154049bea7e1c710a3b12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2826002408087640599/Ad9-728-90/Ad9-728-90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:16:41 GMT
x-content-type-options: nosniff
age: 549166
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78781
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 15:48:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Nov 2024 21:16:41 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame D898 0
0 41ms
41ms Fetch
image/gif 142.251.42.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsu4vSdrv57YS7zVwZsBKuKMxOHVtUki-iSq3jtXft5Mik5FJelHzjU6EL4WtRPL3Y9wTxtNiIJYaQ5KIh4MzYNY-3a2Ss123eCPH2QPFfcvj5Clg7TIp58b7GIEWvdo-SgJnFJupbVDScVGVkwHkVabjQ09TEtjxdo3eup7_M2UkzframJSSC8HCYCq27hALAEZyi6mwdn1SKG3PFSlKp-LNo5nMnnT7s8dv65Z-PDSjfhZ_7Hq4Rd57cAwV_9HWh7rLTY5MjIw8xZPs6FpuSurkbKWMvBI-7r7rekuoZf5KBEjndweyRmKFq6Fumc2uW0XHaGbo00U3nNmlSPSPnVZQaD_em56yatxizIfJYEsdpjC71LIGdxwfdg4DEYgtexrcTnnjGeakqgRQAeWC57m9jzyb1dE4FadtXnUS_5zIXN_UA2bSRTei7rmOZmS7vq_lvl7nm0S_gpfkq8lLNxnsU2P5LqUeDFwYEimUvt609C_tP8ZzQmeR38_16jWj4B-x7VKlwGBcG1oCGnOaHADVybk-Dnel7pWt1z4hnA9re1BOUb_7ZGIshd82DsU3L0Ar_p5JMFXUWMtKH8ua6kXijFP1rv-VUHZOmHJCx79ov-kXpO-odi-x2xuchhq4RKPRRxnJ1t9Ro3BT2ONGF-nvLREyu1xVaSK-YeFghpVknzBTbyCQB-N-5nykko_RFqQVaT6ACTjuaTdhFIYJz6zjoxMb1KB1af2XUPdAGloI2uZsoGHh6IJGLLe95fAF28wdobC6PJgP78v5MdqG0JuI2Ukk5iOkUw4u2ep2EXD8hZD4JX8ndhqUf5ZqEAqH3UFqD3MPDGWfzxRqUog7eFuC5BsAubrclW3QEdNNQw7igL1atGdjVBvWjDwJ8QGBRQUGysk16mhCutmaY8tVu0Jli7YG7F0sOyeG0AT7NycwOaSmlCN5lqhq11Hd5ZPl966yZxUeaZb6lQGIY5V6yqaBNsc5gJpShbsmKj3OmjEzn1FWuJMXuWQSXFGlzB-tSAFSIrn6Av4-8Mmnjddfr329wgR9bCGV-ANjxWHZZgIa7LVxfNACf-3l-CnQQW088b_Co2IWZ8XtxtkTMFuvnq9jBA7e2-hFITtv7yKjilBL98qu7elhuJcWLNfoHi2sx7EsF7UewCO0cezzVcQfoW-XHK1fOMWWqtX2D5scUoyPyJ-OjxT5dP9vITLCMColT34yYYkFwkycQCa4sxp78Rdi-v_Obr0ceBUS34Eju786r0gxjxRYoHhksGpTCQo7wxxBk86e7OepCuy8jCHJIxzB0ntbinebBOEKj33ZABIESGn8a0MJ-9dIpQ&sai=AMfl-YRFLB25Z3V-lUEEz-w8DSVT2RNIepYuJt5IE_ARqrLx254iWnendViItzOND1iWUDkvPo483nBDeD2ok2KdUgjmaY5u3KvanqseVo-Q9WoC7dxwLaLJNguLHatI3adL2fdJYCpW6VqeQk5IODUNT6xB2RjXn62VtaIFbwUuy1VQZP6ZvAnwfY4xu16xfrCTVraDVTor0fMwSSJgMC2pboAPTuuenMQ_QAoiSgjqCOmpWpjZcPCNoOCKt9qbwksxmPN2rW41ZMdpm5cbrXmGAcZGnBeGL0HtXFglmogz5igw4wAKpAe4MxpYaM-FJv-tdQ4eNJI_1x23a2cFV-JGM9LjkOzTNmVHQTkKAzkl7Sm9sw3USa3AZy570GhlIYAWPA7BCVByojxdEm0sIDok7roVDiB4XN9T8OFetlKTLzhSBkocn76bqWlK12Bh3OhD1Mg2ITE6LyH-Qk0h7wejqPpwmHBGCAgTKs-a8CRiIBOQGK34DvZ3Ne1xrPaKH279EPIGpNWK8m8&sig=Cg0ArKJSzPlHvFfYaLo8EAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jb3N0YXIuY29t&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=157&vt=11&dtpt=97&dett=3&cstd=59&cisv=r20231109.79823&arae=0&ftch=1&adurl=

