wa3.i-3-i.info Open in urlscan Pro
153.122.24.136 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wa3.i-3-i.info/
Submission Tags: falconsandbox
Submission: On June 05 via api (June 5th 2021, 9:15:24 pm UTC) from US

Summary HTTP 139 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 17 domains to perform 139 HTTP transactions. The main IP is 153.122.24.136, located in Japan and belongs to GMOCL GMO GlobalSign Holdings K.K., JP. The main domain is wa3.i-3-i.info.
TLS certificate: Issued by R3 on April 8th 2021. Valid for: 3 months.

This is the only time wa3.i-3-i.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	153.122.24.136 153.122.24.136	131921 (GMOCL GMO...) (GMOCL GMO GlobalSign Holdings K.K.)
4	52.119.164.182 52.119.164.182	16509 (AMAZON-02) (AMAZON-02)
22	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	52.84.109.5 52.84.109.5	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	52.84.109.54 52.84.109.54	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
25	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1 2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
2 3	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
43	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2606:2800:233... 2606:2800:233:7ee2:97c:ab4c:6c70:be36	15133 (EDGECAST) (EDGECAST)
139	23

7 153.122.24.136 (Japan)

ASN131921 (GMOCL GMO GlobalSign Holdings K.K., JP)
PTR: sub0000547051.hmk-temp.com

wa3.i-3-i.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.119.164.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)

ir-jp.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.84.109.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-109-5.bud50.r.cloudfront.net

b.st-hatena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.109.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-109-54.bud50.r.cloudfront.net

b.hatena.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	twimg.com cdn.syndication.twimg.com pbs.twimg.com ton.twimg.com	141 KB
35	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	421 KB
12	doubleclick.net googleads.g.doubleclick.net	92 KB
11	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	186 KB
7	i-3-i.info wa3.i-3-i.info	195 KB
5	google.com 2 redirects adservice.google.com www.google.com	960 B
5	st-hatena.com b.st-hatena.com	17 KB
4	googletagservices.com www.googletagservices.com	139 KB
4	amazon-adsystem.com ir-jp.amazon-adsystem.com	636 B
3	gstatic.com www.gstatic.com fonts.gstatic.com	53 KB
3	google-analytics.com ssl.google-analytics.com www.google-analytics.com	18 KB
2	google.de adservice.google.de	287 B
2	facebook.net connect.facebook.net	67 KB
1	googleapis.com fonts.googleapis.com	674 B
1	facebook.com www.facebook.com
1	googleadservices.com partner.googleadservices.com	638 B
1	hatena.ne.jp b.hatena.ne.jp	1 KB
139	17

	Domain	Requested by
42	pbs.twimg.com	wa3.i-3-i.info platform.twitter.com
25	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com wa3.i-3-i.info pagead2.googlesyndication.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	pagead2.googlesyndication.com	wa3.i-3-i.info pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
9	platform.twitter.com	wa3.i-3-i.info platform.twitter.com
7	wa3.i-3-i.info	wa3.i-3-i.info
5	b.st-hatena.com	wa3.i-3-i.info b.hatena.ne.jp b.st-hatena.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	ir-jp.amazon-adsystem.com	wa3.i-3-i.info
3	www.google.com	2 redirects tpc.googlesyndication.com
2	ton.twimg.com	platform.twitter.com
2	fonts.gstatic.com	fonts.googleapis.com
2	syndication.twitter.com	1 redirects platform.twitter.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	connect.facebook.net	wa3.i-3-i.info connect.facebook.net
2	ssl.google-analytics.com	wa3.i-3-i.info
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	cdn.syndication.twimg.com	platform.twitter.com
1	www.facebook.com	connect.facebook.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	ssl.google-analytics.com
1	b.hatena.ne.jp	b.st-hatena.com
139	24

This site contains no links.

Subject Issuer	Validity	Valid
wa3.i-3-i.info R3	`2021-04-08` - `2021-07-07`	3 months	crt.sh
www.assoc-amazon.jp Amazon	`2020-11-20` - `2021-11-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.b.st-hatena.com Amazon	`2020-10-25` - `2021-11-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.b.hatena.ne.jp Amazon	`2020-10-20` - `2021-11-19`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://wa3.i-3-i.info/
Frame ID: 58FABAB5BD4254D7A3DF209B95740716
Requests: 36 HTTP requests in this frame

Frame: https://b.hatena.ne.jp/entry/button/?url=https%3A%2F%2Fwa3.i-3-i.info%2F&layout=basic-label-counter&lang=ja&mode=popup
Frame ID: 0A218926B6CDE12BC93101AFA17F84E3
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210601/r20190131/zrt_lookup.html
Frame ID: A86287191153508BD863447C45CD8C00
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4630595670749244&output=html&h=90&slotname=9992496680&adk=3078375792&adf=4210472835&pi=t.ma~as.9992496680&w=728&lmt=1622927708&psa=0&format=728x90&url=https%3A%2F%2Fwa3.i-3-i.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622927708722&bpp=3&bdt=1016&idt=62&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4176613404742&frm=20&pv=2&ga_vid=1160375586.1622927709&ga_sid=1622927709&ga_hid=608661172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=50&ady=943&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060974%2C44743689&oid=3&pvsid=3686528729577729&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P8SFaT4BWb&p=https%3A//wa3.i-3-i.info&dtd=79
Frame ID: 537F56F2CBCDC36ADD4DB343A07C8405
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4630595670749244&output=html&h=90&slotname=1640441366&adk=3278189912&adf=561758300&pi=t.ma~as.1640441366&w=728&lmt=1622927708&psa=0&format=728x90&url=https%3A%2F%2Fwa3.i-3-i.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622927708725&bpp=1&bdt=1018&idt=82&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=4176613404742&frm=20&pv=1&ga_vid=1160375586.1622927709&ga_sid=1622927709&ga_hid=608661172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=50&ady=1724&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060974%2C44743689&oid=3&pvsid=3686528729577729&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9nU5x4Cr3n&p=https%3A//wa3.i-3-i.info&dtd=87
Frame ID: 74F2B2B1790DE2BEBB0C28C4578477C8
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4630595670749244&output=html&h=200&slotname=6910532961&adk=1922258158&adf=3188817074&pi=t.ma~as.6910532961&w=200&lmt=1622927708&psa=0&format=200x200&url=https%3A%2F%2Fwa3.i-3-i.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622927708725&bpp=1&bdt=1019&idt=92&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=4176613404742&frm=20&pv=1&ga_vid=1160375586.1622927709&ga_sid=1622927709&ga_hid=608661172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1275&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060974%2C44743689&oid=3&pvsid=3686528729577729&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vY8u4u063x&p=https%3A//wa3.i-3-i.info&dtd=94
Frame ID: 6204234ACEB99BBB6C5FD33EEFCC069A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4630595670749244&output=html&adk=1812271804&adf=3025194257&lmt=1622927709&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwa3.i-3-i.info%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622927709051&bpp=2&bdt=1344&idt=2&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4adc19904d99711-22238641c1c80065%3AT%3D1622927708%3ART%3D1622927708%3AS%3DALNI_MYHWnYfgWo3fdsdB4t3gHnEoSekrA&prev_fmts=728x90%2C728x90%2C200x200&nras=1&correlator=4176613404742&frm=20&pv=1&ga_vid=1160375586.1622927709&ga_sid=1622927709&ga_hid=608661172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060974%2C44743689&oid=3&pvsid=3686528729577729&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=6
Frame ID: F18A1BF71EFC4AB9B4726309D15E488E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwa3.i-3-i.info
Frame ID: E89A8F19935B663D2D014F88B1552CED
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c2cf41d81ab7c%26domain%3Dwa3.i-3-i.info%26origin%3Dhttps%253A%252F%252Fwa3.i-3-i.info%252Ff2308ca47091798%26relation%3Dparent.parent&container_width=319&href=https%3A%2F%2Fwa3.i-3-i.info%2F&layout=button_count&locale=ja_JP&sdk=joey&send=true&show_faces=false&width=450
Frame ID: D4E535FC14373F1BB43F18C1B9A81127
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1140729413597514979/index.html
Frame ID: 121C8555EF5351EE87A16CC534AADA95
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 8D7A28D56526A165BB08A2B730E877C7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18145418502255872444/index.html
Frame ID: 7A426597918DCF303BE0D4DD3CB83C09
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C55FA0A64F9414DBA9F5E4C66A9BDA33
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.06c6ee58c3810956b7509218508c7b56.ja.html
Frame ID: 10F82A667E2B1599E9D4916118BE86DE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
Frame ID: 1BC39449BAF40DF86290202277EFA2EB
Requests: 1 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1401135598115725313/oW8X47At?format=png&name=144x144_2
Frame ID: 69D15CAA9A7A8CD041DC2DD974F9E7DE
Requests: 48 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: DC6FF42663A380765ADB8D8A680D8413
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 895F3A36A036F06053DD4845450BD448
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 41113796FB4ABE7969F38EDCB1CDFD49
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

139
Requests

100 %
HTTPS

73 %
IPv6

17
Domains

24
Subdomains

23
IPs

4
Countries

1332 kB
Transfer

3099 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 66

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 146

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

139 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
wa3.i-3-i.info/ 80 KB
80 KB 1872ms
817ms Document
text/html 153.122.24.136
GMOCL GMO GlobalS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wa3.i-3-i.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.122.24.136 , Japan, ASN131921 (GMOCL GMO GlobalSign Holdings K.K., JP),
Reverse DNS: sub0000547051.hmk-temp.com
Software: Apache / PHP/5.4.16 PleskLin
Resource Hash: 641b43cddbf1994b90ec8253cbc9dd0fd4cb054ec81a08747d3aae37a633b19a

Request headers

Host: wa3.i-3-i.info
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 05 Jun 2021 21:15:07 GMT
Server: Apache
X-Powered-By: PHP/5.4.16 PleskLin
Set-Cookie: PHPSESSID=1sbrav5g8b6m8v4maviduamk25; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK style.css
wa3.i-3-i.info/css/ 13 KB
13 KB 797ms
279ms Stylesheet
text/css 153.122.24.136
GMOCL GMO GlobalS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wa3.i-3-i.info/css/style.css?ver=00169
Requested by: Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.122.24.136 , Japan, ASN131921 (GMOCL GMO GlobalSign Holdings K.K., JP),
Reverse DNS: sub0000547051.hmk-temp.com
Software: Apache / PleskLin
Resource Hash: 785f85e3b98dd4601615667136fa5804b9bf4d5c93b015f2106552b6dfcd7881

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: wa3.i-3-i.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://wa3.i-3-i.info/
Cookie: PHPSESSID=1sbrav5g8b6m8v4maviduamk25
Connection: keep-alive
Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 05 Jun 2021 21:15:08 GMT
Last-Modified: Tue, 16 Mar 2021 17:49:00 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "3297-5bdaafb31fb00"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 12951

GET
H/1.1 200
OK index.css
wa3.i-3-i.info/css/ 5 KB
5 KB 799ms
273ms Stylesheet
text/css 153.122.24.136
GMOCL GMO GlobalS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wa3.i-3-i.info/css/index.css?ver=00169
Requested by: Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.122.24.136 , Japan, ASN131921 (GMOCL GMO GlobalSign Holdings K.K., JP),
Reverse DNS: sub0000547051.hmk-temp.com
Software: Apache / PleskLin
Resource Hash: 027fd441c941232a67b9b011320869e9901b1530671b7e7e140e2008efc2a494

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: wa3.i-3-i.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://wa3.i-3-i.info/
Cookie: PHPSESSID=1sbrav5g8b6m8v4maviduamk25
Connection: keep-alive
Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 05 Jun 2021 21:15:08 GMT
Last-Modified: Mon, 16 Feb 2015 23:19:00 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "1315-50f3ccfa98100"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4885

GET
H/1.1 200
OK wa3piyo2.png
wa3.i-3-i.info/img/ 729 B
1022 B 290ms
289ms Image
image/png 153.122.24.136
GMOCL GMO GlobalS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wa3.i-3-i.info/img/wa3piyo2.png
Requested by: Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.122.24.136 , Japan, ASN131921 (GMOCL GMO GlobalSign Holdings K.K., JP),
Reverse DNS: sub0000547051.hmk-temp.com
Software: Apache / PleskLin
Resource Hash: e842e8cec916e19f42d86fa17acc4b3f41d72b351ea66f5cc7dfc6b891f2144f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: wa3.i-3-i.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://wa3.i-3-i.info/
Cookie: PHPSESSID=1sbrav5g8b6m8v4maviduamk25
Connection: keep-alive
Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 05 Jun 2021 21:15:08 GMT
Last-Modified: Sat, 09 Jan 2016 16:26:00 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "2d9-528e928c45600"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 729

