zxcs.zip Open in urlscan Pro
2606:4700:3032::ac43:8c18 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://zxcs.zip/
Effective URL:
https://zxcs.zip/
Submission: On March 13 via manual (March 13th 2024, 12:50:31 am UTC) from JP — Scanned from JP

Summary HTTP 103 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 20 IPs in 6 countries across 13 domains to perform 103 HTTP transactions. The main IP is 2606:4700:3032::ac43:8c18, located in United States and belongs to CLOUDFLARENET, US. The main domain is zxcs.zip.
TLS certificate: Issued by GTS CA 1P5 on January 19th 2024. Valid for: 3 months.

This is the only time zxcs.zip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3032::ac43:8c18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4004:81d::2008	15169 (GOOGLE) (GOOGLE)
19	2404:6800:400... 2404:6800:4004:823::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::46 2620:1ec:46::46	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	240e:980:1200... 240e:980:1200:92c::56	58519 (CHINATELE...) (CHINATELECOM-CTCLOUD Cloud Computing Corporation)
1	116.114.98.35 116.114.98.35	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
7	2404:6800:400... 2404:6800:4004:80f::2003	15169 (GOOGLE) (GOOGLE)
3 16	2404:6800:400... 2404:6800:4004:812::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4008:c03::9b	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:80b::2003	15169 (GOOGLE) (GOOGLE)
4	20.85.30.134 20.85.30.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	2404:6800:400... 2404:6800:400a:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:818::200a	15169 (GOOGLE) (GOOGLE)
24	2404:6800:400... 2404:6800:4004:824::2001	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:820::2003	15169 (GOOGLE) (GOOGLE)
3 4	2404:6800:400... 2404:6800:4004:822::2004	15169 (GOOGLE) (GOOGLE)
6	142.250.199.98 142.250.199.98	15169 (GOOGLE) (GOOGLE)
1 2	20.205.115.81 20.205.115.81	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
103	20

4 2606:4700:3032::ac43:8c18 (United States)

ASN13335 (CLOUDFLARENET, US)

zxcs.zip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81d::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2404:6800:4004:823::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::46 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 240e:980:1200:92c::56 (China)

ASN58519 (CHINATELECOM-CTCLOUD Cloud Computing Corporation, CN)

lf9-cdn-tos.bytecdntp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.114.98.35 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

search-operate.cdn.bcebos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:80f::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2404:6800:4004:812::2002 (Australia) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c03::9b (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80b::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

j.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:400a:80e::200e (Osaka, Japan)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:818::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2404:6800:4004:824::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:820::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:822::2004 (Australia) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.199.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.205.115.81 (Hong Kong, Hong Kong) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	860 KB
17	google.com 3 redirects analytics.google.com — Cisco Umbrella Rank: 148 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 647 www.google.com — Cisco Umbrella Rank: 2	71 KB
17	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	130 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	518 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 756 j.clarity.ms — Cisco Umbrella Rank: 19570 c.clarity.ms — Cisco Umbrella Rank: 1360	28 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 124
4	zxcs.zip zxcs.zip	97 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 244	764 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	857 B
1	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 25872	408 B
1	bcebos.com search-operate.cdn.bcebos.com — Cisco Umbrella Rank: 72328	170 KB
1	bytecdntp.com lf9-cdn-tos.bytecdntp.com — Cisco Umbrella Rank: 233186	88 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	95 KB
103	13

	Domain	Requested by
24	tpc.googlesyndication.com	zxcs.zip googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
19	pagead2.googlesyndication.com	zxcs.zip pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
16	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
7	fonts.gstatic.com	zxcs.zip
6	www.googleadservices.com	googleads.g.doubleclick.net zxcs.zip
4	www.google.com	3 redirects tpc.googlesyndication.com
4	j.clarity.ms	www.clarity.ms
4	zxcs.zip	zxcs.zip
3	www.gstatic.com	zxcs.zip googleads.g.doubleclick.net
2	c.clarity.ms	1 redirects
2	analytics.google.com	www.googletagmanager.com
2	www.clarity.ms	zxcs.zip www.clarity.ms
1	c.bing.com	1 redirects
1	fonts.googleapis.com	zxcs.zip
1	www.google.co.jp	zxcs.zip
1	stats.g.doubleclick.net	www.googletagmanager.com
1	search-operate.cdn.bcebos.com	zxcs.zip
1	lf9-cdn-tos.bytecdntp.com	zxcs.zip
1	www.googletagmanager.com	zxcs.zip
103	20

This site contains links to these domains. Also see Links.

Domain
tieba.baidu.com
zxcs.wiki

Subject Issuer	Validity	Valid
zxcs.zip GTS CA 1P5	`2024-01-19` - `2024-04-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.bytecdntp.com RapidSSL TLS RSA CA G1	`2023-06-30` - `2024-06-28`	a year	crt.sh
a.bdydns.com Baidu, Inc. DV CA	`2023-04-17` - `2024-04-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://zxcs.zip/
Frame ID: 0A59FBDCE8B7CF51FA1CF5DA0FB2251E
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_fy2021.html
Frame ID: 88B5D3C9DE6AED5B84A73C220BBAA21F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9057438522091178&output=html&adk=1812271804&adf=3025194257&lmt=1710291021&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x675_l%7C356x675_r&format=0x0&url=https%3A%2F%2Fzxcs.zip%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710291021158&bpp=3&bdt=464&idt=266&shv=r20240306&mjsv=m202403070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5411197707414&frm=20&pv=2&ga_vid=1547559214.1710291021&ga_sid=1710291021&ga_hid=551060883&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081563%2C44795921%2C95320378%2C31080990%2C95324161%2C95325784&oid=2&pvsid=240830995770141&tmod=22858912&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=283
Frame ID: EB4429CB54F8F8AF19039A962FD860E8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9057438522091178&output=html&h=280&adk=2168583236&adf=457980074&pi=t.aa~a.3496337176~rp.4&w=1160&fwrn=4&fwrnh=100&lmt=1710291022&rafmt=1&to=qs&pwprc=8917504642&format=1160x280&url=https%3A%2F%2Fzxcs.zip%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710291022251&bpp=1&bdt=1557&idt=-M&shv=r20240306&mjsv=m202403070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5411197707414&frm=20&pv=1&ga_vid=1547559214.1710291021&ga_sid=1710291021&ga_hid=551060883&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=3654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081563%2C44795921%2C95320378%2C31080990%2C95324161%2C95325784&oid=2&pvsid=240830995770141&tmod=22858912&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=105
Frame ID: 9C9A57EB94C26815AB38DF82A32787E9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html
Frame ID: D0B81E2A3DC5013CAC0730545CC9FAED
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html
Frame ID: A02D58338FC6FCD21590CC74CEF8727C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html
Frame ID: 8B89E43A494E822825EB1C3F3578BD7B
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html
Frame ID: 8D51CB77BD2B4DF09CD88345F07D253A
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C600&text=%E3%83%A1%E4%BB%AC4%E3%83%AD%E3%81%9F%E3%81%84%E9%97%AE%E8%A9%B3%E4%BD%8D%E7%AB%8B%E3%81%AA%E7%99%BB%E6%9D%B1%E3%83%9D%EF%BC%8C%E3%81%A80%E5%BD%93%E6%97%A5%E3%80%81%E3%81%AB%E7%B4%B0%E4%BA%8E%E6%8A%BD%E5%8D%B3%E6%A7%98%EF%BC%81%E9%8C%B2%E5%90%8D%E3%82%82%E3%82%8B%E3%83%A3%E3%83%9A%E3%81%99%E3%81%A7%E4%BA%AC%E8%AE%BF%2C3%E3%81%8C%E6%88%91%E3%81%BE1%E3%81%A3%E6%9C%88%E9%81%B8%E3%83%88%E3%82%AD%E3%82%A4%E3%83%B3%E3%83%BC
Frame ID: 07563389308EED649A85D3DB85173627
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0870436CD9D8CD63C2C0113348B3FA71
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7AEC67149650AE2F9C516E7B6E8BBB6A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 462366983ED17787F5E2FEF4E0D134C9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/2XuAnNhv9ZdrLh840DIAgutokU3UuLKCtZvRQAQJz4k.js
Frame ID: 4B7AED33C7992F63390F837E04009690
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/2XuAnNhv9ZdrLh840DIAgutokU3UuLKCtZvRQAQJz4k.js
Frame ID: B56E5D75249DADC5F268BFF790E9CDB9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/2XuAnNhv9ZdrLh840DIAgutokU3UuLKCtZvRQAQJz4k.js
Frame ID: 72DBD81FE045375815C55B49F65272BC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/2XuAnNhv9ZdrLh840DIAgutokU3UuLKCtZvRQAQJz4k.js
Frame ID: 0BD260DA2D63D74D354B0C9776025C43
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 55536CAD7511C1860D5E65D19C683F6F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C48CC0A5655BEA5704D5CE76682207F9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

知轩藏书-藏尽网络中最好的精校小说

Page URL History Show full URLs

http://zxcs.zip/ HTTP 307
https://zxcs.zip/ Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

103
Requests

96 %
HTTPS

80 %
IPv6

13
Domains

20
Subdomains

20
IPs

6
Countries

2059 kB
Transfer

5036 kB
Size

21
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://tieba.baidu.com/home/main?id=tb.1.c6de0c90.SQiF5iZ1ueI4ZOa5EWmPfQ?t=1589023331&fr=pb
Title: @Anonymous般若

Search URL Search Domain Scan URL

URL: https://zxcs.wiki/
Title: zxcs.wiki

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://zxcs.zip/ HTTP 307
https://zxcs.zip/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 66

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 67

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 69

https://googleads.g.doubleclick.net/pagead/adview?ai=CVPLjTfjwZeaAHd_cs8IPk-uz6Aes0tf9deWT8IySEtfHor3AARABIJ25vzFgifPFhPQToAGPwMmbA8gBAqkCwKjLg3M2Cj6oAwHIA8kEqgS5AU_QwIuOYTS2fAT_SGhh_Fz_mvinIBNzrHiAjrs9GVzZJVoH4GzYgdDKAb9Gjuy_hC_DcWFgxaKEzPiczzSZ1ySFGrVS8IUeYC_9oXLXYzKV5asWMLhU3PE4pYlT_S9IL4E3oTNKvbHyAjewM_1AX5U9w7mGuTyzgRWCAqTOOQyz3EkRFp4_YmQqLXlPl5RSV-GAJ7J_8rDSgG-IWL7m4pt-HoM3LUbZLwX7AuGd9FRg-RUesZN5wOZVwASDhbjIzgSIBfnlnq9MkgUECAQYAZIFBAgFGASgBgKAB9m_tmSoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAtgHAfIHBBDK2AbSCCQIgGEQARgfMgKKAjoJgECAwICAgKAoSL39wTpYgrOwxoLwhAOaCRNodHRwczovL2ppbnBpYW4ub3JngAoByAsB2gwRCgsQ4PK7zoKgrdDuARICAQPYEwLQFQGAFwGyFxwKGggAEhRwdWItOTA1NzQzODUyMjA5MTE3OBgAshgJEgK9UhgCIgEA&sigh=qZmYXhsQCkY&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqrpMSP6W-ElopCL-YGlGnpn5RWqOgz6F6cdAgqM-LE_0o9Inu1xV_x5A2FjZ3YLE78z7H88pPPmTXuk6wkSOeFjneJEerwca7usIYAQ&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf7bec1ea0b8b44910000000000000000%22,%222%22:%220x64672fbd8e830140000000000000000%22,%223%22:%220x8066109c1985b5a0000000000000000%22,%224%22:%220x217ea931ec74f9040000000000000000%22,%225%22:%220x299218049d5eab680000000000000000%22},%22debug_key%22:%223258023076792192275%22,%22debug_reporting%22:true,%22destination%22:%22https://jinpian.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22863133711%22],%2222%22:[%22true%22],%224%22:[%2203-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221840205928307469025%22}&andc=true

