fx.ma-bank.net Open in urlscan Pro
133.167.18.185 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://fx.ma-bank.net/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On December 25 via api (December 25th 2023, 11:13:17 am UTC) from IT — Scanned from JP

Summary HTTP 142 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 17 domains to perform 142 HTTP transactions. The main IP is 133.167.18.185, located in Osaka, Japan and belongs to SAKURA-C SAKURA Internet Inc., JP. The main domain is fx.ma-bank.net.

This is the only time fx.ma-bank.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	133.167.18.185 133.167.18.185	9371 (SAKURA-C ...) (SAKURA-C SAKURA Internet Inc.)
2	2404:6800:400... 2404:6800:4004:824::2008	15169 (GOOGLE) (GOOGLE)
1 2	2404:6800:400... 2404:6800:4004:826::2003	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:823::2003	15169 (GOOGLE) (GOOGLE)
1	180.42.51.129 180.42.51.129	4713 (OCN NTT C...) (OCN NTT Communications Corporation)
32	2404:6800:400... 2404:6800:4004:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:824::200e	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:80c::2004	15169 (GOOGLE) (GOOGLE)
12	2404:6800:400... 2404:6800:4004:822::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4008:c13::9c	15169 (GOOGLE) (GOOGLE)
25	2404:6800:400... 2404:6800:4004:80b::2001	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:808::2002	15169 (GOOGLE) (GOOGLE)
6	142.250.207.38 142.250.207.38	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:400a:805::2006	15169 (GOOGLE) (GOOGLE)
4	65.8.66.54 65.8.66.54	16509 (AMAZON-02) (AMAZON-02)
2 2	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
8 14	172.217.31.130 172.217.31.130	15169 (GOOGLE) (GOOGLE)
3 7	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4004:824::200a	15169 (GOOGLE) (GOOGLE)
6 8	103.43.89.4 103.43.89.4	29990 (ASN-APPNEX) (ASN-APPNEX)
4 6	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
142	21

17 133.167.18.185 (Osaka, Japan)

ASN9371 (SAKURA-C SAKURA Internet Inc., JP)
PTR: 185.18.167.133.static.www10657m.sakura.ne.jp

fx.ma-bank.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:824::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:826::2003 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.42.51.129 (Sashiōgi, Japan)

ASN4713 (OCN NTT Communications Corporation, JP)

img.tcs-asp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2404:6800:4004:80b::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:824::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:80c::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4004:822::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c13::9c (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2404:6800:4004:80b::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:808::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.207.38 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s55-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:400a:805::2006 (Osaka, Japan)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.8.66.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-66-54.yvr50.r.cloudfront.net

tag.researchnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.233.84.8 (Japan) 2 redirects

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.31.130 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: nrt20s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:824::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 103.43.89.4 (Singapore, Singapore) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.64.218 (Kansas City, United States) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	586 KB
33	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 ad.doubleclick.net — Cisco Umbrella Rank: 139 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	207 KB
17	ma-bank.net fx.ma-bank.net	124 KB
8	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	6 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	5 KB
7	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	189 KB
6	openx.net 4 redirects us-u.openx.net — Cisco Umbrella Rank: 491	1 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	322 KB
4	researchnow.com tag.researchnow.com — Cisco Umbrella Rank: 2215	2 KB
4	gstatic.com www.gstatic.com	23 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
2	microad.jp 2 redirects s-cs.send.microad.jp — Cisco Umbrella Rank: 17722	1 KB
2	google.co.jp 1 redirects www.google.co.jp — Cisco Umbrella Rank: 26283	556 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	145 KB
1	tcs-asp.net img.tcs-asp.net	37 KB
142	17

	Domain	Requested by
32	pagead2.googlesyndication.com	fx.ma-bank.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
25	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com fx.ma-bank.net pagead2.googlesyndication.com
17	fx.ma-bank.net	fx.ma-bank.net
14	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net fx.ma-bank.net
8	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	s0.2mdn.net	googleads.g.doubleclick.net fx.ma-bank.net s0.2mdn.net
6	us-u.openx.net	4 redirects googleads.g.doubleclick.net
6	ad.doubleclick.net	googleads.g.doubleclick.net fx.ma-bank.net
5	www.googletagservices.com	googleads.g.doubleclick.net fx.ma-bank.net
4	tag.researchnow.com	googleads.g.doubleclick.net fx.ma-bank.net
4	www.gstatic.com	fx.ma-bank.net googleads.g.doubleclick.net
3	www.google.com	fx.ma-bank.net tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	googleads.g.doubleclick.net fx.ma-bank.net
2	s-cs.send.microad.jp	2 redirects
2	www.google.co.jp	1 redirects fx.ma-bank.net
2	www.googletagmanager.com	fx.ma-bank.net www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	img.tcs-asp.net	fx.ma-bank.net
142	21

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
b.hatena.ne.jp
social-plugins.line.me
getpocket.com
www.tcs-asp.net
line-fx.com
www.click-sec.com
min-fx.jp
lightfx.jp
fx.dmm.com
www.gaikaex.com
www.moneypartners.co.jp
www.jfx.co.jp
hirose-fx.co.jp
www.okasan-online.co.jp
www.click365.jp
www.rakuten-sec.co.jp
www.sbifxt.co.jp
www.central-tanshifx.com
www.fxbroadnet.com
www.gaitameonline.com
profile.ma-bank.net
ma-bank.net
bit.tisoku.net
ediunet.jp
yuho.biz
payer.tisoku.net
home.legare-club.com

Subject Issuer	Validity	Valid
fx.ma-bank.net R3	`2023-12-25` - `2024-03-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
img.tcs-asp.net Sectigo RSA Domain Validation Secure Server CA	`2023-08-21` - `2024-09-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.researchnow.com Amazon RSA 2048 M03	`2023-09-13` - `2024-10-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 25 frames:

Primary Page: http://fx.ma-bank.net/
Frame ID: D61D5C1797177930C31E12A04BCC59FB
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: 66022D1A5AB6109BEED413679E927981
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=2324195497&pi=t.ma~as.3667372079&w=300&lmt=1703502791&format=300x600&url=http%3A%2F%2Ffx.ma-bank.net%2F&ea=0&wgl=1&dt=1703502791597&bpp=2&bdt=679&idt=229&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=6444106848390&frm=20&pv=2&ga_vid=893382917.1703502792&ga_sid=1703502792&ga_hid=1603480576&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=691&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C42531705%2C44809004%2C95320885&oid=2&pvsid=3665428768285153&tmod=292689155&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=243
Frame ID: 791E22C440FD7C102BBD6B1421B2A605
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=236026797&pi=t.ma~as.3667372079&w=300&lmt=1703502791&format=300x600&url=http%3A%2F%2Ffx.ma-bank.net%2F&ea=0&wgl=1&dt=1703502791599&bpp=1&bdt=681&idt=246&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=6444106848390&frm=20&pv=1&ga_vid=893382917.1703502792&ga_sid=1703502792&ga_hid=1603480576&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=2017&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C42531705%2C44809004%2C95320885&oid=2&pvsid=3665428768285153&tmod=292689155&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=249
Frame ID: 9DC01AA1FDC0063E2F819D12F18BF0A1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&adk=1812271804&adf=3025194257&lmt=1703502791&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=http%3A%2F%2Ffx.ma-bank.net%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1703502791610&bpp=2&bdt=692&idt=240&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&nras=1&correlator=6444106848390&frm=20&pv=1&ga_vid=893382917.1703502792&ga_sid=1703502792&ga_hid=1603480576&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C42531705%2C44809004%2C95320885&oid=2&pvsid=3665428768285153&tmod=292689155&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=248
Frame ID: 76B10D9A61A14D75CAE62A7692B2234D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGNCYv-YBMAE&v=APEucNUsqGJcyXNZG6qHZOV0CQ_1EpUwxlJsGOVhVRv8wofs73c9Wh8Gv-kdHtieDk9A5K_QJmFYXuCgFWAeyWSOehgsuMuk1g
Frame ID: 58D0635D820C75C20BC59D7E9184FE41
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1711A939514879BE875D958CCA049277
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 07ECE28A1005B95A3E90AE316105FCCA
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: A3A9C0A689930F4CDBE1E3E5869228A4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 84B6FB28DCA427304C77A5B92FE1D848
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 804116CF12532FF46F58A877AE77F316
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C600&text=%E3%81%A0%E5%BE%97%E3%82%B88%2F%E3%81%B2%E3%83%A3%E3%83%91%E3%83%88%E3%81%8C%E5%86%86%E3%82%BF%E7%A5%AD%E3%81%95%E5%88%A9%EF%BC%8F%E3%83%AC%E6%A9%9F%E3%81%A7%E3%80%82%E3%81%9C%E3%83%BC3%E3%83%B3%E3%82%BB%E5%85%83%E7%AB%8B%E3%81%8A1%E3%83%8D%E4%B8%8B%E6%8E%839%E3%81%9F0%E3%81%8F7%E3%82%B9%E3%82%8A%E5%8F%96%E3%81%8B%E7%9B%8A%E3%81%94%E3%83%89%E9%96%8B%E8%A6%A7%E3%81%84%E4%B8%87%E9%82%84%E6%97%A5%E9%99%A4%2C%E8%BF%842%E3%83%83%E3%82%B3
Frame ID: 20B785E73EA3076C2E6D9CA4DC3A1D2B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGOn9s-cBMAE&v=APEucNUj1FMTRh8SNRKdmlfch7u_aXCcV4bWO78_ldb9gX5ftefGAR24riGsFPauLbnqPM11FjGZfnunH--uQ0nLtXRVY7VLEg
Frame ID: 7FE46F466F1BF5BD91062AAA09EF05AC
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Frame ID: CCC17EA9E3ECAFE4E6F31C4A46CB31C9
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGOn9s-cBMAE&v=APEucNWsA0LjB8akANoBV--s4aADc8EoOkAb8VlShEnzJQkKes1wcf7MFeYD4187NxQaT8HZMzWSjbkAzfkGTQLgZl2CjXQngA
Frame ID: 9F1BF3A0224B2EC2C3B275A439D14F04
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/simgad/11447508629039149190
Frame ID: AE1F55AA932D8E3003B56CC81735895B
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGLCbv-YBMAE&v=APEucNX-whR3LS3Id3tWeUHVyrE9cpFI_CZ-6S0OwYcBDM-uhfNZ-A6_5kNaFtfT_BjtXShzEh___8c14O0QIkk14ZididSPXQ
Frame ID: 20348FB06330BED394E7FED0FB7D5ED4
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: AFFE9F6FA529ADB75D6FC1A06E1E144A
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3E40303C4E905F81DBFBDC2DD1E2B0C5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B24A30EE0F492E419D6FF0C9C8022FAF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E00CB78EF13FFC9630E313F6D14C06C1
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: F67E3280103921C8F4116DF4EB8A1199
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2056919282269310749/index.html?ev=01_250
Frame ID: 458089DE6E90963539500DDD16D48FC3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EF2D75DCFDDA408CED3C1D23A618F89A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 49C9C7BCD063CEB0160FA679E503C0E4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