GET
H/1.1 200 ir
ir-jp.amazon-adsystem.com/e/ 42 B
159 B 822ms
174ms Image
image/gif 52.119.164.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ir-jp.amazon-adsystem.com/e/ir?t=eruranbook-22&l=am2&o=9&a=B07G51YT9X
Requested by: Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.164.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache
Connection: close
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200 ir
ir-jp.amazon-adsystem.com/e/ 42 B
159 B 823ms
175ms Image
image/gif 52.119.164.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ir-jp.amazon-adsystem.com/e/ir?t=eruranbook-22&l=am2&o=9&a=B073Q65WNC
Requested by: Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.164.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache
Connection: close
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200 ir
ir-jp.amazon-adsystem.com/e/ 42 B
159 B 827ms
176ms Image
image/gif 52.119.164.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ir-jp.amazon-adsystem.com/e/ir?t=eruranbook-22&l=am2&o=9&a=B06Y63281P
Requested by: Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.164.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache
Connection: close
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200 ir
ir-jp.amazon-adsystem.com/e/ 42 B
159 B 831ms
177ms Image
image/gif 52.119.164.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ir-jp.amazon-adsystem.com/e/ir?t=eruranbook-22&l=am2&o=9&a=B01F377U84
Requested by: Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.164.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache
Connection: close
Content-Length: 42
Content-Type: image/gif

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20963896f6188f7763c0cb7446c379c0a1426d2ad7cd79962758041896f6691f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48426
x-xss-protection: 0
server: cafe
etag: 8382588191580572105
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 05 Jun 2021 21:15:08 GMT

GET
H2 200 button-only@2x.png
b.st-hatena.com/images/entry-button/ 441 B
889 B 174ms
25ms Image
image/png 52.84.109.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/entry-button/button-only@2x.png

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.109.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-109-5.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

e6deab93ae202482c73676e54f020aa81eb2be2ce75ec8a62bf2394d0176f93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 04:48:05 GMT
via: 1.1 920d2a45d275def633b7efde005c8be9.cloudfront.net (CloudFront)
age: 12068823
x-cache: Hit from cloudfront
content-length: 441
last-modified: Wed, 13 May 2020 05:44:30 GMT
server: nginx
etag: "5ebb893e-1b9"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=31536000
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
x-amz-cf-id: FFgvO6s4YwzBRnWwccHRBlXiKN_XY9BPbphsFCrgClplR1ZuJYnAfQ==
expires: Mon, 17 Jan 2022 04:48:05 GMT

GET
H2 200 bookmark_button.js Show response
b.st-hatena.com/js/ 35 KB
11 KB 173ms
25ms Script
application/x-javascript 52.84.109.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.st-hatena.com/js/bookmark_button.js

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.109.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-109-5.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

f5533dc1e890e99b74930d8f462d013ad2aeff9a6fb7f673ce6eba3deb107ae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 05:31:08 GMT
server: nginx
age: 33821
etag: W/"60b5c61c-8af2"
x-cache: Hit from cloudfront
content-type: application/x-javascript
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=86400
date: Sat, 05 Jun 2021 11:51:28 GMT
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: K-JtHBsfQ-UCWIdOjyRRdL2c7SJ5ppc-A-YXKv0KZUXGD3q99FjumA==
via: 1.1 920d2a45d275def633b7efde005c8be9.cloudfront.net (CloudFront)
expires: Sun, 06 Jun 2021 11:51:26 GMT

GET
H/1.1 200
OK jquery-1.7.2.min.js Show response
wa3.i-3-i.info/js/ 93 KB
93 KB 276ms
276ms Script
application/javascript 153.122.24.136
GMOCL GMO GlobalS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wa3.i-3-i.info/js/jquery-1.7.2.min.js?ver=00169
Requested by: Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.122.24.136 , Japan, ASN131921 (GMOCL GMO GlobalSign Holdings K.K., JP),
Reverse DNS: sub0000547051.hmk-temp.com
Software: Apache / PleskLin
Resource Hash: 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: wa3.i-3-i.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://wa3.i-3-i.info/
Cookie: PHPSESSID=1sbrav5g8b6m8v4maviduamk25
Connection: keep-alive
Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 05 Jun 2021 21:15:08 GMT
Last-Modified: Sun, 25 Mar 2012 14:15:00 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "17278-4bc11e20fe100"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 94840

GET
H/1.1 200
OK common.js Show response
wa3.i-3-i.info/js/ 2 KB
2 KB 271ms
271ms Script
application/javascript 153.122.24.136
GMOCL GMO GlobalS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wa3.i-3-i.info/js/common.js?ver=00169
Requested by: Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.122.24.136 , Japan, ASN131921 (GMOCL GMO GlobalSign Holdings K.K., JP),
Reverse DNS: sub0000547051.hmk-temp.com
Software: Apache / PleskLin
Resource Hash: 1d1082e42c003ab7e7771470e161dd7ff6a8420b541c0a08fb4ffc11971d14ce

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: wa3.i-3-i.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://wa3.i-3-i.info/
Cookie: PHPSESSID=1sbrav5g8b6m8v4maviduamk25
Connection: keep-alive
Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 05 Jun 2021 21:15:08 GMT
Last-Modified: Sun, 16 Aug 2020 02:38:00 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "8a8-5acf58ad91200"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2216

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 123ms
6ms Script
text/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4754
date: Sat, 05 Jun 2021 19:55:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 05 Jun 2021 21:55:54 GMT

GET
H/1.1 200
OK bg_subtitle.gif
wa3.i-3-i.info/img/ 146 B
437 B 404ms
274ms Image
image/gif 153.122.24.136
GMOCL GMO GlobalS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wa3.i-3-i.info/img/bg_subtitle.gif
Requested by: Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/css/style.css?ver=00169
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.122.24.136 , Japan, ASN131921 (GMOCL GMO GlobalSign Holdings K.K., JP),
Reverse DNS: sub0000547051.hmk-temp.com
Software: Apache / PleskLin
Resource Hash: add9fa610be12aa96d038e98491bbe9e6b2eaf184b963bddc55ce147494ff799

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: wa3.i-3-i.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://wa3.i-3-i.info/css/style.css?ver=00169
Cookie: PHPSESSID=1sbrav5g8b6m8v4maviduamk25
Connection: keep-alive
Referer: https://wa3.i-3-i.info/css/style.css?ver=00169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 05 Jun 2021 21:15:08 GMT
Last-Modified: Sun, 24 Mar 2013 14:11:48 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "92-4d8ac44dab100"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 146

GET
H2 200 all.js Show response
connect.facebook.net/ja_JP/ 3 KB
2 KB 37ms
13ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/all.js

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2f038e14b14aa55b9254f4ecdd0bb37dd2aca920052ca0df5c3e012779ab71f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: k90sy84+apILlrXtWt33GA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: gW4+X/bhMwLnrxLCspWNu5tHh5BjjY9xYj778mT4S+CkmNEtWiT0nHovOwdNZLVtSNCWkhL90EXee/sDPDKqFg==
x-fb-trip-id: 1709462857
x-fb-content-md5: a232ff3e7081a79311eb290e76199f9a
x-frame-options: DENY
etag: "9a05f72f339c9b4bf33a8851b0dc877e"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Sat, 05 Jun 2021 21:17:05 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 27ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 05 Jun 2021 21:15:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/668C)
Age: 912
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

GET
H3-29 200 all.js Show response
connect.facebook.net/ja_JP/ 219 KB
64 KB 16ms
16ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/all.js?hash=34cf07df268caa389f0438976631ea3b&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/all.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e70eb359aa0a418f971d0c95f3af1a007568ae7a4edf317af93e5abaa6c75c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://wa3.i-3-i.info
Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: IEUPwtblhZErHXsKazSRyg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65902
x-fb-rlafr: 0
x-fb-debug: Lo9czNp8qr2sTiVloogP7KR/pRSw4wiyXol5Z4WLrCm9F5U9nCMNWf/Pwfw0QCHOgXPwX+RJtQy5y6lljFL3zQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 6ad51b4cd4bc4758f7b5d5612ddca797
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 05 Jun 2021 21:15:08 GMT
vary: Accept-Encoding
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "f3b182de7a1c27f551fcfe448045bfd2"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 05 Jun 2022 20:57:20 GMT

GET
H2 200 / Show response
b.hatena.ne.jp/entry/button/ Frame 0A21 1 KB
1 KB 342ms
293ms Document
text/html 52.84.109.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.hatena.ne.jp/entry/button/?url=https%3A%2F%2Fwa3.i-3-i.info%2F&layout=basic-label-counter&lang=ja&mode=popup

Requested by

Host: b.st-hatena.com
URL: https://b.st-hatena.com/js/bookmark_button.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.109.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-109-54.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

09e4e1316c303225a0daa689f69c30ecc66fb1183151ac5192a8db8d2fdbf2ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: b.hatena.ne.jp
:scheme: https
:path: /entry/button/?url=https%3A%2F%2Fwa3.i-3-i.info%2F&layout=basic-label-counter&lang=ja&mode=popup
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wa3.i-3-i.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wa3.i-3-i.info/

Response headers

content-type: text/html; charset=utf-8
date: Sat, 05 Jun 2021 21:15:08 GMT
server: nginx
cache-control: public, max-age=3600, s-maxage=3600
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 d00a1eb2ccbcadee246787853beba6e4.cloudfront.net (CloudFront)
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: iFAeygvQMrnbPkkltE0xv0V6b9iQsfqEhU2CIFtPgW0FsX2rh7BgZA==

GET
H2 200 inpage_linkid.js Show response
www.google-analytics.com/plugins/ga/ 1 KB
825 B 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ga/inpage_linkid.js

Requested by

Host: ssl.google-analytics.com
URL: https://ssl.google-analytics.com/ga.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

989a73eb9e9faa5bcf87eb500ba218549b0b1ef37dc53d9ac948b33010bd78da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 20:54:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1210
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 697
x-xss-protection: 0
expires: Sat, 05 Jun 2021 21:54:58 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/ 232 KB
86 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4630595670749244&plah=wa3.i-3-i.info&amaexp=1&bust=exp%3D31060974

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d5f76008f1784b20b99d51741b2f8b8bbee28d5f2950ca2cf4226b6d61b1344

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87637
x-xss-protection: 0
server: cafe
etag: 15632250250964762239
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 05 Jun 2021 21:15:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210601/r20190131/ Frame A862 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210601/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210601/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wa3.i-3-i.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wa3.i-3-i.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 04 Jun 2021 23:22:09 GMT
expires: Fri, 18 Jun 2021 23:22:09 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 78779
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 27ms
13ms Image
image/gif 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1705090177&utmhn=wa3.i-3-i.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E3%80%8C%E5%88%86%E3%81%8B%E3%82%8A%E3%81%9D%E3%81%86%E3%80%8D%E3%81%A7%E3%80%8C%E5%88%86%E3%81%8B%E3%82%89%E3%81%AA%E3%81%84%E3%80%8D%E3%81%A7%E3%82%82%E3%80%8C%E5%88%86%E3%81%8B%E3%81%A3%E3%81%9F%E3%80%8D%E6%B0%97%E3%81%AB%E3%81%AA%E3%82%8C%E3%82%8BIT%E7%94%A8%E8%AA%9E%E8%BE%9E%E5%85%B8&utmhid=608661172&utmr=-&utmp=%2F&utmht=1622927708757&utmac=UA-10737655-6&utmcc=__utma%3D28307514.1160375586.1622927709.1622927709.1622927709.1%3B%2B__utmz%3D28307514.1622927709.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=17343441&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Jun 2021 21:15:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
638 B 59ms
16ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=wa3.i-3-i.info&callback=_gfp_s_&client=ca-pub-4630595670749244

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4630595670749244&plah=wa3.i-3-i.info&amaexp=1&bust=exp%3D31060974

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

436a7eafe34206f02d1e10571dc5295807ab6922b67ef4eb85bf4fd4341eb489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=wa3.i-3-i.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Jun 2021 21:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=wa3.i-3-i.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Jun 2021 21:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 537F 73 KB
24 KB 668ms
667ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4630595670749244&output=html&h=90&slotname=9992496680&adk=3078375792&adf=4210472835&pi=t.ma~as.9992496680&w=728&lmt=1622927708&psa=0&format=728x90&url=https%3A%2F%2Fwa3.i-3-i.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622927708722&bpp=3&bdt=1016&idt=62&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4176613404742&frm=20&pv=2&ga_vid=1160375586.1622927709&ga_sid=1622927709&ga_hid=608661172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=50&ady=943&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060974%2C44743689&oid=3&pvsid=3686528729577729&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P8SFaT4BWb&p=https%3A//wa3.i-3-i.info&dtd=79