Request Chain 74

https://googleads.g.doubleclick.net/pagead/adview?ai=CUTJXTfjwZeSAHd_cs8IPk-uz6Aes0tf9db2T8IySEtfHor3AARABIJ25vzFgifPFhPQToAGPwMmbA8gBAqkCwKjLg3M2Cj6oAwHIA8kEqgS4AU_QvTUtm-8vj3_GQBxIdlsJdz8RtclOqQjfAs7UD6vA40OHkGIOGH6rQuWdOTBqLB2mDlQ5m20QBSxZ80Hp2M-fngxOp4qKZM4rKbyj2WVC43cpxKjXadksqtKO3qgI7I2aLXcUoushYBRS5PjTX6LkwcwuPvWU2U7CcR1Rk2UyKSPxPdQ-27npk4SJHtLoCQizzsJErtItJK-U0QdOdRIoYpnA9v_Mxq9Rta8ObTvQpiCyEooaDRHABIOFuMjOBIgF-eWer0ySBQQIBBgBkgUECAUYBKAGAoAH2b-2ZKgH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcB8gcEENagDNIIJAiAYRABGB8yAooCOgmAQIDAgICAoChIvf3BOliCs7DGgvCEA5oJE2h0dHBzOi8vamlucGlhbi5vcmeACgHICwHaDBEKCxDw8Z6-iPLF4dQBEgIBA9gTAtAVAYAXAbIXHAoaCAASFHB1Yi05MDU3NDM4NTIyMDkxMTc4GACyGAkSAr1SGAIiAQA&sigh=jQfeKXGTB0g&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqrpMSP6W-ElopCL-YGlGnpn5RWqOgz6F6cdAgqM-LE_0o9Inu1xV_x5A2FjZ3YLE78z7H88pPPmTXuk6wkSOeFjneJEerwca7usIYAQ&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf7bec1ea0b8b44910000000000000000%22,%222%22:%220x64672fbd8e830140000000000000000%22,%223%22:%220x8066109c1985b5a0000000000000000%22,%224%22:%220x217ea931ec74f9040000000000000000%22,%225%22:%220x299218049d5eab680000000000000000%22},%22debug_key%22:%227568266971169507183%22,%22debug_reporting%22:true,%22destination%22:%22https://jinpian.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22863133711%22],%2222%22:[%22true%22],%224%22:[%2203-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226616889323902113665%22}&andc=true

Request Chain 79

https://googleads.g.doubleclick.net/pagead/adview?ai=C6mqqTfjwZeWAHd_cs8IPk-uz6Aes0tf9db2T8IySEtfHor3AARABIJ25vzFgifPFhPQToAGPwMmbA8gBAqkCwKjLg3M2Cj6oAwHIA8kEqgS4AU_Q4n_LW418CzJ9ZxZUokiqz-yQTM1eaAW7SF2Ya55lQtJJ01lkiX567vt5ZFZw1peqEniWuVQNnjfQE6iqKh0Y5WdAZzQ1utQq7ofaOXDD3uQ_nRJwr8hO2Uzwjg20A-Nt1Fs3M-vdISrR-8z5jvE3-Y34dVgQHJvALDPxayAP2DqgHNgK3nOPUnDry9Fzv6vKVl4dVxiK2jnp_LaYUOS9xmXAF-DWdlmZ8qBDz-iTqgopYbntaBbABIOFuMjOBIgF-eWer0ySBQQIBBgBkgUECAUYBKAGAoAH2b-2ZKgH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcB8gcEEMmRCtIIJAiAYRABGB8yAooCOgmAQIDAgICAoChIvf3BOliCs7DGgvCEA5oJE2h0dHBzOi8vamlucGlhbi5vcmeACgHICwHaDBEKCxCwlOT1iOC10bsBEgIBA9gTAtAVAYAXAbIXHAoaCAASFHB1Yi05MDU3NDM4NTIyMDkxMTc4GACyGAkSAr1SGAIiAQA&sigh=n-K6Petz4YQ&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqrpMSP6W-ElopCL-YGlGnpn5RWqOgz6F6cdAgqM-LE_0o9Inu1xV_x5A2FjZ3YLE78z7H88pPPmTXuk6wkSOeFjneJEerwca7usIYAQ&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf7bec1ea0b8b44910000000000000000%22,%222%22:%220x64672fbd8e830140000000000000000%22,%223%22:%220x8066109c1985b5a0000000000000000%22,%224%22:%220x217ea931ec74f9040000000000000000%22,%225%22:%220x299218049d5eab680000000000000000%22},%22debug_key%22:%2215883311762988534455%22,%22debug_reporting%22:true,%22destination%22:%22https://jinpian.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22863133711%22],%2222%22:[%22true%22],%224%22:[%2203-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215147339331647563329%22}&andc=true

Request Chain 94

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=551403497D9F4CA2AE195C1738FE32D3&RedC=c.clarity.ms&MXFR=2B3266CE5C096B591A49728F58096594 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=551403497D9F4CA2AE195C1738FE32D3&MUID=31BE2DECE2C6620F0D7D39ADE32C636E

103 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
zxcs.zip/
Redirect Chain

http://zxcs.zip/
https://zxcs.zip/

566 KB
35 KB

1396ms
1065ms

Document
text/html

2606:4700:3032::ac43:8c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zxcs.zip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:8c18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da51410f0e5b1eac7c8a6f94a62aee6b6cd41c1342f3b1d3a40bcd00b64e932f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 86380778efe9409e-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 13 Mar 2024 00:50:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPoTWUy%2Bg3gQNsapqAcJRVwxIPwtA6%2BlTACS0e2IuHoCMLcrDgHOTDZIo2bIBYA%2BM2yo%2BNscTlOjfB0a6KarQ%2BzleG80X%2BsqqKB28LbM6prFpq2%2BunT6FZu2xDb2%2BcZmPUwmIStheA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://zxcs.zip/
Non-Authoritative-Reason: HSTS

GET
H2 200 styles.5b6dbb217fbccec0bd0f.css
zxcs.zip/static/angular/ 38 KB
5 KB 90ms
88ms Stylesheet
text/css 2606:4700:3032::ac43:8c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zxcs.zip/static/angular/styles.5b6dbb217fbccec0bd0f.css

Requested by

Host: zxcs.zip
URL: https://zxcs.zip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:8c18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59c29f5c0d165fc28fa10a822c89126f860a621c755debaf4482f31bd8f73510

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://zxcs.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 00:50:20 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16077
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 24 May 2023 14:25:44 GMT
server: cloudflare
etag: W/"646e1e68-96b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjc7Fxp%2B%2FeCJWzgglKyfPq0os6wEaa3crt8VDU6ViTTVTGCFWONHoOmvY6%2BiUDDye0FoTgP4kezsEKHNN%2FWs%2B0yrv0RY5mv06OyxolhlNEKMbIqqSaXTPelYsI69nRLKnSLtk20%2Fww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 8638077fafa3409e-SIN
expires: Wed, 13 Mar 2024 08:22:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
95 KB 93ms
52ms Script
application/javascript 2404:6800:4004:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-58XH0DYFV5

Requested by

Host: zxcs.zip
URL: https://zxcs.zip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6346c8ecca4d961923bfafdd15a090d5176d955c5e2bbfe810889fc939f15508

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://zxcs.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 00:50:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97297
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Mar 2024 00:50:21 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 100ms
56ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9057438522091178

Requested by

Host: zxcs.zip
URL: https://zxcs.zip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a991bcc05a52cc2c4f07208e5e68c68ed87d527a0155afa1c36235a7de4f6ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zxcs.zip/
Origin: https://zxcs.zip
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 00:50:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50755
x-xss-protection: 0
server: cafe
etag: 12743329941644121759
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 13 Mar 2024 00:50:21 GMT

GET
H2 200 hma2fxuaur Show response
www.clarity.ms/tag/ 701 B
1 KB 184ms
158ms Script
application/x-javascript 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/hma2fxuaur?ref=bwt
Requested by: Host: zxcs.zip
URL: https://zxcs.zip/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ea28afe40f8ac86511b46cad4b3453fb6d1e3fba79e2de00b8df896b0ce2d6fe

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://zxcs.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: -1
date: Wed, 13 Mar 2024 00:50:21 GMT
x-azure-ref: 20240313T005021Z-mg6rdgkvrp7d5atvz4dbuseux80000000e7g00000000udq7
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 701
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H3 200 logo.png
zxcs.zip/images/ 6 KB
7 KB 118ms
118ms Image
image/png 2606:4700:3032::ac43:8c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zxcs.zip/images/logo.png

Requested by

Host: zxcs.zip
URL: https://zxcs.zip/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:8c18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

577f4e3946265cf647accc359c42b6b23c6776d1f76f66546ca7a8440abf9f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://zxcs.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 00:50:21 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1931435
alt-svc: h3=":443"; ma=86400
content-length: 6342
last-modified: Thu, 25 May 2023 07:20:05 GMT
server: cloudflare
etag: "646f0c25-18c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8AzjSKecg4AeBSS1z1Kf0BFp5o4%2F2bYMtdom64qyJjQ73dBVDExm%2FM36GTTtLxIyzN3f6wuSW27sPjvOFjHBz0St5cee2MXvPQ1oJro5tOArDHGV7e1Sch55Y8Sw9gRBeDBJk56HGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86380781c9996a26-LAX
expires: Wed, 20 Mar 2024 16:19:46 GMT

GET
H2 200 jquery.min.js Show response
lf9-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.6.0/ 87 KB
88 KB 3595ms
314ms Script
application/javascript 240e:980:1200:92c::56
CHINATELECOM-CTCL...