最速FXサヤ取り法 | 【FP1級運営】FX両建てスワップでローリスク&ミドルリターン

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

142
Requests

87 %
HTTPS

57 %
IPv6

17
Domains

21
Subdomains

21
IPs

5
Countries

1664 kB
Transfer

4671 kB
Size

16
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Ffx.ma-bank.net%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Ffx.ma-bank.net%2F&text=%E6%9C%80%E9%80%9FFX%E3%82%B5%E3%83%A4%E5%8F%96%E3%82%8A%E6%B3%95&tw_p=tweetbutton&url=https%3A%2F%2Ffx.ma-bank.net%2F
Title: Tweet

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/fx.ma-bank.net/

Search URL Search Domain Scan URL

URL: https://social-plugins.line.me/lineit/share?url=https%3A%2F%2Ffx.ma-bank.net%2F
Title: LINE

Search URL Search Domain Scan URL

URL: https://getpocket.com/edit?url=https://fx.ma-bank.net/&title=%E6%9C%80%E9%80%9FFX%E3%82%B5%E3%83%A4%E5%8F%96%E3%82%8A%E6%B3%95
Title: pocket

Search URL Search Domain Scan URL

URL: https://www.tcs-asp.net/alink?AC=C93108&LC=FXTS1&SQ=1&isq=547

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Ffx.ma-bank.net%2F&text=&tw_p=tweetbutton&url=https%3A%2F%2Ffx.ma-bank.net%2F
Title: Tweet

Search URL Search Domain Scan URL

URL: https://getpocket.com/edit?url=https://fx.ma-bank.net/&title=
Title: pocket

Search URL Search Domain Scan URL

URL: https://line-fx.com/market/spread/ex/summaryList
Title: LINE FX

Search URL Search Domain Scan URL

URL: https://www.click-sec.com/corp/guide/fxneo/commission_list/
Title: FXネオ

Search URL Search Domain Scan URL

URL: https://min-fx.jp/market/rate/
Title: みんなのFX

Search URL Search Domain Scan URL

URL: https://lightfx.jp/market/rate/
Title: LIGHT FX

Search URL Search Domain Scan URL

URL: https://fx.dmm.com/fx/service/spread/
Title: DMM FX

Search URL Search Domain Scan URL

URL: https://www.gaikaex.com/gaikaex/spread/
Title: 外貨ex

Search URL Search Domain Scan URL

URL: https://www.moneypartners.co.jp/fx/partnersfxnano/commission.html
Title: パートナーズFx nano

Search URL Search Domain Scan URL

URL: https://www.jfx.co.jp/spread_list/
Title: マトリックストレーダー

Search URL Search Domain Scan URL

URL: https://hirose-fx.co.jp/spread_list/index.html
Title: LION FX

Search URL Search Domain Scan URL

URL: https://www.okasan-online.co.jp/fx_otc/spread.html
Title: 岡三アクティブFX（店頭FX）

Search URL Search Domain Scan URL

URL: https://www.click365.jp/market.html
Title: 岡三オンラインFX（取引所FX）

Search URL Search Domain Scan URL

URL: https://www.rakuten-sec.co.jp/web/fx/charm/commission.html
Title: 楽天FX

Search URL Search Domain Scan URL

URL: https://www.sbifxt.co.jp/advantage/point1.html
Title: SBI FXトレード

Search URL Search Domain Scan URL

URL: https://www.central-tanshifx.com/market/rate/
Title: ＦＸダイレクトプラス

Search URL Search Domain Scan URL

URL: https://www.fxbroadnet.com/outline_spread.jsp
Title: FXブロードネット

Search URL Search Domain Scan URL

URL: https://www.gaitameonline.com/dealings.jsp
Title: 外為オンライン

Search URL Search Domain Scan URL

URL: https://profile.ma-bank.net/
Title: https://profile.ma-bank.net/

Search URL Search Domain Scan URL

URL: https://ma-bank.net/
Title: 最速資産運用

Search URL Search Domain Scan URL

URL: https://bit.tisoku.net/
Title: 競売物件研究所

Search URL Search Domain Scan URL

URL: https://ediunet.jp/
Title: EDIUNET

Search URL Search Domain Scan URL

URL: https://yuho.biz/
Title: Yuho!業界ランキング

Search URL Search Domain Scan URL

URL: https://payer.tisoku.net/
Title: 税金と社会保険の推移β

Search URL Search Domain Scan URL

URL: https://home.legare-club.com/
Title: 中古住宅売買リフォーム情報

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://www.google.co.jp/coop/cse/brand?form=cse-search-box&lang=ja HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 45

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Request Chain 46

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnsiBtMk-8fBq-CsRpO8hg&google_cver=1

Request Chain 47

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYljyGoYHIkddrdwbey6mgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnsiBtMk-8fBq-CsRpO8hg&google_cver=1

Request Chain 96

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=YzNmOTZlOGNiMjE3N2E3MzRhM2Y5NzViOTY3NjQ4NTQ=

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXa6dKVi8lLD63KzhrLyK0&google_cver=1

Request Chain 98

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYljyGoYHIkddrdwbey6mgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXa6dKVi8lLD63KzhrLyK0&google_cver=1

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECYMexMp_wtvjO-XnoAYTnE&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECYMexMp_wtvjO-XnoAYTnE%26google_cver%3D1

Request Chain 100

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg5NDg4MjMxMDAzNDQyODQ0NA%3D%3D

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELpfdJBJdOda55vjKHuLwKQ&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESELpfdJBJdOda55vjKHuLwKQ&google_cver=1

Request Chain 102

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjYwMDRkOTgtNWMzOC0yN2ZmLWMzM2YtMDcxOGM4YTFmNDZl

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECYMexMp_wtvjO-XnoAYTnE&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECYMexMp_wtvjO-XnoAYTnE%26google_cver%3D1

Request Chain 108

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg5NDg4MjMxMDAzNDQyODQ0NA%3D%3D

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELpfdJBJdOda55vjKHuLwKQ&google_cver=1

Request Chain 110

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjYwMDRkOTgtNWMzOC0yN2ZmLWMzM2YtMDcxOGM4YTFmNDZl

142 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
fx.ma-bank.net/ 36 KB
10 KB 1158ms
1082ms Document
text/html 133.167.18.185
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://fx.ma-bank.net/
Protocol: HTTP/1.1
Server: 133.167.18.185 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: 185.18.167.133.static.www10657m.sakura.ne.jp
Software: nginx /
Resource Hash: 6128d767a3905fa4d3c1f98cf427ef57ffc94dce142c914b27e800513e7765c5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 25 Dec 2023 11:13:10 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 main.css
fx.ma-bank.net/skin/ 28 KB
7 KB 519ms
488ms Stylesheet
text/css 133.167.18.185
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://fx.ma-bank.net/skin/main.css?1619162816
Requested by: Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.167.18.185 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: 185.18.167.133.static.www10657m.sakura.ne.jp
Software: nginx /
Resource Hash: dd2e45abacd4eefe130af57b2b86f59d12517553ffb804e1a262d09d96ca494c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:11 GMT
content-encoding: gzip
last-modified: Fri, 23 Apr 2021 07:27:26 GMT
server: nginx
etag: "19d3-5c09eba44f380"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6611
expires: Mon, 01 Jan 2024 11:13:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 93ms
48ms Script
application/javascript 2404:6800:4004:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-17348529-20

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee9009e6e6fedb01792b23d64fa62d96a2bff1540f615954d52d5336cb84cfb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Dec 2023 11:13:10 GMT

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

https://www.google.co.jp/coop/cse/brand?form=cse-search-box&lang=ja
https://www.gstatic.com/prose/brandjs.js

14 KB
6 KB

57ms
4ms

Script
text/javascript

2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 03:43:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5807
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 26 Dec 2023 03:43:52 GMT

Redirect headers

date: Mon, 25 Dec 2023 10:50:58 GMT
x-content-type-options: nosniff
server: sffe
age: 1332
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/prose/brandjs.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Mon, 25 Dec 2023 11:20:58 GMT

GET
H2 200 load.gif
fx.ma-bank.net/img/ 2 KB
2 KB 303ms
273ms Image
image/gif 133.167.18.185
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/load.gif
Requested by: Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.167.18.185 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: 185.18.167.133.static.www10657m.sakura.ne.jp
Software: nginx /
Resource Hash: e008bc0bca2fa6f9b9c113fad73551230961baec88c06b20997ec50171bb2b6b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:11 GMT
last-modified: Wed, 30 Jun 2010 00:17:32 GMT
server: nginx
etag: "606-48a3447a87f00"
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1542
expires: Mon, 01 Jan 2024 11:13:10 GMT

GET
H/1.1 200
OK imagesender
img.tcs-asp.net/ 36 KB
37 KB 44ms
20ms Image
image/jpeg 180.42.51.129
OCN NTT Communica...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tcs-asp.net/imagesender?ac=C93108&lc=FXTS1&isq=547&psq=1
Requested by: Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 180.42.51.129 Sashiōgi, Japan, ASN4713 (OCN NTT Communications Corporation, JP),
Reverse DNS
Software: Apache /
Resource Hash: 01d9c7f1e25d06ce219b7d30cbfc16ed3532fb8515992f291131c88e7552ba4d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 11:13:10 GMT
Last-Modified: Fri, 18 Oct 2019 01:39:51 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 37110
Content-Type: image/jpeg