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41f9953ee82424a04cb0d8de2040ddc37255452d88b6ae78253dcb1f77c17a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4630595670749244&output=html&h=90&slotname=9992496680&adk=3078375792&adf=4210472835&pi=t.ma~as.9992496680&w=728&lmt=1622927708&psa=0&format=728x90&url=https%3A%2F%2Fwa3.i-3-i.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622927708722&bpp=3&bdt=1016&idt=62&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4176613404742&frm=20&pv=2&ga_vid=1160375586.1622927709&ga_sid=1622927709&ga_hid=608661172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=50&ady=943&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060974%2C44743689&oid=3&pvsid=3686528729577729&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P8SFaT4BWb&p=https%3A//wa3.i-3-i.info&dtd=79
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wa3.i-3-i.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wa3.i-3-i.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 05 Jun 2021 21:15:09 GMT
server: cafe
content-length: 24255
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 05-Jun-2021 21:30:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 05 Jun 2021 21:15:09 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a06800ad719e1f1b46691ded5a5577666d2fc30f950b0ba544352ede4e25de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:08 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622805992319560"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28149
x-xss-protection: 0
expires: Sat, 05 Jun 2021 21:15:08 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 74F2 89 KB
32 KB 269ms
269ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4630595670749244&output=html&h=90&slotname=1640441366&adk=3278189912&adf=561758300&pi=t.ma~as.1640441366&w=728&lmt=1622927708&psa=0&format=728x90&url=https%3A%2F%2Fwa3.i-3-i.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622927708725&bpp=1&bdt=1018&idt=82&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=4176613404742&frm=20&pv=1&ga_vid=1160375586.1622927709&ga_sid=1622927709&ga_hid=608661172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=50&ady=1724&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060974%2C44743689&oid=3&pvsid=3686528729577729&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9nU5x4Cr3n&p=https%3A//wa3.i-3-i.info&dtd=87

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9470ac0dc62dd28d6aaf45b643a4eb48d4d10b50afb95bbc99c8d363df2294a8

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18145418502255872444/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18145418502255872444/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIjS0uy0gfECFRPtuwgdfMYKSQ&gqi=XOm7YMT-MYyU3gPyqKDIDg&layout=/sadbundle/%24csp%253Der3%24/18145418502255872444/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4630595670749244&output=html&h=90&slotname=1640441366&adk=3278189912&adf=561758300&pi=t.ma~as.1640441366&w=728&lmt=1622927708&psa=0&format=728x90&url=https%3A%2F%2Fwa3.i-3-i.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622927708725&bpp=1&bdt=1018&idt=82&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=4176613404742&frm=20&pv=1&ga_vid=1160375586.1622927709&ga_sid=1622927709&ga_hid=608661172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=50&ady=1724&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060974%2C44743689&oid=3&pvsid=3686528729577729&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9nU5x4Cr3n&p=https%3A//wa3.i-3-i.info&dtd=87
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wa3.i-3-i.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wa3.i-3-i.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18145418502255872444/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18145418502255872444/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIjS0uy0gfECFRPtuwgdfMYKSQ&gqi=XOm7YMT-MYyU3gPyqKDIDg&layout=/sadbundle/%24csp%253Der3%24/18145418502255872444/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 05 Jun 2021 21:15:09 GMT
server: cafe
content-length: 32256
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 05-Jun-2021 21:30:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 05 Jun 2021 21:15:09 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6204 89 KB
32 KB 226ms
225ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4630595670749244&output=html&h=200&slotname=6910532961&adk=1922258158&adf=3188817074&pi=t.ma~as.6910532961&w=200&lmt=1622927708&psa=0&format=200x200&url=https%3A%2F%2Fwa3.i-3-i.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622927708725&bpp=1&bdt=1019&idt=92&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=4176613404742&frm=20&pv=1&ga_vid=1160375586.1622927709&ga_sid=1622927709&ga_hid=608661172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1275&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060974%2C44743689&oid=3&pvsid=3686528729577729&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vY8u4u063x&p=https%3A//wa3.i-3-i.info&dtd=94

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

630fa1590973f3a94c271d4e2c3bf7c9d6cf2a8848cbac246f7fc6f671adcf0d

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1140729413597514979/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1140729413597514979/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMiI0-y0gfECFZzkuwgdMfkGCQ&gqi=XOm7YOS1Moyt3wOHoorYAw&layout=/sadbundle/%24csp%253Der3%24/1140729413597514979/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4630595670749244&output=html&h=200&slotname=6910532961&adk=1922258158&adf=3188817074&pi=t.ma~as.6910532961&w=200&lmt=1622927708&psa=0&format=200x200&url=https%3A%2F%2Fwa3.i-3-i.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622927708725&bpp=1&bdt=1019&idt=92&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=4176613404742&frm=20&pv=1&ga_vid=1160375586.1622927709&ga_sid=1622927709&ga_hid=608661172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1275&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060974%2C44743689&oid=3&pvsid=3686528729577729&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vY8u4u063x&p=https%3A//wa3.i-3-i.info&dtd=94
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wa3.i-3-i.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wa3.i-3-i.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1140729413597514979/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1140729413597514979/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMiI0-y0gfECFZzkuwgdMfkGCQ&gqi=XOm7YOS1Moyt3wOHoorYAw&layout=/sadbundle/%24csp%253Der3%24/1140729413597514979/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 05 Jun 2021 21:15:09 GMT
server: cafe
content-length: 32407
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 05-Jun-2021 21:30:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 05 Jun 2021 21:15:09 GMT
cache-control: private

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=wa3.i-3-i.info

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Jun 2021 21:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=wa3.i-3-i.info

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Jun 2021 21:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F18A 0
20 B 16ms
16ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4630595670749244&output=html&adk=1812271804&adf=3025194257&lmt=1622927709&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwa3.i-3-i.info%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622927709051&bpp=2&bdt=1344&idt=2&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4adc19904d99711-22238641c1c80065%3AT%3D1622927708%3ART%3D1622927708%3AS%3DALNI_MYHWnYfgWo3fdsdB4t3gHnEoSekrA&prev_fmts=728x90%2C728x90%2C200x200&nras=1&correlator=4176613404742&frm=20&pv=1&ga_vid=1160375586.1622927709&ga_sid=1622927709&ga_hid=608661172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060974%2C44743689&oid=3&pvsid=3686528729577729&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=6

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4630595670749244&output=html&adk=1812271804&adf=3025194257&lmt=1622927709&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwa3.i-3-i.info%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622927709051&bpp=2&bdt=1344&idt=2&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4adc19904d99711-22238641c1c80065%3AT%3D1622927708%3ART%3D1622927708%3AS%3DALNI_MYHWnYfgWo3fdsdB4t3gHnEoSekrA&prev_fmts=728x90%2C728x90%2C200x200&nras=1&correlator=4176613404742&frm=20&pv=1&ga_vid=1160375586.1622927709&ga_sid=1622927709&ga_hid=608661172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060974%2C44743689&oid=3&pvsid=3686528729577729&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wa3.i-3-i.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wa3.i-3-i.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 05 Jun 2021 21:15:09 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUkjLBDNxNLRqwAv0923mZqzeG1EYteJ8EMZEuWNhndDPrD_lmrcrJf4ZpGm; expires=Thu, 30-Jun-2022 21:15:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 05 Jun 2021 21:15:09 GMT
cache-control: private

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame E89A 319 KB
103 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwa3.i-3-i.info
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://wa3.i-3-i.info/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wa3.i-3-i.info/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 178026
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 05 Jun 2021 21:15:09 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BA)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H2 200 like.php
www.facebook.com/plugins/ Frame D4E5 0
0 57ms
30ms Document
text/html 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c2cf41d81ab7c%26domain%3Dwa3.i-3-i.info%26origin%3Dhttps%253A%252F%252Fwa3.i-3-i.info%252Ff2308ca47091798%26relation%3Dparent.parent&container_width=319&href=https%3A%2F%2Fwa3.i-3-i.info%2F&layout=button_count&locale=ja_JP&sdk=joey&send=true&show_faces=false&width=450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/all.js?hash=34cf07df268caa389f0438976631ea3b&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c2cf41d81ab7c%26domain%3Dwa3.i-3-i.info%26origin%3Dhttps%253A%252F%252Fwa3.i-3-i.info%252Ff2308ca47091798%26relation%3Dparent.parent&container_width=319&href=https%3A%2F%2Fwa3.i-3-i.info%2F&layout=button_count&locale=ja_JP&sdk=joey&send=true&show_faces=false&width=450
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wa3.i-3-i.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wa3.i-3-i.info/

Response headers

pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
content-type: text/html;charset=utf-8
x-content-type-options: nosniff
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
x-fb-debug: PQDBUDslv3LHlygj5XVzhwQZhKSeePwqvfUGRuYWYZWyg3xrS9vEZpDsd6Z3CqiHlipP0BJ7jBuluBQfvREZHA==
content-length: 0
date: Sat, 05 Jun 2021 21:15:09 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame 6204 17 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4630595670749244&output=html&h=200&slotname=6910532961&adk=1922258158&adf=3188817074&pi=t.ma~as.6910532961&w=200&lmt=1622927708&psa=0&format=200x200&url=https%3A%2F%2Fwa3.i-3-i.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622927708725&bpp=1&bdt=1019&idt=92&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=4176613404742&frm=20&pv=1&ga_vid=1160375586.1622927709&ga_sid=1622927709&ga_hid=608661172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1275&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060974%2C44743689&oid=3&pvsid=3686528729577729&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vY8u4u063x&p=https%3A//wa3.i-3-i.info&dtd=94

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9de83c923a234e8b164d2351ed47b456ec3417785b5fc33b4827f071f51f05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:13:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7001
x-xss-protection: 0
server: cafe
etag: 17954294202796946299
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Jun 2021 21:13:09 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 6204 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:14:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Jun 2021 21:14:26 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6204 122 KB
37 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622806011323838"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Sat, 05 Jun 2021 21:15:09 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 6204 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1091097466425408374
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Jun 2021 21:12:06 GMT

GET
H2 200 reset.css
b.st-hatena.com/css/ Frame 0A21 2 KB
1 KB 25ms
23ms Stylesheet
text/css 52.84.109.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.st-hatena.com/css/reset.css?27b2841ed6ed045826d6945c0b0b32b82bceb5a1

Requested by

Host: b.hatena.ne.jp
URL: https://b.hatena.ne.jp/entry/button/?url=https%3A%2F%2Fwa3.i-3-i.info%2F&layout=basic-label-counter&lang=ja&mode=popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.109.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-109-5.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

0fda122942f39c62ebd2d1ac9de0cf6c6e4cefefb31eb86e39777f46c7ed5064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://b.hatena.ne.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Dec 2020 05:42:33 GMT
content-encoding: gzip
last-modified: Wed, 13 May 2020 05:44:30 GMT
server: nginx
age: 15348756
etag: W/"5ebb893e-817"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
via: 1.1 920d2a45d275def633b7efde005c8be9.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: 7W8f73X-Al3gVUq6CtEDTlVcUoEShyyWrfZwXgiYASIxqv3wU1ujcA==
expires: Fri, 10 Dec 2021 05:42:33 GMT

GET
H2 200 entry-button.css
b.st-hatena.com/css/ Frame 0A21 5 KB
2 KB 24ms
23ms Stylesheet
text/css 52.84.109.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.st-hatena.com/css/entry-button.css?27b2841ed6ed045826d6945c0b0b32b82bceb5a1

Requested by

Host: b.hatena.ne.jp
URL: https://b.hatena.ne.jp/entry/button/?url=https%3A%2F%2Fwa3.i-3-i.info%2F&layout=basic-label-counter&lang=ja&mode=popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.109.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-109-5.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

61403f586e03ca26a4920ac368ecf4973ad46def79a1b46532f6bfc3d5573125

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://b.hatena.ne.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:31:39 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 10611810
x-cache: Hit from cloudfront
access-control-allow-origin: https://b.hatena.ne.jp
last-modified: Wed, 13 May 2020 05:44:30 GMT
server: nginx
etag: W/"5ebb893e-134a"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
via: 1.1 920d2a45d275def633b7efde005c8be9.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: gjdi-Q4q2mUdk-V9bYZ6iWRMN1tnoUdGygmHsTNcHWb_dxSkg_xXrA==
expires: Thu, 03 Feb 2022 01:31:39 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1140729413597514979/ Frame 121C 63 KB
16 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1140729413597514979/index.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

