urlscan.io logo urlscan.io
SecurityTrails logo

roundup33srcj938.werite.net Open in urlscan Pro
157.245.145.14  Public Scan

Go To Rescan Add Verdict Report
URL: https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%...
Submission: On February 06 via manual from CA — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 8 domains to perform 45 HTTP transactions. The main IP is 157.245.145.14, located in Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is roundup33srcj938.werite.net.
TLS certificate: Issued by R3 on December 5th 2022. Valid for: 3 months.
This is the only time roundup33srcj938.werite.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 157.245.145.14 14061 (DIGITALOC...)
1 151.101.193.16 54113 (FASTLY)
6 142.250.180.194 15169 (GOOGLE)
9 172.217.16.129 15169 (GOOGLE)
1 172.217.18.10 15169 (GOOGLE)
2 142.250.186.170 15169 (GOOGLE)
1 1 142.250.185.164 15169 (GOOGLE)
2 173.194.196.120 15169 (GOOGLE)
2 142.250.201.195 15169 (GOOGLE)
4 142.251.208.162 15169 (GOOGLE)
1 142.250.27.157 15169 (GOOGLE)
1 1 142.250.186.78 15169 (GOOGLE)
2 173.194.10.199 15169 (GOOGLE)
45 12
15    157.245.145.14 (Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
roundup33srcj938.werite.net
1    151.101.193.16 (United States)

ASN54113 (FASTLY, US)
m.media-amazon.com
6    142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net
googleads.g.doubleclick.net
9    172.217.16.129 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f129.1e100.net
tpc.googlesyndication.com
1    172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f10.1e100.net
fonts.googleapis.com
2    142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net
imasdk.googleapis.com
1    142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net
www.google.com
2    173.194.196.120 (United States)

ASN15169 (GOOGLE, US)
PTR: ix-in-f120.1e100.net
csi.gstatic.com
2    142.250.201.195 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f3.1e100.net
fonts.gstatic.com
4    142.251.208.162 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f2.1e100.net
pagead2.googlesyndication.com
1    142.250.27.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ra-in-f157.1e100.net
bid.g.doubleclick.net
1    142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net
gcdn.2mdn.net
2    173.194.10.199 (United States)

ASN15169 (GOOGLE, US)
PTR: waw07s11-in-f7.1e100.net
r2---sn-f5f7knee.c.2mdn.net
Apex Domain
Subdomains		 Transfer
15 werite.net
roundup33srcj938.werite.net
515 KB
13 googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
181 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
bid.g.doubleclick.net — Cisco Umbrella Rank: 706
71 KB
4 gstatic.com
csi.gstatic.com
fonts.gstatic.com
32 KB
3 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1135
r2---sn-f5f7knee.c.2mdn.net — Cisco Umbrella Rank: 816322
943 B
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
imasdk.googleapis.com — Cisco Umbrella Rank: 432
137 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
256 B
1 media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 542
30 KB
45 8
Domain Requested by
15 roundup33srcj938.werite.net roundup33srcj938.werite.net
9 tpc.googlesyndication.com googleads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
6 googleads.g.doubleclick.net roundup33srcj938.werite.net
googleads.g.doubleclick.net
4 pagead2.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
roundup33srcj938.werite.net
2 r2---sn-f5f7knee.c.2mdn.net roundup33srcj938.werite.net
2 fonts.gstatic.com fonts.googleapis.com
2 csi.gstatic.com imasdk.googleapis.com
2 imasdk.googleapis.com googleads.g.doubleclick.net
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 www.google.com 1 redirects
1 fonts.googleapis.com googleads.g.doubleclick.net
1 m.media-amazon.com roundup33srcj938.werite.net
45 13
Subject Issuer Validity Valid
werite.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
images-na.ssl-images-amazon.com
DigiCert Global CA G2		 2022-10-19 -
2023-10-18		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-01-24 -
2023-04-04		 2 months crt.sh

This page contains 6 frames:

Primary Page: https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
Frame ID: 92EA52EEB7E0A3EF423432E75B1513EC
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5648379146522997&output=html&h=280&adk=3372409171&adf=201630184&pi=t.aa~a.3544136065~i.51~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672032564&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5103042665&ad_type=text_image&format=750x280&url=https%3A%2F%2Ftatsuharug.com%2Fround-up&fwr=0&pra=3&rh=188&rw=749&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.&dt=1672032535722&bpp=2&bdt=1973&idt=2&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2f09d5b5daaaa087-22f64e3b67da0068%3AT%3D1672032534%3ART%3D1672032534%3AS%3DALNI_MaGIl6Cq6Sp-ukwYbiWE8cDHp1joA&gpic=UID%3D00000b984cbd19cb%3AT%3D1672032534%3ART%3D1672032534%3AS%3DALNI_MbClm3fyG-8XAHJUaPMSA-Kdqkn-g&prev_fmts=0x0%2C750x280%2C280x600%2C1519x688%2C728x90&nras=5&correlator=6108592053548&frm=20&pv=1&ga_vid=776964119.1672032535&ga_sid=1672032535&ga_hid=2009459205&ga_fc=1&u_tz=120&u_his=2&u_h=864&u_w=1536&u_ah=816&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=190&ady=4699&biw=1519&bih=688&scr_x=0&scr_y=1959&eid=44759875%2C44759926%2C44759837%2C31071220%2C44779793%2C44773747%2C44780792&oid=2&psts=ACgb8tvC3UnOhvCiTp-lEIPG-DVeGwbIi4ZV6cuU_DJrYi9COU0yISvwe8qVbO1UsRRiM_NC7Xiyba_ggHyo-t2NfA%2CACgb8tsiucU84mfaUBcWGC8h4AOjyqyP-A-d99RGcY6h1vtbqndJ20zNWQwUB0assclniJtuN5e6BIFmlvigT6KP0Q&pvsid=1740711884905397&tmod=679648909&uas=3&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C816%2C1536%2C688&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=p41xte2zVY&p=https%3A//tatsuharug.com&dtd=29050
Frame ID: DF602571F50C68C82717652E78107B14
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5648379146522997&output=html&h=280&adk=3372409171&adf=1553790600&pi=t.aa~a.3544136065~i.81~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672032566&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5103042665&ad_type=text_image&format=750x280&url=https%3A%2F%2Ftatsuharug.com%2Fround-up&fwr=0&pra=3&rh=188&rw=749&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.%20%3Ca%20href=
Frame ID: 35247D39B9AA76F2EB013623551541D3
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8C974A8103C4615A4DC3F272EF996339
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Frame ID: 9577D58D0450ABECE4F9034324B93B31
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: A4C546EC5EB28A3DEC2FB470BE45C027
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

除草剤(ラウンドアップ、グリホサート)の犬猫への影響 - Eskesen Buckley

Detected technologies

Overall confidence: 100%
Detected patterns
  • cufon-yui\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

45
Requests

98 %
HTTPS

0 %
IPv6

8
Domains

13
Subdomains

12
IPs

2
Countries

965 kB
Transfer

3088 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 42
  • https://gcdn.2mdn.net/videoplayback/id/1ac757fe7bc7fd16/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818068022/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/8D6C75913754E68C6F421120A78A91F5DEF51B01.675CEFD0B56232D9A8106A9B1236FB2CE95CC826/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-f5f7knee.c.2mdn.net/videoplayback/id/1ac757fe7bc7fd16/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818068022/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/49F09F2BAB5D029A46A8D3CDDDDC116ECE7F4111.368148F906C4F07D90650087D0141D7FD6857817/key/cms1/cms_redirect/yes/mh/Vo/mip/176.67.86.63/mm/42/mn/sn-f5f7knee/ms/onc/mt/1675684276/mv/u/mvi/2/pl/24/file/file.mp4