Requested by

Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:49:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8533 0
20 B 42ms
42ms Image
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Brn4c50RcZeWTD-mPpt8PxLO-sAcAAAAAOAHgBAI&bg=!PT6lPnHNAAZxrfrxUa07ADQBe5WfONQuoHGXi-Nt0f6izSsfmk6z2SeX-EED1zB-OFjoQ3K7kTViBx_Gjjsz1oqwo7kVAgAAAI9SAAAAAmgBB5kC5P2ThYgY71skvi0QRZI1-xX0K4z0dsh2naLFGMRNV88ZIckhFY9nOsEkoowZQe3urXKfrsTnLGHRn013sJ449PNSVESEuRHSf1kPNVP1o7b44-7rGJy49FMdj2_NtaefTGcVKFKap9iE4J0NJZK9cfs3fizhAS0pgNG3rIySP-p9MUxSSYXnbQUqXFLothTJdgcpTMsmVylQ-Cx6TfU6jmnKRzpYuf_m-ZT2PdUwfaJoaXA4-H0WYKbIhKLnP2A9F181frD7GNgFBXOVRiAPI02jkTuzKSEjzLf8tS9uhb2tQhxmm83mNdtaxIx_qYh--i6PwskO2P9GY0zW-HyYjsEk7fj76rAniKXpzPhISyIGFcnv_FHVubNiMVJP1EmtOcYQUUr3XpTcvJwGWTPR-LryfiN1tnurbRj1gHaPrPWH_c5M4JwiFSYWXfTo7YEt1WryFUueM6cP7c6TjEXA8qYkBP8zaKkf8kgBS709O1csMgJiBZxoTF-zatElB1grX39N8jdVRsy8ko0V2YCrxe8CGNLQeZFzz9WaVrlQk5sfgp-zuqjji1UYnJ17DUPEit6NUucvDCKsAPolmQn6xnxGd7I0EQ1tX9KB299h1-TXmzbWob4OoGmRjDTyqyLcjoujbKkzAGyaFENajtI1T0T9MfN34YZmEAZqoEQZGL4imuSXyXjmzhmKgn_bP3FymDe-0DHdgEW7TovOhksQluwphjFYT58aBZAcKLp6qpf2cw9TvQ90NUWKiiaODQJ_IfDiTCT2ICOtlx55GlW-uGZS0jgL2906H5ps9W74-2FFmY-6IjdYKoThBWWsXjbZ-Dp9OTA4PqcdTuJJZDu3daS024GuCm_gpuTEvcjmKmXhuc1yx2SLxY_Is85YkSn68fBVq5C6T9ocEIDh6c8majF2tWeKjGA5KjA1FVG5o3hfO9Khxg8iF3U8vJzOw1iglVPzAYMx2bCjxeSY6NPUXL8IOuoe