General

Check archive.org

Show headers Download Go to

Full URL: https://lf9-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.6.0/jquery.min.js
Requested by: Host: zxcs.zip
URL: https://zxcs.zip/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:980:1200:92c::56 , China, ASN58519 (CHINATELECOM-CTCLOUD Cloud Computing Corporation, CN),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://zxcs.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ser: BC150_dx-lt-yd-jiangsu-huaian-8-cache-6, BC175_dx-lt-yd-anhui-huainan-6-cache-3, BC196_dx-guizhou-guiyang-50-cache-1
date: Wed, 13 Mar 2024 00:50:24 GMT
x-tt-trace-tag: id=09;cdn-cache=hit;type=static
x-cache: HIT from BC196_dx-guizhou-guiyang-50-cache-1(baishan)
server-timing: cdn-cache;desc=HIT,edge;dur=9
content-length: 89501
last-modified: Sun, 24 Apr 2022 19:10:58 GMT
server: nginx
x-tt-logid: 20230802050055D9F85152EE288677C075
etag: "6265a0c2-15d9d"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-response-cinfo: 2a00:1633:128:4::5
accept-ranges: bytes
timing-allow-origin: *
x-response-cache: edge_hit
expires: Wed, 10 Apr 2024 08:38:23 GMT

GET
H3 200 mio-logo-sprite.7a0afcb5bbfe71a9a330.png
zxcs.zip/static/angular/ 49 KB
49 KB 114ms
114ms Image
image/png 2606:4700:3032::ac43:8c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zxcs.zip/static/angular/mio-logo-sprite.7a0afcb5bbfe71a9a330.png

Requested by

Host: zxcs.zip
URL: https://zxcs.zip/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:8c18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9a7a0f6ff4ac0c0ae7e7df4468c049558f6d24c43d2cc07880af52358de2d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://zxcs.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 00:50:21 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1931432
alt-svc: h3=":443"; ma=86400
content-length: 50117
last-modified: Wed, 24 May 2023 14:25:44 GMT
server: cloudflare
etag: "646e1e68-c3c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1N9nvw0tjK3esd8Dv5NoE7MrVWiTnZ%2FRlI1Sa1Z9eI59at5FbTsgteLg1hbvCjeco1M1b538RTsCKHLSqQZhboqgq%2Fimr2UbMJC97jeI5HouIEpBsoYe%2FFccfwnMSZZsxKzd4afAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86380781d9b26a26-LAX
expires: Wed, 20 Mar 2024 16:19:49 GMT

GET
H2 200 32247fbef75a5085cc444c5a9e2c75ff.png
search-operate.cdn.bcebos.com/ 169 KB
170 KB 3070ms
117ms Image
image/png 116.114.98.35
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://search-operate.cdn.bcebos.com/32247fbef75a5085cc444c5a9e2c75ff.png
Requested by: Host: zxcs.zip
URL: https://zxcs.zip/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.114.98.35 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: c6bbc7c755dc0cae3e5678b2e774b4c3aad4b71afe635d79b24ca1a2fcadc878

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://zxcs.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

ohc-file-size: 173071
date: Wed, 13 Mar 2024 00:50:24 GMT
content-md5: MiR/vvdaUIXMRExanix1/w==
age: 7142
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 173071
ohc-cache-hit: als3un69 [2], xiangyix69 [2]
last-modified: Mon, 19 Jun 2023 07:42:30 GMT
server: JSP3/2.0.14
etag: "32247fbef75a5085cc444c5a9e2c75ff"
x-bce-request-id: 739887bd-1d5c-4aca-9922-14f160b367c7
content-type: image/png
access-control-allow-origin: *
x-bce-debug-id: WI/c8C+Te6dWd8DkMaKeyWFg9m8YeQqoii5kZIfE0MuGf0AjaBcy0MiL6d41FXyI2y9NH7+7PpL1+DVTXQUdXw==
accept-ranges: bytes
ohc-global-saved-time: Tue, 12 Mar 2024 22:20:40 GMT
x-bce-content-crc32: 1354181468
expires: Fri, 15 Mar 2024 22:20:40 GMT

GET
H2 200 L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vqPQA.woff
fonts.gstatic.com/s/robotomono/v22/ 46 KB
46 KB 48ms
6ms Font
font/woff 2404:6800:4004:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotomono/v22/L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vqPQA.woff

Requested by

Host: zxcs.zip
URL: https://zxcs.zip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66268f925b139bd3074492eff60e272912655e1fd7fb7c945d45df98df5c9b6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zxcs.zip/
Origin: https://zxcs.zip
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 17:16:09 GMT
x-content-type-options: nosniff
age: 286452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47300
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:53:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Mar 2025 17:16:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 45ms
4ms Font
font/woff2 2404:6800:4004:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: zxcs.zip
URL: https://zxcs.zip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zxcs.zip/
Origin: https://zxcs.zip
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 19:34:22 GMT
x-content-type-options: nosniff
age: 18959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11028
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Mar 2025 19:34:22 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v140/ 126 KB
126 KB 51ms
9ms Font
font/woff2 2404:6800:4004:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Requested by

Host: zxcs.zip
URL: https://zxcs.zip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a4dbc62fa335e411b94a532be091c58c0c0c4fa731339f11722577d3cf6443b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zxcs.zip/
Origin: https://zxcs.zip
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 16:42:21 GMT
x-content-type-options: nosniff
age: 288480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128616
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:52:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Mar 2025 16:42:21 GMT

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IKlh.woff
fonts.gstatic.com/s/googlesans/v46/ 184 KB
184 KB 57ms
16ms Font
font/woff 2404:6800:4004:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IKlh.woff

Requested by

Host: zxcs.zip
URL: https://zxcs.zip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f80ece93c4b29644d039399a38cd7811fff89db54f158257699446c4d4912566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zxcs.zip/
Origin: https://zxcs.zip
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 15:53:46 GMT
x-content-type-options: nosniff
age: 32195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187964
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 17:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Mar 2025 15:53:46 GMT

GET
H2 200 5aUu9-KzpRiLCAt4Unrc-xIKmCU5mE4.woff
fonts.gstatic.com/s/googlesanstext/v21/ 58 KB
58 KB 49ms
7ms Font
font/woff 2404:6800:4004:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesanstext/v21/5aUu9-KzpRiLCAt4Unrc-xIKmCU5mE4.woff

Requested by

Host: zxcs.zip
URL: https://zxcs.zip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fb411d36931280c47980d36123edeab46f9bb6975eaa1f601da32d136f22404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zxcs.zip/
Origin: https://zxcs.zip
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:14:26 GMT
x-content-type-options: nosniff
age: 12955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59316
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:21:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Mar 2025 21:14:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Me5g.woff
fonts.gstatic.com/s/roboto/v30/ 64 KB
64 KB 44ms
10ms Font
font/woff 2404:6800:4004:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Me5g.woff

Requested by

Host: zxcs.zip
URL: https://zxcs.zip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41533d5c6eab361631aa3cf8bf7b8a2e6babfcc42a1aa950b2b0cd80c109b8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zxcs.zip/
Origin: https://zxcs.zip
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 16:42:22 GMT
x-content-type-options: nosniff
age: 288479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65456
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Mar 2025 16:42:22 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
13 KB 39ms
8ms Font
font/woff2 2404:6800:4004:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2

Requested by

Host: zxcs.zip
URL: https://zxcs.zip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1af0ee2e409d753adfedb8a11628be961881ad5139d1a9252fcc4984cbce5f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zxcs.zip/
Origin: https://zxcs.zip
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 16:39:05 GMT
x-content-type-options: nosniff
age: 288676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12684
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Mar 2025 16:39:05 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/ 405 KB
137 KB 113ms
72ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9057438522091178

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d07c99866edf8bdffce7e3ab0ce3a797eb4cd174e7809a51fd396aa2148d1c68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://zxcs.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 00:50:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140674
x-xss-protection: 0
server: cafe
etag: 14176693126891624484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 00:50:21 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/ Frame 88B5 9 KB
4 KB 42ms
2ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9057438522091178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zxcs.zip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 29069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Mar 2024 16:45:52 GMT
etag: 5035419970550746386
expires: Tue, 26 Mar 2024 16:45:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
249 B 91ms
40ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-58XH0DYFV5&gtm=45je43b0v9119398281za200&_p=1710291021036&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1547559214.1710291021&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710291021&sct=1&seg=0&dl=https%3A%2F%2Fzxcs.zip%2F&dt=%E7%9F%A5%E8%BD%A9%E8%97%8F%E4%B9%A6-%E8%97%8F%E5%B0%BD%E7%BD%91%E7%BB%9C%E4%B8%AD%E6%9C%80%E5%A5%BD%E7%9A%84%E7%B2%BE%E6%A0%A1%E5%B0%8F%E8%AF%B4&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1969
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-58XH0DYFV5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://zxcs.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 00:50:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zxcs.zip
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 154ms
49ms Ping
text/plain 2404:6800:4008:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-58XH0DYFV5&cid=1547559214.1710291021&gtm=45je43b0v9119398281za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-58XH0DYFV5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c03::9b Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://zxcs.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 00:50:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zxcs.zip
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
408 B 85ms
44ms Image
image/gif 2404:6800:4004:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-58XH0DYFV5&cid=1547559214.1710291021&gtm=45je43b0v9119398281za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=1839688710

Requested by

Host: zxcs.zip
URL: https://zxcs.zip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://zxcs.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 00:50:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.24/ 60 KB
25 KB 5ms
5ms Script
application/javascript 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.24/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/hma2fxuaur?ref=bwt
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://zxcs.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 00:50:21 GMT
content-encoding: br
last-modified: Sun, 10 Mar 2024 17:00:12 GMT
etag: W/"0x8DC41238D312F83"
vary: Accept-Encoding
x-azure-ref: 20240313T005021Z-mg6rdgkvrp7d5atvz4dbuseux80000000e7g00000000udr8
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 5b6a5a74-101e-0038-491b-738a1b000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H/1.1 204
No Content collect Show response
j.clarity.ms/ 0
288 B 901ms
492ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://zxcs.zip/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://zxcs.zip
Date: Wed, 13 Mar 2024 00:50:22 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EB44 619 KB
108 KB 589ms
588ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9057438522091178&output=html&adk=1812271804&adf=3025194257&lmt=1710291021&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x675_l%7C356x675_r&format=0x0&url=https%3A%2F%2Fzxcs.zip%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710291021158&bpp=3&bdt=464&idt=266&shv=r20240306&mjsv=m202403070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5411197707414&frm=20&pv=2&ga_vid=1547559214.1710291021&ga_sid=1710291021&ga_hid=551060883&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081563%2C44795921%2C95320378%2C31080990%2C95324161%2C95325784&oid=2&pvsid=240830995770141&tmod=22858912&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=283