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request %E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81...
roundup33srcj938.werite.net/post/2023/02/06/ 		34 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fd4733e7e027c5f133d7ba443d3557e225185d3b818fec431db1454f68e9432f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Cache-Control
must-revalidate, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
11841
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 Feb 2023 12:15:54 GMT
ETag
"cdee0d5eb0925124df76cf41d6b48769-gzip"
Last-Modified
Mon, 06 Feb 2023 12:12:02 GMT
Link
<https://roundup33srcj938.werite.net/webmention>; rel="webmention"
Pragma
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Pingback
https://roundup33srcj938.werite.net/xmlrpc/roundup33srcj938
screen.css
roundup33srcj938.werite.net/themes/battlestar/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://roundup33srcj938.werite.net/themes/battlestar/screen.css
Requested by
Host: roundup33srcj938.werite.net
URL: https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0e2c6c1cdff899aece03ffb0365421548170c04da115779b11a0b7adf764f90c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 12:15:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 May 2019 09:11:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"e64-58884f1f7cac4-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1427
battlestar.css
roundup33srcj938.werite.net/themes/battlestar/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://roundup33srcj938.werite.net/themes/battlestar/battlestar.css
Requested by
Host: roundup33srcj938.werite.net
URL: https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
802638846ecd81a63876730ad82dbed46b0e3c673108d4dad741d5035fb08853

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 12:15:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 May 2019 09:11:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"2596-58884f1f7ab84-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2282
print.css
roundup33srcj938.werite.net/themes/battlestar/ 		1 KB
969 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://roundup33srcj938.werite.net/themes/battlestar/print.css
Requested by
Host: roundup33srcj938.werite.net
URL: https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
07c45dc5395f6cd0d45f6bfa2674bad171ac1b1e5c9428dae975249b1ecf940d

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 12:15:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 May 2019 09:11:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"51f-58884f1f7cac4-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
666
jquery.js
roundup33srcj938.werite.net/themes/default/js/ 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://roundup33srcj938.werite.net/themes/default/js/jquery.js
Requested by
Host: roundup33srcj938.werite.net
URL: https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f6c6e39d04b10207f787e14967005946a4d569b4fa5978559903ff9237e07e21

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 12:15:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Sep 2018 09:30:46 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"18777-576c2e0837d80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28047
jquery.cookie.js
roundup33srcj938.werite.net/themes/default/js/ 		993 B
786 B 		Script
General
Check archive.org
Download Go to
Full URL
https://roundup33srcj938.werite.net/themes/default/js/jquery.cookie.js
Requested by
Host: roundup33srcj938.werite.net
URL: https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
463b99dfb3fa81d269f7508768da9f4ca229416b1b8e68177a30d0291868f945

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 12:15:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Sep 2018 09:30:45 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"3e1-576c2e0743b40-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
469
jquery-ui.js
roundup33srcj938.werite.net/themes/battlestar/js/ui/ 		188 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://roundup33srcj938.werite.net/themes/battlestar/js/ui/jquery-ui.js
Requested by
Host: roundup33srcj938.werite.net
URL: https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5fef58ecbe63e7f6aa398b55126bd542cac4cc89d7895d24d7fc239a7a362dea

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 12:15:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 May 2019 09:11:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"2f074-58884f1f7cac4-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46298
cufon-yui.js
roundup33srcj938.werite.net/themes/battlestar/js/cufon/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://roundup33srcj938.werite.net/themes/battlestar/js/cufon/cufon-yui.js
Requested by
Host: roundup33srcj938.werite.net
URL: https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4ebaf7e92c6cee1a71d5ab3e289f3ce92f054baf2821fe45815b23244f162ceb

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 12:15:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 May 2019 09:11:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"4733-58884f1f7cac4-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7452
ChaparralPro.js
roundup33srcj938.werite.net/themes/battlestar/js/cufon/ 		1 MB
287 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://roundup33srcj938.werite.net/themes/battlestar/js/cufon/ChaparralPro.js
Requested by
Host: roundup33srcj938.werite.net
URL: https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1c8b00ad1f576ac02e817ab07a030d16185a4001bfc5081f53e0dd8f1fe65a69

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 12:15:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 May 2019 09:11:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"16ca88-58884f1f7cac4-gzip"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
post.js
roundup33srcj938.werite.net/themes/default/js/ 		1 KB
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://roundup33srcj938.werite.net/themes/default/js/post.js
Requested by
Host: roundup33srcj938.werite.net
URL: https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a04cafca60def5d93adf6ec0fef073cb2b04edb09c366010fe8c759417684082

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 12:15:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Sep 2018 09:30:46 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"518-576c2e0837d80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
544
413ZA456KNL.jpg
m.media-amazon.com/images/I/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/413ZA456KNL.jpg
Requested by
Host: roundup33srcj938.werite.net
URL: https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.16 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
542e78d986d4faef070fce18caeedcc1c9f63f33e847749ff1d614049353576b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://roundup33srcj938.werite.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 25 Dec 2042 20:55:42 GMT
date
Mon, 06 Feb 2023 12:15:57 GMT
last-modified
Mon, 20 Aug 2018 03:22:45 GMT
age
3252015
x-cache
HIT from fastly, HIT from fastly
content-type
image/jpeg
access-control-allow-origin
*
x-nginx-cache-status
MISS
cache-control
max-age=630720000,public
x-amz-ir-id
66a49085-3d40-4c00-b9e9-10a4ea61f836
server-timing
provider;desc="fy"
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
content-length
30072
x-served-by
cache-iad-kjyo7100100-IAD, cache-hhn-etou8220080-HHN
background.png
roundup33srcj938.werite.net/themes/battlestar/img/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roundup33srcj938.werite.net/themes/battlestar/img/background.png
Requested by
Host: roundup33srcj938.werite.net
URL: https://roundup33srcj938.werite.net/themes/battlestar/battlestar.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2385c9267d2472325f16a6fcd3d92c547c2c4b5f3fdb772afc84d7d9bf178f40

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://roundup33srcj938.werite.net/themes/battlestar/battlestar.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 12:16:03 GMT
Last-Modified
Fri, 10 May 2019 09:11:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"1cbc3-58884f1f7bb24"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
117699
nav-bg.png
roundup33srcj938.werite.net/themes/battlestar/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roundup33srcj938.werite.net/themes/battlestar/img/nav-bg.png
Requested by
Host: roundup33srcj938.werite.net
URL: https://roundup33srcj938.werite.net/themes/battlestar/battlestar.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
27516b78b738d4900e2f3145e2c1a649b68c193d8556f8bbcf0f02dfcf071afd

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://roundup33srcj938.werite.net/themes/battlestar/battlestar.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 12:16:03 GMT
Last-Modified
Fri, 10 May 2019 09:11:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"c6c-58884f1f7bb24"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3180
top-shadow.png
roundup33srcj938.werite.net/themes/battlestar/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roundup33srcj938.werite.net/themes/battlestar/img/top-shadow.png
Requested by
Host: roundup33srcj938.werite.net
URL: https://roundup33srcj938.werite.net/themes/battlestar/battlestar.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bb1cfe24689ded080b82645bf74ee4f323c95c67c9fc0c0965fd19cc1716339d

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://roundup33srcj938.werite.net/themes/battlestar/battlestar.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 12:16:03 GMT
Last-Modified
Fri, 10 May 2019 09:11:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"afd-58884f1f7bb24"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2813
icon-search.png
roundup33srcj938.werite.net/themes/battlestar/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roundup33srcj938.werite.net/themes/battlestar/img/icon-search.png
Requested by
Host: roundup33srcj938.werite.net
URL: https://roundup33srcj938.werite.net/themes/battlestar/battlestar.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e4dcf46bd07304ee6012707eb18a99e1fa198c4198e2ecaea08cd90ea55b9d96