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 70F4 0
20 B 42ms
42ms Image
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B8doA5kRcZbP3MbDM7OsPyvSNwAsAAAAAOAHgBAI&bg=!3N-l35DNAAZxrfrxUa07ADQBe5WfOL9zd3JTanZwpK67S2ju11vDEV2wxrsrENFl69VK9MREaMdTZkAq8zp1O7t2VcGtAgAAAFxSAAAAAmgBB5kC-IcMh-4TAaG3u7PyYcPvjN1OLx4Wg9BQis4wjUqKd7uYA_lBoxYYP-KSpUSU-gkM-m-LXWS8jELIhZOh4mISmvzPVRpRxXHNjW0D9NAnR7QLBoWHoFyUiNHY0SWwMsBkBRc9sxl3ti6CMCE4BPZnVskUOgW6xfUy0X7AJXL9_sbZ1A3PyY5FQvWLBINy7qR1jKipDEMXPf9wFWAea9RWDS9dSONFWOq2_xoyNvqkH8Ry82twd1MlsOEHMhd9F3l4jFZj_HRLITqQtEqbXY5zFd7Lz2xDubue5iJFr9X-ftGYKA0MRYoNOkGYs3cO5qeQF1tnpFKWmKPis90oQ4Mu9gZ3mLxDZ5tbHDQHC8YXa21ayOfKpvGXmqbHHdT905enmy1rqHd4OVlXqIoGdaBcy3gcSQon5qXuPEFR7LgGKdLJNtllcRlM5n6WO8RezgLlUbanthN99liD5THfVuq41XT9Gr_uMZNW7e77CaQKDHB8_6AAczTICYvTL3P2exUfYlsc-GWwiI8bAAEMJ5uRPcZgLj3vZTXc3ZVEF0pSALF2hhOsB8QWbabqbo2PBv6C6qMX61Z9uGUiphF3k9ziMtYj774mCF8pHLIJ_5WtlT6zY-itbi_HYwtZqlna6f4bp4TPzsUnpBc1oKRfEp_NqsYNAyiTvADOMeH3yCE9mp5gY4uUVW8jgF1uSPRKRp_cTQ0HPNfoIQRAIzqveQexS_y-6RWR5N4YIHr6rV-OpAHB2l8gr0xl0BDB1T3aoelx7IQEn-FCX_zLskXwtAYbQPdR_1QiegAtJ3O4sPYAnD67MG4_Xbr5MX6LHt3nFP36Q9ghPPCbTsXctxrfWaIy5T1e9vtaYZzSh9VbkID3-qkBS7eRKt7AuYR00TpjVlpyur3svcksQr8VeJNrjTaO4TQxuSXCTYt40fTF8OpT2a-tYnXWkY7JflYwIRNRqbm4oCCw5672RauqYEPGIhLrrbdumrQOS3tkPgopkTZOtuI_Xu2Nr-5k4HQ

Requested by

Host: www.nirsoft.net
URL: http://www.nirsoft.net/utils/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 IAS_PassbackAds_160x600.png
static.adsafeprotected.com/ Frame 00FA 16 KB
17 KB 105ms
105ms Image
image/png 2600:9000:20bc:a800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_160x600.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1700545766&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2Futils%2F&ea=0&wgl=1&dt=1700545766536&bpp=1&bdt=496&idt=210&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6790167078447&frm=20&pv=1&ga_vid=1222120316.1700545766&ga_sid=1700545767&ga_hid=2130290256&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532604%2C31079266%2C31079628%2C31078301%2C44807764%2C44808148%2C44808285%2C44809057%2C318512602&oid=2&pvsid=3362615996112443&tmod=1234522195&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=213
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20bc:a800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13340dfc25a96d245772fb41c7aa01c32723b80d8dd8240864b747610d2ff745

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: Ax9g4_p37qT.TuZCPzwZssuxM41dY1J7
date: Fri, 17 Nov 2023 01:48:12 GMT
via: 1.1 87136170926d082ce5ff23d5ad5be32c.cloudfront.net (CloudFront)
x-amz-cf-pop: YVR50-C1
age: 360076
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 16777
last-modified: Fri, 18 Feb 2022 23:28:48 GMT
server: AmazonS3
etag: "eef84d4a7321b73260b41707db98756f"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: F90DVygWgFflQ_7TPhgT60nBCfzp45eUEaIwZNkMX_6mjatwrx7OyQ==