817fa66f1a0052fb86e750dd12ff8eb5bbebd01572ebc18b81d48119ab0b0893

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/1140729413597514979/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Wed, 02 Jun 2021 07:25:46 GMT
expires: Thu, 02 Jun 2022 07:25:46 GMT
last-modified: Wed, 12 May 2021 08:21:04 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 16642
age: 308963
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6204 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cq9mVXOm7YMjqMpzJ7_UPsfKbSLOugoVj3f7tjtMN6_D-gMckEAEgyb7THGCVAqAB4J7E-APIAQmpAqWM0SGoabQ-qAMByAPIgIACqgSyAU_QZbITk_ZArnhKi33GY_GEhbPvXHJF_P2A_VIGEhgyB4tJUUxB0HsGJMNUr3rkmEnJucNAcxad3pp_adZvsZKtlGP9aDPEmK2sXBtE3vn-PuhEXLDne5OuMneOU1GtDhzFXbSaqPnsOjthTIKkNCp5X4vGHjR-iuYmwoazraqPJ8_6eyvtRDtq0V4ULeSAez4QVEkz26iUkdoXuhOampQ_RWU23QVGvIYBSS7HsbKptqrABOChmpbAA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfHwPYCqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEELqxA9IICQiA4YAQEAEYH4AKAcgLAdgTDNAVAZgWAYAXAbIXGgoYCAASFHB1Yi00NjMwNTk1NjcwNzQ5MjQ0&sigh=NTeVUwsiPBw&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4630595670749244&output=html&h=200&slotname=6910532961&adk=1922258158&adf=3188817074&pi=t.ma~as.6910532961&w=200&lmt=1622927708&psa=0&format=200x200&url=https%3A%2F%2Fwa3.i-3-i.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622927708725&bpp=1&bdt=1019&idt=92&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=4176613404742&frm=20&pv=1&ga_vid=1160375586.1622927709&ga_sid=1622927709&ga_hid=608661172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1275&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060974%2C44743689&oid=3&pvsid=3686528729577729&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vY8u4u063x&p=https%3A//wa3.i-3-i.info&dtd=94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 05 Jun 2021 21:15:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8D7A 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4630595670749244&output=html&h=200&slotname=6910532961&adk=1922258158&adf=3188817074&pi=t.ma~as.6910532961&w=200&lmt=1622927708&psa=0&format=200x200&url=https%3A%2F%2Fwa3.i-3-i.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622927708725&bpp=1&bdt=1019&idt=92&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=4176613404742&frm=20&pv=1&ga_vid=1160375586.1622927709&ga_sid=1622927709&ga_hid=608661172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1275&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060974%2C44743689&oid=3&pvsid=3686528729577729&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vY8u4u063x&p=https%3A//wa3.i-3-i.info&dtd=94
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkjLBDNxNLRqwAv0923mZqzeG1EYteJ8EMZEuWNhndDPrD_lmrcrJf4ZpGm; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4630595670749244&output=html&h=200&slotname=6910532961&adk=1922258158&adf=3188817074&pi=t.ma~as.6910532961&w=200&lmt=1622927708&psa=0&format=200x200&url=https%3A%2F%2Fwa3.i-3-i.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622927708725&bpp=1&bdt=1019&idt=92&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=4176613404742&frm=20&pv=1&ga_vid=1160375586.1622927709&ga_sid=1622927709&ga_hid=608661172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1275&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060974%2C44743689&oid=3&pvsid=3686528729577729&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vY8u4u063x&p=https%3A//wa3.i-3-i.info&dtd=94

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 05 Jun 2021 20:44:34 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1835
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame 74F2 17 KB
7 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4630595670749244&output=html&h=90&slotname=1640441366&adk=3278189912&adf=561758300&pi=t.ma~as.1640441366&w=728&lmt=1622927708&psa=0&format=728x90&url=https%3A%2F%2Fwa3.i-3-i.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622927708725&bpp=1&bdt=1018&idt=82&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=4176613404742&frm=20&pv=1&ga_vid=1160375586.1622927709&ga_sid=1622927709&ga_hid=608661172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=50&ady=1724&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060974%2C44743689&oid=3&pvsid=3686528729577729&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9nU5x4Cr3n&p=https%3A//wa3.i-3-i.info&dtd=87

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9de83c923a234e8b164d2351ed47b456ec3417785b5fc33b4827f071f51f05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:13:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7001
x-xss-protection: 0
server: cafe
etag: 17954294202796946299
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Jun 2021 21:13:09 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 74F2 2 KB
1 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:14:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Jun 2021 21:14:26 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 74F2 122 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622806011323838"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Sat, 05 Jun 2021 21:15:09 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 74F2 13 KB
6 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1091097466425408374
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Jun 2021 21:12:06 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame E89A 256 B
441 B 133ms
117ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=ace92b34548697edfd04da0080a1ba449c26c86f

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwa3.i-3-i.info

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:08 GMT
content-encoding: gzip
last-modified: Sat, 05 Jun 2021 21:15:09 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: bfbea85367645e1f573a9ae26f8375ac9d50a20e6c7c51e6bbd53ed11324c1ce
content-length: 176

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18145418502255872444/ Frame 7A42 76 KB
18 KB 8ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18145418502255872444/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae017a6bb914eee4dfa8428c41ece4e86148916399c1785868d5fbdab55f041e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/18145418502255872444/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 01 Jun 2021 23:00:21 GMT
expires: Wed, 01 Jun 2022 23:00:21 GMT
last-modified: Wed, 12 May 2021 08:21:04 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 18000
age: 339288
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 74F2 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbX9KXOm7YIi0MpPa7_UP_IyryASzroKFY4WE7o7TDevw_oDHJBABIMm-0xxglQKgAeCexPgDyAEJqQKljNEhqGm0PqgDAcgDSKoEqwFP0GL-uSLhEv2-dsqUy6JXEHGN_WxNMGUfo-m_b5Qkr_ew-nDSWHlPhZjPntl467kiLvxfTihhap5DxEH66fdo75noKUe-9JevPoxq_IaCoNuaKVDOWhFWBEvePx5n_SqNY9rrbeArz7xe2yJr6sHp8QrLx44iBNGtmT4l8CI8vnW3xpgOYNs9NDH5iYYWPjZ5hx49LPU9HSXBazzI8F-lEYDN-VNGLi7DxfnABOChmpbAA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfHwPYCqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJySAdIICQiA4YAQEAEYH4AKAcgLAdgTDNAVAZgWAYAXAbIXGgoYCAASFHB1Yi00NjMwNTk1NjcwNzQ5MjQ0&sigh=GS-TfcD67vQ&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4630595670749244&output=html&h=90&slotname=1640441366&adk=3278189912&adf=561758300&pi=t.ma~as.1640441366&w=728&lmt=1622927708&psa=0&format=728x90&url=https%3A%2F%2Fwa3.i-3-i.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622927708725&bpp=1&bdt=1018&idt=82&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=4176613404742&frm=20&pv=1&ga_vid=1160375586.1622927709&ga_sid=1622927709&ga_hid=608661172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=50&ady=1724&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060974%2C44743689&oid=3&pvsid=3686528729577729&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9nU5x4Cr3n&p=https%3A//wa3.i-3-i.info&dtd=87
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 05 Jun 2021 21:15:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 standard-ja.svg
b.st-hatena.com/images/entry-button/ Frame 0A21 3 KB
2 KB 24ms
24ms Image
image/svg+xml 52.84.109.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/entry-button/standard-ja.svg

Requested by

Host: b.st-hatena.com
URL: https://b.st-hatena.com/css/entry-button.css?27b2841ed6ed045826d6945c0b0b32b82bceb5a1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.109.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-109-5.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

85c37ef6721ca9bbfd2b115b84e6337980f53c6918dda73ad49a7247c10ac793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://b.st-hatena.com/css/entry-button.css?27b2841ed6ed045826d6945c0b0b32b82bceb5a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 00:38:27 GMT
content-encoding: gzip
last-modified: Wed, 13 May 2020 05:44:30 GMT
server: nginx
age: 22192602
etag: W/"5ebb893e-a75"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
via: 1.1 920d2a45d275def633b7efde005c8be9.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: GnTS6tNXgIDfCYhbihjJm8gcpt-M9NnGpcBauAM32PolUPBs99W5Qw==
expires: Wed, 22 Sep 2021 00:38:27 GMT

GET
DATA 200
OK truncated
/ Frame 6204 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f7bd94297942bbe5ef157e093ef8affb2e6cd88a1be849382bf1cda2bca7950

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 121C 16 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1140729413597514979/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 23:50:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 05 Jun 2021 23:50:43 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 121C 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1140729413597514979/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 20:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 06 Jun 2021 20:37:24 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C55F 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4630595670749244&output=html&h=90&slotname=1640441366&adk=3278189912&adf=561758300&pi=t.ma~as.1640441366&w=728&lmt=1622927708&psa=0&format=728x90&url=https%3A%2F%2Fwa3.i-3-i.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622927708725&bpp=1&bdt=1018&idt=82&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=4176613404742&frm=20&pv=1&ga_vid=1160375586.1622927709&ga_sid=1622927709&ga_hid=608661172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=50&ady=1724&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060974%2C44743689&oid=3&pvsid=3686528729577729&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9nU5x4Cr3n&p=https%3A//wa3.i-3-i.info&dtd=87
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkjLBDNxNLRqwAv0923mZqzeG1EYteJ8EMZEuWNhndDPrD_lmrcrJf4ZpGm; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4630595670749244&output=html&h=90&slotname=1640441366&adk=3278189912&adf=561758300&pi=t.ma~as.1640441366&w=728&lmt=1622927708&psa=0&format=728x90&url=https%3A%2F%2Fwa3.i-3-i.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622927708725&bpp=1&bdt=1018&idt=82&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=4176613404742&frm=20&pv=1&ga_vid=1160375586.1622927709&ga_sid=1622927709&ga_hid=608661172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=50&ady=1724&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060974%2C44743689&oid=3&pvsid=3686528729577729&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9nU5x4Cr3n&p=https%3A//wa3.i-3-i.info&dtd=87

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 05 Jun 2021 20:44:34 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1835
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 74F2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3ee11728947d127e1054ce25bf6dd3865d4f5ce96c324a91596475808831053

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7A42 16 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18145418502255872444/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 23:50:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 05 Jun 2021 23:50:43 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7A42 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18145418502255872444/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 20:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 06 Jun 2021 20:37:24 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8D7A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
13ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkjLBDNxNLRqwAv0923mZqzeG1EYteJ8EMZEuWNhndDPrD_lmrcrJf4ZpGm; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 05 Jun 2021 21:15:09 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 05-Jun-2021 22:15:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 05 Jun 2021 21:15:09 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 05 Jun 2021 21:15:09 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK moment~timeline.bcb1cafa923482f4826e32741fe16a98.js Show response
platform.twitter.com/js/ 25 KB
8 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.bcb1cafa923482f4826e32741fe16a98.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: 5197134265816a7fc5bf360b151eccef4b22bad4b875f4314970860a2e1f2127

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 05 Jun 2021 21:15:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/67BE)
Age: 178026
Etag: "16c9189d13c8dd38e3e003ac2c6bcc8f+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 8011

GET
H/1.1 200
OK timeline.28ecda9667eeb8e1b18898b99fee6c31.js Show response
platform.twitter.com/js/ 20 KB
7 KB 13ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.28ecda9667eeb8e1b18898b99fee6c31.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: a5069082fd23bba93317d61fd6da244d6a85f60e68af7dcb9b0a43284f1d835a

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 05 Jun 2021 21:15:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/668C)
Age: 178026
Etag: "c0840e4754c01a08685ae9833ec830c8+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6363

GET
H/1.1 200
OK button.5573c974dc31bbdab5ea7923a0bd5cf3.js Show response
platform.twitter.com/js/ 7 KB
3 KB 20ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.5573c974dc31bbdab5ea7923a0bd5cf3.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 05 Jun 2021 21:15:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/668C)
Age: 178026
Etag: "382be2960021b88f6ce982d997cdbd01+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H3-29 200 Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js Show response
pagead2.googlesyndication.com/bg/ Frame 121C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 16:41:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 189228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5751
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jun 2022 16:41:21 GMT

GET
H3-29 200 BM_Logo_RGB_3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1140729413597514979/ Frame 121C 22 KB
22 KB 8ms
7ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1140729413597514979/BM_Logo_RGB_3.png

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af80c5f740d87f23a4dfba032163da333d0726400e3e466498ec6db371cccbeb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 326799
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22623
x-xss-protection: 0
last-modified: Wed, 12 May 2021 08:21:04 GMT
server: sffe
date: Wed, 02 Jun 2021 02:28:30 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 02:28:30 GMT

GET
H3-29 200 Buchen.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1140729413597514979/ Frame 121C 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1140729413597514979/Buchen.png

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7564661322d3aec7eed3fa1a5f8279d9c71661c31434bcacb441d9141cc38121

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 388481
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1080
x-xss-protection: 0
last-modified: Wed, 12 May 2021 08:21:04 GMT
server: sffe
date: Tue, 01 Jun 2021 09:20:28 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jun 2022 09:20:28 GMT

GET
H3-29 200 250x250_.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1140729413597514979/ Frame 121C 39 KB
39 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1140729413597514979/250x250_.jpg

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a0fa6c25afb30bb07f09a910772a38563cb52a7ca1a6fd7ec61b807d574b19

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 308962
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39867
x-xss-protection: 0
last-modified: Wed, 12 May 2021 08:21:04 GMT
server: sffe
date: Wed, 02 Jun 2021 07:25:47 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 07:25:47 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C55F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
13ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkjLBDNxNLRqwAv0923mZqzeG1EYteJ8EMZEuWNhndDPrD_lmrcrJf4ZpGm; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 05 Jun 2021 21:15:09 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 05-Jun-2021 22:15:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 05 Jun 2021 21:15:09 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 05 Jun 2021 21:15:09 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js Show response
pagead2.googlesyndication.com/bg/ Frame 7A42 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 16:41:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 189228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5751
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jun 2022 16:41:21 GMT