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://roundup33srcj938.werite.net/themes/battlestar/battlestar.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 12:16:03 GMT
Last-Modified
Fri, 10 May 2019 09:11:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"bbc-58884f1f7bb24"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3004
ads
googleads.g.doubleclick.net/pagead/ Frame DF60 		72 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5648379146522997&output=html&h=280&adk=3372409171&adf=201630184&pi=t.aa~a.3544136065~i.51~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672032564&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5103042665&ad_type=text_image&format=750x280&url=https%3A%2F%2Ftatsuharug.com%2Fround-up&fwr=0&pra=3&rh=188&rw=749&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.&dt=1672032535722&bpp=2&bdt=1973&idt=2&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2f09d5b5daaaa087-22f64e3b67da0068%3AT%3D1672032534%3ART%3D1672032534%3AS%3DALNI_MaGIl6Cq6Sp-ukwYbiWE8cDHp1joA&gpic=UID%3D00000b984cbd19cb%3AT%3D1672032534%3ART%3D1672032534%3AS%3DALNI_MbClm3fyG-8XAHJUaPMSA-Kdqkn-g&prev_fmts=0x0%2C750x280%2C280x600%2C1519x688%2C728x90&nras=5&correlator=6108592053548&frm=20&pv=1&ga_vid=776964119.1672032535&ga_sid=1672032535&ga_hid=2009459205&ga_fc=1&u_tz=120&u_his=2&u_h=864&u_w=1536&u_ah=816&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=190&ady=4699&biw=1519&bih=688&scr_x=0&scr_y=1959&eid=44759875%2C44759926%2C44759837%2C31071220%2C44779793%2C44773747%2C44780792&oid=2&psts=ACgb8tvC3UnOhvCiTp-lEIPG-DVeGwbIi4ZV6cuU_DJrYi9COU0yISvwe8qVbO1UsRRiM_NC7Xiyba_ggHyo-t2NfA%2CACgb8tsiucU84mfaUBcWGC8h4AOjyqyP-A-d99RGcY6h1vtbqndJ20zNWQwUB0assclniJtuN5e6BIFmlvigT6KP0Q&pvsid=1740711884905397&tmod=679648909&uas=3&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C816%2C1536%2C688&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=p41xte2zVY&p=https%3A//tatsuharug.com&dtd=29050
Requested by
Host: roundup33srcj938.werite.net
URL: https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
470346290e6882393fa902ab1a95f58a739998bfd479615e687cd7fdff3a46d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://roundup33srcj938.werite.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
23253
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 12:16:03 GMT
expires
Mon, 06 Feb 2023 12:16:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3524 		75 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5648379146522997&output=html&h=280&adk=3372409171&adf=1553790600&pi=t.aa~a.3544136065~i.81~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672032566&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5103042665&ad_type=text_image&format=750x280&url=https%3A%2F%2Ftatsuharug.com%2Fround-up&fwr=0&pra=3&rh=188&rw=749&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.%20%3Ca%20href=
Requested by
Host: roundup33srcj938.werite.net
URL: https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
7652192fe634ffebcf46b8a2660c3ba9087d37afaa10b08b188e566d5ba2ab64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://roundup33srcj938.werite.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
30952
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 12:16:03 GMT
expires
Mon, 06 Feb 2023 12:16:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		631 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
640a05629ef9ff70acaf0673351dc6ff37f4bdc20ca40edb6c7cca716e27aef0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		629 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b443c97bee49cfcbdea8f753223cf4c0326d369bf5b33993611504faf4cefdf3