GET
DATA 200
OK truncated
/ Frame 00FA 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffdbaf2f70858164c6684da8a57affe4f726626afbe0c5d3b4c42da700ab572d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 95ms
57ms XHR
application/json 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b63d06f7d93a06e463645d24e5b41944e085cb28c37afb64717125109515f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.nirsoft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:49:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12498
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 00FA 43 B
215 B 115ms
115ms Image
image/gif 2600:1f13:800:7782:75f2:caaa:71c1:5647
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1712960&asId=fad61a1f-157f-79c1-4813-c4a079fc7323&tv=%7Bc:uC6dAl,time:545,type:e,im:%7Bpci:%7Btdr:505%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:545,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B539~0%5D,as:%5B539~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:399,fm:tWdKJIk+11%7C121%7C1221%7C123%7C13*.1712960-75657834%7C131%7C14,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs,siq:17,sis:378%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:75f2:caaa:71c1:5647 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:27 GMT
server: nginx
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 61ms
60ms Script
text/javascript 2404:6800:4004:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.nirsoft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 05:49:28 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 00FA 43 B
215 B 116ms
115ms Image
image/gif 2600:1f13:800:7782:75f2:caaa:71c1:5647
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1712960&asId=fad61a1f-157f-79c1-4813-c4a079fc7323&tv=%7Bc:uC6dCr,pingTime:-10,time:675,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNTQwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE5LjAuNjA0NS4xNTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1700545768051%7C%7C5c4d107f34c298722374f42f5c07f144%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7Cd93cdcf2dfd91d911243bb14792ce454%7C%7C61030c48b327b85f25fa203821346159%7C%7Cfd9926130d3954a1215527587ea41298%7C%7C15f3f1e0c8d47aa25ef6333f9791d8eb%7C%7C272b1a69ca484d8ed7bad9ac4712df12%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:75f2:caaa:71c1:5647 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:28 GMT
server: nginx
x-server-name: dt20.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9669 13 KB
5 KB 3ms
2ms Document
text/html 2404:6800:4004:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.nirsoft.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 6763
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 03:56:45 GMT
expires: Wed, 20 Nov 2024 03:56:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 951B 829 B
560 B 42ms
41ms Document
text/html 2404:6800:4004:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