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb0be2c69fda20fecf196c0e0fdab7162d364653b4b9249a9ec5d885f818a439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zxcs.zip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 110426
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 00:50:22 GMT
expires: Wed, 13 Mar 2024 00:50:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/ 166 KB
56 KB 53ms
53ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34d8c9b565fe8ff6ea9140c902b875fd563b9d6cd2d8306177a509f38b7b0045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://zxcs.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 00:50:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57257
x-xss-protection: 0
server: cafe
etag: 2680576833258367540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 00:50:22 GMT

GET
H2 200 ca-pub-9057438522091178 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 130ms
67ms Script
application/javascript 2404:6800:400a:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9057438522091178?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7062bce365093788a19e9182678562150e8a2d9a93a77d992c26131ce7c7f486

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KdgQlf132Ir8D7NXTS8uiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://zxcs.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 00:50:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-KdgQlf132Ir8D7NXTS8uiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytHikmLw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiHf4eLDwrZvOqgLEmuunswYCcczz6awpQOyUPoM1AIh96mewRgFx681zrJOB-OSC86wXgViIm-Pch8Pr2QQu3NhXAwBbgjLu"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9C9A 838 B
429 B 242ms
241ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9057438522091178&output=html&h=280&adk=2168583236&adf=457980074&pi=t.aa~a.3496337176~rp.4&w=1160&fwrn=4&fwrnh=100&lmt=1710291022&rafmt=1&to=qs&pwprc=8917504642&format=1160x280&url=https%3A%2F%2Fzxcs.zip%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710291022251&bpp=1&bdt=1557&idt=-M&shv=r20240306&mjsv=m202403070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5411197707414&frm=20&pv=1&ga_vid=1547559214.1710291021&ga_sid=1710291021&ga_hid=551060883&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=3654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081563%2C44795921%2C95320378%2C31080990%2C95324161%2C95325784&oid=2&pvsid=240830995770141&tmod=22858912&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=105

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9becffaeb1f51a108bce78a3f7e1524eff10da2dbba92070e200f59e01642d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zxcs.zip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 00:50:22 GMT
expires: Wed, 13 Mar 2024 00:50:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/ Frame D0B8 9 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zxcs.zip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 37451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Mar 2024 14:26:11 GMT
etag: 5035419970550746386
expires: Tue, 26 Mar 2024 14:26:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/ Frame A02D 9 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zxcs.zip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 37451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Mar 2024 14:26:11 GMT
etag: 5035419970550746386
expires: Tue, 26 Mar 2024 14:26:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/ Frame 8B89 9 KB
4 KB 3ms
2ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zxcs.zip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 37451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Mar 2024 14:26:11 GMT
etag: 5035419970550746386
expires: Tue, 26 Mar 2024 14:26:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/ Frame 8D51 9 KB
4 KB 4ms
3ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zxcs.zip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 37451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Mar 2024 14:26:11 GMT
etag: 5035419970550746386
expires: Tue, 26 Mar 2024 14:26:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxUB6Rp09zKAI1vBb2AcQVt-Z0kcN998q9iHAt22tAmLlNX6OWC4_kYINL6Jn9HTT4ANk5ehGCe_36PLa49XqYAjYO5T7N-Y4eh_qljIY2jVv204Ot00_F_6xhiEnoXhCae6eIueGA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 69ms
68ms Script
application/javascript 2404:6800:400a:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUB6Rp09zKAI1vBb2AcQVt-Z0kcN998q9iHAt22tAmLlNX6OWC4_kYINL6Jn9HTT4ANk5ehGCe_36PLa49XqYAjYO5T7N-Y4eh_qljIY2jVv204Ot00_F_6xhiEnoXhCae6eIueGA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwMjkxMDIyLDM4NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly96eGNzLnppcC8iLG51bGwsW1s4LCJzN2hpR3JvTXZ4VSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.s7hiGroMvxU.es5.O/am=wA/d=1/rs=AJlcJMyM_jr8RvrXE105utb8YiWSdMrSNA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

10c161dd185d2d2fe3b6cf77b106a294255eb0befff0dfd55326e21b3ebcf38f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-K8SNMKhRYZBUiJNg50vaTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://zxcs.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 00:50:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-K8SNMKhRYZBUiJNg50vaTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmLw1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiHf4eLDwrZvOqgLEmuunswYCcczz6awpQOyUPoM1AIh96mewRgFx681zrJOB-OSC86wXgViIh-Pch8Pr2QReHPt6hhEAjhszeQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0756 910 B
857 B 87ms
44ms Stylesheet
text/css 2404:6800:4004:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C600&text=%E3%83%A1%E4%BB%AC4%E3%83%AD%E3%81%9F%E3%81%84%E9%97%AE%E8%A9%B3%E4%BD%8D%E7%AB%8B%E3%81%AA%E7%99%BB%E6%9D%B1%E3%83%9D%EF%BC%8C%E3%81%A80%E5%BD%93%E6%97%A5%E3%80%81%E3%81%AB%E7%B4%B0%E4%BA%8E%E6%8A%BD%E5%8D%B3%E6%A7%98%EF%BC%81%E9%8C%B2%E5%90%8D%E3%82%82%E3%82%8B%E3%83%A3%E3%83%9A%E3%81%99%E3%81%A7%E4%BA%AC%E8%AE%BF%2C3%E3%81%8C%E6%88%91%E3%81%BE1%E3%81%A3%E6%9C%88%E9%81%B8%E3%83%88%E3%82%AD%E3%82%A4%E3%83%B3%E3%83%BC

Requested by

Host: zxcs.zip
URL: https://zxcs.zip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f1848c053ebfcec2a6d8519a3e1f8f411f058b3cafcb074fea2422a56850fcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Mar 2024 00:50:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Mar 2024 00:50:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Mar 2024 00:50:22 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/ Frame 0756 2 KB
903 B 63ms
10ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: zxcs.zip
URL: https://zxcs.zip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 21:10:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/ Frame 0756 23 KB
9 KB 58ms
7ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/abg_lite_fy2021.js

Requested by

Host: zxcs.zip
URL: https://zxcs.zip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 21:10:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/ Frame 0756 3 KB
1 KB 59ms
8ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/window_focus_fy2021.js

Requested by

Host: zxcs.zip
URL: https://zxcs.zip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 14:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 14:10:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/ Frame 0756 20 KB
8 KB 52ms
1ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: zxcs.zip
URL: https://zxcs.zip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8219
x-xss-protection: 0
server: cafe
etag: 17239101513064691842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 21:10:31 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0756 207 KB
63 KB 4ms
3ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: zxcs.zip
URL: https://zxcs.zip/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7eecc42aaae1307d934ee4a0255ba91074704cc6a9af55f2df61d0a29c3f66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:52:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64189
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 00:52:11 GMT

GET
H2 200 fae6ba9c9cb9ec876bbde5988f04c6f7.js Show response
www.gstatic.com/mysidia/ Frame 0756 36 KB
15 KB 47ms
0ms Script
text/javascript 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: zxcs.zip
URL: https://zxcs.zip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 16:50:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15132
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 03:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 07 Jun 2024 16:50:55 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/elements/html/ Frame D0B8 15 KB
6 KB 57ms
10ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b5a4e5208642cc79fa1cbf1c0bc831d41a4bbab2f3be66ae814dd26a9ba9bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 15:11:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6460
x-xss-protection: 0
server: cafe
etag: 5807243554008179978
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 15:11:26 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D0B8 205 B
520 B 45ms
1ms Image
image/png 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 14:07:23 GMT
x-content-type-options: nosniff
age: 211379
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 10 Mar 2025 14:07:23 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D0B8 604 B
697 B 45ms
1ms Image
image/png 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 16:54:44 GMT
x-content-type-options: nosniff
age: 287738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 09 Mar 2025 16:54:44 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/elements/html/ Frame D0B8 22 KB
9 KB 54ms
9ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a32d83226b99bf308d933b72dbb3de0c52f64a8dce02d1fac907f322c93d7566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 09:30:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9102
x-xss-protection: 0
server: cafe
etag: 22571300659011078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 09:30:42 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/ Frame A02D 23 KB
9 KB 44ms
6ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 21:10:31 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0870 143 B
166 B 2ms
2ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 3159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Mar 2024 23:57:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/ Frame A02D 3 KB
1 KB 47ms
10ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 14:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 14:10:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/ Frame A02D 20 KB
8 KB 41ms
4ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8219
x-xss-protection: 0
server: cafe
etag: 17239101513064691842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 21:10:31 GMT

GET
H2 200 14767163948721106245
tpc.googlesyndication.com/simgad/ Frame A02D 27 KB
27 KB 50ms
14ms Image
image/png 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14767163948721106245?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlaXOBcj4MuJwGUGI0XsfatX1JKOQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

811d7fca913c1f36cca4086a6aa4cc9a8dc4a34dc8edf85dc036cfb56a996c60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 16:54:13 GMT
x-content-type-options: nosniff
age: 287769
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27840
x-xss-protection: 0
last-modified: Sun, 27 Aug 2023 03:52:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 09 Mar 2025 16:54:13 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A02D 207 KB
63 KB 2ms
2ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7eecc42aaae1307d934ee4a0255ba91074704cc6a9af55f2df61d0a29c3f66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:52:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64189
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 00:52:11 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/ Frame A02D 36 KB
14 KB 49ms
13ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c35026736c82ae88a5b0b53922052682db219833c917d138c16bd428d008572e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
server: cafe
etag: 5002252355010816401
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 21:10:31 GMT

GET
H2 200 14767163948721106245
tpc.googlesyndication.com/simgad/ Frame 8B89 27 KB
27 KB 42ms
15ms Image
image/png 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14767163948721106245?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlaXOBcj4MuJwGUGI0XsfatX1JKOQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

811d7fca913c1f36cca4086a6aa4cc9a8dc4a34dc8edf85dc036cfb56a996c60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 16:54:13 GMT
x-content-type-options: nosniff
age: 287769
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27840
x-xss-protection: 0
last-modified: Sun, 27 Aug 2023 03:52:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 09 Mar 2025 16:54:13 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/ Frame 8B89 23 KB
9 KB 37ms
11ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 21:10:31 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7AEC 143 B
166 B 2ms
2ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 3159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Mar 2024 23:57:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/ Frame 8B89 3 KB
1 KB 35ms
11ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 14:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 14:10:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/ Frame 8B89 20 KB
8 KB 29ms
5ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8219
x-xss-protection: 0
server: cafe
etag: 17239101513064691842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 21:10:31 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8B89 207 KB
63 KB 3ms
2ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7eecc42aaae1307d934ee4a0255ba91074704cc6a9af55f2df61d0a29c3f66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:52:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64189
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 00:52:11 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/ Frame 8B89 36 KB
14 KB 38ms
14ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c35026736c82ae88a5b0b53922052682db219833c917d138c16bd428d008572e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
server: cafe
etag: 5002252355010816401
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 21:10:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/ Frame 8D51 23 KB
9 KB 20ms
6ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 21:10:31 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4623 143 B
166 B 3ms
2ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 3159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Mar 2024 23:57:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/ Frame 8D51 3 KB
1 KB 24ms
12ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 14:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 14:10:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/ Frame 8D51 20 KB
8 KB 17ms
5ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8219
x-xss-protection: 0
server: cafe
etag: 17239101513064691842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 21:10:31 GMT