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
blockquote.png
roundup33srcj938.werite.net/themes/battlestar/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roundup33srcj938.werite.net/themes/battlestar/img/blockquote.png
Requested by
Host: roundup33srcj938.werite.net
URL: https://roundup33srcj938.werite.net/themes/battlestar/battlestar.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2bc6be3a7213c7da5b63d6326da52cd5fbeaef21e93177c59e1f21862ac3f40a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://roundup33srcj938.werite.net/themes/battlestar/battlestar.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 12:16:03 GMT
Last-Modified
Fri, 10 May 2019 09:11:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"caa-58884f1f7bb24"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3242
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame DF60 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5648379146522997&output=html&h=280&adk=3372409171&adf=201630184&pi=t.aa~a.3544136065~i.51~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672032564&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5103042665&ad_type=text_image&format=750x280&url=https%3A%2F%2Ftatsuharug.com%2Fround-up&fwr=0&pra=3&rh=188&rw=749&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.&dt=1672032535722&bpp=2&bdt=1973&idt=2&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2f09d5b5daaaa087-22f64e3b67da0068%3AT%3D1672032534%3ART%3D1672032534%3AS%3DALNI_MaGIl6Cq6Sp-ukwYbiWE8cDHp1joA&gpic=UID%3D00000b984cbd19cb%3AT%3D1672032534%3ART%3D1672032534%3AS%3DALNI_MbClm3fyG-8XAHJUaPMSA-Kdqkn-g&prev_fmts=0x0%2C750x280%2C280x600%2C1519x688%2C728x90&nras=5&correlator=6108592053548&frm=20&pv=1&ga_vid=776964119.1672032535&ga_sid=1672032535&ga_hid=2009459205&ga_fc=1&u_tz=120&u_his=2&u_h=864&u_w=1536&u_ah=816&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=190&ady=4699&biw=1519&bih=688&scr_x=0&scr_y=1959&eid=44759875%2C44759926%2C44759837%2C31071220%2C44779793%2C44773747%2C44780792&oid=2&psts=ACgb8tvC3UnOhvCiTp-lEIPG-DVeGwbIi4ZV6cuU_DJrYi9COU0yISvwe8qVbO1UsRRiM_NC7Xiyba_ggHyo-t2NfA%2CACgb8tsiucU84mfaUBcWGC8h4AOjyqyP-A-d99RGcY6h1vtbqndJ20zNWQwUB0assclniJtuN5e6BIFmlvigT6KP0Q&pvsid=1740711884905397&tmod=679648909&uas=3&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C816%2C1536%2C688&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=p41xte2zVY&p=https%3A//tatsuharug.com&dtd=29050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
cafe /
Resource Hash
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 06:46:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
19795
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8993
x-xss-protection
0
server
cafe
etag
12355142264901698679
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Feb 2023 06:46:08 GMT
css
fonts.googleapis.com/ Frame DF60 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5648379146522997&output=html&h=280&adk=3372409171&adf=201630184&pi=t.aa~a.3544136065~i.51~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672032564&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5103042665&ad_type=text_image&format=750x280&url=https%3A%2F%2Ftatsuharug.com%2Fround-up&fwr=0&pra=3&rh=188&rw=749&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.&dt=1672032535722&bpp=2&bdt=1973&idt=2&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2f09d5b5daaaa087-22f64e3b67da0068%3AT%3D1672032534%3ART%3D1672032534%3AS%3DALNI_MaGIl6Cq6Sp-ukwYbiWE8cDHp1joA&gpic=UID%3D00000b984cbd19cb%3AT%3D1672032534%3ART%3D1672032534%3AS%3DALNI_MbClm3fyG-8XAHJUaPMSA-Kdqkn-g&prev_fmts=0x0%2C750x280%2C280x600%2C1519x688%2C728x90&nras=5&correlator=6108592053548&frm=20&pv=1&ga_vid=776964119.1672032535&ga_sid=1672032535&ga_hid=2009459205&ga_fc=1&u_tz=120&u_his=2&u_h=864&u_w=1536&u_ah=816&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=190&ady=4699&biw=1519&bih=688&scr_x=0&scr_y=1959&eid=44759875%2C44759926%2C44759837%2C31071220%2C44779793%2C44773747%2C44780792&oid=2&psts=ACgb8tvC3UnOhvCiTp-lEIPG-DVeGwbIi4ZV6cuU_DJrYi9COU0yISvwe8qVbO1UsRRiM_NC7Xiyba_ggHyo-t2NfA%2CACgb8tsiucU84mfaUBcWGC8h4AOjyqyP-A-d99RGcY6h1vtbqndJ20zNWQwUB0assclniJtuN5e6BIFmlvigT6KP0Q&pvsid=1740711884905397&tmod=679648909&uas=3&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C816%2C1536%2C688&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=p41xte2zVY&p=https%3A//tatsuharug.com&dtd=29050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f10.1e100.net
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Feb 2023 12:16:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 10:26:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Feb 2023 12:16:03 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230123_RC00/ Frame DF60 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230123_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5648379146522997&output=html&h=280&adk=3372409171&adf=201630184&pi=t.aa~a.3544136065~i.51~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672032564&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5103042665&ad_type=text_image&format=750x280&url=https%3A%2F%2Ftatsuharug.com%2Fround-up&fwr=0&pra=3&rh=188&rw=749&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.&dt=1672032535722&bpp=2&bdt=1973&idt=2&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2f09d5b5daaaa087-22f64e3b67da0068%3AT%3D1672032534%3ART%3D1672032534%3AS%3DALNI_MaGIl6Cq6Sp-ukwYbiWE8cDHp1joA&gpic=UID%3D00000b984cbd19cb%3AT%3D1672032534%3ART%3D1672032534%3AS%3DALNI_MbClm3fyG-8XAHJUaPMSA-Kdqkn-g&prev_fmts=0x0%2C750x280%2C280x600%2C1519x688%2C728x90&nras=5&correlator=6108592053548&frm=20&pv=1&ga_vid=776964119.1672032535&ga_sid=1672032535&ga_hid=2009459205&ga_fc=1&u_tz=120&u_his=2&u_h=864&u_w=1536&u_ah=816&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=190&ady=4699&biw=1519&bih=688&scr_x=0&scr_y=1959&eid=44759875%2C44759926%2C44759837%2C31071220%2C44779793%2C44773747%2C44780792&oid=2&psts=ACgb8tvC3UnOhvCiTp-lEIPG-DVeGwbIi4ZV6cuU_DJrYi9COU0yISvwe8qVbO1UsRRiM_NC7Xiyba_ggHyo-t2NfA%2CACgb8tsiucU84mfaUBcWGC8h4AOjyqyP-A-d99RGcY6h1vtbqndJ20zNWQwUB0assclniJtuN5e6BIFmlvigT6KP0Q&pvsid=1740711884905397&tmod=679648909&uas=3&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C816%2C1536%2C688&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=p41xte2zVY&p=https%3A//tatsuharug.com&dtd=29050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 23:28:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
305250
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2798
x-xss-protection
0
last-modified
Mon, 23 Jan 2023 11:41:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 23:28:33 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230123_RC00/ Frame DF60 		391 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230123_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5648379146522997&output=html&h=280&adk=3372409171&adf=201630184&pi=t.aa~a.3544136065~i.51~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672032564&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5103042665&ad_type=text_image&format=750x280&url=https%3A%2F%2Ftatsuharug.com%2Fround-up&fwr=0&pra=3&rh=188&rw=749&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.&dt=1672032535722&bpp=2&bdt=1973&idt=2&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2f09d5b5daaaa087-22f64e3b67da0068%3AT%3D1672032534%3ART%3D1672032534%3AS%3DALNI_MaGIl6Cq6Sp-ukwYbiWE8cDHp1joA&gpic=UID%3D00000b984cbd19cb%3AT%3D1672032534%3ART%3D1672032534%3AS%3DALNI_MbClm3fyG-8XAHJUaPMSA-Kdqkn-g&prev_fmts=0x0%2C750x280%2C280x600%2C1519x688%2C728x90&nras=5&correlator=6108592053548&frm=20&pv=1&ga_vid=776964119.1672032535&ga_sid=1672032535&ga_hid=2009459205&ga_fc=1&u_tz=120&u_his=2&u_h=864&u_w=1536&u_ah=816&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=190&ady=4699&biw=1519&bih=688&scr_x=0&scr_y=1959&eid=44759875%2C44759926%2C44759837%2C31071220%2C44779793%2C44773747%2C44780792&oid=2&psts=ACgb8tvC3UnOhvCiTp-lEIPG-DVeGwbIi4ZV6cuU_DJrYi9COU0yISvwe8qVbO1UsRRiM_NC7Xiyba_ggHyo-t2NfA%2CACgb8tsiucU84mfaUBcWGC8h4AOjyqyP-A-d99RGcY6h1vtbqndJ20zNWQwUB0assclniJtuN5e6BIFmlvigT6KP0Q&pvsid=1740711884905397&tmod=679648909&uas=3&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C816%2C1536%2C688&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=p41xte2zVY&p=https%3A//tatsuharug.com&dtd=29050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
sffe /
Resource Hash
5996f9c603aae0dcd3173ce95110e33211d65f793c08882b80af2bea78d96c78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:29:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341170
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135452
x-xss-protection
0
last-modified
Mon, 23 Jan 2023 11:41:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 13:29:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame DF60 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5648379146522997&output=html&h=280&adk=3372409171&adf=201630184&pi=t.aa~a.3544136065~i.51~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672032564&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5103042665&ad_type=text_image&format=750x280&url=https%3A%2F%2Ftatsuharug.com%2Fround-up&fwr=0&pra=3&rh=188&rw=749&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.&dt=1672032535722&bpp=2&bdt=1973&idt=2&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2f09d5b5daaaa087-22f64e3b67da0068%3AT%3D1672032534%3ART%3D1672032534%3AS%3DALNI_MaGIl6Cq6Sp-ukwYbiWE8cDHp1joA&gpic=UID%3D00000b984cbd19cb%3AT%3D1672032534%3ART%3D1672032534%3AS%3DALNI_MbClm3fyG-8XAHJUaPMSA-Kdqkn-g&prev_fmts=0x0%2C750x280%2C280x600%2C1519x688%2C728x90&nras=5&correlator=6108592053548&frm=20&pv=1&ga_vid=776964119.1672032535&ga_sid=1672032535&ga_hid=2009459205&ga_fc=1&u_tz=120&u_his=2&u_h=864&u_w=1536&u_ah=816&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=190&ady=4699&biw=1519&bih=688&scr_x=0&scr_y=1959&eid=44759875%2C44759926%2C44759837%2C31071220%2C44779793%2C44773747%2C44780792&oid=2&psts=ACgb8tvC3UnOhvCiTp-lEIPG-DVeGwbIi4ZV6cuU_DJrYi9COU0yISvwe8qVbO1UsRRiM_NC7Xiyba_ggHyo-t2NfA%2CACgb8tsiucU84mfaUBcWGC8h4AOjyqyP-A-d99RGcY6h1vtbqndJ20zNWQwUB0assclniJtuN5e6BIFmlvigT6KP0Q&pvsid=1740711884905397&tmod=679648909&uas=3&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C816%2C1536%2C688&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=p41xte2zVY&p=https%3A//tatsuharug.com&dtd=29050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 19:19:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
60992
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Feb 2023 19:19:31 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3524 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CPNV_g-_gY5qkBNeK7AONxoTQD5WN7e1uj_bC9YcR6p_coNQBEAEgw4-GK2Dp5MmF2BqgAeXOgegCyAECqQIVadwzGYRsPqgDAcgDyQSqBPwBT9D0nvbAW6OGvLqAtvFvl7gTZcwQU7rGFRF2SSAIs6cxhki_byytYc_7q_KQUozMHCUflgWUAhEt72tNuCyCFIZEEDqKSLcszKmlvbRDO6QNj5NW1qXsHZwoD6ZiYR6OfN5Wg_i5IP2AG33mndP9ViVdD0tXNcFNL9tfBmswVIUuMDLfO_EZReFcuB9XhHyETGKzxLm2sHCNYHKCQG1bk9m70Jct8GRrE55uFZSIJxjarDxahtkSzydWUNcLoR-_ysGvBCSd8103yLiyexMDDJAi9uisX19nhiU-cuWQ8hnMPY2a5ExYn2mT-tMV3I71sJbYvEcz6Er88rkwwATy5I-mqgSSBQQIBBgBkgUECAUYBKAGAoAHs7PqpgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCAug7SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAcITBhjlzoHoAtgTDdAVAYAXAbIXHAoaCAASFHB1Yi01NjQ4Mzc5MTQ2NTIyOTk3GAA&sigh=B3GhAtoaPKo&uach_m=[UACH]&cid=CAQSGwDUE5ym94XMmnCsLjQ0IngJq4MlN1UAdLM1BhgB&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5648379146522997&output=html&h=280&adk=3372409171&adf=1553790600&pi=t.aa~a.3544136065~i.81~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672032566&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5103042665&ad_type=text_image&format=750x280&url=https%3A%2F%2Ftatsuharug.com%2Fround-up&fwr=0&pra=3&rh=188&rw=749&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.%20%3Ca%20href=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5648379146522997&output=html&h=280&adk=3372409171&adf=1553790600&pi=t.aa~a.3544136065~i.81~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672032566&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5103042665&ad_type=text_image&format=750x280&url=https%3A%2F%2Ftatsuharug.com%2Fround-up&fwr=0&pra=3&rh=188&rw=749&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.%20%3Ca%20href=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 06 Feb 2023 12:16:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Feb 2023 12:16:03 GMT
11493001899226868165
tpc.googlesyndication.com/simgad/ Frame 3524 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11493001899226868165?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql7y9YwnKzttRfM0FhVnxdSFj0vRA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5648379146522997&output=html&h=280&adk=3372409171&adf=1553790600&pi=t.aa~a.3544136065~i.81~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672032566&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5103042665&ad_type=text_image&format=750x280&url=https%3A%2F%2Ftatsuharug.com%2Fround-up&fwr=0&pra=3&rh=188&rw=749&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.%20%3Ca%20href=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
sffe /
Resource Hash
0cc9c25f7ddc2b0ac76045bc2ba632a2f08c04609ac638990db3e23808e9cf08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 08:54:56 GMT
x-content-type-options
nosniff
age
184867
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82174
x-xss-protection
0
last-modified
Fri, 03 Feb 2023 12:10:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 04 Feb 2024 08:54:56 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 3524 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5648379146522997&output=html&h=280&adk=3372409171&adf=1553790600&pi=t.aa~a.3544136065~i.81~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672032566&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5103042665&ad_type=text_image&format=750x280&url=https%3A%2F%2Ftatsuharug.com%2Fround-up&fwr=0&pra=3&rh=188&rw=749&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.%20%3Ca%20href=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
cafe /
Resource Hash
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 06:46:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
19795
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8993
x-xss-protection
0
server
cafe
etag
12355142264901698679
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Feb 2023 06:46:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 3524 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5648379146522997&output=html&h=280&adk=3372409171&adf=1553790600&pi=t.aa~a.3544136065~i.81~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672032566&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5103042665&ad_type=text_image&format=750x280&url=https%3A%2F%2Ftatsuharug.com%2Fround-up&fwr=0&pra=3&rh=188&rw=749&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.%20%3Ca%20href=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 10:44:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
5481
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Feb 2023 10:44:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 3524 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5648379146522997&output=html&h=280&adk=3372409171&adf=1553790600&pi=t.aa~a.3544136065~i.81~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672032566&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5103042665&ad_type=text_image&format=750x280&url=https%3A%2F%2Ftatsuharug.com%2Fround-up&fwr=0&pra=3&rh=188&rw=749&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.%20%3Ca%20href=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 19:19:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
60992
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Feb 2023 19:19:31 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 3524 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5648379146522997&output=html&h=280&adk=3372409171&adf=1553790600&pi=t.aa~a.3544136065~i.81~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672032566&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5103042665&ad_type=text_image&format=750x280&url=https%3A%2F%2Ftatsuharug.com%2Fround-up&fwr=0&pra=3&rh=188&rw=749&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.%20%3Ca%20href=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
cafe /
Resource Hash
5d02adac15e34cf8f7ce081e8494b9522091281a4adbdfb0c12e7a6bbe3c98f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 20:20:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
57304
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13610
x-xss-protection
0
server
cafe
etag
17181213163917467211
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Feb 2023 20:20:59 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8C97 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5648379146522997&output=html&h=280&adk=3372409171&adf=1553790600&pi=t.aa~a.3544136065~i.81~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672032566&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5103042665&ad_type=text_image&format=750x280&url=https%3A%2F%2Ftatsuharug.com%2Fround-up&fwr=0&pra=3&rh=188&rw=749&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.%20%3Ca%20href=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5648379146522997&output=html&h=280&adk=3372409171&adf=1553790600&pi=t.aa~a.3544136065~i.81~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672032566&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5103042665&ad_type=text_image&format=750x280&url=https%3A%2F%2Ftatsuharug.com%2Fround-up&fwr=0&pra=3&rh=188&rw=749&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.%20%3Ca%20href=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
244
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 12:11:59 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3524 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef84d99501f4e8d0026defcd7ff7163eac23fe5d31e0d92f8c36924d97b61bf3