da87377228407711c9e4238c6069401ddb9ee4110329777856430bd0ab514746

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-I8hNtcYxBUK3AbrsXP1W5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.nirsoft.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-I8hNtcYxBUK3AbrsXP1W5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 05:49:28 GMT
expires: Tue, 21 Nov 2023 05:49:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 9669 39 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:54:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 02:54:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 951B 0
0 36ms
36ms Image
text/html 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3362615996112443&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9669 0
10 B 2ms
2ms Image
text/plain 2404:6800:4004:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BDTswQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:828::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:49:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2A06 42 B
64 B 45ms
44ms Fetch
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstd-5eHYozoW7kJZLeEodye1rNXcagZpsKtpPSTBp-Zmg8hPrscCJ5G5lgm3xIskXBizynw0cChpm56BPUtvRFHyUF5WB7Le4V9smZ61wtnyyUbT7IA5Ik91t7UyUipemj3cwQJ7l7PXA&sai=AMfl-YQa01jdTvS6Vd9aDt5polJOm_qh4b89kPEH83N7Czgzx9Hzw65UYV9MR4-RIbDXPizzROwlNShaMs-W6a6C0pXCJvPrl2gQLwWgAyuB44WfRFuPTLrBeNdOtO4DG4vE5M-QzQRLSD1AkFTRX6Ju&sig=Cg0ArKJSzPj734ZPerMeEAE&cid=CAQSTgDICaaNsgM-mdI75U82pe1Rz6JblvBphGRQyc3m3hUqvb9RZ3XhCya_v3GTo6GLDGaTLjmrl6Mxz4mSSgdBIJFWb8NUlpoO0tLOOk6Q9BgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1349428559&rs=2&la=0&cr=0&vs=4&r=v&rst=1700545766741&rpt=845&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
44ms Image
text/html 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3362615996112443&bg=!PT6lPnHNAAZxrfrxUa07ADQBe5WfONNiXphaCh66_2r2UCgSWl4E2URGHQl8k25ObYjbRT0lGhHEWoGKAtKt6vc7fTHaAgAAAE1SAAAACmgBB5kCrNxo5gObnULD5SNWqOsEX4pfY0Iu5DPRsBvclPjFDjUj4iNN7MWlnpi7v87z2PgqJg-XNXKd6tkga8E7hVlMFs_h_MKJoR1AzNTkjEdg5ykprriQ-2p-9DMzr3P_9ywvSszCQtV6RNFPVeuITQd1QxmbiqTcrG_vdAGF3GbDLDcIbUeSckZCUtrcq5dUwCMwydebaUfGTeAq6weFXuJGWVnT9B-vGUyJNaLqekMLjnjKENEKwrpGRLE1SpaIt04xSdlgcRK8JfcGkJJRNycD2AwtSh3UZ1VL7GGNLk-kwDzDOT_3JW7QJEfPgPeGzitIS_D3MkfQHF2D9vmKhWeuJN2W1nfnitz1FBfzLhUWubA6zL27Z2YV1jo_HmJkdaJ0iiYzMcEu0uDvZL0oBVEsDvnsP7ql3AoDX1w0SLGStTGhrkt-BL3YefCAreWNdgTN89u7wJtboVnHw_1LESjJmtiShJ4n686g3WGqjpyE9YLGVIT4FxdtfKDQ6qa-F-TzANJjaCuSN710j0TEMVCNNetRWW6DAKOU0MUfwOv4HerzgXOC8QziB0zozhwUVLsMY8WSyNGqwHXrbBrZMHRI63ElspFfCsLWYZwnL-6J-v5VdQZYjw7rvpW7veyH9WukG58XYUzNqg86N0jeXYGTimYVcl3MhTk34kALYRgG9lrer5QKo9bJF7HeLPrgQMmhMWdmT-FpHnq1iemUF3tjiOglVMCXweIpKF-uO_-9HFTwHfDEedGcEO9bp_lmC3QQoktMNKDuoT-DYibFJyqRB0NijCXnHak8SdCztHQLD9-FHWe8lbN7sG9siK0VylZRF1Dj_JCDGKHa1BkozR6BZjPVDtU_vKfy6MkJ2-qeRm0H2GGcXz4-FKMo8ZQ4vHPL7Dylq4tHAH0WmlJe-Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.nirsoft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D898 42 B
64 B 46ms
45ms Fetch
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvb4ztp3n7eLHxeFMPsEE04CGZahI3FJSKRLOVXWLetiFfYs7v979FVh6Rlq1DYr3jBx5GuD77J5xBhXaaiJqkgtibHXFpECHCPBJn6Q5kvKfQVfVeOpQ4YhTDUjHXuId0v6rDisCn80A&sai=AMfl-YS0L_cV9rlUH-isVLz5Pdcv8wyLvUaP0h2LVyGFN2jMCGVmHhohe7cnordLoVlVka30Sk-qFSrSWii3577HnjOj4cSabglB1DsTtLudNIsdT4fsoGWRdYnAv5xgn4gohqE0qGoru043F-oilrYcwA&sig=Cg0ArKJSzPJGdJGUxK_lEAE&cid=CAQSTwDICaaNonq64bp48r6zkWCUVkwP1bxeN-GTlPLmGWsndEV30p_oyoKII9qxG98VaGwa8oMG9rgjnshNJu5z-fQKfQ_3ZtIO9FA70_WbUOkYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=323,823,1000,1056,1056&tos=323,500,177,56,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1700545767470&rpt=237&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 00FA 0
20 B 41ms
40ms Ping
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9639373275134&version=m202309260101&ct=76&x=1&cor=398752696034436350