GET
H2 200 loading.gif
fx.ma-bank.net/img/ 20 KB
20 KB 511ms
511ms Image
image/gif 133.167.18.185
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/loading.gif
Requested by: Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.167.18.185 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: 185.18.167.133.static.www10657m.sakura.ne.jp
Software: nginx /
Resource Hash: 81881de88e27be72434a9ce035cff3b0c4f7e877cc2da8fa507a3589c7b707a2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:11 GMT
last-modified: Thu, 25 Dec 2014 01:26:48 GMT
server: nginx
etag: "4e8d-50b004d47a600"
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 20109
expires: Mon, 01 Jan 2024 11:13:10 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 129ms
84ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c906d58e2acb9e1c15b47254c7486b108005c7e7c12ad930590d58029f091c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51284
x-xss-protection: 0
server: cafe
etag: 12741222323952931959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 11:13:11 GMT

GET
H2 200 echo.js Show response
fx.ma-bank.net/skin/ 2 KB
1 KB 30ms
29ms Script
application/x-javascript 133.167.18.185
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://fx.ma-bank.net/skin/echo.js
Requested by: Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.167.18.185 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: 185.18.167.133.static.www10657m.sakura.ne.jp
Software: nginx /
Resource Hash: df91b67367b0443682d3a36f915455636dca3372974b70e3cece18de21eb9ae9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:11 GMT
content-encoding: gzip
last-modified: Fri, 23 Apr 2021 07:27:27 GMT
server: nginx
etag: "30d-5c09eba5435c0;5f4b1b0c48f1c
vary: negotiate
content-type: application/x-javascript
cache-control: max-age=604800
tcn: choice
accept-ranges: bytes
content-location: echo.js.gz
content-length: 781
expires: Mon, 01 Jan 2024 11:13:11 GMT

GET
H2 200 main.js Show response
fx.ma-bank.net/skin/ 29 KB
10 KB 263ms
261ms Script
application/x-javascript 133.167.18.185
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://fx.ma-bank.net/skin/main.js
Requested by: Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.167.18.185 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: 185.18.167.133.static.www10657m.sakura.ne.jp
Software: nginx /
Resource Hash: f1de7900d2c4ad33da626ded6919ee0a070264df0f7b6c0adcfa7f3d06a668bb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:11 GMT
content-encoding: gzip
last-modified: Fri, 23 Apr 2021 07:27:27 GMT
server: nginx
etag: "25c7-5c09eba5435c0;5f4b1b0c48f1c
vary: negotiate
content-type: application/x-javascript
cache-control: max-age=604800
tcn: choice
accept-ranges: bytes
content-location: main.js.gz
content-length: 9671
expires: Mon, 01 Jan 2024 11:13:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
77 KB 50ms
49ms Script
application/javascript 2404:6800:4004:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ER9R49MMD2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17348529-20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9eb438fdc7d3ca6bf93ed41f8769b475bf78253692e1f1a73707cad68449b270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79106
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Dec 2023 11:13:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 44ms
2ms Script
text/javascript 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17348529-20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 25 Dec 2023 10:42:49 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1822
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 25 Dec 2023 12:42:49 GMT

GET
H2 200 img10.jpg
fx.ma-bank.net/img/ 20 KB
20 KB 11ms
11ms Image
image/jpeg 133.167.18.185
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/img10.jpg
Requested by: Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.167.18.185 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: 185.18.167.133.static.www10657m.sakura.ne.jp
Software: nginx /
Resource Hash: 4e140402ebe2341a804e64b51182ab4d4f57c9a94c35832db80ec5e3bdfca974

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:11 GMT
last-modified: Mon, 23 Jan 2017 12:27:39 GMT
server: nginx
etag: "4e44-546c2200ee4c0"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 20036
expires: Mon, 01 Jan 2024 11:13:11 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/ja/ 1 KB
2 KB 48ms
4ms Image
image/png 2404:6800:4004:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/ja/branding.png

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0983545a358cc3907ff7ff53f7c075eff35e8ca3d1c5c54704470abc4624a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:03:34 GMT
x-content-type-options: nosniff
age: 130177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1249
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 21:00:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 22 Dec 2024 23:03:34 GMT

GET
H2 200 _cat_img.png
fx.ma-bank.net/img/ 26 KB
26 KB 18ms
17ms Image
image/png 133.167.18.185
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/_cat_img.png
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/skin/main.css?1619162816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.167.18.185 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: 185.18.167.133.static.www10657m.sakura.ne.jp
Software: nginx /
Resource Hash: 1e109a1a9a604b335bb2235cb547eb0747f2fc61d97db8408d72ca094a9ff67a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://fx.ma-bank.net/skin/main.css?1619162816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:11 GMT
last-modified: Thu, 25 Jul 2019 03:41:35 GMT
server: nginx
etag: "660f-58e7933cfd9c0"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 26127
expires: Mon, 01 Jan 2024 11:13:11 GMT

GET
H2 200 bk_h2_alpha.jpg
fx.ma-bank.net/img/ 7 KB
8 KB 17ms
16ms Image
image/jpeg 133.167.18.185
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/bk_h2_alpha.jpg
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/skin/main.css?1619162816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.167.18.185 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: 185.18.167.133.static.www10657m.sakura.ne.jp
Software: nginx /
Resource Hash: 7a273e01de63664ee1a99ec41fb52f7054dfbc5be27d85c97c2e8027a6e42d35

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://fx.ma-bank.net/skin/main.css?1619162816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:11 GMT
last-modified: Tue, 13 Oct 2015 02:23:01 GMT
server: nginx
etag: "1d48-521f31ffd0b40"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 7496
expires: Mon, 01 Jan 2024 11:13:11 GMT

GET
H2 200 _icons.png
fx.ma-bank.net/img/ 5 KB
5 KB 19ms
18ms Image
image/png 133.167.18.185
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/_icons.png
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/skin/main.css?1619162816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.167.18.185 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: 185.18.167.133.static.www10657m.sakura.ne.jp
Software: nginx /
Resource Hash: ff20220a9af9152e3e7b83c1fba65da0c97f0ff09ba696388307bd10de381218

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://fx.ma-bank.net/skin/main.css?1619162816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:11 GMT
last-modified: Thu, 18 Jul 2019 02:41:44 GMT
server: nginx
etag: "14d6-58deb8ce1ea00"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5334
expires: Mon, 01 Jan 2024 11:13:11 GMT

GET
H2 200 _logo_fx.png
fx.ma-bank.net/img/ 10 KB
10 KB 17ms
17ms Image
image/png 133.167.18.185
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/_logo_fx.png
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/skin/main.css?1619162816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.167.18.185 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: 185.18.167.133.static.www10657m.sakura.ne.jp
Software: nginx /
Resource Hash: 4312fd241ff2ae73de34c6c2f57b594689bcd93e3c3e83b7709b9d7a3f299543

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://fx.ma-bank.net/skin/main.css?1619162816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:11 GMT
last-modified: Tue, 04 Oct 2022 09:25:29 GMT
server: nginx
etag: "279d-5ea320a805440"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 10141
expires: Mon, 01 Jan 2024 11:13:11 GMT

GET
H2 200 _logo_flag.jpg
fx.ma-bank.net/img/ 4 KB
4 KB 253ms
252ms Image
image/jpeg 133.167.18.185
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/_logo_flag.jpg
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/skin/main.css?1619162816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.167.18.185 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: 185.18.167.133.static.www10657m.sakura.ne.jp
Software: nginx /
Resource Hash: 081455f242ac50315467bb6771dcc5edbe0d8c6ffab419977041c9c48ea7fa6e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://fx.ma-bank.net/skin/main.css?1619162816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:11 GMT
last-modified: Mon, 17 Dec 2018 06:27:16 GMT
server: nginx
etag: "10ff-57d31df40f900"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4351
expires: Mon, 01 Jan 2024 11:13:11 GMT

GET
H2 200 ya.png
fx.ma-bank.net/img/ 141 B
335 B 17ms
17ms Image
image/png 133.167.18.185
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/ya.png
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/skin/main.css?1619162816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.167.18.185 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: 185.18.167.133.static.www10657m.sakura.ne.jp
Software: nginx /
Resource Hash: c71c6b91b7eb5caf287bc01f1bb38b55e3ed5f0ad5cda4c39c2bbef04a2dfa31

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://fx.ma-bank.net/skin/main.css?1619162816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:11 GMT
last-modified: Wed, 30 Jun 2010 00:17:32 GMT
server: nginx
etag: "8d-48a3447a87f00"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 141
expires: Mon, 01 Jan 2024 11:13:11 GMT

GET
H2 200 out.gif
fx.ma-bank.net/img/ 70 B
263 B 17ms
17ms Image
image/gif 133.167.18.185
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/out.gif
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/skin/main.css?1619162816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.167.18.185 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: 185.18.167.133.static.www10657m.sakura.ne.jp
Software: nginx /
Resource Hash: 1b30ea937dc4f10b9dfefddaef9d97eab4fc377021413f3154ae65c63f742fc9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://fx.ma-bank.net/skin/main.css?1619162816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:11 GMT
last-modified: Wed, 30 Jun 2010 00:17:32 GMT
server: nginx
etag: "46-48a3447a87f00"
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 70
expires: Mon, 01 Jan 2024 11:13:11 GMT

GET
H2 200 oh.png
fx.ma-bank.net/img/ 113 B
307 B 253ms
252ms Image
image/png 133.167.18.185
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/oh.png
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/skin/main.css?1619162816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.167.18.185 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: 185.18.167.133.static.www10657m.sakura.ne.jp
Software: nginx /
Resource Hash: 64b7caeb9aced89a3d434e2d4a12ee24ac7709a4a2385f70d53bd2c21596ff8c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://fx.ma-bank.net/skin/main.css?1619162816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:11 GMT
last-modified: Thu, 23 Oct 2014 00:24:07 GMT
server: nginx
etag: "71-5060c151ab7c0"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 113
expires: Mon, 01 Jan 2024 11:13:11 GMT