GET
H2 200 13609113265593549704
tpc.googlesyndication.com/simgad/ Frame 8D51 11 KB
12 KB 24ms
12ms Image
image/png 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13609113265593549704?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlUIKPWY2ANEvpL6jsR6Qm5OVMuCw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485d7fe0e3f85e8b6d4ff06d7148c2e397141890af3d498e8b3a0d6af105f2e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 16:49:06 GMT
x-content-type-options: nosniff
age: 288076
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11636
x-xss-protection: 0
last-modified: Sun, 27 Aug 2023 03:52:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 09 Mar 2025 16:49:06 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8D51 207 KB
63 KB 3ms
3ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7eecc42aaae1307d934ee4a0255ba91074704cc6a9af55f2df61d0a29c3f66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:52:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64189
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 00:52:11 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/ Frame 8D51 36 KB
14 KB 27ms
16ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c35026736c82ae88a5b0b53922052682db219833c917d138c16bd428d008572e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
server: cafe
etag: 5002252355010816401
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 21:10:31 GMT

POST
H/1.1 204
No Content collect Show response
j.clarity.ms/ 0
288 B 162ms
161ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://zxcs.zip/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://zxcs.zip
Date: Wed, 13 Mar 2024 00:50:22 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H3 200 AGSKWxWNaMCiBYTGKkt30k3SY0lm-v7yW0SG0CaL6Rnpka-SubzQX94M7wtN2HNVIKbL4OSWKHTBBWtsWeZSRpEMETmKIOdTvC5KS2cfcYVil2Mp9xkcDys1rAIz5fC7sFCUkaeKc_VeiA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 64ms
64ms Script
application/javascript 2404:6800:400a:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWNaMCiBYTGKkt30k3SY0lm-v7yW0SG0CaL6Rnpka-SubzQX94M7wtN2HNVIKbL4OSWKHTBBWtsWeZSRpEMETmKIOdTvC5KS2cfcYVil2Mp9xkcDys1rAIz5fC7sFCUkaeKc_VeiA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwMjkxMDIyLDUwMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8venhjcy56aXAvIixudWxsLFtbOCwiczdoaUdyb012eFUiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4b7b733e3a57f34f1e54ce8bd4288831182ec2971bf3cfcd19ada08ca9e3b0c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_Vui4-8uWJSvLqcTVzPnCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://zxcs.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 00:50:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-_Vui4-8uWJSvLqcTVzPnCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiHf4eLDwrZvOqgLEmuunswYCcczz6awpQOyUPoM1AIh96mewRgFx681zrJOB-OSC86wXgViIh-Pch8Pr2QReLNvSyAQAiB0yxQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0870
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

213ms
212ms

Document
text/html

2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 00:50:22 GMT
expires: Wed, 13 Mar 2024 00:50:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 00:50:22 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7AEC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

220ms
219ms

Document
text/html

2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 00:50:22 GMT
expires: Wed, 13 Mar 2024 00:50:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 00:50:22 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4623
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

211ms
211ms

Document
text/html

2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 00:50:22 GMT
expires: Wed, 13 Mar 2024 00:50:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 00:50:22 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8D51 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfe62b7902520536fdd118565a002cddbbe2985e06c7dfc12089c4d18b4d4034

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8D51
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CVPLjTfjwZeaAHd_cs8IPk-uz6Aes0tf9deWT8IySEtfHor3AARABIJ25vzFgifPFhPQToAGPwMmbA8gBAqkCwKjLg3M2Cj6oAwHIA8kEqgS5AU_QwIuOYTS2fAT_SGhh_Fz_mvinIBNzrHi...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf7bec1ea0b8b44910000000000000000%22,%222%22:%220x64672fbd8e830140000000000000000%22,%223%22:%220x8066109...

0
0

82ms
42ms

Fetch
text/css

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf7bec1ea0b8b44910000000000000000%22,%222%22:%220x64672fbd8e830140000000000000000%22,%223%22:%220x8066109c1985b5a0000000000000000%22,%224%22:%220x217ea931ec74f9040000000000000000%22,%225%22:%220x299218049d5eab680000000000000000%22},%22debug_key%22:%223258023076792192275%22,%22debug_reporting%22:true,%22destination%22:%22https://jinpian.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22863133711%22],%2222%22:[%22true%22],%224%22:[%2203-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221840205928307469025%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 00:50:22 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xf7bec1ea0b8b44910000000000000000","2":"0x64672fbd8e830140000000000000000","3":"0x8066109c1985b5a0000000000000000","4":"0x217ea931ec74f9040000000000000000","5":"0x299218049d5eab680000000000000000"},"debug_key":"3258023076792192275","debug_reporting":true,"destination":"https://jinpian.org","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["863133711"],"22":["true"],"4":["03-13"],"6":["true"]},"priority":"500","source_event_id":"1840205928307469025"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Mar 2024 00:50:22 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Mar 2024 00:50:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xf7bec1ea0b8b44910000000000000000","2":"0x64672fbd8e830140000000000000000","3":"0x8066109c1985b5a0000000000000000","4":"0x217ea931ec74f9040000000000000000","5":"0x299218049d5eab680000000000000000"},"debug_key":"3258023076792192275","debug_reporting":true,"destination":"https://jinpian.org","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["863133711"],"22":["true"],"4":["03-13"],"6":["true"]},"priority":"500","source_event_id":"1840205928307469025"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 2XuAnNhv9ZdrLh840DIAgutokU3UuLKCtZvRQAQJz4k.js Show response
pagead2.googlesyndication.com/bg/ Frame 4B7A 51 KB
20 KB 9ms
9ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2XuAnNhv9ZdrLh840DIAgutokU3UuLKCtZvRQAQJz4k.js

Requested by

Host: zxcs.zip
URL: https://zxcs.zip/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d97b809cd86ff5976b2e1f38d0320082eb68914dd4b8b282b59bd1400409cf89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 16:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 287519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20134
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Mar 2025 16:58:23 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 89ms
42ms Preflight
text/html 142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 13 Mar 2024 00:50:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A02D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 283b0ded88270afb22ad8e58adb249940e2a495bb0ebd791605a4b2e1a44c115

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 2XuAnNhv9ZdrLh840DIAgutokU3UuLKCtZvRQAQJz4k.js Show response
pagead2.googlesyndication.com/bg/ Frame B56E 51 KB
20 KB 2ms
2ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2XuAnNhv9ZdrLh840DIAgutokU3UuLKCtZvRQAQJz4k.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d97b809cd86ff5976b2e1f38d0320082eb68914dd4b8b282b59bd1400409cf89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 16:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 287519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20134
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Mar 2025 16:58:23 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A02D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CUTJXTfjwZeSAHd_cs8IPk-uz6Aes0tf9db2T8IySEtfHor3AARABIJ25vzFgifPFhPQToAGPwMmbA8gBAqkCwKjLg3M2Cj6oAwHIA8kEqgS4AU_QvTUtm-8vj3_GQBxIdlsJdz8RtclOqQj...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf7bec1ea0b8b44910000000000000000%22,%222%22:%220x64672fbd8e830140000000000000000%22,%223%22:%220x8066109...

0
0

39ms
39ms

Fetch
text/css

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf7bec1ea0b8b44910000000000000000%22,%222%22:%220x64672fbd8e830140000000000000000%22,%223%22:%220x8066109c1985b5a0000000000000000%22,%224%22:%220x217ea931ec74f9040000000000000000%22,%225%22:%220x299218049d5eab680000000000000000%22},%22debug_key%22:%227568266971169507183%22,%22debug_reporting%22:true,%22destination%22:%22https://jinpian.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22863133711%22],%2222%22:[%22true%22],%224%22:[%2203-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226616889323902113665%22}&andc=true

Requested by

Host: zxcs.zip
URL: https://zxcs.zip/

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 00:50:22 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xf7bec1ea0b8b44910000000000000000","2":"0x64672fbd8e830140000000000000000","3":"0x8066109c1985b5a0000000000000000","4":"0x217ea931ec74f9040000000000000000","5":"0x299218049d5eab680000000000000000"},"debug_key":"7568266971169507183","debug_reporting":true,"destination":"https://jinpian.org","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["863133711"],"22":["true"],"4":["03-13"],"6":["true"]},"priority":"500","source_event_id":"6616889323902113665"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Mar 2024 00:50:22 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Mar 2024 00:50:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xf7bec1ea0b8b44910000000000000000","2":"0x64672fbd8e830140000000000000000","3":"0x8066109c1985b5a0000000000000000","4":"0x217ea931ec74f9040000000000000000","5":"0x299218049d5eab680000000000000000"},"debug_key":"7568266971169507183","debug_reporting":true,"destination":"https://jinpian.org","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["863133711"],"22":["true"],"4":["03-13"],"6":["true"]},"priority":"500","source_event_id":"6616889323902113665"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 41ms
40ms Preflight
text/html 142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf7bec1ea0b8b44910000000000000000%22,%222%22:%220x64672fbd8e830140000000000000000%22,%223%22:%220x8066109c1985b5a0000000000000000%22,%224%22:%220x217ea931ec74f9040000000000000000%22,%225%22:%220x299218049d5eab680000000000000000%22},%22debug_key%22:%227568266971169507183%22,%22debug_reporting%22:true,%22destination%22:%22https://jinpian.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22863133711%22],%2222%22:[%22true%22],%224%22:[%2203-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226616889323902113665%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 13 Mar 2024 00:50:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8B89 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a48d73e0bec9aacbec4950fbc23bb346aeb19ee8178fce9af837ad7308581f81

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 2XuAnNhv9ZdrLh840DIAgutokU3UuLKCtZvRQAQJz4k.js Show response
pagead2.googlesyndication.com/bg/ Frame 72DB 51 KB
20 KB 3ms
2ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2XuAnNhv9ZdrLh840DIAgutokU3UuLKCtZvRQAQJz4k.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d97b809cd86ff5976b2e1f38d0320082eb68914dd4b8b282b59bd1400409cf89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 16:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 287519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20134
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Mar 2025 16:58:23 GMT

GET
H3 200 2XuAnNhv9ZdrLh840DIAgutokU3UuLKCtZvRQAQJz4k.js Show response
pagead2.googlesyndication.com/bg/ Frame 0BD2 51 KB
20 KB 4ms
4ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2XuAnNhv9ZdrLh840DIAgutokU3UuLKCtZvRQAQJz4k.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d97b809cd86ff5976b2e1f38d0320082eb68914dd4b8b282b59bd1400409cf89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 16:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 287519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20134
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Mar 2025 16:58:23 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8B89
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C6mqqTfjwZeWAHd_cs8IPk-uz6Aes0tf9db2T8IySEtfHor3AARABIJ25vzFgifPFhPQToAGPwMmbA8gBAqkCwKjLg3M2Cj6oAwHIA8kEqgS4AU_Q4n_LW418CzJ9ZxZUokiqz-yQTM1eaAW...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf7bec1ea0b8b44910000000000000000%22,%222%22:%220x64672fbd8e830140000000000000000%22,%223%22:%220x8066109...