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8C97
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5648379146522997&output=html&h=280&adk=3372409171&adf=1553790600&pi=t.aa~a.3544136065~i.81~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672032566&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5103042665&ad_type=text_image&format=750x280&url=https%3A%2F%2Ftatsuharug.com%2Fround-up&fwr=0&pra=3&rh=188&rw=749&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.%20%3Ca%20href=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 12:16:03 GMT
expires
Mon, 06 Feb 2023 12:16:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 12:16:03 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame DF60 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ldss1e43&c=1527118894012&slotId=763559447006&qqid=CKr7pvXvgP0CFVmUsgodbe8BrA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230123_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.196.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ix-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:16:03 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DF60 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f3.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 22:49:45 GMT
x-content-type-options
nosniff
age
480378
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 22:49:45 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DF60 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 11:48:56 GMT
x-content-type-options
nosniff
age
1627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Feb 2024 11:48:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DF60 		0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CztSWg-_gY-qtBNmoygXt3ofgCr2ahpNu_ITYiZERg664nL0BEAEgw4-GK2Dp5MmF2BqgAbe30v0CyAEFqQLecM3xcByyPqgDAcgDmwSqBOsBT9BVt_djJisEYuSdZPZ9dHkPkK9N_kvFtpURrnyVO8hp9Cj8nfV8J8QRHE0Oq6hdHwul_VJ3D6wXK-rAZ7gNTWqszaZStmw5GUhAWqK79MtSAQEFFJAQIKOeuxoRNgDZXF-B-FxFwzwICF4QvlkJ2JZ_51T7-u4pksgtkOSHWh8xq2IwAgeCDd99OhPlrOtczGIWA25oC_8ICi5h73vEUKaeZvnG27asroxAZZvx9Vfm_Hwa8zH9IqtofMRXZeE-7RsfgVWV-gPRiLEtRU5A6Ly2HXTuNp5y9h2skPurdTy5EYnlj4HB9SOK5sAElPrV2a4E4AQDkAYBoAZOgAexyK2CAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbAT-euNEtgTCogUQNgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1675685763518&ai=CztSWg-_gY-qtBNmoygXt3ofgCr2ahpNu_ITYiZERg664nL0BEAEgw4-GK2Dp5MmF2BqgAbe30v0CyAEFqQLecM3xcByyPqgDAcgDmwSqBOsBT9BVt_djJisEYuSdZPZ9dHkPkK9N_kvFtpURrnyVO8hp9Cj8nfV8J8QRHE0Oq6hdHwul_VJ3D6wXK-rAZ7gNTWqszaZStmw5GUhAWqK79MtSAQEFFJAQIKOeuxoRNgDZXF-B-FxFwzwICF4QvlkJ2JZ_51T7-u4pksgtkOSHWh8xq2IwAgeCDd99OhPlrOtczGIWA25oC_8ICi5h73vEUKaeZvnG27asroxAZZvx9Vfm_Hwa8zH9IqtofMRXZeE-7RsfgVWV-gPRiLEtRU5A6Ly2HXTuNp5y9h2skPurdTy5EYnlj4HB9SOK5sAElPrV2a4E4AQDkAYBoAZOgAexyK2CAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbAT-euNEtgTCogUQNgUAdAVAfgWAYAXAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5648379146522997&output=html&h=280&adk=3372409171&adf=201630184&pi=t.aa~a.3544136065~i.51~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672032564&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5103042665&ad_type=text_image&format=750x280&url=https%3A%2F%2Ftatsuharug.com%2Fround-up&fwr=0&pra=3&rh=188&rw=749&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.&dt=1672032535722&bpp=2&bdt=1973&idt=2&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2f09d5b5daaaa087-22f64e3b67da0068%3AT%3D1672032534%3ART%3D1672032534%3AS%3DALNI_MaGIl6Cq6Sp-ukwYbiWE8cDHp1joA&gpic=UID%3D00000b984cbd19cb%3AT%3D1672032534%3ART%3D1672032534%3AS%3DALNI_MbClm3fyG-8XAHJUaPMSA-Kdqkn-g&prev_fmts=0x0%2C750x280%2C280x600%2C1519x688%2C728x90&nras=5&correlator=6108592053548&frm=20&pv=1&ga_vid=776964119.1672032535&ga_sid=1672032535&ga_hid=2009459205&ga_fc=1&u_tz=120&u_his=2&u_h=864&u_w=1536&u_ah=816&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=190&ady=4699&biw=1519&bih=688&scr_x=0&scr_y=1959&eid=44759875%2C44759926%2C44759837%2C31071220%2C44779793%2C44773747%2C44780792&oid=2&psts=ACgb8tvC3UnOhvCiTp-lEIPG-DVeGwbIi4ZV6cuU_DJrYi9COU0yISvwe8qVbO1UsRRiM_NC7Xiyba_ggHyo-t2NfA%2CACgb8tsiucU84mfaUBcWGC8h4AOjyqyP-A-d99RGcY6h1vtbqndJ20zNWQwUB0assclniJtuN5e6BIFmlvigT6KP0Q&pvsid=1740711884905397&tmod=679648909&uas=3&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C816%2C1536%2C688&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=p41xte2zVY&p=https%3A//tatsuharug.com&dtd=29050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:16:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame DF60 		28 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BSHmiCMHV63kVmCn0px5qMBY1tCOtirwXpo71VHeSXERoGUSFy79WzcooFSXOuZiClNKjDoIbERByAXuvL9oKG_aGd5w&cry=1&dbm_d=AKAmf-CfuTOhZYEOcd5mU0-4e2Tlzcfkww9nQ2m_C3ioIMK5_154eHoIgn_Z21bB7nwUTsFuID-L3SAfDnuFp_iD25dp0qaNO5DIblJ1eELP6oORv1ZrDtI5kz6nKbQpLGuXrWZh56IKdZemfloXfkmZWJzTkG88Lp4W3CCaxtddGYBFF6EXQsCLrnxpChPm4R9FyrRNe948nzrH4vml4CoCOltSkb0JBRTZwBOha-DmbYR7GHPLMbZM4gRkKVZRKY9dUfMQ0_H2JNm7Kn0-uKhwGikZ9U2UxnTV1a59LnawY_L4DNldK6YF9VJv5HtQCnLD7EUAVFfMj-xEHJUNtVc1o6rC4opkmTKXZdRYS0DD5AjsqrDh66FOyJlmeZsdEWjcNVwtqpPR-6Qp418LWZz6T_kcTmn7k_5YQpZK9ItucmN9q-88R-j63m_7W5DpquinYwGUO7g8UQEhBY-BvkrUwKhM6UkZtL9UU62E4Yv-dnD_d_4Ril_y7h9B65bzKKhsAg-ldQiOuKv3TaZC0NW76JVmLV4S0L6-OXiR26MGWmJhqTLPxFZl6JUkirlTevha8Ql1hp9PSBXuJLgR_SGEVm0DTxs-yiPBjgxMZNkLWHJmBALU3iU6eZMWk6ZMzn6JKRL9GwODlKEJP5cD7ta-QSyA4XFNtpU0JLyhtB48Rv1-rojWRBZxyVE-iqjKEK-f8JJjZeEiDh2TumyTryqo2S1WOPhs7ZdMvkX_lnhigHqkNbLl7E0ou2OS0OUKMxKYEwazcyX2mHCatMFcIB_l7bngJAXGj_06i5oU2tscLdXcYOxQl5-cZ-PKnE9bYp3rqSPf0Infr7AJjJAXwPjwdQaktIZhKSvQg-R1GvM7yf__KjbPagwnjNj_AfSIp1FCUIcpb4p2BudNYgm6nWOYMo_dJEsgX2kmfVhFFdnU_BIFc6nxgqJYca2HXEDAUqRPjM9cWFIlbD92oMH6HaW_5Viqh9G12N5azNvhtA6Rf35qccDV4kI8BzOQzb7Fqn2g6m-6_jigC05gBkkM-mga04bDWqurbedbofaAT6L_4JacQBYCBz6A5h8i6JY6ROj3xNzOatJj5sWOr8VDhlXQFNoRX3TXTOgQ95Wl6MqmPA1_s2z3Ij49eGlLDJbHp5atDoTYLNG5UiNyVJpEBf_lidgFc1pFfi5B4yDp5-7zBrjf7OifsEE9UBH3cdyRnS-LPggfnqwYeNL-KCreGlSMsAe82YQlI5NEfEi-3iYdm32I_JZ9KV_gHxFjrrNbdpnbruxOIMN_5SJKIjDVbv3ifQ3UNRwq4m-5yDe3EQl7tFdLCEOB1b48hbCmTeq0jLV186y1iZ3FGG6lp2UXyoUDwLCEFe7ktHyaUGXQ2ep0OFdG-St4rkXIdLM9rzkkdv9S9TyN-8bmSfhenBwXK5Qm0E6-6wPJYpGlp_bhK9GI9uenJHWWqD16RMkhkpGJHzKdyrIq22Sb_xYv_ONvsVjGWNOuA-39tOp-8fvP6ImePpIqQg3d4R9SqDkwqXfwIJQKn7vQKcb6Op6rdh6CQSBaBFMQqCLq0GAs79WzYJa10Ogy6ae314KxUwnxvUCDR0v6b51t5AxJtZmol4AREr6Z1_JUGJyal2l3tXxwGC4IbZnRdRS2n2_TDa6K5hUzTVZjt30nr2TQEFFzHGtTqWb0CvQuZejIJmYGU3LR2PVepQIqRd_rM1fH6TSQtl7aVQgmr92DZhfrSPSzqjHPZYt95Rc2J-9tAZ5l4gXeJ93CDKNda