GET
H3-29 200 BM_Logo_RGB_3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18145418502255872444/ Frame 7A42 22 KB
22 KB 8ms
7ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18145418502255872444/BM_Logo_RGB_3.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af80c5f740d87f23a4dfba032163da333d0726400e3e466498ec6db371cccbeb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 329219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22623
x-xss-protection: 0
last-modified: Wed, 12 May 2021 08:21:04 GMT
server: sffe
date: Wed, 02 Jun 2021 01:48:10 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 01:48:10 GMT

GET
H3-29 200 Jetzt_buchen_.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18145418502255872444/ Frame 7A42 1003 B
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18145418502255872444/Jetzt_buchen_.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc135bb8a19ca17431b86416a5f54fe9abd6fa4f7d31c89c426d05dcfb0abc23

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 333612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1003
x-xss-protection: 0
last-modified: Wed, 12 May 2021 08:21:04 GMT
server: sffe
date: Wed, 02 Jun 2021 00:34:57 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 00:34:57 GMT

GET
H3-29 200 728x90_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18145418502255872444/ Frame 7A42 45 KB
45 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18145418502255872444/728x90_1.jpg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92513056d274913dbb1396758512a831132771571f18f5cbd40081db7ea47468

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 321556
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46190
x-xss-protection: 0
last-modified: Wed, 12 May 2021 08:21:04 GMT
server: sffe
date: Wed, 02 Jun 2021 03:55:53 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 03:55:53 GMT

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 170 KB
9 KB 220ms
199ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_wa3_pcs_old&dnt=false&domain=wa3.i-3-i.info&lang=ja&screen_name=wa3_pcs&suppress_response_codes=true&t=1803253&tz=GMT%2B0200&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

017ab50e32d600b87223ee7673a48ba88e5cf1381a42c9e82265349de38ef382

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
access-control-allow-methods: GET
content-length: 8741
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
last-modified: Sat, 05 Jun 2021 21:15:09 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 674bd3f065bdc2d1674af770132940ea1c1607f3a12e887fd0fd68d086a83efc
timing-allow-origin: *
x-transaction: 81b339bec5526d96
expires: Sat, 05 Jun 2021 21:20:09 GMT

GET
H/1.1 200
OK tweet_button.06c6ee58c3810956b7509218508c7b56.ja.html Show response
platform.twitter.com/widgets/ Frame 10F8 33 KB
13 KB 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.06c6ee58c3810956b7509218508c7b56.ja.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: 251283aeee079f4a9e5527b8ca613be54c4b36d755a1a44a99a7c9aa073613a8

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://wa3.i-3-i.info/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wa3.i-3-i.info/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 177992
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 05 Jun 2021 21:15:09 GMT
Etag: "10aaf3066f6a5d94f105077f7f07a1c8+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:48 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/668C)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12655

GET
DATA 200
OK truncated
/ Frame 10F8 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ Frame 537F 3 KB
674 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4630595670749244&output=html&h=90&slotname=9992496680&adk=3078375792&adf=4210472835&pi=t.ma~as.9992496680&w=728&lmt=1622927708&psa=0&format=728x90&url=https%3A%2F%2Fwa3.i-3-i.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622927708722&bpp=3&bdt=1016&idt=62&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4176613404742&frm=20&pv=2&ga_vid=1160375586.1622927709&ga_sid=1622927709&ga_hid=608661172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=50&ady=943&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060974%2C44743689&oid=3&pvsid=3686528729577729&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P8SFaT4BWb&p=https%3A//wa3.i-3-i.info&dtd=79

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Jun 2021 19:18:40 GMT
server: ESF
date: Sat, 05 Jun 2021 21:15:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Jun 2021 21:15:09 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 537F 1 KB
916 B 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:08:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Jun 2021 21:08:44 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame 537F 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9de83c923a234e8b164d2351ed47b456ec3417785b5fc33b4827f071f51f05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:13:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7001
x-xss-protection: 0
server: cafe
etag: 17954294202796946299
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Jun 2021 21:13:09 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 537F 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:14:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Jun 2021 21:14:26 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 537F 122 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622806011323838"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Sat, 05 Jun 2021 21:15:09 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 537F 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1091097466425408374
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Jun 2021 21:12:06 GMT

GET
H2 200 3b821d177d35ff0343c5a517c12ac1c9.js Show response
www.gstatic.com/mysidia/ Frame 537F 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3b821d177d35ff0343c5a517c12ac1c9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d7bc2e5c2959435469986ff3eb98d158edf428ed8eeccb0e8ffe31d3336c9ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10549
x-xss-protection: 0
last-modified: Wed, 02 Jun 2021 00:10:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Sep 2021 06:53:31 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 537F 0
0 21ms
20ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwR96XOm7YJziMdzE7_UPkJ6C6AuMl8GUY-W_g5LiDbCQHxABIMm-0xxglQKgAeWhsuwDyAEJqAMByAPLBKoEoQFP0Bi6JY1etC5GlVu84hSXlFMcs8kjALoteYld5KEdfRbIi6U11HvYdMTCMmy93PEtfS1fEKG-1A_EbGVSx0qdcweU8qf4TL-BRDlCTPCFNFAaV9gpj4FvQo6YPwBVe5D22zTg7lin41cNDPU-8CHq3nQ_tq93uYXegEtIARAKaSha9QEOHUvt6iGdBDDanxGz9G-928nj8me7g_Yon4M8xcAEg93Hg98DkgUECAQYAZIFBAgFGASgBi6AB7iIz3GoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwMQl3XSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMC0BUBgBcBshcaChgIABIUcHViLTQ2MzA1OTU2NzA3NDkyNDQ&sigh=G-Ac-fjYRQc&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4630595670749244&output=html&h=90&slotname=9992496680&adk=3078375792&adf=4210472835&pi=t.ma~as.9992496680&w=728&lmt=1622927708&psa=0&format=728x90&url=https%3A%2F%2Fwa3.i-3-i.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622927708722&bpp=3&bdt=1016&idt=62&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4176613404742&frm=20&pv=2&ga_vid=1160375586.1622927709&ga_sid=1622927709&ga_hid=608661172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=50&ady=943&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060974%2C44743689&oid=3&pvsid=3686528729577729&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P8SFaT4BWb&p=https%3A//wa3.i-3-i.info&dtd=79
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 05 Jun 2021 21:15:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11132573772874428868/ Frame 537F 8 KB
8 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11132573772874428868/downsize_200k_v1?w=195&h=102

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182161257f38352a359c41d40589b78e752f247c37a764a9c342e542ad431b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 18:56:05 GMT
x-content-type-options: nosniff
age: 267544
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8392
x-xss-protection: 0
last-modified: Fri, 28 May 2021 01:21:18 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 18:56:05 GMT

GET
DATA 200
OK truncated
/ Frame 537F 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 537F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5b9735a8e6fd4ac2e65ac8b12e5fa710164ddfdffaca4245c41b7049c621dfc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 537F 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 21:07:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 346030
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Wed, 01 Jun 2022 21:07:59 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 537F 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 17:27:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 359263
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Wed, 01 Jun 2022 17:27:26 GMT

GET
H3-29 200 Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js Show response
pagead2.googlesyndication.com/bg/ Frame 1BC3 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 16:41:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 189228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5751
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jun 2022 16:41:21 GMT

GET
H2 200 oW8X47At
pbs.twimg.com/card_img/1401135598115725313/ Frame 69D1 656 B
828 B 21ms
15ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1401135598115725313/oW8X47At?format=png&name=144x144_2

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6760) /

Resource Hash

876f2ee065832edd52f9458cebcefa0f10e5e48ad3c67c91b82505dc31773859

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 33052
x-cache: HIT
content-length: 656
surrogate-key: card_img card_img/bucket/9 card_img/1401135598115725313
last-modified: Sat, 05 Jun 2021 11:13:33 GMT
server: ECS (frb/6760)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3844d9ac1e2028c6fa534b3651994c6a20a5d90bdaeb33a510f8cf2745025bfb
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Q4vJTYM7
pbs.twimg.com/card_img/1401059973648453636/ Frame 69D1 484 B
664 B 25ms
20ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1401059973648453636/Q4vJTYM7?format=png&name=120x120

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C2) /

Resource Hash

28dd558ddf1d1eafb6f4fd6d163242fe9ae3cb080f135c4cfcc069488e17ccbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 53403
x-cache: MISS
content-length: 484
surrogate-key: card_img card_img/bucket/8 card_img/1401059973648453636
last-modified: Sat, 05 Jun 2021 06:13:02 GMT
server: ECS (frb/67C2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6239d02f9e23dd95f1c41333c2eca68a1836c9b3d6180b951ffd14b938dd33a9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 kj5kvUxp
pbs.twimg.com/card_img/1400969374933032965/ Frame 69D1 2 KB
2 KB 21ms
16ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1400969374933032965/kj5kvUxp?format=png&name=144x144_2

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E0) /

Resource Hash

168b8ba6bda611fa7cb8775ce355dd3577cbc004a500848bc4a4a7732c6bcb8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 33052
x-cache: HIT
content-length: 2161
surrogate-key: card_img card_img/bucket/5 card_img/1400969374933032965
last-modified: Sat, 05 Jun 2021 00:13:02 GMT
server: ECS (frb/67E0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 63250c3a09da75f141710f986b05ba43dbe3741af76425e1f9ad30f002632615
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 R_vDqD3A
pbs.twimg.com/card_img/1400769104978472960/ Frame 69D1 3 KB
3 KB 20ms
15ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1400769104978472960/R_vDqD3A?format=png&name=144x144_2

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C0) /

Resource Hash

5b051d9c6bb1f910593ffec9bb048e5f4a65e3857038b59c1f291e23a880476b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 117452
x-cache: HIT
content-length: 2839
surrogate-key: card_img card_img/bucket/0 card_img/1400769104978472960
last-modified: Fri, 04 Jun 2021 10:57:14 GMT
server: ECS (frb/67C0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c34b0752552480b1bd1315747ee38ccb119fd76a68073ed2fb22dc365a981001
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 V1_pM5W8
pbs.twimg.com/card_img/1400697585241706498/ Frame 69D1 730 B
905 B 20ms
15ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1400697585241706498/V1_pM5W8?format=png&name=100x100_2

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E0) /

Resource Hash

2ec8395ffad0d8a9941691e87f3d9c899fe851e002c7d7700052c9a76ea33b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 140390
x-cache: HIT
content-length: 730
surrogate-key: card_img card_img/bucket/8 card_img/1400697585241706498
last-modified: Fri, 04 Jun 2021 06:13:02 GMT
server: ECS (frb/67E0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 33a3fbf6e88f72f2717575f4a61bb77fef7e764c9c18eaf21d0a870ea1535a47
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 -7oUr8lR
pbs.twimg.com/card_img/1400606987537117187/ Frame 69D1 1 KB
1 KB 13ms
8ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1400606987537117187/-7oUr8lR?format=png&name=120x120

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674B) /

Resource Hash

6dd98af25be0c683cd14fdd096a10bc34af467999f112e18eca29a8f005bef52

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 161743
x-cache: HIT
content-length: 1055
surrogate-key: card_img card_img/bucket/3 card_img/1400606987537117187
last-modified: Fri, 04 Jun 2021 00:13:02 GMT
server: ECS (frb/674B)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 893497022b8bbc570c7f4c3644b2fe812ec48509a33eaf92be18ea3920f75d4b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 vzY8RRxp
pbs.twimg.com/card_img/1400410696001622020/ Frame 69D1 1 KB
1 KB 8ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1400410696001622020/vzY8RRxp?format=png&name=144x144_2

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6738) /

Resource Hash

d4cf17284bef038c637321ed28886634ef44fd716898b99f10b9d3240414bd63

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 208509
x-cache: HIT
content-length: 1290
surrogate-key: card_img card_img/bucket/2 card_img/1400410696001622020
last-modified: Thu, 03 Jun 2021 11:13:02 GMT
server: ECS (frb/6738)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3791a5165290f67cdffe350ca1b49147420099dbb62e767ee5413380a0329ae6
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 TmyC-A_j
pbs.twimg.com/card_img/1400335199544643594/ Frame 69D1 3 KB
3 KB 10ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1400335199544643594/TmyC-A_j?format=png&name=144x144_2

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6776) /

Resource Hash

e2c842314fc027bc9162a65c3ec47af7a0d597516b8993a4e989115b46536b5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 226776
x-cache: HIT
content-length: 2595
surrogate-key: card_img card_img/bucket/3 card_img/1400335199544643594
last-modified: Thu, 03 Jun 2021 06:13:03 GMT
server: ECS (frb/6776)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2478aa90c73b99f6229bb6d027e092a6de6a596760e9a5b491589b0a4cc0e308
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FSRrv4MC
pbs.twimg.com/card_img/1400248731501400064/ Frame 69D1 2 KB
2 KB 18ms
16ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1400248731501400064/FSRrv4MC?format=png&name=144x144_2