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 00FA 42 B
64 B 42ms
42ms Fetch
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubwdvGBUtkMicptrfXc8bLZ7PT6XAYqEtM3PYc67aiJmSiYOd950YpnzuXkJoeg0MzYARWQ8eLuZ6hXX_U0ByOv8ZOL4tOVA5pJtlLKd1gQxDwZVuXXMWH9FxqvlktHX7RjUP2xsIbaA&sai=AMfl-YTCETnpWQnXXNGX84UC8WUVV9vXzWyplSplc-pxZ-R8jQwfiIRadIotEraUtAQ99PsEOAO5nq79UKRmu1hRTwQEzP4Jun3BesKwj5g7R_NC-IuXQcs8qKxuB6iZEK1Zbb6wcgarlrinU_6qf_vZ&sig=Cg0ArKJSzOBdSR3vfC4DEAE&cid=CAQSTgDICaaNQn7bsVXSHl8g_5Qmh_CJRGRdC8ffDprATTHhTLQf10k9hl-S5OWK_-XaQCkJamoX2HdtYaYcwSh9PcR8NZPYLEzZMxP66ICZhBgB&id=lidar2&mcvt=1082&p=0,0,604,160&mtos=0,1082,1082,1082,1082&tos=0,1082,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&app=0&itpl=20&adk=2347419153&rs=2&la=0&cr=0&vs=4&r=v&rst=1700545766749&rpt=1124&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 00FA 43 B
215 B 116ms
115ms Image
image/gif 2600:1f13:800:7782:75f2:caaa:71c1:5647
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1712960&asId=fad61a1f-157f-79c1-4813-c4a079fc7323&tv=%7Bc:uC6e7i,pingTime:1,time:2588,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:16%7D,%7Bpiv:98,vs:i,r:,t:1587%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:1586,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1581~0,0~75%5D,as:%5B1581~160.600%5D%7D%7D,%7Bsl:i,t:1586,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:98,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~75%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:118,fm:tWdKJIk+11%7C121%7C1221%7C123%7C13*.1712960-75657834%7C131%7C14,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs,siq:17,sis:378%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:75f2:caaa:71c1:5647 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 05:49:30 GMT
server: nginx
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nirsoft.net/	1970-01-21 01:58:25	Name: _ga Value: GA1.1.1222120316.1700545766
.nirsoft.net/	1970-01-21 01:44:01	Name: __gads Value: ID=05b77ef9676ec826:T=1700545766:RT=1700545766:S=ALNI_MYnjKApnxhruEfCra8zEPZga7S2oQ
.nirsoft.net/	1970-01-21 01:44:01	Name: __gpi Value: UID=00000c9046b7a946:T=1700545766:RT=1700545766:S=ALNI_MamQ7Nf8MGtUZwyAF-QQ-ajfZbcqQ
.casalemedia.com/	1970-01-21 01:08:01	Name: CMID Value: ZVxE52gGKmE3i6-0rL7xfQAA
.casalemedia.com/	1970-01-20 18:32:01	Name: CMPS Value: 5479
.casalemedia.com/	1970-01-20 18:32:01	Name: CMPRO Value: 5479
.doubleclick.net/	1970-01-21 01:58:25	Name: IDE Value: AHWqTUkRfeVso7DVdGKqPp2lktK4UH5AB2K72PhbbdVAbrBW99Dx2k011NZtpJWV
.doubleclick.net/	1970-01-20 20:41:37	Name: APC Value: AfxxVi5j5RykT6IgsVa6GKz53O7dM0fRjS-ZJVX5l1R--QIFkeDQdA
.send.microad.jp/	1970-01-20 18:32:01	Name: TR Value: 5694accd5484bcb67a7aae6e235cc966daf78b1019b22785
.nirsoft.net/	1970-01-21 01:58:25	Name: _ga_P2Q08WF7BK Value: GS1.1.1700545766.1.0.1700545767.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
clients1.google.com
cm.g.doubleclick.net
code.createjs.com
cse.google.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
s-cs.send.microad.jp
s0.2mdn.net
s7.addthis.com
static.adsafeprotected.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.nirsoft.net
138.128.181.29
142.250.207.2
142.251.42.166
172.64.151.101
18.176.135.231
202.233.84.8
23.32.12.196
2404:6800:4004:808::2006
2404:6800:4004:80b::200e
2404:6800:4004:80f::2002
2404:6800:4004:813::2004
2404:6800:4004:81c::200e
2404:6800:4004:824::2002
2404:6800:4004:826::2002
2404:6800:4004:828::2001
2404:6800:4004:828::2008
2404:6800:4004:828::200e
2600:140b:1a00:19::17dc:44ad
2600:1f13:800:7782:75f2:caaa:71c1:5647