6vX6k3qaf2NDx6AcAMWEGch1WnDFqnJ2fw6HqnOg9WuYfIeLms6YOFEBrM48ufY7i3Z6BKKeBSk01LImqEU-dv4tfweY2obInbNwdDChtyaVGt1i77DXRdEfK5yw7uTYGgOdOClVzMiQw-OcdRM1fWxlovoBejTIf0eE2fi0UEo3Hn1euLA0eqIH5jJUeZ4pJMzjN7KSaDskGyPOlG3MAjEL3pfaJTIkFwQjkO37RoYTsmTlk0TFwc1azjWWywhT9zb2JbF_F_YSpx6erRIxbwP9VJVlbOZFkpUjUfSgBbAwCDRgKFhr-A7DOQaJmWK8weB68xoGIKH-pcCenQ3UAzpv-0TNHXQhXQdLhoJc6yW-UNyDVJTRXDhEG0V7EhycL6kmZ_8nhB4xdlqkT_IMokCJJrnoy1m7mWIuZMWxpaf8foKsl36QdHHKy0t5b6hjo9X-wLZ5FodCT9kvP7_uGeqEVUrvyLX33Zup4ofJ99n6TdRqzGesh8KNQJdL9CmZlbHC2eb4eGoXj0UNNOC0wY5Trl0wySFvzF7KlEHwSoB1BhqIm-KmCMx4Zl2KxBu5ZlV7uNe4o2S5JU3StW8QrbEWHAeM3Eix_fYBo2erWWCgqiicvV_WIm-fMVhnUo1VxBwMxD_ARmXh6TjtkOnNOm4ThxRcXqRLHfm8l-u_RQOUlO7FQ4k8EOvNBYRbiEPeQS8VeLxkzOp11BKyLsyuno6hRrbAYtafTJsQlZjh57NMX9BVxfkA4EywxW3_h3An1-eRxKdJhfbIMebF9y7k4XL3o_YDA4UfO33Q-NBU1vQmZZILx7sus0zwHgi4fofdPufhlY3-4j8A-tL2WNrlE5gYccckth01778vlQv06Olxw1t3CTnQEYEcAOBhwTRSIKf4brwg6t1LMUHsbl-ZzVLPIYPgrcsOUCu_2rnVN4os7KZ6QZyvoK0e8wzzTOr8OhHdatLUSsdUcBwygnk-A_tNMmEmvui3506JEAl2F4fWB6AJwET0lh1ZQD6tW0Hr1KQUV9ebRHr_KyORp7adnLeTeM2DpWcTnPPHFOvcHoURQxNz5eT_tR5xGsg1rrFvr9U6ETpgGO8vOCZJFLCfqryb99TZefuK7Cwmf8YgRVRgEQXjE6e2LY_7y3KxAw342gBgNu2TbgzpBXN6vncusb70CDywUxXXHn3svy4O5Ob6SmhYbAJbo8ZY6QSrmTmoqsCPUaSt5s5MRxtpkERTKdHVGULQFHmgcPob6FgekoVb0j0KS9AtGNaEEa0mfVj5KGtPz4iB5xeWgP8i6LuRh1M-DMawEKR80ThXKldD6_BwAjnvQkhusJoB8GcjYT-fACQtHi6sg0A5JX05sJHFhdxuGde83Zj4EU6T5KsfVJ4TIvl3f_H066f4VmMgxev1DSq4wLaxBrNti1lbydNQI99_rRTuRjcgVvCfZI4gSYiNGgUmaq9kV-rl6kBghA8V27-wGh2pe7ZTUM-gDpunLDTjOdYo7r_kueSY4rE6LfgN15IiHaLg42UBTg6JzYtwsB4LlzabjeX7TtFAyNZuSgRbA9Pwj-bdhUi8AtAnUmX6XKNR2wFVH513Pgu0OznTway4TY&cid=CAQSSwDUE5ymPlQqhXytEOMUCSGU6zsjyBuTatdA_cbh75suzMW0G2RM14l1snECiBUBV0nVnjf8V-01L_PHJpiwN0zRYBKRSGBZMjriMBgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230123_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.27.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f157.1e100.net
Software
cafe /
Resource Hash
b33760df23bd865cd3ae81fc246047a4a2317a6ad26f73681e789cc86aa70415
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:16:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16315
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame DF60 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CNd94g-_gY-qtBNmoygXt3ofgCr2ahpNu_ITYiZERg664nL0BEAEgw4-GK2Dp5MmF2BqgAbe30v0CyAEFqQLecM3xcByyPqgDAaoE6AFP0FW392MmKwRi5J1k9n10eQ-Qr03-S8W2lRGufJU7yGn0KPyd9XwnxBEcTQ6rqF0fC6X9UncPrBcr6sBnuA1NaqzNplK2bDkZSEBaorv0y1IBAQUUkBAgo567GhE2ANlcX4H4XEXDPAgIXhC-WQnYln_nVPv67imSyC2Q5IdaHzGrYjACB4IN3306E-Ws61zMYhYDbmgL_wgKLmHve8RQpp5m-cbbtqyujEBlm_GtVnwJ74i1oyfVfUCqEmXyFiRJ7HQSjKlq8v2ou45PZ1hbDXch5BW5tFzu3y1_4Q-g5JA9kT1NT-kjwASU-tXZrgTgBAOIBdH1mKNIkgUGCAMQBRgBkgUGCBsQARgBkgULCCIQAxgDSOSs3QGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB7HIrYIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQ_foBGLG7wN4B0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwGwE_nrjRLIE831z-ED2BMKiBRA2BQB0BUBgBcBshccChoIABIUcHViLTU2NDgzNzkxNDY1MjI5OTcYAA&sigh=IfFlIG75Af0&uach_m=[UACH]&cid=CAQSSwDUE5ymPlQqhXytEOMUCSGU6zsjyBuTatdA_cbh75suzMW0G2RM14l1snECiBUBV0nVnjf8V-01L_PHJpiwN0zRYBKRSGBZMjriMBgB&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5648379146522997&output=html&h=280&adk=3372409171&adf=201630184&pi=t.aa~a.3544136065~i.51~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672032564&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5103042665&ad_type=text_image&format=750x280&url=https%3A%2F%2Ftatsuharug.com%2Fround-up&fwr=0&pra=3&rh=188&rw=749&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.&dt=1672032535722&bpp=2&bdt=1973&idt=2&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2f09d5b5daaaa087-22f64e3b67da0068%3AT%3D1672032534%3ART%3D1672032534%3AS%3DALNI_MaGIl6Cq6Sp-ukwYbiWE8cDHp1joA&gpic=UID%3D00000b984cbd19cb%3AT%3D1672032534%3ART%3D1672032534%3AS%3DALNI_MbClm3fyG-8XAHJUaPMSA-Kdqkn-g&prev_fmts=0x0%2C750x280%2C280x600%2C1519x688%2C728x90&nras=5&correlator=6108592053548&frm=20&pv=1&ga_vid=776964119.1672032535&ga_sid=1672032535&ga_hid=2009459205&ga_fc=1&u_tz=120&u_his=2&u_h=864&u_w=1536&u_ah=816&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=190&ady=4699&biw=1519&bih=688&scr_x=0&scr_y=1959&eid=44759875%2C44759926%2C44759837%2C31071220%2C44779793%2C44773747%2C44780792&oid=2&psts=ACgb8tvC3UnOhvCiTp-lEIPG-DVeGwbIi4ZV6cuU_DJrYi9COU0yISvwe8qVbO1UsRRiM_NC7Xiyba_ggHyo-t2NfA%2CACgb8tsiucU84mfaUBcWGC8h4AOjyqyP-A-d99RGcY6h1vtbqndJ20zNWQwUB0assclniJtuN5e6BIFmlvigT6KP0Q&pvsid=1740711884905397&tmod=679648909&uas=3&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C816%2C1536%2C688&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=p41xte2zVY&p=https%3A//tatsuharug.com&dtd=29050
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5648379146522997&output=html&h=280&adk=3372409171&adf=201630184&pi=t.aa~a.3544136065~i.51~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672032564&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5103042665&ad_type=text_image&format=750x280&url=https%3A%2F%2Ftatsuharug.com%2Fround-up&fwr=0&pra=3&rh=188&rw=749&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.&dt=1672032535722&bpp=2&bdt=1973&idt=2&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2f09d5b5daaaa087-22f64e3b67da0068%3AT%3D1672032534%3ART%3D1672032534%3AS%3DALNI_MaGIl6Cq6Sp-ukwYbiWE8cDHp1joA&gpic=UID%3D00000b984cbd19cb%3AT%3D1672032534%3ART%3D1672032534%3AS%3DALNI_MbClm3fyG-8XAHJUaPMSA-Kdqkn-g&prev_fmts=0x0%2C750x280%2C280x600%2C1519x688%2C728x90&nras=5&correlator=6108592053548&frm=20&pv=1&ga_vid=776964119.1672032535&ga_sid=1672032535&ga_hid=2009459205&ga_fc=1&u_tz=120&u_his=2&u_h=864&u_w=1536&u_ah=816&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=190&ady=4699&biw=1519&bih=688&scr_x=0&scr_y=1959&eid=44759875%2C44759926%2C44759837%2C31071220%2C44779793%2C44773747%2C44780792&oid=2&psts=ACgb8tvC3UnOhvCiTp-lEIPG-DVeGwbIi4ZV6cuU_DJrYi9COU0yISvwe8qVbO1UsRRiM_NC7Xiyba_ggHyo-t2NfA%2CACgb8tsiucU84mfaUBcWGC8h4AOjyqyP-A-d99RGcY6h1vtbqndJ20zNWQwUB0assclniJtuN5e6BIFmlvigT6KP0Q&pvsid=1740711884905397&tmod=679648909&uas=3&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C816%2C1536%2C688&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=p41xte2zVY&p=https%3A//tatsuharug.com&dtd=29050
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 06 Feb 2023 12:16:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame DF60 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d422372469f7f78cacf18700ed31393a6cfd7704dbdfcd4c8997163886d443db