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) /

Resource Hash

e239158d0ead9e7729ad9e49ef95fe059978ba5a5392eae0d7a7678a56424966

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 136802
x-cache: MISS
content-length: 2040
surrogate-key: card_img card_img/bucket/0 card_img/1400248731501400064
last-modified: Thu, 03 Jun 2021 00:29:27 GMT
server: ECS (frb/6752)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9df9101fa2228317a07b5af8d5f88bbcd222e0c40dbc3e0d183d53dd30da3341
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 UIC0oCpP
pbs.twimg.com/card_img/1400244602448203778/ Frame 69D1 836 B
1010 B 18ms
16ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1400244602448203778/UIC0oCpP?format=png&name=120x120

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D3) /

Resource Hash

d79c7106d4bf371f7a9ffb8c168af18b6a55524d4dfddb7f253854a2cffd197c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 136802
x-cache: MISS
content-length: 836
surrogate-key: card_img card_img/bucket/6 card_img/1400244602448203778
last-modified: Thu, 03 Jun 2021 00:13:03 GMT
server: ECS (frb/67D3)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6d53b7d4fa6ae5d927eb14166cfd7f0e7e55afe34c80bb36294d7fab44e907c8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 v7LdVBWo
pbs.twimg.com/card_img/1400048310010798087/ Frame 69D1 3 KB
3 KB 20ms
19ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1400048310010798087/v7LdVBWo?format=png&name=144x144_2

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BA) /

Resource Hash

d46a39e8134c8eb3d47da141e2c1537a634a06bcb4c079326a1ea032fadc3680

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 136802
x-cache: MISS
content-length: 2747
surrogate-key: card_img card_img/bucket/1 card_img/1400048310010798087
last-modified: Wed, 02 Jun 2021 11:13:03 GMT
server: ECS (frb/67BA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bf3bfafd5b7a8fb5818bff2c08645513c6bc85e4e0976ff1fadb0dcbb988bbab
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 6yGN_Mem
pbs.twimg.com/card_img/1399972812924735490/ Frame 69D1 3 KB
3 KB 17ms
16ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1399972812924735490/6yGN_Mem?format=png&name=144x144_2

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67A7) /

Resource Hash

e2c842314fc027bc9162a65c3ec47af7a0d597516b8993a4e989115b46536b5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 303888
x-cache: MISS
content-length: 2595
surrogate-key: card_img card_img/bucket/0 card_img/1399972812924735490
last-modified: Wed, 02 Jun 2021 06:13:03 GMT
server: ECS (frb/67A7)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ea84a681279e080594c38ecfb2e16f666e253c0ab506bedc65eb788a5c2c7ce4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 czuhpyKR
pbs.twimg.com/card_img/1399882216151261192/ Frame 69D1 670 B
964 B 15ms
15ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1399882216151261192/czuhpyKR?format=png&name=100x100_2

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6772) /

Resource Hash

3b5d04fdae754e053091bdb3088939897c71661a2a00744c66eb42020654150a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 303888
x-cache: MISS
content-length: 670
surrogate-key: card_img card_img/bucket/3 card_img/1399882216151261192
last-modified: Wed, 02 Jun 2021 00:13:03 GMT
server: ECS (frb/6772)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e3ca5e4b4f725f161d84c044b002b30e66eb48940beb836f43c97387c3082eb5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 qR5ClLZD
pbs.twimg.com/card_img/1399752811659763713/ Frame 69D1 3 KB
3 KB 18ms
18ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1399752811659763713/qR5ClLZD?format=png&name=144x144_2

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674D) /

Resource Hash

cdafb913fea1ea22371f212eea06e134484cec858395703fbf6517ed62dc4c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 365334
x-cache: HIT
content-length: 2808
surrogate-key: card_img card_img/bucket/7 card_img/1399752811659763713
last-modified: Tue, 01 Jun 2021 15:38:51 GMT
server: ECS (frb/674D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e9f5edff22734a9c83a4995a8b463f8a40389046c54e4b289c1144e44989f4c6
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 cJA--Lx_
pbs.twimg.com/card_img/1399685920689770498/ Frame 69D1 1 KB
1 KB 21ms
19ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1399685920689770498/cJA--Lx_?format=png&name=144x144_2

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6723) /

Resource Hash

78ddd43c1ca006ff3a7604c57e524e3896f085ddb8a0ea24dbfe6533974380ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 365334
x-cache: MISS
content-length: 1204
surrogate-key: card_img card_img/bucket/0 card_img/1399685920689770498
last-modified: Tue, 01 Jun 2021 11:13:03 GMT
server: ECS (frb/6723)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c1e997ddf0a5c5ec1f26ed8bb597dd33f032f4c73503841847ba9c52972b3109
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 oQQaorqf
pbs.twimg.com/card_img/1399610424593567745/ Frame 69D1 3 KB
3 KB 22ms
20ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1399610424593567745/oQQaorqf?format=png&name=144x144_2

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6795) /

Resource Hash

12151ff2771b49136b59114ff8d89a9ced2fbedfd2a9836ba67e521dd0f0497e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 136802
x-cache: MISS
content-length: 2838
surrogate-key: card_img card_img/bucket/0 card_img/1399610424593567745
last-modified: Tue, 01 Jun 2021 06:13:03 GMT
server: ECS (frb/6795)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c3304b0301926f001a5b03cfab74597ff0623b090fb9bd9114458a1ff190add0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 VowOW93t
pbs.twimg.com/card_img/1399519823932002305/ Frame 69D1 1 KB
1 KB 17ms
16ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1399519823932002305/VowOW93t?format=png&name=144x144_2

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BA) /

Resource Hash

d65533d9cd3df1fc271c69e245050d203952801d1da3bc152cf0ea7a924341d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 389587
x-cache: MISS
content-length: 1283
surrogate-key: card_img card_img/bucket/8 card_img/1399519823932002305
last-modified: Tue, 01 Jun 2021 00:13:02 GMT
server: ECS (frb/67BA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7555320fc3e5ca2af3d3499d692e137fe36af9af137b15037547cd3c5f510727
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 NY4PvNlk
pbs.twimg.com/card_img/1399341456196730885/ Frame 69D1 2 KB
2 KB 18ms
17ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1399341456196730885/NY4PvNlk?format=png&name=144x144_2

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6725) /

Resource Hash

39b70ececda2c29ceb243e428150fe558ec7331e68eebaf741d9870a571c6b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 389587
x-cache: MISS
content-length: 1795
surrogate-key: card_img card_img/bucket/2 card_img/1399341456196730885
last-modified: Mon, 31 May 2021 12:24:16 GMT
server: ECS (frb/6725)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b57ea63e6aa1236d54e77330611de2f9f294132c4154de73dc9796a0057bc8c2
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 8v0qFInw
pbs.twimg.com/card_img/1399323532480319488/ Frame 69D1 1 KB
2 KB 17ms
17ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1399323532480319488/8v0qFInw?format=png&name=144x144_2

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6723) /

Resource Hash

1c6bf886062d5f65dee5b5c02fafafe7e7196e4eedcc4f9f3dc3fe7194512ee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 467733
x-cache: MISS
content-length: 1495
surrogate-key: card_img card_img/bucket/9 card_img/1399323532480319488
last-modified: Mon, 31 May 2021 11:13:02 GMT
server: ECS (frb/6723)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: acc4c77d40c24a43443a25ae60b338c31bab0a9509ad5248d9eebbc19120dc1e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GWx6soa0
pbs.twimg.com/card_img/1399248036363079684/ Frame 69D1 1 KB
1 KB 15ms
15ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1399248036363079684/GWx6soa0?format=png&name=420x420_2

Requested by

Host: wa3.i-3-i.info
URL: https://wa3.i-3-i.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E0) /

Resource Hash

e8dcd38091ff4961913f3e82cc6c611aee7c46644b20510b6487abbc76c3587c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 483053
x-cache: HIT
content-length: 1292
surrogate-key: card_img card_img/bucket/3 card_img/1399248036363079684
last-modified: Mon, 31 May 2021 06:13:03 GMT
server: ECS (frb/67E0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ea42e780be0915a961a20d1ee545619a510a26fa04cf4dd2fd853aa085b5ef91
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 27ms
25ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210601&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82362fe18828738419ea1b96bfef3c3875179d6146739540edf808cb2829f6fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Jun 2021 21:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7670
x-xss-protection: 0

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ Frame 69D1 53 KB
12 KB 7ms
6ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 05 Jun 2021 21:15:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:38 GMT
Server: ECS (frb/673A)
Age: 178024
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ 9 KB
9 KB 7ms
7ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 05 Jun 2021 21:15:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:38 GMT
Server: ECS (frb/673A)
Age: 178024
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H2 200 -7oUr8lR
pbs.twimg.com/card_img/1400606987537117187/ Frame 69D1 1 KB
1 KB 8ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1400606987537117187/-7oUr8lR?format=png&name=120x120

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.bcb1cafa923482f4826e32741fe16a98.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674B) /

Resource Hash

6dd98af25be0c683cd14fdd096a10bc34af467999f112e18eca29a8f005bef52

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 161743
x-cache: HIT
content-length: 1055
surrogate-key: card_img card_img/bucket/3 card_img/1400606987537117187
last-modified: Fri, 04 Jun 2021 00:13:02 GMT
server: ECS (frb/674B)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 893497022b8bbc570c7f4c3644b2fe812ec48509a33eaf92be18ea3920f75d4b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 47321938a0b0b93ba22d8586fcbd6c76_normal.png
pbs.twimg.com/profile_images/3465667759/ Frame 69D1 7 KB
7 KB 17ms
16ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/3465667759/47321938a0b0b93ba22d8586fcbd6c76_normal.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6796) /

Resource Hash

e593bd55950491aa17804a0a28e9af506ff7ebeda3500c443a79d6d95cab7ddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 422411
x-cache: MISS
content-length: 7190
surrogate-key: profile_images profile_images/bucket/6 profile_images/3465667759
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
server: ECS (frb/6796)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: cb55a020766d724f5183573c2d381db78afc9c36a7efb1b51aa8285cd4f46125
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 05 Jun 2021 21:15:09 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 69D1 44 KB
7 KB 31ms
8ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269259
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 11
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 7845ef1052c71dd36c28776f1b574c1e22a3bede2f70c1754419d26be32a3561
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Sat, 12 Jun 2021 21:15:09 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 34ms
12ms Image
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269259
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 11
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 7845ef1052c71dd36c28776f1b574c1e22a3bede2f70c1754419d26be32a3561
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Sat, 12 Jun 2021 21:15:09 GMT

GET
DATA 200
OK truncated
/ Frame 69D1 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 69D1 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 69D1 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 69D1 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame DC6F 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wa3.i-3-i.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wa3.i-3-i.info/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 05 Jun 2021 20:50:33 GMT
expires: Sun, 05 Jun 2022 20:50:33 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1476
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 895F 783 B
530 B 16ms
16ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4a222248245816ecac20fc48361ce936b1a9ca2554d73d82527de65f8548cd9d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dEdwzUasn5SdcQ2R8Xmoqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wa3.i-3-i.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wa3.i-3-i.info/

Response headers

expires: Sat, 05 Jun 2021 21:15:09 GMT
date: Sat, 05 Jun 2021 21:15:09 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-dEdwzUasn5SdcQ2R8Xmoqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js Show response
pagead2.googlesyndication.com/bg/ Frame DC6F 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 16:41:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 189228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5751
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jun 2022 16:41:21 GMT

GET
H2 200 oW8X47At
pbs.twimg.com/card_img/1401135598115725313/ Frame 69D1 656 B
948 B 15ms
14ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1401135598115725313/oW8X47At?format=png&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6760) /

Resource Hash

876f2ee065832edd52f9458cebcefa0f10e5e48ad3c67c91b82505dc31773859

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 33052
x-cache: MISS
content-length: 656
surrogate-key: card_img card_img/bucket/9 card_img/1401135598115725313
last-modified: Sat, 05 Jun 2021 11:13:33 GMT
server: ECS (frb/6760)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3844d9ac1e2028c6fa534b3651994c6a20a5d90bdaeb33a510f8cf2745025bfb
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Q4vJTYM7
pbs.twimg.com/card_img/1401059973648453636/ Frame 69D1 484 B
658 B 7ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1401059973648453636/Q4vJTYM7?format=png&name=120x120

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C2) /

Resource Hash

28dd558ddf1d1eafb6f4fd6d163242fe9ae3cb080f135c4cfcc069488e17ccbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 53403
x-cache: HIT
content-length: 484
surrogate-key: card_img card_img/bucket/8 card_img/1401059973648453636
last-modified: Sat, 05 Jun 2021 06:13:02 GMT
server: ECS (frb/67C2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6239d02f9e23dd95f1c41333c2eca68a1836c9b3d6180b951ffd14b938dd33a9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 kj5kvUxp
pbs.twimg.com/card_img/1400969374933032965/ Frame 69D1 2 KB
2 KB 15ms
14ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1400969374933032965/kj5kvUxp?format=png&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E0) /