0
0

41ms
40ms

Fetch
text/css

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf7bec1ea0b8b44910000000000000000%22,%222%22:%220x64672fbd8e830140000000000000000%22,%223%22:%220x8066109c1985b5a0000000000000000%22,%224%22:%220x217ea931ec74f9040000000000000000%22,%225%22:%220x299218049d5eab680000000000000000%22},%22debug_key%22:%2215883311762988534455%22,%22debug_reporting%22:true,%22destination%22:%22https://jinpian.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22863133711%22],%2222%22:[%22true%22],%224%22:[%2203-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215147339331647563329%22}&andc=true

Requested by

Host: zxcs.zip
URL: https://zxcs.zip/

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 00:50:23 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xf7bec1ea0b8b44910000000000000000","2":"0x64672fbd8e830140000000000000000","3":"0x8066109c1985b5a0000000000000000","4":"0x217ea931ec74f9040000000000000000","5":"0x299218049d5eab680000000000000000"},"debug_key":"15883311762988534455","debug_reporting":true,"destination":"https://jinpian.org","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["863133711"],"22":["true"],"4":["03-13"],"6":["true"]},"priority":"500","source_event_id":"15147339331647563329"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Mar 2024 00:50:23 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Mar 2024 00:50:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xf7bec1ea0b8b44910000000000000000","2":"0x64672fbd8e830140000000000000000","3":"0x8066109c1985b5a0000000000000000","4":"0x217ea931ec74f9040000000000000000","5":"0x299218049d5eab680000000000000000"},"debug_key":"15883311762988534455","debug_reporting":true,"destination":"https://jinpian.org","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["863133711"],"22":["true"],"4":["03-13"],"6":["true"]},"priority":"500","source_event_id":"15147339331647563329"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
41ms Preflight
text/html 142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf7bec1ea0b8b44910000000000000000%22,%222%22:%220x64672fbd8e830140000000000000000%22,%223%22:%220x8066109c1985b5a0000000000000000%22,%224%22:%220x217ea931ec74f9040000000000000000%22,%225%22:%220x299218049d5eab680000000000000000%22},%22debug_key%22:%2215883311762988534455%22,%22debug_reporting%22:true,%22destination%22:%22https://jinpian.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22863133711%22],%2222%22:[%22true%22],%224%22:[%2203-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215147339331647563329%22}&andc=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 13 Mar 2024 00:50:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 carbonads-_ads_iframe_ Show response
fundingchoicesmessages.google.com/f/AGSKWxWiXhxpBoob-YXOUb520Pbo4_bc_S_LyMl3zXnjUNtjm8oXSqLeSRXfjNqyusb_39R2KkLBE_dnTOV6kamgl5ieLr8yr2_dgKE4B1liWSM1nWW3z8Rd9VUF8OmUF8u_6VG8H1oy-Q_ZxKcjMU_FiyPgYWWkF... 54 B
110 B 55ms
54ms Script
application/javascript 2404:6800:400a:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWiXhxpBoob-YXOUb520Pbo4_bc_S_LyMl3zXnjUNtjm8oXSqLeSRXfjNqyusb_39R2KkLBE_dnTOV6kamgl5ieLr8yr2_dgKE4B1liWSM1nWW3z8Rd9VUF8OmUF8u_6VG8H1oy-Q_ZxKcjMU_FiyPgYWWkFEpuMqV-hGIKkgKf_B2Y6lVmBxmhJPTQ/_/MonsterAd-/ad_mini_/misc/ex_loader./carbonads-_ads_iframe_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.s7hiGroMvxU.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwI1hJDnoRrpPPGA0C2XADTNmznEw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

335abb5e2d75948a54801d4fd30dbd79f5057a62a643c850c2d19929829ec02f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tZSfLIIzxoVm-5DvHHhF_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://zxcs.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 00:50:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-tZSfLIIzxoVm-5DvHHhF_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmLw0ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiHf4eLDwrZvOqgLEmuunswYCcczz6awpQOyUPoM1AIh96mewRgFx681zrJOB-OSC86wXgViIh-P8h8Pr2QRebGlayAgAjKUyyw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 48ms
48ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b662ce4b79b17df806286ff35d21b075037ddf169cc22d07b75c54aba36160e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://zxcs.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 00:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50749
x-xss-protection: 0
server: cafe
etag: 11275592144874169371
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 13 Mar 2024 00:50:23 GMT

POST
H3 204 AGSKWxUotfbDP22fq3KEzbxXDWhuRNjdz3F_pzz0QPFY1GKD-Lm-G53QSZG49OltR5m0QT72hBCFxgLeFbcGWH9ShFaMpw-sj5rubTrkx0Cg-GndIF3YFxQ_FBgCGFabOXQDza6oGYu2DQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 110ms
57ms XHR
text/html 2404:6800:400a:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUotfbDP22fq3KEzbxXDWhuRNjdz3F_pzz0QPFY1GKD-Lm-G53QSZG49OltR5m0QT72hBCFxgLeFbcGWH9ShFaMpw-sj5rubTrkx0Cg-GndIF3YFxQ_FBgCGFabOXQDza6oGYu2DQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-41FDFp6-KpTGZzPj-DoMSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://zxcs.zip/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Mar 2024 00:50:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-41FDFp6-KpTGZzPj-DoMSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmLw1JBiqGV4xtQKxDt8PFic0mewBgCxEA_H-Q-H17MJTJhxdRcjAPoODeE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://zxcs.zip
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUotfbDP22fq3KEzbxXDWhuRNjdz3F_pzz0QPFY1GKD-Lm-G53QSZG49OltR5m0QT72hBCFxgLeFbcGWH9ShFaMpw-sj5rubTrkx0Cg-GndIF3YFxQ_FBgCGFabOXQDza6oGYu2DQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 57ms
56ms XHR
text/html 2404:6800:400a:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUotfbDP22fq3KEzbxXDWhuRNjdz3F_pzz0QPFY1GKD-Lm-G53QSZG49OltR5m0QT72hBCFxgLeFbcGWH9ShFaMpw-sj5rubTrkx0Cg-GndIF3YFxQ_FBgCGFabOXQDza6oGYu2DQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YnoqDjMXCHcWbGE9_76JWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://zxcs.zip/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Mar 2024 00:50:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YnoqDjMXCHcWbGE9_76JWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmLw0JBiqGV4xtQKxDt8PFic0mewBgCxEA_H-Q-H17MJbLhxfDcjAPtgDjM"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://zxcs.zip
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUotfbDP22fq3KEzbxXDWhuRNjdz3F_pzz0QPFY1GKD-Lm-G53QSZG49OltR5m0QT72hBCFxgLeFbcGWH9ShFaMpw-sj5rubTrkx0Cg-GndIF3YFxQ_FBgCGFabOXQDza6oGYu2DQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 55ms
55ms XHR
text/html 2404:6800:400a:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUotfbDP22fq3KEzbxXDWhuRNjdz3F_pzz0QPFY1GKD-Lm-G53QSZG49OltR5m0QT72hBCFxgLeFbcGWH9ShFaMpw-sj5rubTrkx0Cg-GndIF3YFxQ_FBgCGFabOXQDza6oGYu2DQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-q8nejaRFdGXRL_eGPuJbPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://zxcs.zip/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Mar 2024 00:50:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-q8nejaRFdGXRL_eGPuJbPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmLw1pBiqGV4xtQKxDt8PFic0mewBgCxEA_H-Q-H17MJvHh2ZC8jAP0dDns"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://zxcs.zip
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUotfbDP22fq3KEzbxXDWhuRNjdz3F_pzz0QPFY1GKD-Lm-G53QSZG49OltR5m0QT72hBCFxgLeFbcGWH9ShFaMpw-sj5rubTrkx0Cg-GndIF3YFxQ_FBgCGFabOXQDza6oGYu2DQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 59ms
59ms XHR
text/html 2404:6800:400a:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUotfbDP22fq3KEzbxXDWhuRNjdz3F_pzz0QPFY1GKD-Lm-G53QSZG49OltR5m0QT72hBCFxgLeFbcGWH9ShFaMpw-sj5rubTrkx0Cg-GndIF3YFxQ_FBgCGFabOXQDza6oGYu2DQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mFqnZq46lJ9rGrbAwRm4_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://zxcs.zip/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Mar 2024 00:50:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-mFqnZq46lJ9rGrbAwRm4_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw0JBiqGV4xtQKxDt8PFic0mewBgCxEA_H-Q-H17MJvOjduo8RAPnsDgk"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://zxcs.zip
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXs-ktYP7yQ8QGQoSuUN6Mzpsi26cXGsjzfTYiizKxqmYsFqtxdSM8dtygFgv8HGxgWbIL4Z57kuloxZcHLVckp8uTgRiqWwL9cbzKP7tLs7ELJmIdgmKqQSIAfX8A-3c7YSgH8tA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 63ms
63ms Script
application/javascript 2404:6800:400a:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXs-ktYP7yQ8QGQoSuUN6Mzpsi26cXGsjzfTYiizKxqmYsFqtxdSM8dtygFgv8HGxgWbIL4Z57kuloxZcHLVckp8uTgRiqWwL9cbzKP7tLs7ELJmIdgmKqQSIAfX8A-3c7YSgH8tA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwMjkxMDIzLDM3MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly96eGNzLnppcC8iLG51bGwsW1s4LCJzN2hpR3JvTXZ4VSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ef1e639aa4f0366e884228d33f250ade69576566963f2ea7b9757a2841787f60