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
pagead2.googlesyndication.com/bg/ Frame 9577 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5648379146522997&output=html&h=280&adk=3372409171&adf=1553790600&pi=t.aa~a.3544136065~i.81~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672032566&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5103042665&ad_type=text_image&format=750x280&url=https%3A%2F%2Ftatsuharug.com%2Fround-up&fwr=0&pra=3&rh=188&rw=749&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.%20%3Ca%20href=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
sffe /
Resource Hash
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 12:13:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
259357
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14278
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 12:13:26 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame DF60 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230123_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 14:01:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425701
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Feb 2024 14:01:02 GMT
file.mp4
r2---sn-f5f7knee.c.2mdn.net/videoplayback/id/1ac757fe7bc7fd16/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818068022/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame DF60
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/1ac757fe7bc7fd16/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818068022/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
  • https://r2---sn-f5f7knee.c.2mdn.net/videoplayback/id/1ac757fe7bc7fd16/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818068022/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r2---sn-f5f7knee.c.2mdn.net/videoplayback/id/1ac757fe7bc7fd16/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818068022/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/49F09F2BAB5D029A46A8D3CDDDDC116ECE7F4111.368148F906C4F07D90650087D0141D7FD6857817/key/cms1/cms_redirect/yes/mh/Vo/mip/176.67.86.63/mm/42/mn/sn-f5f7knee/ms/onc/mt/1675684276/mv/u/mvi/2/pl/24/file/file.mp4
Requested by
Host: roundup33srcj938.werite.net
URL: https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
Protocol
HTTP/1.1
Server
173.194.10.199 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw07s11-in-f7.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 12:16:04 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
3481480
Last-Modified
Fri, 13 Jan 2023 14:25:09 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Mon, 06 Feb 2023 12:16:04 GMT