Resource Hash

168b8ba6bda611fa7cb8775ce355dd3577cbc004a500848bc4a4a7732c6bcb8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 33052
x-cache: MISS
content-length: 2161
surrogate-key: card_img card_img/bucket/5 card_img/1400969374933032965
last-modified: Sat, 05 Jun 2021 00:13:02 GMT
server: ECS (frb/67E0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 63250c3a09da75f141710f986b05ba43dbe3741af76425e1f9ad30f002632615
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 R_vDqD3A
pbs.twimg.com/card_img/1400769104978472960/ Frame 69D1 3 KB
3 KB 16ms
16ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1400769104978472960/R_vDqD3A?format=png&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C0) /

Resource Hash

5b051d9c6bb1f910593ffec9bb048e5f4a65e3857038b59c1f291e23a880476b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 117452
x-cache: MISS
content-length: 2839
surrogate-key: card_img card_img/bucket/0 card_img/1400769104978472960
last-modified: Fri, 04 Jun 2021 10:57:14 GMT
server: ECS (frb/67C0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c34b0752552480b1bd1315747ee38ccb119fd76a68073ed2fb22dc365a981001
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210601&jk=3686528729577729&bg=!YWKlYibNAAY6sG-_OrA7ACkAdvg8Wv9bI2h_6coMQuw32ty4OQmoiB7YCWUSi0FOL2-4HYGCndGyOQIAAABJUgAAAAxoAQcKAQuAVzyyFzzAMuIAvZ2DB6JdOf2mgNXvWHTcwCjcMRv8w5xATzbDiVIZSXvMCxFWF_oCJZZLfxZWZaL9UO89U1QkGQMYKntK1Df0cagVNcWO7KNg3ZfHnbRWQjo9N-jPoJW6CK6Dla9xBUp9D_l8fcVocl58vG1Lbu6gykVqbjd316fXp7aU6ZqyfMNgb5DicItednPO1PfDgco5z3m7yxpF6gHhutAZaggP4eh48f4AEZhNyozAaPgsdXN3ep9Q6xLUWEO8XuYP9zW0IZ4XrsstFnqjGlX7Ec6Iild1b5GFDaCpBDVnpI2Uf2wth2biQ6k6M2r41LEtYHq5uxVCE-puHu0mmGwrP1PscCiZAjOgoaA8Qy-72CElGo7OFEbs_k4nKqlofTOVT-Z6vGGOlVlF8R-4h_ZysCWha-x0VxLjx2LQWhhbVuq354wtnPd_SLPcxImzC39Q9Y6ZgsaG0ytql65tgKWRRZoUBrc6mkCUtHuxaFSIoOMUArFL0f4EMZ03KWPL1zODFUXVfHxE651-S9DgF2Cel0XXBkuOYGcVjBV9orILGxQXBmdOwBiChgGC2sHZldZdXl3TgIpPlL0kz1pryzOV41BQqvMe8EVsjMXASbEnMMgXo7jYF7fIxUnJR1qCroYGFRdesnA3Ovn-X8sBNYIW7ewizsgCzf8VHzM4UyGOb3laMxx8NFBzS9UbplSfFLkEy7-A7Ydp4q4CJn3hbjJNdcO1YON-xJmvvU3RvRsPi7sv9sk4V5R7W3QZx0_84qPfNM9dtNxU-KZ8_pMVkrKHz1NMDyZ3M26Wh9hDzQdi600-Yle8C7b3rb9D09e37C9chCFVguvALlZ2BRP6Apg1EJmomajBL2QdhYEtF_MNqb5Owns2yHlvkzZi81XSEdrl1aEWmoywGfkWefziVviH2rtAy5EXYUHH82tAft3uQeXf-D5EbN10N7sQv4eqHWXZs3FMuKWa8qfcgSBvTvQ9Wqzeg1eY-2HNA_kAH_W6C7aYai7cXLGntBB5oULnrSgopseyApJNIJZ7BHojdFNRirMs9u4oM3lIj2JIRGqcF_2VPnPKXhGpbRmgonWw74z_ucfz-3Vd1J31Lw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wa3.i-3-i.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 V1_pM5W8
pbs.twimg.com/card_img/1400697585241706498/ Frame 69D1 730 B
892 B 15ms
15ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1400697585241706498/V1_pM5W8?format=png&name=100x100_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E0) /

Resource Hash

2ec8395ffad0d8a9941691e87f3d9c899fe851e002c7d7700052c9a76ea33b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 140390
x-cache: MISS
content-length: 730
surrogate-key: card_img card_img/bucket/8 card_img/1400697585241706498
last-modified: Fri, 04 Jun 2021 06:13:02 GMT
server: ECS (frb/67E0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 33a3fbf6e88f72f2717575f4a61bb77fef7e764c9c18eaf21d0a870ea1535a47
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 -7oUr8lR
pbs.twimg.com/card_img/1400606987537117187/ Frame 69D1 1 KB
1 KB 6ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1400606987537117187/-7oUr8lR?format=png&name=120x120

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674B) /

Resource Hash

6dd98af25be0c683cd14fdd096a10bc34af467999f112e18eca29a8f005bef52

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 161743
x-cache: HIT
content-length: 1055
surrogate-key: card_img card_img/bucket/3 card_img/1400606987537117187
last-modified: Fri, 04 Jun 2021 00:13:02 GMT
server: ECS (frb/674B)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 893497022b8bbc570c7f4c3644b2fe812ec48509a33eaf92be18ea3920f75d4b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 vzY8RRxp
pbs.twimg.com/card_img/1400410696001622020/ Frame 69D1 1 KB
1 KB 7ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1400410696001622020/vzY8RRxp?format=png&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6738) /

Resource Hash

d4cf17284bef038c637321ed28886634ef44fd716898b99f10b9d3240414bd63

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 208509
x-cache: HIT
content-length: 1290
surrogate-key: card_img card_img/bucket/2 card_img/1400410696001622020
last-modified: Thu, 03 Jun 2021 11:13:02 GMT
server: ECS (frb/6738)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3791a5165290f67cdffe350ca1b49147420099dbb62e767ee5413380a0329ae6
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 TmyC-A_j
pbs.twimg.com/card_img/1400335199544643594/ Frame 69D1 3 KB
3 KB 6ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1400335199544643594/TmyC-A_j?format=png&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6776) /

Resource Hash

e2c842314fc027bc9162a65c3ec47af7a0d597516b8993a4e989115b46536b5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 226776
x-cache: HIT
content-length: 2595
surrogate-key: card_img card_img/bucket/3 card_img/1400335199544643594
last-modified: Thu, 03 Jun 2021 06:13:03 GMT
server: ECS (frb/6776)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2478aa90c73b99f6229bb6d027e092a6de6a596760e9a5b491589b0a4cc0e308
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FSRrv4MC
pbs.twimg.com/card_img/1400248731501400064/ Frame 69D1 2 KB
2 KB 6ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1400248731501400064/FSRrv4MC?format=png&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) /

Resource Hash

e239158d0ead9e7729ad9e49ef95fe059978ba5a5392eae0d7a7678a56424966

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 136802
x-cache: HIT
content-length: 2040
surrogate-key: card_img card_img/bucket/0 card_img/1400248731501400064
last-modified: Thu, 03 Jun 2021 00:29:27 GMT
server: ECS (frb/6752)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9df9101fa2228317a07b5af8d5f88bbcd222e0c40dbc3e0d183d53dd30da3341
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 UIC0oCpP
pbs.twimg.com/card_img/1400244602448203778/ Frame 69D1 836 B
1010 B 7ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1400244602448203778/UIC0oCpP?format=png&name=120x120

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D3) /

Resource Hash

d79c7106d4bf371f7a9ffb8c168af18b6a55524d4dfddb7f253854a2cffd197c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 136802
x-cache: HIT
content-length: 836
surrogate-key: card_img card_img/bucket/6 card_img/1400244602448203778
last-modified: Thu, 03 Jun 2021 00:13:03 GMT
server: ECS (frb/67D3)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6d53b7d4fa6ae5d927eb14166cfd7f0e7e55afe34c80bb36294d7fab44e907c8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 v7LdVBWo
pbs.twimg.com/card_img/1400048310010798087/ Frame 69D1 3 KB
3 KB 6ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1400048310010798087/v7LdVBWo?format=png&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BA) /

Resource Hash

d46a39e8134c8eb3d47da141e2c1537a634a06bcb4c079326a1ea032fadc3680

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 136802
x-cache: HIT
content-length: 2747
surrogate-key: card_img card_img/bucket/1 card_img/1400048310010798087
last-modified: Wed, 02 Jun 2021 11:13:03 GMT
server: ECS (frb/67BA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bf3bfafd5b7a8fb5818bff2c08645513c6bc85e4e0976ff1fadb0dcbb988bbab
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 6yGN_Mem
pbs.twimg.com/card_img/1399972812924735490/ Frame 69D1 3 KB
3 KB 7ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1399972812924735490/6yGN_Mem?format=png&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67A7) /

Resource Hash

e2c842314fc027bc9162a65c3ec47af7a0d597516b8993a4e989115b46536b5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:09 GMT
x-content-type-options: nosniff
age: 303888
x-cache: HIT
content-length: 2595
surrogate-key: card_img card_img/bucket/0 card_img/1399972812924735490
last-modified: Wed, 02 Jun 2021 06:13:03 GMT
server: ECS (frb/67A7)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ea84a681279e080594c38ecfb2e16f666e253c0ab506bedc65eb788a5c2c7ce4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 czuhpyKR
pbs.twimg.com/card_img/1399882216151261192/ Frame 69D1 670 B
987 B 7ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1399882216151261192/czuhpyKR?format=png&name=100x100_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6772) /

Resource Hash

3b5d04fdae754e053091bdb3088939897c71661a2a00744c66eb42020654150a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:10 GMT
x-content-type-options: nosniff
age: 303889
x-cache: HIT
content-length: 670
surrogate-key: card_img card_img/bucket/3 card_img/1399882216151261192
last-modified: Wed, 02 Jun 2021 00:13:03 GMT
server: ECS (frb/6772)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e3ca5e4b4f725f161d84c044b002b30e66eb48940beb836f43c97387c3082eb5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 qR5ClLZD
pbs.twimg.com/card_img/1399752811659763713/ Frame 69D1 3 KB
3 KB 15ms
14ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1399752811659763713/qR5ClLZD?format=png&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674D) /

Resource Hash

cdafb913fea1ea22371f212eea06e134484cec858395703fbf6517ed62dc4c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:10 GMT
x-content-type-options: nosniff
age: 365335
x-cache: MISS
content-length: 2808
surrogate-key: card_img card_img/bucket/7 card_img/1399752811659763713
last-modified: Tue, 01 Jun 2021 15:38:51 GMT
server: ECS (frb/674D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e9f5edff22734a9c83a4995a8b463f8a40389046c54e4b289c1144e44989f4c6
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 cJA--Lx_
pbs.twimg.com/card_img/1399685920689770498/ Frame 69D1 1 KB
1 KB 6ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1399685920689770498/cJA--Lx_?format=png&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6723) /

Resource Hash

78ddd43c1ca006ff3a7604c57e524e3896f085ddb8a0ea24dbfe6533974380ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:10 GMT
x-content-type-options: nosniff
age: 365335
x-cache: HIT
content-length: 1204
surrogate-key: card_img card_img/bucket/0 card_img/1399685920689770498
last-modified: Tue, 01 Jun 2021 11:13:03 GMT
server: ECS (frb/6723)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c1e997ddf0a5c5ec1f26ed8bb597dd33f032f4c73503841847ba9c52972b3109
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 oQQaorqf
pbs.twimg.com/card_img/1399610424593567745/ Frame 69D1 3 KB
3 KB 6ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1399610424593567745/oQQaorqf?format=png&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6795) /

Resource Hash

12151ff2771b49136b59114ff8d89a9ced2fbedfd2a9836ba67e521dd0f0497e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:10 GMT
x-content-type-options: nosniff
age: 136803
x-cache: HIT
content-length: 2838
surrogate-key: card_img card_img/bucket/0 card_img/1399610424593567745
last-modified: Tue, 01 Jun 2021 06:13:03 GMT
server: ECS (frb/6795)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c3304b0301926f001a5b03cfab74597ff0623b090fb9bd9114458a1ff190add0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 VowOW93t
pbs.twimg.com/card_img/1399519823932002305/ Frame 69D1 1 KB
1 KB 7ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1399519823932002305/VowOW93t?format=png&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BA) /

Resource Hash

d65533d9cd3df1fc271c69e245050d203952801d1da3bc152cf0ea7a924341d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:10 GMT
x-content-type-options: nosniff
age: 389588
x-cache: HIT
content-length: 1283
surrogate-key: card_img card_img/bucket/8 card_img/1399519823932002305
last-modified: Tue, 01 Jun 2021 00:13:02 GMT
server: ECS (frb/67BA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7555320fc3e5ca2af3d3499d692e137fe36af9af137b15037547cd3c5f510727
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 NY4PvNlk
pbs.twimg.com/card_img/1399341456196730885/ Frame 69D1 2 KB
2 KB 6ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1399341456196730885/NY4PvNlk?format=png&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6725) /