2600:9000:20bc:a800:8:48e:53c0:93a1
01bf2cd3e061b11cc201ed4b4b67f9a778aa0506be5de658a4184b04736395e6
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03fb3f62f575f7aece5107379da9667099547635980c20ee48c3a85a1ae1b7c2
0b584f823a8583514d3c8ae1a90ec8006b2441a045fd8095ef2c44bb425b5f7b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c4f483b95cfce5c4e78f32946ed302502f365c272094950b254b6226c16c7f5
13340dfc25a96d245772fb41c7aa01c32723b80d8dd8240864b747610d2ff745
14829fc12a3fddd5b9d78e30efa5146e5993361de33e42f119b2f4de9123438f
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
166d2a5d45d0ae31ee9329464ff4d2e26fd14a595c384e0c103e5c00fc630ceb
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1fc7ceb533a021747396d0773be419b8432c309db898995af87bf5a7b0c68b0b
26268c2c58fda81a27e2ac078e181341dae945b7003154049bea7e1c710a3b12
2c412f0cb2d38668c389ef16f48a043f138c7c7a0e483316bf59481281a9a50f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
432863150465290850edbb508d7e1e8c95320c0b34737f2f81cbf7589b6064d8
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4ea8411870894a09ff7165d06aab69c2be05ffea87cdb1b5fb3b5594f11f6f06
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5849b6bfdfd652f15772a44d253a051938d4e62caa3d30a07809b2111c507f82
609cf048b6aa91df56c11a306c563ebca0fe699da61fb3d2dcaef69799bc329b
60c82f984270443760c4ac62b3b1f76eee063c4e971addbc448503f081d3b3dd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
676621f8bc0324df0e1f6d18cd9281524379d88cf85224ce87497cd0a1bce9a1
7d235d0b09bcdfd06355640082ead2f9f31cc721390eab0d946cf0a3aa742e85
8b63d06f7d93a06e463645d24e5b41944e085cb28c37afb64717125109515f64
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
938ff31ad3963e3df245897d7f5e97ca349f5c2f66ca4dd59802f0a20a9a6b0f
95e9b520e4fa4708a1c77240f74659b7964412a25f37c656cb1cb05cfed6b324
9f3175bf0188a834cd7ea07916d3172e99792bcd6b4b0d2de993be9ea3c00fab
a20a0cacf291f7a92ee4a8247dcb9e30b18e6cadd6906049fd6ac6b0ba9cc246
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
af14b0cd512e7e43cafa798ef2b6d320cfff4c815cfe90e73baf42c13cdd980a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c5040a2d8558298e59fb8441c5da47fa9bd6eeeacf1a3431c2406388383953c6
c6e64c1cd75bb07f21740c2dd0514603cbf0644a4dddd96899ec39ed3a8ffa67
c9211b98042b17907d74bb76aa84613fe8d9dec0208003af8082899a662a00c4
cbb7930cf111dc18dd2d6a4b7826c8cee96943ab29d03f12e2127db78d4575f6
cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d3ac70ceec5c93b89371c9facc4817744abb5cf244151241c7dc360823ab375e
da87377228407711c9e4238c6069401ddb9ee4110329777856430bd0ab514746
dbf7eb98f997a8df116c6515ce77a2e76be2dafbdbc62cd7feade398544ac0a8
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e089c1557fe00b5d01938d97d6c577182ee7b43a8e2f05880f157231b8943bf2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eeda44ab7da374615ac9526ede305035d1ec7bae70ef6073a70d4889388b5e76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ffdbaf2f70858164c6684da8a57affe4f726626afbe0c5d3b4c42da700ab572d

www.nirsoft.net Open in urlscan Pro 138.128.181.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

108 Requests

81 %HTTPS

65 %IPv6

13 Domains

20 Subdomains

20 IPs

3 Countries

1594 kBTransfer

4435 kBSize

10 Cookies

4 Outgoing links

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nirsoft.net Open in urlscan Pro
138.128.181.29 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

81 %
HTTPS

65 %
IPv6

13
Domains

20
Subdomains

20
IPs

3
Countries

1594 kB
Transfer

4435 kB
Size

10
Cookies

108 HTTP transactions
3 data transactions