GET
H2 200 rss.png
fx.ma-bank.net/img/ 930 B
1 KB 16ms
16ms Image
image/png 133.167.18.185
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/rss.png
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/skin/main.css?1619162816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.167.18.185 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: 185.18.167.133.static.www10657m.sakura.ne.jp
Software: nginx /
Resource Hash: 784edbe880ac26cb5afad76aa67112b1a7a17e1e4de0858661188f470003a7c9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://fx.ma-bank.net/skin/main.css?1619162816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:11 GMT
last-modified: Tue, 20 Jan 2009 22:02:14 GMT
server: nginx
etag: "3a2-460f13119c580"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 930
expires: Mon, 01 Jan 2024 11:13:11 GMT

GET
H2 200 print_top.css
fx.ma-bank.net/skin/ 78 B
324 B 12ms
12ms Stylesheet
text/css 133.167.18.185
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://fx.ma-bank.net/skin/print_top.css?1416388238
Requested by: Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.167.18.185 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: 185.18.167.133.static.www10657m.sakura.ne.jp
Software: nginx /
Resource Hash: 3912bdc1e6b317f2ba94cedff8ec333ddf68839fdbac35eaa515f1d2e978e031

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:11 GMT
content-encoding: gzip
last-modified: Fri, 23 Apr 2021 07:27:26 GMT
server: nginx
etag: "61-5c09eba44f380"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 97
expires: Mon, 01 Jan 2024 11:13:11 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 40ms
39ms XHR
text/plain 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1603480576&t=pageview&_s=1&dl=http%3A%2F%2Ffx.ma-bank.net%2F&ul=en-us&de=UTF-8&dt=%E6%9C%80%E9%80%9FFX%E3%82%B5%E3%83%A4%E5%8F%96%E3%82%8A%E6%B3%95%20%7C%20%E3%80%90FP1%E7%B4%9A%E9%81%8B%E5%96%B6%E3%80%91FX%E4%B8%A1%E5%BB%BA%E3%81%A6%E3%82%B9%E3%83%AF%E3%83%83%E3%83%97%E3%81%A7%E3%83%AD%E3%83%BC%E3%83%AA%E3%82%B9%E3%82%AF%26amp%3B%E3%83%9F%E3%83%89%E3%83%AB%E3%83%AA%E3%82%BF%E3%83%BC%E3%83%B3&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1670958773&gjid=731788079&cid=893382917.1703502792&tid=UA-17348529-20&_gid=1791391457.1703502792&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=475823761

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fx.ma-bank.net/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://fx.ma-bank.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 83ms
83ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eacfd1ada5f70157280494130312472b02b9758b69ec76cf089390ca34228c5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137937
x-xss-protection: 0
server: cafe
etag: 11507136143435475000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 11:13:11 GMT

GET
H2 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 6602 9 KB
4 KB 49ms
3ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_inhead_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05e08c808879f06b105eb9a706db9efc115a1ad6a3bdd536d8cac7868012ef4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fx.ma-bank.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 30839
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4124
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 02:39:12 GMT
etag: 17470903016016266172
expires: Mon, 08 Jan 2024 02:39:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 38ms
38ms Ping
text/plain 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ER9R49MMD2&gtm=45je3bt0v9119119776&_p=1703502791449&gcd=11l1l1l1l1&dma=0&cid=893382917.1703502792&ul=en-us&sr=1600x1200&_eu=AAAI&_s=1&sid=1703502791&sct=1&seg=0&dl=http%3A%2F%2Ffx.ma-bank.net%2F&dt=%E6%9C%80%E9%80%9FFX%E3%82%B5%E3%83%A4%E5%8F%96%E3%82%8A%E6%B3%95%20%7C%20%E3%80%90FP1%E7%B4%9A%E9%81%8B%E5%96%B6%E3%80%91FX%E4%B8%A1%E5%BB%BA%E3%81%A6%E3%82%B9%E3%83%AF%E3%83%83%E3%83%97%E3%81%A7%E3%83%AD%E3%83%BC%E3%83%AA%E3%82%B9%E3%82%AF%26amp%3B%E3%83%9F%E3%83%89%E3%83%AB%E3%83%AA%E3%82%BF%E3%83%BC%E3%83%B3&en=page_view&_fv=1&_ss=1&tfd=1883
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ER9R49MMD2&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://fx.ma-bank.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
351 B 145ms
46ms XHR
text/plain 2404:6800:4008:c13::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-17348529-20&cid=893382917.1703502792&jid=1670958773&gjid=731788079&_gid=1791391457.1703502792&_u=YEBAAUAAAAAAACAAI~&z=893340922

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c13::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://fx.ma-bank.net/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 25 Dec 2023 11:13:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://fx.ma-bank.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 46ms
42ms Image
image/gif 2404:6800:4004:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-17348529-20&cid=893382917.1703502792&jid=1670958773&_u=YEBAAUAAAAAAACAAI~&z=2007957969

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
324 B 49ms
47ms Image
image/gif 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-17348529-20&cid=893382917.1703502792&jid=1670958773&_u=YEBAAUAAAAAAACAAI~&z=2007957969

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 791E 94 KB
43 KB 595ms
594ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=2324195497&pi=t.ma~as.3667372079&w=300&lmt=1703502791&format=300x600&url=http%3A%2F%2Ffx.ma-bank.net%2F&ea=0&wgl=1&dt=1703502791597&bpp=2&bdt=679&idt=229&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=6444106848390&frm=20&pv=2&ga_vid=893382917.1703502792&ga_sid=1703502792&ga_hid=1603480576&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=691&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C42531705%2C44809004%2C95320885&oid=2&pvsid=3665428768285153&tmod=292689155&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=243

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

236497b8399d2b7929d96aa1358615faecffc08245c9e7fbe2ace2e45e882a2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fx.ma-bank.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43791
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 11:13:12 GMT
expires: Mon, 25 Dec 2023 11:13:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9DC0 718 B
578 B 523ms
523ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=236026797&pi=t.ma~as.3667372079&w=300&lmt=1703502791&format=300x600&url=http%3A%2F%2Ffx.ma-bank.net%2F&ea=0&wgl=1&dt=1703502791599&bpp=1&bdt=681&idt=246&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=6444106848390&frm=20&pv=1&ga_vid=893382917.1703502792&ga_sid=1703502792&ga_hid=1603480576&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=2017&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C42531705%2C44809004%2C95320885&oid=2&pvsid=3665428768285153&tmod=292689155&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=249

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b48489dce6fcc728b85fdd9125bb3b02820ccbef021145a966c83d073c32279

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fx.ma-bank.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 11:13:12 GMT
expires: Mon, 25 Dec 2023 11:13:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 76B1 624 KB
140 KB 959ms
958ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&adk=1812271804&adf=3025194257&lmt=1703502791&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=http%3A%2F%2Ffx.ma-bank.net%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1703502791610&bpp=2&bdt=692&idt=240&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&nras=1&correlator=6444106848390&frm=20&pv=1&ga_vid=893382917.1703502792&ga_sid=1703502792&ga_hid=1603480576&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C42531705%2C44809004%2C95320885&oid=2&pvsid=3665428768285153&tmod=292689155&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=248

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60678ceaa02bcdd5138f9773e8d82ca75540443a9515c36de29637b5012b3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fx.ma-bank.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 143025
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 11:13:12 GMT
expires: Mon, 25 Dec 2023 11:13:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 791E 42 B
63 B 40ms
38ms Image
image/gif 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D-UIwaE-AdSYvDTX5WdlRGdN8Ok-_kzaDXBsFVx7uCMEk5GVWbbVKAf66AqzI2CIORREcfPjKIKom6qzJ2EJg4fUW7VVfcfRhGh1uMfizeKIhLZag

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=2324195497&pi=t.ma~as.3667372079&w=300&lmt=1703502791&format=300x600&url=http%3A%2F%2Ffx.ma-bank.net%2F&ea=0&wgl=1&dt=1703502791597&bpp=2&bdt=679&idt=229&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=6444106848390&frm=20&pv=2&ga_vid=893382917.1703502792&ga_sid=1703502792&ga_hid=1603480576&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=691&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C42531705%2C44809004%2C95320885&oid=2&pvsid=3665428768285153&tmod=292689155&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=243

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 791E 3 KB
1 KB 46ms
3ms Script
text/javascript 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30836
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 02:39:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 791E 20 KB
9 KB 45ms
2ms Script
text/javascript 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30836
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 02:39:16 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 791E 203 KB
65 KB 98ms
52ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 11:13:12 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 58D0 448 B
217 B 47ms
46ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGNCYv-YBMAE&v=APEucNUsqGJcyXNZG6qHZOV0CQ_1EpUwxlJsGOVhVRv8wofs73c9Wh8Gv-kdHtieDk9A5K_QJmFYXuCgFWAeyWSOehgsuMuk1g