Resource Hash

39b70ececda2c29ceb243e428150fe558ec7331e68eebaf741d9870a571c6b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:10 GMT
x-content-type-options: nosniff
age: 389588
x-cache: HIT
content-length: 1795
surrogate-key: card_img card_img/bucket/2 card_img/1399341456196730885
last-modified: Mon, 31 May 2021 12:24:16 GMT
server: ECS (frb/6725)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b57ea63e6aa1236d54e77330611de2f9f294132c4154de73dc9796a0057bc8c2
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 8v0qFInw
pbs.twimg.com/card_img/1399323532480319488/ Frame 69D1 1 KB
2 KB 6ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1399323532480319488/8v0qFInw?format=png&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6723) /

Resource Hash

1c6bf886062d5f65dee5b5c02fafafe7e7196e4eedcc4f9f3dc3fe7194512ee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:10 GMT
x-content-type-options: nosniff
age: 467734
x-cache: HIT
content-length: 1495
surrogate-key: card_img card_img/bucket/9 card_img/1399323532480319488
last-modified: Mon, 31 May 2021 11:13:02 GMT
server: ECS (frb/6723)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: acc4c77d40c24a43443a25ae60b338c31bab0a9509ad5248d9eebbc19120dc1e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GWx6soa0
pbs.twimg.com/card_img/1399248036363079684/ Frame 69D1 1 KB
1 KB 20ms
20ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1399248036363079684/GWx6soa0?format=png&name=420x420_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E0) /

Resource Hash

e8dcd38091ff4961913f3e82cc6c611aee7c46644b20510b6487abbc76c3587c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 21:15:10 GMT
x-content-type-options: nosniff
age: 483054
x-cache: MISS
content-length: 1292
surrogate-key: card_img card_img/bucket/3 card_img/1399248036363079684
last-modified: Mon, 31 May 2021 06:13:03 GMT
server: ECS (frb/67E0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ea42e780be0915a961a20d1ee545619a510a26fa04cf4dd2fd853aa085b5ef91
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6204 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0Gvexp9ODh6_N8VA-lGyBkiJLWNPMuY106ycZuRl90IVNelULH6Haw6S8hSypsxbWG-mdTJr1_sD66ZfK-NRcfqRXZQncXdE32mTKfYPDwincMVuJCz4OsyO7rA&sai=AMfl-YS1Kd8j8szuE3XpLdKgJu7xUuAotCovpweNLpiMnqXCt8nLpBzsLiYKMcG-yAGaW7NULnkoI2Q5cFmY&sig=Cg0ArKJSzAqWIYLNbLYIEAE&id=lidar2&mcvt=1000&p=285,1275,485,1475&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210604&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1922258158&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622927708820&dlt=255&rpt=22&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Jun 2021 21:15:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 537F 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1C9nsKYvfrNj9gYL1IouX6LdFRv9ov97zs1rsaoMfGrFrEC5_sVoD9UbhPK1DivKAnfX4bFQpvHDyb7I13SkSsmAe8m0ihUBlABT8sKHr_p_cgJoVdq8mhr8nug&sai=AMfl-YSddtNX_RdKhbANZr_cOqSg-5zzw1Xc_s1M2ZXyG0wxWhyIxAq2EKFGEgLX5DE4Zx0ESlZIQqgAS_s3&sig=Cg0ArKJSzPI-uohEXkBOEAE&id=lidar2&mcvt=1001&p=943,50,1033,778&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210604&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3078375792&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622927708804&dlt=671&rpt=39&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Jun 2021 21:15:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame 4111
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
571 B

6ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6731) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://wa3.i-3-i.info
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 178028
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 05 Jun 2021 21:15:11 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6731)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Sat, 05 Jun 2021 21:15:11 GMT
pragma: no-cache
server: tsa_o
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Sat, 05 Jun 2021 21:15:11 GMT
x-transaction: 8d35b3b43bda6da7
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-connection-hash: bfbea85367645e1f573a9ae26f8375ac9d50a20e6c7c51e6bbd53ed11324c1ce

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 04:10:23	Name: IDE Value: AHWqTUkjLBDNxNLRqwAv0923mZqzeG1EYteJ8EMZEuWNhndDPrD_lmrcrJf4ZpGm
.i-3-i.info/	1970-01-20 04:10:23	Name: __gads Value: ID=b4adc19904d99711-22238641c1c80065:T=1622927708:RT=1622927708:S=ALNI_MYHWnYfgWo3fdsdB4t3gHnEoSekrA
.wa3.i-3-i.info/	1970-01-19 18:48:49	Name: __utmb Value: 28307514.1.10.1622927709
.wa3.i-3-i.info/	1969-12-31 23:59:59	Name: __utmc Value: 28307514
.wa3.i-3-i.info/	1970-01-19 18:48:48	Name: __utmt Value: 1
.doubleclick.net/	1970-01-19 18:48:48	Name: test_cookie Value: CheckForPermission
.wa3.i-3-i.info/	1970-01-19 23:11:35	Name: __utmz Value: 28307514.1622927709.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.wa3.i-3-i.info/	1970-01-20 12:19:59	Name: __utma Value: 28307514.1160375586.1622927709.1622927709.1622927709.1
.doubleclick.net/	1970-01-19 18:48:51	Name: DSID Value: NO_DATA
wa3.i-3-i.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1sbrav5g8b6m8v4maviduamk25

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://platform.twitter.com/widgets.js(Line 1) Message: You may have been affected by an update to settings in embedded timelines. See https://twittercommunity.com/t/deprecating-widget-settings/102295. [object HTMLAnchorElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
b.hatena.ne.jp
b.st-hatena.com
cdn.syndication.twimg.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ir-jp.amazon-adsystem.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
platform.twitter.com
ssl.google-analytics.com
syndication.twitter.com
ton.twimg.com
tpc.googlesyndication.com
wa3.i-3-i.info
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.244.42.200
142.250.185.130
153.122.24.136
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2004
2a00:1450:4001:827::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
52.119.164.182
52.84.109.5
52.84.109.54
017ab50e32d600b87223ee7673a48ba88e5cf1381a42c9e82265349de38ef382
027fd441c941232a67b9b011320869e9901b1530671b7e7e140e2008efc2a494
09e4e1316c303225a0daa689f69c30ecc66fb1183151ac5192a8db8d2fdbf2ee
0d5f76008f1784b20b99d51741b2f8b8bbee28d5f2950ca2cf4226b6d61b1344
0fda122942f39c62ebd2d1ac9de0cf6c6e4cefefb31eb86e39777f46c7ed5064
12151ff2771b49136b59114ff8d89a9ced2fbedfd2a9836ba67e521dd0f0497e
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
168b8ba6bda611fa7cb8775ce355dd3577cbc004a500848bc4a4a7732c6bcb8d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
182161257f38352a359c41d40589b78e752f247c37a764a9c342e542ad431b62
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1c6bf886062d5f65dee5b5c02fafafe7e7196e4eedcc4f9f3dc3fe7194512ee4
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1d1082e42c003ab7e7771470e161dd7ff6a8420b541c0a08fb4ffc11971d14ce
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
20963896f6188f7763c0cb7446c379c0a1426d2ad7cd79962758041896f6691f
251283aeee079f4a9e5527b8ca613be54c4b36d755a1a44a99a7c9aa073613a8
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c
28dd558ddf1d1eafb6f4fd6d163242fe9ae3cb080f135c4cfcc069488e17ccbb
2ec8395ffad0d8a9941691e87f3d9c899fe851e002c7d7700052c9a76ea33b96
39b70ececda2c29ceb243e428150fe558ec7331e68eebaf741d9870a571c6b58
3b5d04fdae754e053091bdb3088939897c71661a2a00744c66eb42020654150a
41f9953ee82424a04cb0d8de2040ddc37255452d88b6ae78253dcb1f77c17a3d
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
436a7eafe34206f02d1e10571dc5295807ab6922b67ef4eb85bf4fd4341eb489
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4a222248245816ecac20fc48361ce936b1a9ca2554d73d82527de65f8548cd9d
4d7bc2e5c2959435469986ff3eb98d158edf428ed8eeccb0e8ffe31d3336c9ac
5197134265816a7fc5bf360b151eccef4b22bad4b875f4314970860a2e1f2127
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5a06800ad719e1f1b46691ded5a5577666d2fc30f950b0ba544352ede4e25de7
5b051d9c6bb1f910593ffec9bb048e5f4a65e3857038b59c1f291e23a880476b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
61403f586e03ca26a4920ac368ecf4973ad46def79a1b46532f6bfc3d5573125
630fa1590973f3a94c271d4e2c3bf7c9d6cf2a8848cbac246f7fc6f671adcf0d
641b43cddbf1994b90ec8253cbc9dd0fd4cb054ec81a08747d3aae37a633b19a
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6dd98af25be0c683cd14fdd096a10bc34af467999f112e18eca29a8f005bef52
6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971
6f7bd94297942bbe5ef157e093ef8affb2e6cd88a1be849382bf1cda2bca7950
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7564661322d3aec7eed3fa1a5f8279d9c71661c31434bcacb441d9141cc38121
785f85e3b98dd4601615667136fa5804b9bf4d5c93b015f2106552b6dfcd7881
78ddd43c1ca006ff3a7604c57e524e3896f085ddb8a0ea24dbfe6533974380ee
7e70eb359aa0a418f971d0c95f3af1a007568ae7a4edf317af93e5abaa6c75c0
817fa66f1a0052fb86e750dd12ff8eb5bbebd01572ebc18b81d48119ab0b0893
82362fe18828738419ea1b96bfef3c3875179d6146739540edf808cb2829f6fd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85c37ef6721ca9bbfd2b115b84e6337980f53c6918dda73ad49a7247c10ac793
876f2ee065832edd52f9458cebcefa0f10e5e48ad3c67c91b82505dc31773859
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
92513056d274913dbb1396758512a831132771571f18f5cbd40081db7ea47468
9470ac0dc62dd28d6aaf45b643a4eb48d4d10b50afb95bbc99c8d363df2294a8
989a73eb9e9faa5bcf87eb500ba218549b0b1ef37dc53d9ac948b33010bd78da
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5069082fd23bba93317d61fd6da244d6a85f60e68af7dcb9b0a43284f1d835a
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
add9fa610be12aa96d038e98491bbe9e6b2eaf184b963bddc55ce147494ff799
ae017a6bb914eee4dfa8428c41ece4e86148916399c1785868d5fbdab55f041e
af80c5f740d87f23a4dfba032163da333d0726400e3e466498ec6db371cccbeb
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
cdafb913fea1ea22371f212eea06e134484cec858395703fbf6517ed62dc4c53
d3ee11728947d127e1054ce25bf6dd3865d4f5ce96c324a91596475808831053
d46a39e8134c8eb3d47da141e2c1537a634a06bcb4c079326a1ea032fadc3680
d4cf17284bef038c637321ed28886634ef44fd716898b99f10b9d3240414bd63
d5b9735a8e6fd4ac2e65ac8b12e5fa710164ddfdffaca4245c41b7049c621dfc
d65533d9cd3df1fc271c69e245050d203952801d1da3bc152cf0ea7a924341d9
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d79c7106d4bf371f7a9ffb8c168af18b6a55524d4dfddb7f253854a2cffd197c
d9de83c923a234e8b164d2351ed47b456ec3417785b5fc33b4827f071f51f05f
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88
e239158d0ead9e7729ad9e49ef95fe059978ba5a5392eae0d7a7678a56424966
e2c842314fc027bc9162a65c3ec47af7a0d597516b8993a4e989115b46536b5c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e593bd55950491aa17804a0a28e9af506ff7ebeda3500c443a79d6d95cab7ddd
e6deab93ae202482c73676e54f020aa81eb2be2ce75ec8a62bf2394d0176f93a
e842e8cec916e19f42d86fa17acc4b3f41d72b351ea66f5cc7dfc6b891f2144f
e8dcd38091ff4961913f3e82cc6c611aee7c46644b20510b6487abbc76c3587c
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f2f038e14b14aa55b9254f4ecdd0bb37dd2aca920052ca0df5c3e012779ab71f
f4a0fa6c25afb30bb07f09a910772a38563cb52a7ca1a6fd7ec61b807d574b19
f5533dc1e890e99b74930d8f462d013ad2aeff9a6fb7f673ce6eba3deb107ae7
fc135bb8a19ca17431b86416a5f54fe9abd6fa4f7d31c89c426d05dcfb0abc23

wa3.i-3-i.info Open in urlscan Pro 153.122.24.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

139 Requests

100 %HTTPS

73 %IPv6

17 Domains

24 Subdomains

23 IPs

4 Countries

1332 kBTransfer

3099 kBSize

10 Cookies

0 Outgoing links

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wa3.i-3-i.info Open in urlscan Pro
153.122.24.136 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

100 %
HTTPS

73 %
IPv6

17
Domains

24
Subdomains

23
IPs

4
Countries

1332 kB
Transfer

3099 kB
Size

10
Cookies

139 HTTP transactions
9 data transactions