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-CiuPrQuH78NkYI9zUHkKUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://zxcs.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 00:50:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-CiuPrQuH78NkYI9zUHkKUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmLw05BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiHf4eLDwrZvOqgLEmuunswYCcczz6awpQOyUPoM1AIh96mewRgFx681zrJOB-OSC86wXgViIh-P8h8Pr2QR-NH84xAgAjqkzOw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWXNVwtmPHP9S0Xu3eAaoNs7auw1faNs2LkeCDTGnIMEMSarfTq8-0RyNk5sEkdXX_m7u7MGLxbi9CN0BBvJvyWuEAE8oN5PU9TlysJ4ne3p6tsf6Haa-jnnfpvcxtVbIQD1807-w== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 59ms
59ms XHR
text/html 2404:6800:400a:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWXNVwtmPHP9S0Xu3eAaoNs7auw1faNs2LkeCDTGnIMEMSarfTq8-0RyNk5sEkdXX_m7u7MGLxbi9CN0BBvJvyWuEAE8oN5PU9TlysJ4ne3p6tsf6Haa-jnnfpvcxtVbIQD1807-w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--moceP8aii4_OKY1xDltpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://zxcs.zip/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Mar 2024 00:50:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--moceP8aii4_OKY1xDltpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw0JBiqGV4xtQKxDt8PFic0mewBgCxEA_H-Q-H17MJXDi6_z4jAPq0DlQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://zxcs.zip
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUotfbDP22fq3KEzbxXDWhuRNjdz3F_pzz0QPFY1GKD-Lm-G53QSZG49OltR5m0QT72hBCFxgLeFbcGWH9ShFaMpw-sj5rubTrkx0Cg-GndIF3YFxQ_FBgCGFabOXQDza6oGYu2DQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 56ms
56ms XHR
text/html 2404:6800:400a:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUotfbDP22fq3KEzbxXDWhuRNjdz3F_pzz0QPFY1GKD-Lm-G53QSZG49OltR5m0QT72hBCFxgLeFbcGWH9ShFaMpw-sj5rubTrkx0Cg-GndIF3YFxQ_FBgCGFabOXQDza6oGYu2DQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-A-AjHuJoKRhl2hOAmrVd3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://zxcs.zip/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Mar 2024 00:50:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-A-AjHuJoKRhl2hOAmrVd3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmII1pBiqGV4xtQKxDt8PFic0mewBgCxEA_H-Q-H17MJNFzcdp8RAPwLDho"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://zxcs.zip
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8D51 42 B
174 B 46ms
44ms Fetch
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvuQCLcPpjAme-YyCg5AsLRPN8ADBowk892qRaV7MNjxHbFL5uAv8OmQ-Ho6luarR95H5R-HDbug_L1VQFuYb_M-6tOqlAY3qUpSClDDAvS45lvAEITWxUd-Aat3nloKjpsdM5oWE-M4XDle_zNGVHOdV-Ay9Gy4A&sai=AMfl-YQyctVqtqjcKdf31mhhuirMkqO7Rrr8jJyhIKkF87xEttF5uGgcuTmrpkpm-vquEsBJdvifQ3xOL0INKjCI8Xd5WdFj2j_AW7Vk9YWztMhMhq1x8WXlaRRmSQ_bYFmvWlzCN_oY5YILkPO3V5uNag&sig=Cg0ArKJSzKhNm5jVcKaPEAE&cid=CAQSTwB7FLtqrpMSP6W-ElopCL-YGlGnpn5RWqOgz6F6cdAgqM-LE_0o9Inu1xV_x5A2FjZ3YLE78z7H88pPPmTXuk6wkSOeFjneJEerwca7usIYAQ&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=100,739,1001,1065,1088&tos=100,639,262,64,23&v=20240311&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=622382200&rst=1710291022376&rpt=263&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 00:50:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A02D 42 B
64 B 46ms
45ms Fetch
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1i_tU_KRe7ThZCifnhePNWr6M6Lm6As_y1hAh4ErMKDqUsL9xFptinckOtytY7AwM2evtK6FxGJUsbiThFMlf9Ueo7y0PooAIsKhasUxOGTv0qFOtvL69NALBIWnMGg9Azq9YUw_9_09F2Rtdf40DCKzMPJpsQk0&sai=AMfl-YRgA83RdI700XeBifCHjdgF8i3i9r7xh50ef8sEx304qw5AnPkGk5OT4L2qQesLogk3chNhrIi0DhacfzDTRGmZzAYfaR6EbG-aq-y00rRpttphpFJIFq-OhQF5Ss13BI_jSedFs2VkO9X04OnmsQ&sig=Cg0ArKJSzB0-0ZXnMIAzEAE&cid=CAQSTwB7FLtqrpMSP6W-ElopCL-YGlGnpn5RWqOgz6F6cdAgqM-LE_0o9Inu1xV_x5A2FjZ3YLE78z7H88pPPmTXuk6wkSOeFjneJEerwca7usIYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240311&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=622382200&rst=1710291022372&rpt=220&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 00:50:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8B89 42 B
64 B 46ms
45ms Fetch
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsth_mXdAHETNae4Nz7M4co490Cm7o9uEK3Q2jmnDUE43VxURL_wjmOX62mhuBvTsurM9eDC0tSgInrTeq3N-K7mWqCwv_0w9e0WVkbRwrZjcBXSm1-hOONizLOp9keQoxPCm8s4uSW7zRIkJzX5AnpyqwnrQBOPoyI&sai=AMfl-YQEdsMaKdHn453xFJ9SP_vgwuexciVm2kxYU3WZwAm7h8wF_0aZJPR9bfRn5LbEPiCoBiuX6MP5_U2OLLuhE-9FiFKj8xFRWd4xpqir8lZcmPEGC7khOQ1ls7WKBdD-tpDBzE8r3JKDxV04vR_LRQ&sig=Cg0ArKJSzCE6wxGvOUlPEAE&cid=CAQSTwB7FLtqrpMSP6W-ElopCL-YGlGnpn5RWqOgz6F6cdAgqM-LE_0o9Inu1xV_x5A2FjZ3YLE78z7H88pPPmTXuk6wkSOeFjneJEerwca7usIYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240311&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=622382200&rst=1710291022375&rpt=242&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 00:50:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
j.clarity.ms/ 0
288 B 161ms
161ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://zxcs.zip/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://zxcs.zip
Date: Wed, 13 Mar 2024 00:50:24 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=551403497D9F4CA2AE195C1738FE32D3&RedC=c.clarity.ms&MXFR=2B3266CE5C096B591A49728F58096594
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=551403497D9F4CA2AE195C1738FE32D3&MUID=31BE2DECE2C6620F0D7D39ADE32C636E