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=2324195497&pi=t.ma~as.3667372079&w=300&lmt=1703502791&format=300x600&url=http%3A%2F%2Ffx.ma-bank.net%2F&ea=0&wgl=1&dt=1703502791597&bpp=2&bdt=679&idt=229&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=6444106848390&frm=20&pv=2&ga_vid=893382917.1703502792&ga_sid=1703502792&ga_hid=1603480576&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=691&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C42531705%2C44809004%2C95320885&oid=2&pvsid=3665428768285153&tmod=292689155&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=243
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 11:13:12 GMT
expires: Mon, 25 Dec 2023 11:13:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 791E 23 KB
9 KB 4ms
4ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 02:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 02:26:31 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 791E 7 KB
3 KB 6ms
6ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 02:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 02:26:31 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 791E 0
0 97ms
51ms Fetch
image/gif 142.250.207.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvjiqWptfsiS0zIX_5gUESJ9KbPeXiPsnN9pGFMMXoYuof8lDhb0TXUiVF91l49Txa3gOkLEpZynzRKWCh9O0PuCJIvTkCXu4y8mtgiSJ2QTpDmX53iOiuHQVjPFTYQ4myaSm54iA7sSJQ9j0y_uHLiuPthSziew9wxsXhWvME9prA2IRebbH50n6dYqH2HC7fNCUuSeURKP3CGtJE79miuPcIlouaRXrdApMtvZPpaYOhuUVtq90xZ3vEVP0AUm_le6_lABwXzC9mn2PkG1NyZQaoUV0JlIBmthBlhlhxCD_iPh_EYDVeXPBw6FjCXTn5i888nEwYeT5xlf3-I-hrKvoz-M9kGEATXTjYPdUTUEiit2mHy9u-ZoDUO-nF-l9k7qz_k1PuJSealy7URPxTTR1iGIlagx1ebLLYGL1XtFqVnG7jaKcMd9z_0aH9z3VviBLuGeIzUK-H8akbjnTbUFEj3LXJBxPNhwjgXvvQXe7HntnXZ4uKpl1n96zLraepabrbSGQzulExi-rcOINlI4H7fKbnXHQhYmTXzx8R-2cs0Rria7e_6sK2wK8-zwyGmHtBvok-tMn0zgelEf4XIukMo9p53_HQDN9ts5NNGWqlhUPFXxyPzdgdwo3gwnirUgL_kAXJ33uce1mNA_x0WtJZ3PYIVji-bsiFkG5J0iMbvdksa7i8oJDpqmtWwFmmxEf6OPBEAiHF6bPcipc5EKDo0bshHlkSmGfGAfYFaI13QuXJ4tmAhH5Nla6Xv6ggFmdsOKzeK4PAKh5V9Snrf_fDkqfNXsFZFD3yqdOam0RRjfI46P0LFuFvmF22rQgSIOgfuiAV1BfAV5e0gYT5TiAJOHOTVI_AwYHEZQVJO33swqHFnc7-ZWNsnXMipWOh6w-Tl5TrZaIdW-gEqWHAOvXHV3mYZPAnj6mfn8Wowsi3WGwZvvH12YPxfrBi2pnkfTG9NO1nqEkpRDwS5ns0Qb1lWm_jaN1A4r__yfkChG2rklBzkbr6kMGOjmExuDTxOjDlRCuaDz4CLj17gp49rrjq_e8HLTpZvU6D1MELW-kVArPzWbJh9ReqFJdlgjELs9QLhd6AhdUgHYuxI2iAm-hg1oageMkpO48NVDMpzYK7skWyyjwR7V2wZ_GraMEv-F7sFUkF527gY8ZQftqE1PyVI0P2zXcuJE-HY_t8_kpeQ5nS1wwuhxnxvvwCT_u4bCStITJtM4JRfA0T1fp8yfEojGXx3gNaxlfcExCSDxFHaKRz-cOFEwZJM9gwqC0lGPj5JXgJZDs90dsbj1sH0Mvsy95lIM-WJFFWeuvN8sWt4Vg5JbumQAcwNn5XNS-vn&sai=AMfl-YRTBtfGl19CciKnUZl041GbYCCuhctrKQg-Xxq4xFIxahPw4pjy98XcY60Wlzmg_3pLpWkjr8e8aDh48J12RvECUkoi2w5ps42CKRN6OkbhUCO67KTWKXbQReNlDJf2SkFEE5oNs7NMfUF3r44v8J8gTWoGsDPFay2-i_X6YJ2AZi0P2gNYmDk7KLkLqxxq5OWQGDvjrEylTccsVKwKNKbwlW5n-3aUya3lWyf5I3tB9HBDSzdhz14NCx4Bztd0kMbahF6kvAxzxIsD1WgixJMWQtqodTMpbZVf8Qe0mkPZB_N_jqMDJEbSMU2mN5JrSgdLodPDiZE2Bq71_-rC1_XeKMlBC2nC4h2UTIK0g6wA_Rc7B-Oryq2jiGKjI3Kli0Btp8u4oX8rHqMn5-zqId1-_t4IB3yXlpkkIOOWTcj2mipRJG_S1fzL2MahThe_eabJuIE5vlkHZ2WU6MBpeXUtYUCu6D1oH6MefcVRCFcIUlwXromY3HcvIKkh-TSMvFxO6h9XB2zf&sig=Cg0ArKJSzE3B51pJ6cEHEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYm9lLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231207.44518&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Dec 2023 11:13:12 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 25 Dec 2023 11:13:12 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 791E 41 KB
14 KB 24ms
4ms Script
text/javascript 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 290026
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 02:39:26 GMT

GET
H2 200 1774839274844005435
s0.2mdn.net/simgad/ Frame 791E 23 KB
24 KB 146ms
87ms Image
image/png 2404:6800:400a:805::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1774839274844005435

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::2006 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6736490fb123228d794753afcb29a63ceeb824a40c11218f1465ef08b897e39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Mon, 25 Dec 2023 11:13:12 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23634
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 20:50:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Dec 2024 11:13:12 GMT

GET
H2 200 beacon
tag.researchnow.com/t/ Frame 791E 42 B
435 B 464ms
120ms Image
image/gif 65.8.66.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.researchnow.com/t/beacon?pr=288232&adn=3&ca=29702965&si=3554638&pl=364450196&cr=190488259&did=ADID&ord=117958397&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=2324195497&pi=t.ma~as.3667372079&w=300&lmt=1703502791&format=300x600&url=http%3A%2F%2Ffx.ma-bank.net%2F&ea=0&wgl=1&dt=1703502791597&bpp=2&bdt=679&idt=229&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=6444106848390&frm=20&pv=2&ga_vid=893382917.1703502792&ga_sid=1703502792&ga_hid=1603480576&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=691&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C42531705%2C44809004%2C95320885&oid=2&pvsid=3665428768285153&tmod=292689155&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=243
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.8.66.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-66-54.yvr50.r.cloudfront.net
Software: Apache/2.4.58 () / PHP/7.2.34
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:33:06 GMT
via: 1.1 733ae4e17f2a4786e797d3450daabd46.cloudfront.net (CloudFront)
server: Apache/2.4.58 ()
x-amz-cf-pop: YVR50-C1
age: 2406
x-powered-by: PHP/7.2.34
x-cache: Hit from cloudfront
content-type: image/gif
p3p: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 42
x-amz-cf-id: Ft64ci5gE5HtVOxdNr3pmWvatjgtQnCYTZbvVPpVTYPhI24bAjJmfQ==
expires: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 1711 38 KB
13 KB 3ms
3ms Document
text/html 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 242780
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 15:46:52 GMT
expires: Sat, 21 Dec 2024 15:46:52 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 58D0
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
409 B

79ms
43ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGNCYv-YBMAE&v=APEucNUsqGJcyXNZG6qHZOV0CQ_1EpUwxlJsGOVhVRv8wofs73c9Wh8Gv-kdHtieDk9A5K_QJmFYXuCgFWAeyWSOehgsuMuk1g

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Dec 2023 11:13:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 58D0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnsiBtMk-8fBq-CsRpO8hg&google_cver=1

43 B
732 B

20ms
20ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnsiBtMk-8fBq-CsRpO8hg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGNCYv-YBMAE&v=APEucNUsqGJcyXNZG6qHZOV0CQ_1EpUwxlJsGOVhVRv8wofs73c9Wh8Gv-kdHtieDk9A5K_QJmFYXuCgFWAeyWSOehgsuMuk1g
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKWizQfG4umCrKGnt0mgQQoXYB%2BHfwLNNcNouV%2B8OythaEQZQ15vCtauAYHF2NT854Gr59lu%2FToQKX3zh6Xbsn75aSKT%2FgEmf4Yzi3kLktSFxI3lkm9lk3SG5u1PHwVhh6sJ3Nei9SWeGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83b0a7460a4d80db-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnsiBtMk-8fBq-CsRpO8hg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 58D0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYljyGoYHIkddrdwbey6mgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnsiBtMk-8fBq-CsRpO8hg&google_cver=1