Redirect headers

date
Mon, 06 Feb 2023 12:16:03 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
641
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r2---sn-f5f7knee.c.2mdn.net/videoplayback/id/1ac757fe7bc7fd16/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818068022/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/49F09F2BAB5D029A46A8D3CDDDDC116ECE7F4111.368148F906C4F07D90650087D0141D7FD6857817/key/cms1/cms_redirect/yes/mh/Vo/mip/176.67.86.63/mm/42/mn/sn-f5f7knee/ms/onc/mt/1675684276/mv/u/mvi/2/pl/24/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame A4C5 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
383422
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 01:45:41 GMT
expires
Fri, 02 Feb 2024 01:45:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
pagead2.googlesyndication.com/bg/ Frame A4C5 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
sffe /
Resource Hash
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 12:13:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
259357
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14278
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 12:13:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A4C5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bu5kpg-_gY9iBKfG89u8Px9i1wAcAAAAAOAHgBAI&bg=!c3ClcDTNAAaq5O5FiuQ7ACkAdvg8Wj0FzKCXmuP80IyyxeuPVB2iNecuTG4XXfTuxR7qwQHRh5dSxwIAAABKUgAAAANoAQeZAuSLMsZrXZXqcgtTkrHZuDvMhdpFq5Uf4o-iCONmXkM4xXL5VfqasleZhUiOLLSdsD9jZJVus-9tMbQ3v1WxE4yT0QDMxkfGScqcsQf9bnE-VIUaYwQjaTSpYvyVcYnEdqA4YaYFU3D0aqZLLwTj2GJhAhgZUnEk_6FacJx3pFCbTka_vXy51GdlGZE94PABXKo5u6X79oeYMEmoguO8Jxq6mrVp-6jURCrIiCHmwsfR8skAN6RzhikqXSD41ddJ5yBTP76GJeH_Y_1dItP2XmXX1zPwoiDExJLalqNZIyj_NXowsA4lXoohKarIqQPHa6lHc3DOyefW2g5t7PGQUcDA6X8Z6-jNs9zawl2XJsdU4xsslZ2jMcHsnxpkv4LyYh4Y44rcrmFjgyi_GogwRTaO_Rjd0Zyl95YmYrN0ypST8jitsNscwNywZrxMLL27jfxeRqIJtENboCBGWbhM5nTe_UoZt9EFyjDLbWbT2ZRCv-2sq4r0EpOWGPwP2ms6tsNn1fO0NFvNwXqduIO0tpmhvY_H_NYnLrzPEwR8-BRPdcsWa_5GSxJg189NdECl9SyxRVJAaIU8rNOPQbQQ3u6AkH9XMwtQmq9geGbnV_-w_YWmM91yiVTc0yJxTKPZD-ug0m4ZkB91k7KZUJciHBEVfnPLsXW3wPbahOB__T65p6AqSPNGtC_OCjqnfHeyyPBZnTrGiYXW2BtCB49g37oKgZdiCZSBOplKniUG_Fdwisl95_BKt9b7pI168isWgwYHqfZ0mSNavNoD0OXeocXRrDRBwoPiqnSzy_UCBvaCZpPa5Pw4GBKFUSaLOan1YlNsX10oNUljZ3UazGOIH3UyJOf7eDLnkwbuicU6cVMy46fs3AI56_itcHzGeYhT9DmfHVgO5I3G5fO8qlvh_EMiRg5gEu7Lp1Yw8DcV1Pi42G0joDzlalIhtwsMNg45fT07uDAvxUNtRPkDNoOCOUH5eHXrcg
Requested by
Host: roundup33srcj938.werite.net
URL: https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:16:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r2---sn-f5f7knee.c.2mdn.net/videoplayback/id/1ac757fe7bc7fd16/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818068022/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame DF60 		164 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-f5f7knee.c.2mdn.net/videoplayback/id/1ac757fe7bc7fd16/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818068022/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/49F09F2BAB5D029A46A8D3CDDDDC116ECE7F4111.368148F906C4F07D90650087D0141D7FD6857817/key/cms1/cms_redirect/yes/mh/Vo/mip/176.67.86.63/mm/42/mn/sn-f5f7knee/ms/onc/mt/1675684276/mv/u/mvi/2/pl/24/file/file.mp4
Requested by
Host: roundup33srcj938.werite.net
URL: https://roundup33srcj938.werite.net/post/2023/02/06/%E9%99%A4%E8%8D%89%E5%89%A4(%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%A2%E3%83%83%E3%83%97%E3%80%81%E3%82%B0%E3%83%AA%E3%83%9B%E3%82%B5%E3%83%BC%E3%83%88)%E3%81%AE%E7%8A%AC%E7%8C%AB%E3%81%B8%E3%81%AE%E5%BD%B1%E9%9F%BF3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.10.199 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw07s11-in-f7.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

expires
Mon, 06 Feb 2023 12:16:04 GMT
date
Mon, 06 Feb 2023 12:16:04 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-3481479/3481480
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
3481480
last-modified
Fri, 13 Jan 2023 14:25:09 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
csi
csi.gstatic.com/ Frame DF60 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ldss1e4g&c=1527118894012&slotId=763559447006&qqid=CKr7pvXvgP0CFVmUsgodbe8BrA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=732&mt=video%2Fmp4&vs=854x480&ulv=1&cll=0&vast_v=2.0&vmfc=11&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=59&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230123_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.196.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ix-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:16:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange function| $ function| jQuery function| DP_jQuery function| Cufon string| post_remember_str

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUkJkC2KGVogaVgwIIzvwYMLhGzGnb2xuTUralj63AULLGrtIXyhuH3ZaDa1SdU
.doubleclick.net/ Name: DSID
Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bid.g.doubleclick.net
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
m.media-amazon.com
pagead2.googlesyndication.com
r2---sn-f5f7knee.c.2mdn.net
roundup33srcj938.werite.net
tpc.googlesyndication.com
www.google.com
142.250.180.194
142.250.185.164
142.250.186.170
142.250.186.78
142.250.201.195
142.250.27.157
142.251.208.162
151.101.193.16
157.245.145.14
172.217.16.129
172.217.18.10
173.194.10.199
173.194.196.120
07c45dc5395f6cd0d45f6bfa2674bad171ac1b1e5c9428dae975249b1ecf940d
0cc9c25f7ddc2b0ac76045bc2ba632a2f08c04609ac638990db3e23808e9cf08
0e2c6c1cdff899aece03ffb0365421548170c04da115779b11a0b7adf764f90c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c8b00ad1f576ac02e817ab07a030d16185a4001bfc5081f53e0dd8f1fe65a69
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2385c9267d2472325f16a6fcd3d92c547c2c4b5f3fdb772afc84d7d9bf178f40
27516b78b738d4900e2f3145e2c1a649b68c193d8556f8bbcf0f02dfcf071afd
2bc6be3a7213c7da5b63d6326da52cd5fbeaef21e93177c59e1f21862ac3f40a
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
463b99dfb3fa81d269f7508768da9f4ca229416b1b8e68177a30d0291868f945
470346290e6882393fa902ab1a95f58a739998bfd479615e687cd7fdff3a46d8
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4ebaf7e92c6cee1a71d5ab3e289f3ce92f054baf2821fe45815b23244f162ceb
542e78d986d4faef070fce18caeedcc1c9f63f33e847749ff1d614049353576b
5996f9c603aae0dcd3173ce95110e33211d65f793c08882b80af2bea78d96c78
5d02adac15e34cf8f7ce081e8494b9522091281a4adbdfb0c12e7a6bbe3c98f9
5fef58ecbe63e7f6aa398b55126bd542cac4cc89d7895d24d7fc239a7a362dea
640a05629ef9ff70acaf0673351dc6ff37f4bdc20ca40edb6c7cca716e27aef0
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
7652192fe634ffebcf46b8a2660c3ba9087d37afaa10b08b188e566d5ba2ab64
802638846ecd81a63876730ad82dbed46b0e3c673108d4dad741d5035fb08853
a04cafca60def5d93adf6ec0fef073cb2b04edb09c366010fe8c759417684082
b33760df23bd865cd3ae81fc246047a4a2317a6ad26f73681e789cc86aa70415
b443c97bee49cfcbdea8f753223cf4c0326d369bf5b33993611504faf4cefdf3
bb1cfe24689ded080b82645bf74ee4f323c95c67c9fc0c0965fd19cc1716339d
d422372469f7f78cacf18700ed31393a6cfd7704dbdfcd4c8997163886d443db
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4dcf46bd07304ee6012707eb18a99e1fa198c4198e2ecaea08cd90ea55b9d96
ef84d99501f4e8d0026defcd7ff7163eac23fe5d31e0d92f8c36924d97b61bf3
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6c6e39d04b10207f787e14967005946a4d569b4fa5978559903ff9237e07e21
fd4733e7e027c5f133d7ba443d3557e225185d3b818fec431db1454f68e9432f