42 B
442 B

44ms
44ms

Image
image/gif

20.205.115.81
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=551403497D9F4CA2AE195C1738FE32D3&MUID=31BE2DECE2C6620F0D7D39ADE32C636E
Protocol: H2
Server: 20.205.115.81 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://zxcs.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 00:50:24 GMT
last-modified: Fri, 01 Mar 2024 20:23:14 GMT
server: Microsoft-IIS/10.0
etag: "4113e049166cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 13 Mar 2024 00:50:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7AD6D4239AE94F9488172440C8D8DCB1 Ref B: TYAEDGE0821 Ref C: 2024-03-13T00:50:25Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=551403497D9F4CA2AE195C1738FE32D3&MUID=31BE2DECE2C6620F0D7D39ADE32C636E
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 53ms
52ms XHR
application/json 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240306&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09530304e3609ebe979fd5cc2c4b122e819ee234c5a822bc64a536ae30460a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://zxcs.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 00:50:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12280
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 103ms
103ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://zxcs.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 00:50:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Mar 2024 00:50:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5553 13 KB
5 KB 3ms
2ms Document
text/html 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zxcs.zip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 12643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Mar 2024 21:19:42 GMT
expires: Wed, 12 Mar 2025 21:19:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C48C 829 B
995 B 43ms
42ms Document
text/html 2404:6800:4004:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aee163bf16376faec4d2588aa2c741a1164d5b138a7d4e647a0b67825615f9ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DnzyDCYKNftiZZ3in8amyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zxcs.zip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-DnzyDCYKNftiZZ3in8amyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 00:50:25 GMT
expires: Wed, 13 Mar 2024 00:50:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5553 39 KB
15 KB 3ms
2ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 09:52:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15541
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Mar 2025 09:52:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C48C 0
0 41ms
40ms Image
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240306&jk=240830995770141&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5553 0
10 B 2ms
2ms Image
text/plain 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dzPbVw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 00:50:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 41ms
41ms Image
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240306&jk=240830995770141&bg=!wMOlw4zNAAZsmiNCTJo7ADQBe5WfODcyTFNPpr5nDe_Y7wUNqdCTQ4tQ-QDRbE5SkVHnd_THAXoGpomcO10fGVSQXnyVAgAAAFRSAAAAB2gBB5kCsfc8pZwQ7m46hAPVcLY-90iuGiNbj3Ku1m5WPhJHHaoQt8EBFxyruYlhqJDvHTMl0gOh8m0DXQ_Rivsi8pF4nWpTSuWM10KSPLr4ecxc9Y3_Aq8KlDjQ9XHhlB-Sf8ZvRSmeffyZOg1E4FSVpG5QOJ-M7JKJ9iSF7i1VLoMQGiKF9_GmIWLm9z2BI0N5n4a0EaSNo81gWtlZmBOnv0FQ4cFEDeKxYXcbYRtvnANp6-FQdHKnBSs3rin-2-AULpiweaLHU6q3RJdqR1AL1hyLqlztdxOiM-b5eZG62mcPS4BIcQQOoWfoPK-DOFEAPZTv7ZAY-jeKg0fyu0GvxZBApzz9x8RT2dFGzp6vd6-PrSsCJzliwftfPwElsCWjJ2Ro9HCS-rdoFPLCn8bUy3bmS_xR4JvhPeaKP3F469rGm2rt4GgRPrPQeSy9Vyh8zE2bCZLWlObx1HrQ3LoYc2rib0IngjRfocvYTa47SS-uNf38NX8GMz-wrdiv5vZf3H6hSt_xz1pANFTvdsYXYxSMYTMYVb3rV5dZwGf25Uk4ekGN5nJizInlhpC1eMgBTvGqrhTDKh-2Wxb2tn6DxKzhakP_r4oiSB9zimTl4Wv5ZQo_36vWFdzP0c4MUEDgBZSGZlXh2X5JgHMLEQxmra9YqFBArDcgMkswbu7DWI1K19W-LDtioxKV-z0EZ9-zngJhTU27gF1iMG-MFS-gA_w-afl-7YP1eTlbCTzzi0XdKRAbaUN2OJYqtO4pzj1VpJp_aOrto9hBYlP3nR2j8JUDsMZG0Q2NkIvkGa6BLdd4i4BZ9uCQVMTe4MSSo_K840SJbOATL84L7BsIuzJe3eH32Gxbhu71M5lazbspkcTRn_GHmO7JoWjDmHWeEfkSRe2TFpRGlkZu45v3CIlkFP09Z2ia
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://zxcs.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 42ms
40ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-58XH0DYFV5&gtm=45je43b0v9119398281za200&_p=1710291021036&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&cid=1547559214.1710291021&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEI&sid=1710291021&sct=1&seg=0&dl=https%3A%2F%2Fzxcs.zip%2F&dt=%E7%9F%A5%E8%BD%A9%E8%97%8F%E4%B9%A6-%E8%97%8F%E5%B0%BD%E7%BD%91%E7%BB%9C%E4%B8%AD%E6%9C%80%E5%A5%BD%E7%9A%84%E7%B2%BE%E6%A0%A1%E5%B0%8F%E8%AF%B4&_s=2&tfd=8362
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-58XH0DYFV5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zxcs.zip/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 00:50:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zxcs.zip
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
j.clarity.ms/ 0
288 B 157ms
156ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://zxcs.zip/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://zxcs.zip
Date: Wed, 13 Mar 2024 00:50:28 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
zxcs.zip/	1970-01-20 19:04:58	Name: XSRF-TOKEN Value: eyJpdiI6IlBYRmpvMllDUDRSY0RpdDBxTDgxNFE9PSIsInZhbHVlIjoic3VjNExIaEdDZllPclRLalFWM3BmMlRpKzVFT1NpS1hXRXgyNWxKZFlPUk1aZzV5NHNKbEl2TldqTGhQZmRxK3ZqQXFnU3UwWklub1FlRExmZkNHWC9EV3JySWFVL2ZnVTR4ZFBwWW9zSjRYOGlTNU82Z1pQdnBsb01oaVFGUFciLCJtYWMiOiJkYmJiZTJkYmVlM2Q5NDY5YTUwYzcwODQxZTY5MTBhM2Q3NGE3MjcyZDQ4OTllZmZjOWNmOTYxMjQ5YWI5NjNhIiwidGFnIjoiIn0%3D
zxcs.zip/	1970-01-20 19:04:58	Name: laravel_session Value: eyJpdiI6ImY3K3FsSXk5dWpuM1FaNGh5MHpkUlE9PSIsInZhbHVlIjoiYzRQNmhram1ETTVFZldlQURzMzhqRnhhUWY3b3gveWEycXVTYm00SGhiRzMxb29GRWxnOW9lOUNoU0k4R1ROR1A3V1F0Y0UxZGx4ekdsRnlIVUFPNElwQ2F4MkRuM3hOQjZYeGNmNDlOeDZTdmFKNlhMd1VQQXR2aVg5a0NnamYiLCJtYWMiOiIxYTIxZjBhNDE5ZjRjNGI2ODA1Yjk1MDY2MThmY2Y3ZDJjMDBiZmNlZTRhODY3ZDRkNWNhMDM3NDUxM2NkMTMyIiwidGFnIjoiIn0%3D
www.clarity.ms/	1970-01-21 03:50:27	Name: CLID Value: 06d61d978ce746aab2b039d3f819131e.20240313.20250313
.zxcs.zip/	1970-01-21 04:40:51	Name: _ga Value: GA1.1.1547559214.1710291021
.zxcs.zip/	1970-01-21 03:50:27	Name: _clck Value: yggn9x%7C2%7Cfk1%7C0%7C1533
.zxcs.zip/	1970-01-20 19:06:17	Name: _clsk Value: 1kxfo2y%7C1710291022405%7C1%7C1%7Cj.clarity.ms%2Fcollect
.zxcs.zip/	1970-01-21 04:26:27	Name: __gads Value: ID=c265a0b6bdf869af:T=1710291021:RT=1710291021:S=ALNI_MZcCdt1Aonjia3C_wliJ9Flnx55-w
.zxcs.zip/	1970-01-21 04:26:27	Name: __gpi Value: UID=00000d3574290c0a:T=1710291021:RT=1710291021:S=ALNI_MZJmGXtbvrJtcRjnQB5mCoPMBufRQ
.zxcs.zip/	1970-01-20 23:24:03	Name: __eoi Value: ID=6e1e3807affb069d:T=1710291021:RT=1710291021:S=AA-AfjYpSn1Ns8-L4eGMHMDe7GFn
.doubleclick.net/	1970-01-21 04:40:51	Name: IDE Value: AHWqTUmHxe3UnlPqUXDqDfLfnKYU_5f7ji65GjBCiI-HvLCr98XHKCHA-udNQP4Vvfw
.zxcs.zip/	1970-01-21 04:40:51	Name: _ga_58XH0DYFV5 Value: GS1.1.1710291021.1.0.1710291022.59.0.0
.doubleclick.net/	1970-01-20 19:04:54	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 21:14:27	Name: ar_debug Value: 1
.zxcs.zip/	1970-01-21 03:50:27	Name: FCNEC Value: %5B%5B%22AKsRol9jacy2rfwo0paAuY-2g-xid4fTz8Rt75b8DMWEPJ0WZveGNWH4So7c0x-GvnyY_qBs_ZQNlVEabY3JgLFQnrLYcf6JPcB2y5DBBMkAAm4OGyXbJSvFDzZ7ATqqvbwhpZ1azOl0n0dSDOmP7stdAdB8zn7mLQ%3D%3D%22%5D%5D
.bing.com/	1970-01-21 04:26:27	Name: MUID Value: 31BE2DECE2C6620F0D7D39ADE32C636E
.c.bing.com/	1970-01-20 19:14:55	Name: MR Value: 0
.c.bing.com/	1970-01-21 04:26:27	Name: SRM_B Value: 31BE2DECE2C6620F0D7D39ADE32C636E
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 04:26:27	Name: MUID Value: 31BE2DECE2C6620F0D7D39ADE32C636E
.c.clarity.ms/	1970-01-20 19:14:55	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 19:04:51	Name: ANONCHK Value: 0

41 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zxcs.zip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
c.bing.com
c.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
j.clarity.ms
lf9-cdn-tos.bytecdntp.com
pagead2.googlesyndication.com
search-operate.cdn.bcebos.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.clarity.ms
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
zxcs.zip
116.114.98.35
142.250.199.98
20.205.115.81
20.85.30.134
2001:4860:4802:32::181
2404:6800:4004:80b::2003
2404:6800:4004:80f::2003
2404:6800:4004:812::2002
2404:6800:4004:818::200a
2404:6800:4004:81d::2008
2404:6800:4004:820::2003
2404:6800:4004:822::2004
2404:6800:4004:823::2002
2404:6800:4004:824::2001
2404:6800:4008:c03::9b
2404:6800:400a:80e::200e
240e:980:1200:92c::56
2606:4700:3032::ac43:8c18
2620:1ec:46::46
2620:1ec:c11::200
0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1
09530304e3609ebe979fd5cc2c4b122e819ee234c5a822bc64a536ae30460a84
0b5a4e5208642cc79fa1cbf1c0bc831d41a4bbab2f3be66ae814dd26a9ba9bbf
10c161dd185d2d2fe3b6cf77b106a294255eb0befff0dfd55326e21b3ebcf38f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1af0ee2e409d753adfedb8a11628be961881ad5139d1a9252fcc4984cbce5f2d
1f1848c053ebfcec2a6d8519a3e1f8f411f058b3cafcb074fea2422a56850fcd
283b0ded88270afb22ad8e58adb249940e2a495bb0ebd791605a4b2e1a44c115
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a
335abb5e2d75948a54801d4fd30dbd79f5057a62a643c850c2d19929829ec02f
34d8c9b565fe8ff6ea9140c902b875fd563b9d6cd2d8306177a509f38b7b0045
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
485d7fe0e3f85e8b6d4ff06d7148c2e397141890af3d498e8b3a0d6af105f2e3
4a4dbc62fa335e411b94a532be091c58c0c0c4fa731339f11722577d3cf6443b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fb411d36931280c47980d36123edeab46f9bb6975eaa1f601da32d136f22404
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
577f4e3946265cf647accc359c42b6b23c6776d1f76f66546ca7a8440abf9f74
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
59c29f5c0d165fc28fa10a822c89126f860a621c755debaf4482f31bd8f73510
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6346c8ecca4d961923bfafdd15a090d5176d955c5e2bbfe810889fc939f15508
66268f925b139bd3074492eff60e272912655e1fd7fb7c945d45df98df5c9b6b
7062bce365093788a19e9182678562150e8a2d9a93a77d992c26131ce7c7f486
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
811d7fca913c1f36cca4086a6aa4cc9a8dc4a34dc8edf85dc036cfb56a996c60
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a32d83226b99bf308d933b72dbb3de0c52f64a8dce02d1fac907f322c93d7566
a48d73e0bec9aacbec4950fbc23bb346aeb19ee8178fce9af837ad7308581f81
a4b7b733e3a57f34f1e54ce8bd4288831182ec2971bf3cfcd19ada08ca9e3b0c
a991bcc05a52cc2c4f07208e5e68c68ed87d527a0155afa1c36235a7de4f6ed4
aee163bf16376faec4d2588aa2c741a1164d5b138a7d4e647a0b67825615f9ae
b662ce4b79b17df806286ff35d21b075037ddf169cc22d07b75c54aba36160e1
c35026736c82ae88a5b0b53922052682db219833c917d138c16bd428d008572e
c6bbc7c755dc0cae3e5678b2e774b4c3aad4b71afe635d79b24ca1a2fcadc878
c7eecc42aaae1307d934ee4a0255ba91074704cc6a9af55f2df61d0a29c3f66f
c9a7a0f6ff4ac0c0ae7e7df4468c049558f6d24c43d2cc07880af52358de2d45
c9becffaeb1f51a108bce78a3f7e1524eff10da2dbba92070e200f59e01642d6
d07c99866edf8bdffce7e3ab0ce3a797eb4cd174e7809a51fd396aa2148d1c68
d97b809cd86ff5976b2e1f38d0320082eb68914dd4b8b282b59bd1400409cf89
da51410f0e5b1eac7c8a6f94a62aee6b6cd41c1342f3b1d3a40bcd00b64e932f
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
dfe62b7902520536fdd118565a002cddbbe2985e06c7dfc12089c4d18b4d4034
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41533d5c6eab361631aa3cf8bf7b8a2e6babfcc42a1aa950b2b0cd80c109b8f
ea28afe40f8ac86511b46cad4b3453fb6d1e3fba79e2de00b8df896b0ce2d6fe
eb0be2c69fda20fecf196c0e0fdab7162d364653b4b9249a9ec5d885f818a439
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1e639aa4f0366e884228d33f250ade69576566963f2ea7b9757a2841787f60
f80ece93c4b29644d039399a38cd7811fff89db54f158257699446c4d4912566
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

zxcs.zip Open in urlscan Pro 2606:4700:3032::ac43:8c18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

103 Requests

96 %HTTPS

80 %IPv6

13 Domains

20 Subdomains

20 IPs

6 Countries

2059 kBTransfer

5036 kBSize

21 Cookies

2 Outgoing links

Page URL History

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

zxcs.zip Open in urlscan Pro
2606:4700:3032::ac43:8c18 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

96 %
HTTPS

80 %
IPv6

13
Domains

20
Subdomains

20
IPs

6
Countries

2059 kB
Transfer

5036 kB
Size

21
Cookies

103 HTTP transactions
3 data transactions