43 B
767 B

19ms
19ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnsiBtMk-8fBq-CsRpO8hg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGNCYv-YBMAE&v=APEucNUsqGJcyXNZG6qHZOV0CQ_1EpUwxlJsGOVhVRv8wofs73c9Wh8Gv-kdHtieDk9A5K_QJmFYXuCgFWAeyWSOehgsuMuk1g
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Um1NXdGh2HsuevI7naLO1Fm7s3FB2QAfmsGNFrdgUmV8BFmweBaNT9a0kp9FqBqvaWh6ICEL66sXxRg%2B%2B7zROWLKqjsyijt1Cd1mvAE1uocG94qOpLd%2F9DKhz47qdXgo29%2FtdaytWiMGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83b0a7460a4f80db-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnsiBtMk-8fBq-CsRpO8hg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 791E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c657c8d95ed2d013ec526812892c6201e73b2cb21dff26170c89a613864d1e4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1711 39 KB
15 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:26:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 290799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 02:26:33 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 791E 0
0 39ms
39ms Fetch
image/gif 142.250.207.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvjiqWptfsiS0zIX_5gUESJ9KbPeXiPsnN9pGFMMXoYuof8lDhb0TXUiVF91l49Txa3gOkLEpZynzRKWCh9O0PuCJIvTkCXu4y8mtgiSJ2QTpDmX53iOiuHQVjPFTYQ4myaSm54iA7sSJQ9j0y_uHLiuPthSziew9wxsXhWvME9prA2IRebbH50n6dYqH2HC7fNCUuSeURKP3CGtJE79miuPcIlouaRXrdApMtvZPpaYOhuUVtq90xZ3vEVP0AUm_le6_lABwXzC9mn2PkG1NyZQaoUV0JlIBmthBlhlhxCD_iPh_EYDVeXPBw6FjCXTn5i888nEwYeT5xlf3-I-hrKvoz-M9kGEATXTjYPdUTUEiit2mHy9u-ZoDUO-nF-l9k7qz_k1PuJSealy7URPxTTR1iGIlagx1ebLLYGL1XtFqVnG7jaKcMd9z_0aH9z3VviBLuGeIzUK-H8akbjnTbUFEj3LXJBxPNhwjgXvvQXe7HntnXZ4uKpl1n96zLraepabrbSGQzulExi-rcOINlI4H7fKbnXHQhYmTXzx8R-2cs0Rria7e_6sK2wK8-zwyGmHtBvok-tMn0zgelEf4XIukMo9p53_HQDN9ts5NNGWqlhUPFXxyPzdgdwo3gwnirUgL_kAXJ33uce1mNA_x0WtJZ3PYIVji-bsiFkG5J0iMbvdksa7i8oJDpqmtWwFmmxEf6OPBEAiHF6bPcipc5EKDo0bshHlkSmGfGAfYFaI13QuXJ4tmAhH5Nla6Xv6ggFmdsOKzeK4PAKh5V9Snrf_fDkqfNXsFZFD3yqdOam0RRjfI46P0LFuFvmF22rQgSIOgfuiAV1BfAV5e0gYT5TiAJOHOTVI_AwYHEZQVJO33swqHFnc7-ZWNsnXMipWOh6w-Tl5TrZaIdW-gEqWHAOvXHV3mYZPAnj6mfn8Wowsi3WGwZvvH12YPxfrBi2pnkfTG9NO1nqEkpRDwS5ns0Qb1lWm_jaN1A4r__yfkChG2rklBzkbr6kMGOjmExuDTxOjDlRCuaDz4CLj17gp49rrjq_e8HLTpZvU6D1MELW-kVArPzWbJh9ReqFJdlgjELs9QLhd6AhdUgHYuxI2iAm-hg1oageMkpO48NVDMpzYK7skWyyjwR7V2wZ_GraMEv-F7sFUkF527gY8ZQftqE1PyVI0P2zXcuJE-HY_t8_kpeQ5nS1wwuhxnxvvwCT_u4bCStITJtM4JRfA0T1fp8yfEojGXx3gNaxlfcExCSDxFHaKRz-cOFEwZJM9gwqC0lGPj5JXgJZDs90dsbj1sH0Mvsy95lIM-WJFFWeuvN8sWt4Vg5JbumQAcwNn5XNS-vn&sai=AMfl-YRTBtfGl19CciKnUZl041GbYCCuhctrKQg-Xxq4xFIxahPw4pjy98XcY60Wlzmg_3pLpWkjr8e8aDh48J12RvECUkoi2w5ps42CKRN6OkbhUCO67KTWKXbQReNlDJf2SkFEE5oNs7NMfUF3r44v8J8gTWoGsDPFay2-i_X6YJ2AZi0P2gNYmDk7KLkLqxxq5OWQGDvjrEylTccsVKwKNKbwlW5n-3aUya3lWyf5I3tB9HBDSzdhz14NCx4Bztd0kMbahF6kvAxzxIsD1WgixJMWQtqodTMpbZVf8Qe0mkPZB_N_jqMDJEbSMU2mN5JrSgdLodPDiZE2Bq71_-rC1_XeKMlBC2nC4h2UTIK0g6wA_Rc7B-Oryq2jiGKjI3Kli0Btp8u4oX8rHqMn5-zqId1-_t4IB3yXlpkkIOOWTcj2mipRJG_S1fzL2MahThe_eabJuIE5vlkHZ2WU6MBpeXUtYUCu6D1oH6MefcVRCFcIUlwXromY3HcvIKkh-TSMvFxO6h9XB2zf&sig=Cg0ArKJSzE3B51pJ6cEHEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYm9lLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=166&vt=11&dtpt=164&dett=2&cstd=0&cisv=r20231207.44518&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1711 0
20 B 41ms
41ms Image
image/gif 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BTuHDx2OJZfefNY7h7OsPh7mniA4AAAAAOAHgBAI&bg=!CwilCEfNAAY3kmNgF5I7ADQBe5WfOD607inOayzYCcTqYJM94xuQ6y68creA5w71bciFzupxd8EXPH8TbRUMhRkUCeEwAgAAAD1SAAAAAmgBB5kDCgoH23uP1q6c-3lH0pI5goZPC5pn1Megy_fSUH_u9SKYGDPJASfbZksPVLy0HxX2FpA8PYtX_iINMTL93uxzp-Fp4VWs3CYg0vC84JakKsf8Zwb2kPkRBCkzdVUM1tz54u5Mclh00PctzmBnXUTF6HBlfi3mDcNVx5OXEB97Zzed1TExpR4zs6S094voN3iQbFMOBU295lf7TYRtgA25ExLI_XPQ5MYrPLLr73C_0hRLeMQqthKMGNrsEOK9-WOv_wHHkkCL7QKev2S7Gvy89YCPEelkIXxEnIa6M6biuAydtYOqmdO5uPeTVxc2iJgG6CeNLuubPpmf2QF3ELMWbXzgv5Dq3oNSEoR30pdfUJCgU67wI_KFUPy006qJXjVEsDdpFpKbnE1CatcnQAS2U_0MykMbU0jTQt2S9ycoW8OCcJWO3w8lbclxkQkBrGfjG9IRf-ojrlmscbWlmZQna5btHHY-WQ9FrZaP0Wmy6Qys-zWw1u1gwCzurFdQ852QF47FMdkOv_dhyBxPLYw1ZyDFw7C4I1O7L_qGphqxnj46jKRT5n7xCV5LzbLhJoP5vB-Zyi2_FCJ2JTi71bYyXBDbqmPQFD7fcob1mitrOgOqBt8b-iOhoezBpHpU5dLW4zJ0nVoBnGCSlaIPqpvuUjfPRtx0KgqW0JBPAap-VRtR5p0aznCf98TBS7oybbCB0uGLRIby_Dp_8hsEExbQuXcSu4ww0h8oCrdcx0-HA2iWnr4jvbIria6fN_AOd9UlDg_EDh53WPvS5GPU955VosfXPz5KcxnWDK3pu7OC1SZu4sChTTFPhOBI3VLNzJMV4kTjNX2NQuOAVso4yH-5og1rftQo3YmiaV2AOfcGcmeduCPhGRYccxckfwTEY1PrVbxol7K7cLZ4G_ZnQ_10y7HZNKfzot5oPGuoxY1GKUWi9TrRLaBJ8ch3eIZiSWWeVwfTIPfhQ351vIiKCVSeelX_0_XJV7iKNaD6S8iHr_1XWjp8pTtxK10W2dBdvyIcWxTW3aEY0L0MKZ8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 59ms
59ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

512e2947b66f587dba8c0a970e34a4194c4a926163b4f64d67e05b121a94ba9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56013
x-xss-protection: 0
server: cafe
etag: 15397225291306867759
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 11:13:13 GMT

GET
H3 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 07EC 9 KB
4 KB 3ms
3ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05e08c808879f06b105eb9a706db9efc115a1ad6a3bdd536d8cac7868012ef4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fx.ma-bank.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 30838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4124
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 02:39:15 GMT
etag: 17470903016016266172
expires: Mon, 08 Jan 2024 02:39:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame A3A9 9 KB
4 KB 3ms
2ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05e08c808879f06b105eb9a706db9efc115a1ad6a3bdd536d8cac7868012ef4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fx.ma-bank.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 30838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4124
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 02:39:15 GMT
etag: 17470903016016266172
expires: Mon, 08 Jan 2024 02:39:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 84B6 9 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05e08c808879f06b105eb9a706db9efc115a1ad6a3bdd536d8cac7868012ef4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fx.ma-bank.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 30838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4124
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 02:39:15 GMT
etag: 17470903016016266172
expires: Mon, 08 Jan 2024 02:39:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 8041 9 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05e08c808879f06b105eb9a706db9efc115a1ad6a3bdd536d8cac7868012ef4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fx.ma-bank.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 30838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4124
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 02:39:15 GMT
etag: 17470903016016266172
expires: Mon, 08 Jan 2024 02:39:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 07EC 4 KB
744 B 123ms
42ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Dec 2023 11:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 10:41:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Dec 2023 11:13:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 20B7 954 B
874 B 110ms
41ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C600&text=%E3%81%A0%E5%BE%97%E3%82%B88%2F%E3%81%B2%E3%83%A3%E3%83%91%E3%83%88%E3%81%8C%E5%86%86%E3%82%BF%E7%A5%AD%E3%81%95%E5%88%A9%EF%BC%8F%E3%83%AC%E6%A9%9F%E3%81%A7%E3%80%82%E3%81%9C%E3%83%BC3%E3%83%B3%E3%82%BB%E5%85%83%E7%AB%8B%E3%81%8A1%E3%83%8D%E4%B8%8B%E6%8E%839%E3%81%9F0%E3%81%8F7%E3%82%B9%E3%82%8A%E5%8F%96%E3%81%8B%E7%9B%8A%E3%81%94%E3%83%89%E9%96%8B%E8%A6%A7%E3%81%84%E4%B8%87%E9%82%84%E6%97%A5%E9%99%A4%2C%E8%BF%842%E3%83%83%E3%82%B3

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db7efdc534a7aaf323bb3a1dafb98bf3d5d5c9f9af1a7a658913c3bf92c34d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Dec 2023 11:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 11:13:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Dec 2023 11:13:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 20B7 2 KB
822 B 3ms
3ms Script
text/javascript 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 02:39:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 20B7 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 19:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 19:50:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 20B7 3 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 02:39:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 20B7 20 KB
8 KB 4ms
3ms Script
text/javascript 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 02:39:16 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 20B7 203 KB
64 KB 61ms
60ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 11:13:13 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 20B7 37 KB
15 KB 3ms
2ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 07:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 271832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Mar 2024 07:42:41 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 07EC 16 KB
7 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 21:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51007
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6766
x-xss-protection: 0
server: cafe
etag: 14924840246271906451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 21:03:06 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 07EC 205 B
493 B 4ms
3ms Image
image/png 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:42:26 GMT
x-content-type-options: nosniff
age: 174647
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 22 Dec 2024 10:42:26 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 07EC 604 B
696 B 5ms
3ms Image
image/png 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 19:49:36 GMT
x-content-type-options: nosniff
age: 487417
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 18 Dec 2024 19:49:36 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 07EC 22 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 02:39:16 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7FE4 448 B
216 B 45ms
44ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGOn9s-cBMAE&v=APEucNUj1FMTRh8SNRKdmlfch7u_aXCcV4bWO78_ldb9gX5ftefGAR24riGsFPauLbnqPM11FjGZfnunH--uQ0nLtXRVY7VLEg

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 11:13:13 GMT
expires: Mon, 25 Dec 2023 11:13:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame CCC1 23 KB
9 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 02:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 02:26:31 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame CCC1 7 KB
3 KB 4ms
4ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 02:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 02:26:31 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame CCC1 41 KB
14 KB 6ms
6ms Script
text/javascript 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 290027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 02:39:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CCC1 3 KB
1 KB 4ms
2ms Script
text/javascript 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 02:39:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CCC1 20 KB
8 KB 4ms
3ms Script
text/javascript 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 02:39:16 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CCC1 203 KB
64 KB 86ms
84ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 11:13:13 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCC1 42 B
63 B 42ms
41ms Image
image/gif 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B1UIyz3MzloFKuYjtaacOb-0itBiAW0nJ6CuKM22ivPKHQ1FZH46CD4w76vsfhihpLca1FkT-ifuoY77pDNKusyXkPZsT25hMOTTbkGF7pRq5pySI

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 11447508629039149190
s0.2mdn.net/simgad/ Frame CCC1 19 KB
19 KB 19ms
18ms Image
image/png 2404:6800:400a:805::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11447508629039149190

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::2006 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eef8e23801cc13c6ecdde36dafb161c3149c6f82b88bc7204f4bb51e395d94c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 22 Dec 2024 08:15:52 GMT
date: Sat, 23 Dec 2023 08:15:52 GMT
x-content-type-options: nosniff
age: 183441
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19711
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 20:50:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9F1B 611 B
266 B 46ms
45ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGOn9s-cBMAE&v=APEucNWsA0LjB8akANoBV--s4aADc8EoOkAb8VlShEnzJQkKes1wcf7MFeYD4187NxQaT8HZMzWSjbkAzfkGTQLgZl2CjXQngA

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 243
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 11:13:13 GMT
expires: Mon, 25 Dec 2023 11:13:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 11447508629039149190
s0.2mdn.net/simgad/ Frame AE1F 19 KB
19 KB 10ms
9ms Image
image/png 2404:6800:400a:805::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11447508629039149190

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::2006 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eef8e23801cc13c6ecdde36dafb161c3149c6f82b88bc7204f4bb51e395d94c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 22 Dec 2024 08:15:52 GMT
date: Sat, 23 Dec 2023 08:15:52 GMT
x-content-type-options: nosniff
age: 183441
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19711
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 20:50:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame AE1F 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 02:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 02:26:31 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame AE1F 7 KB
3 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 02:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 02:26:31 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame AE1F 41 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 290027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 02:39:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame AE1F 3 KB
1 KB 4ms
3ms Script
text/javascript 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 02:39:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame AE1F 20 KB
8 KB 4ms
3ms Script
text/javascript 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 02:39:16 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame AE1F 203 KB
64 KB 91ms
90ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 11:13:13 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AE1F 42 B
63 B 41ms
41ms Image
image/gif 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C_Wu4LcECUsY66z4sbpYa9Ns72hg0402URk7Ihk6lCu5eiFIEkVOuLADODtrZOkrx-T9AtVueJxyBtrHDYW0TU1EQPAQV8qEC7Ya74YkqyLJ-hYlQ

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2034 611 B
263 B 45ms
44ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGLCbv-YBMAE&v=APEucNX-whR3LS3Id3tWeUHVyrE9cpFI_CZ-6S0OwYcBDM-uhfNZ-A6_5kNaFtfT_BjtXShzEh___8c14O0QIkk14ZididSPXQ

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 243
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 11:13:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame AFFE 111 KB
39 KB 59ms
12ms Script
text/javascript 2404:6800:400a:805::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:805::2006 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 03:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26940
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Dec 2023 03:44:13 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame AFFE 7 KB
3 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 02:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 02:26:31 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame AFFE 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 02:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 02:26:31 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame AFFE 41 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 290027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 02:39:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame AFFE 3 KB
1 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 02:39:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame AFFE 20 KB
8 KB 4ms
3ms Script
text/javascript 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 02:39:16 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame AFFE 203 KB
64 KB 81ms
80ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 11:13:13 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFFE 42 B
63 B 41ms
40ms Image
image/gif 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ay-SJv9RxVSDPPMd-ZZ6gOfln0TB0UUThv5txWIzU_V1r6HhfoPL1_KbP1TqdMhVL60nyWfQV49DSPS51ZAQYZ4zOZ7z8mqLNpwQfKKhuzqXRWOrA

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7FE4
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=YzNmOTZlOGNiMjE3N2E3MzRhM2Y5NzViOTY3NjQ4NTQ=

170 B
232 B

41ms
41ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=YzNmOTZlOGNiMjE3N2E3MzRhM2Y5NzViOTY3NjQ4NTQ=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGOn9s-cBMAE&v=APEucNUj1FMTRh8SNRKdmlfch7u_aXCcV4bWO78_ldb9gX5ftefGAR24riGsFPauLbnqPM11FjGZfnunH--uQ0nLtXRVY7VLEg

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Dec 2023 11:13:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=YzNmOTZlOGNiMjE3N2E3MzRhM2Y5NzViOTY3NjQ4NTQ=
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7FE4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXa6dKVi8lLD63KzhrLyK0&google_cver=1

43 B
734 B

19ms
18ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXa6dKVi8lLD63KzhrLyK0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGOn9s-cBMAE&v=APEucNUj1FMTRh8SNRKdmlfch7u_aXCcV4bWO78_ldb9gX5ftefGAR24riGsFPauLbnqPM11FjGZfnunH--uQ0nLtXRVY7VLEg
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dIrCIgRj9IaQPVEVd64EMdbQorcnWwlxr6nl4k1NqK2pQlHxd8BnIMjTPiJH006MGsyqjnJU%2BDVSfRijRYBgZ3bpWquzQu2%2FSAGKqmhzpOqoWnhcL%2BOlwfZmUQPTwNTNJjz%2FK24lhAT4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83b0a74ab80180db-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXa6dKVi8lLD63KzhrLyK0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7FE4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYljyGoYHIkddrdwbey6mgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXa6dKVi8lLD63KzhrLyK0&google_cver=1

43 B
736 B

19ms
18ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXa6dKVi8lLD63KzhrLyK0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGOn9s-cBMAE&v=APEucNUj1FMTRh8SNRKdmlfch7u_aXCcV4bWO78_ldb9gX5ftefGAR24riGsFPauLbnqPM11FjGZfnunH--uQ0nLtXRVY7VLEg
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EF31QBNLVEbDM%2Fk35esZcX%2Fjm6XGLfTJa%2B9vhKj%2Fzz8zNULpFrMcP2m9JzCCmvEYg%2FyRjlSpHKZoGYgLdIRGe92oBZYkaj2DbWCG8nDtUdd9I4bOVs2xMZetkYYdKpXZI3ofUNZTsYNU1g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83b0a74af84c80db-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXa6dKVi8lLD63KzhrLyK0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 9F1B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECYMexMp_wtvjO-XnoAYTnE&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECYMexMp_wtvjO-XnoAYTnE%26google_cver%3D1

43 B
892 B

83ms
83ms

Image
image/gif

103.43.89.4
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECYMexMp_wtvjO-XnoAYTnE%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGOn9s-cBMAE&v=APEucNWsA0LjB8akANoBV--s4aADc8EoOkAb8VlShEnzJQkKes1wcf7MFeYD4187NxQaT8HZMzWSjbkAzfkGTQLgZl2CjXQngA

Protocol

Server

103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
an-x-request-uuid: c95956b6-5e2c-4a16-9cae-5901ef7f605b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.145.169; 31.204.145.169; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
an-x-request-uuid: 560cd519-60f5-4230-8f00-060613ff1fd4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECYMexMp_wtvjO-XnoAYTnE%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.145.169; 31.204.145.169; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9F1B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg5NDg4MjMxMDAzNDQyODQ0NA%3D%3D

170 B
188 B

44ms
43ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg5NDg4MjMxMDAzNDQyODQ0NA%3D%3D

Requested by

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
an-x-request-uuid: c4fac323-35c2-4462-a69d-6ca1408a65bd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg5NDg4MjMxMDAzNDQyODQ0NA%3D%3D
x-proxy-origin: 31.204.145.169; 31.204.145.169; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 9F1B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELpfdJBJdOda55vjKHuLwKQ&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESELpfdJBJdOda55vjKHuLwKQ&google_cver=1

43 B
61 B

42ms
42ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESELpfdJBJdOda55vjKHuLwKQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGOn9s-cBMAE&v=APEucNWsA0LjB8akANoBV--s4aADc8EoOkAb8VlShEnzJQkKes1wcf7MFeYD4187NxQaT8HZMzWSjbkAzfkGTQLgZl2CjXQngA
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESELpfdJBJdOda55vjKHuLwKQ&google_cver=1
date: Mon, 25 Dec 2023 11:13:13 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9F1B
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjYwMDRkOTgtNWMzOC0yN2ZmLWMzM2YtMDcxOGM4YTFmNDZl

170 B
188 B

38ms
37ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjYwMDRkOTgtNWMzOC0yN2ZmLWMzM2YtMDcxOGM4YTFmNDZl

Requested by

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Dec 2023 11:13:13 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjYwMDRkOTgtNWMzOC0yN2ZmLWMzM2YtMDcxOGM4YTFmNDZl
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ Frame AFFE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bc053fc396d99deaf77920a1d6bbcce0b0986cddaa7edb7ec0f0274efd7a2bc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3E40 38 KB
13 KB 4ms
3ms Document
text/html 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 242781
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 15:46:52 GMT
expires: Sat, 21 Dec 2024 15:46:52 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B24A 38 KB
13 KB 3ms
2ms Document
text/html 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 242781
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 15:46:52 GMT
expires: Sat, 21 Dec 2024 15:46:52 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E00C 38 KB
13 KB 4ms
3ms Document
text/html 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 242781
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 15:46:52 GMT
expires: Sat, 21 Dec 2024 15:46:52 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

bounce
ib.adnxs.com/ Frame 2034
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECYMexMp_wtvjO-XnoAYTnE&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECYMexMp_wtvjO-XnoAYTnE%26google_cver%3D1

43 B
892 B

97ms
97ms

Image
image/gif

103.43.89.4
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECYMexMp_wtvjO-XnoAYTnE%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGLCbv-YBMAE&v=APEucNX-whR3LS3Id3tWeUHVyrE9cpFI_CZ-6S0OwYcBDM-uhfNZ-A6_5kNaFtfT_BjtXShzEh___8c14O0QIkk14ZididSPXQ

Protocol

Server

103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
an-x-request-uuid: 2b0ed22a-d93c-4384-87a5-045982a44948
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.145.169; 31.204.145.169; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
an-x-request-uuid: 9e940ba6-8794-4fce-838e-29c13ff1fb64
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECYMexMp_wtvjO-XnoAYTnE%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.145.169; 31.204.145.169; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2034
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg5NDg4MjMxMDAzNDQyODQ0NA%3D%3D

170 B
188 B

44ms
44ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg5NDg4MjMxMDAzNDQyODQ0NA%3D%3D

Requested by

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
an-x-request-uuid: 1403ce50-4824-49b4-bd49-201f46f78655
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg5NDg4MjMxMDAzNDQyODQ0NA%3D%3D
x-proxy-origin: 31.204.145.169; 31.204.145.169; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 2034
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELpfdJBJdOda55vjKHuLwKQ&google_cver=1

43 B
61 B

43ms
42ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELpfdJBJdOda55vjKHuLwKQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGLCbv-YBMAE&v=APEucNX-whR3LS3Id3tWeUHVyrE9cpFI_CZ-6S0OwYcBDM-uhfNZ-A6_5kNaFtfT_BjtXShzEh___8c14O0QIkk14ZididSPXQ
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELpfdJBJdOda55vjKHuLwKQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2034
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjYwMDRkOTgtNWMzOC0yN2ZmLWMzM2YtMDcxOGM4YTFmNDZl

170 B
188 B

43ms
43ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjYwMDRkOTgtNWMzOC0yN2ZmLWMzM2YtMDcxOGM4YTFmNDZl

Requested by

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Dec 2023 11:13:13 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjYwMDRkOTgtNWMzOC0yN2ZmLWMzM2YtMDcxOGM4YTFmNDZl
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame F67E 50 KB
19 KB 5ms
5ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Dec 2024 10:31:59 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2056919282269310749/ Frame 4580 5 KB
2 KB 12ms
11ms Document
text/html 2404:6800:400a:805::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2056919282269310749/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:805::2006 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d3226a7de2be9771b361f2688ea73d2c2be9c666f38a5f4c7e4c24a66ad861b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 9671
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2136
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 08:32:02 GMT
expires: Tue, 24 Dec 2024 08:32:02 GMT
last-modified: Wed, 19 Apr 2023 18:10:36 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame AFFE 0
0 51ms
51ms Fetch
image/gif 142.250.207.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuLtRFSbU_CyuDaa8eILThjVqUfRUmtVgBaX1VG_m0_DOL2OBEZtzIsXX5rIPAPNorOC3Z23Yt3B4ozAKr2sovW32kqElFDcibDi8hM4frI0wzayXXChPJi_9zogB1QI4eWska0LHgXGwuoIhTKZlvY_YcZmFHXgsRzsPFYUTmRp1SnnvzWRa4Doi3STJbbB-BjtBuhe2Z-ouo_av42ZOq0hQjZ8a7Fb6-_QTMJq33JTVvWnh5Vu1TLIFOqxQchhwNTKvWN2UVC5QshQrmfhROq6kP62ZfHIaUVCmnQOcx6eJvEcim7AyMUneJFafMNLKuPxIoiBFhZaruC780gLNDM1ikzoWAP_Yc7tVIMKkCwh7qk7ePCFIavhCpg-BfeloS_h76B6Y3LqDV6s6AuKg8l1oyq03mT4xx6iA8HuxhyoqeQR-OWBpTz6Xkjt6wpyDk-sUUR2v_9mdOYZKU8KoJjp4pwzGGUqMe5Z2ULjcayerr0w6NNP--doRXEJU5tV_X0lxZsoSi9ki4Mfh4o9SX1RXmItCmJ6vDsOP9j3_wo4vqyt9pnfsghKZ1YXpfYF8JKdPfPPc7gHDzNFvei-90Eb1kYnwjUG8N3urnlnEKYhCpogR_hAxPGw3xplgFwyp99wYN6lXh3-EMocH0q3ZC2VeRYE1GifiNVeSsakk-L5PM7ZyjGeZFAVgbItmTPlrsh3R7x1tdFxK_wrq352lQylt8eYbpLzTcueeRScq_7ZSP9OitKk3r3d5KpHzpM9yaWP23KAb3uCR8J_PcZqUfdkIxWGu0Bfak_cHN5TzgJkN1DQOWZgPci55J3f72lV8f58iuT_GJZTBHkiTmaNslM98YfgmOLBI2WJzGCIl_NcaJ7jgry2xSnp5RRlBIyi84kJ8OhmL1ha3rYhhuTw18CV_WIKa9DZ6YsYgPboT8gflo9WPeG-Lw_ocRSPCSoSVXuy0asOj41zJLpklpfSDVrIpobAMWEBu4O7UQlAN0_2m9FJyz-NnjZzLQh_MeyU2TnANTOFvd8pxOls4TSIoOq0KSBwtqJO60TuOORm3TrwNAembcjWTNbm9WWtVNkTL4zIZgwyc-hCV8Le5vgx31psctcU6OH0wgDRjfe75xieVokg-ZEcimiNopRS4XMrgiwpl9sFI5bhEPJ1lNlHFiB2nGyOXa20CDr19bqxLlFVp6hONvbhRPICXPs8UUzA8euukqc1unelJy0eI6gXDYkKsGovteX7gn_jPU9JJbcXADKR20TPaxnGLqXOsHycf765yv6UK31mLBp7-MEXEsFmGFHc25_AkIcoiS8d4glkMDMEsPICcuEAyZWYLA5pOzTxeeYq6E&sai=AMfl-YQLHD6TM57CsTX2KFy-jamEaqcELQ2UJjuVQF7fsBf3NnJw-68UL7n4scmz9gR1AQcWzfEbAOQzmiDqUslVAI2d4rdA77TwnFqG0YsoFp0ROTIC1Zk1csiSTnsCHFyP6IS53yQIsP2OHlFNUNKdgEYs7KjWGog12AGXh-0PyQifUwyqIOvFzOZrliiMVDCQNoWmyA-C3a2yPC41FyBeRp5tDM1T2l3CpolJitkFyVRS58LXZsfpPs7FjulrApGvJutNIw_d-N8Lbs0c_dwnoGVryt7FQZtpTZaB6cGLkV-R-a6wOKQBSuxGhkAxPojpqoFyEbL4Ym4__60PNpChdl_WC2HBCCWCx8LcgxzugIkNgBgDsvQy2iGKdlZForFgUwNSBfHuZoWm6JqMXoWt-XfO3-W3j3mvlOelLkaG6ySLkycgTkIMzVs93QJmmxkiZOGv4zk3mnnlrcHGn6JNv658PkR0SJl_SQbbdyAE5VeB-_IPqn8Kplk_tkkELoYmwg&sig=Cg0ArKJSzMAP47iAfC1CEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYm9lLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=135&cbvp=1&cstd=133&cisv=r20231207.44237&arae=0&ftch=1&adurl=

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Dec 2023 11:13:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 beacon
tag.researchnow.com/t/ Frame AFFE 42 B
434 B 118ms
117ms Image
image/gif 65.8.66.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.researchnow.com/t/beacon?pr=288232&adn=3&ca=29702965&si=3554638&pl=364450190&cr=190410499&did=ADID&ord=2118401815&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.8.66.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-66-54.yvr50.r.cloudfront.net
Software: Apache/2.4.58 () / PHP/7.2.34
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:33:06 GMT
via: 1.1 733ae4e17f2a4786e797d3450daabd46.cloudfront.net (CloudFront)
server: Apache/2.4.58 ()
x-amz-cf-pop: YVR50-C1
age: 2407
x-powered-by: PHP/7.2.34
x-cache: Hit from cloudfront
content-type: image/gif
p3p: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 42
x-amz-cf-id: _Y8tyVawUye5LEA5nKDFkfi2NlYWWXwTX5Tis2uU_f0zmrlyZRe2DA==
expires: 0

GET
DATA 200
OK truncated
/ Frame CCC1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be74670de4d9b17b56d7b09023786666b0f6cd1c8ff9f82ab89f7068d4ba7474

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E40 39 KB
15 KB 5ms
4ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:26:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 290800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 02:26:33 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame B24A 39 KB
15 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:26:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 290800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 02:26:33 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame CCC1 0
0 52ms
52ms Fetch
image/gif 142.250.207.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssaujCEf78dCm4ZB0d3Y48A7nfqVAXDOHma-OyWDmxMe2cDzSCdNqcqxjWr2tgfJipGTISsb2RywD1boD-IaQUTOvcx65AeGMMLpsK07wb4cFAIkLKPcq_QIyBBoRpJWcqghDoRhT3na3t38m71fiaG40h6aPi79pBpWTIE2HCs8oGIMsRNZXx84EqorxyJwaVKdTivOut50fnomdHS4roMcDG_g1Og1AtFAvJc5kua9ggPx3ygMF8WfZxoY3n65KXZCnCCU04g236VCQJHOkY3rmbOmsILux6pAKStOU7fQ5hTuonKk5cQJEsZOrVpsMWH-qlr5N0Unhbdt8_QEsb46wMh1qZz4wTxIqqA49A5vjllzIq1wj9En7u1y9rsLTnayOFzIde1OMF8OVOpdi9mYoQ27_WG1Zsj8UYfTgNwxMmTjrzZNb0aIm1O77nJwowEHysT8W3v2xrafqCKNmBHbRQOy7MPQDirOuCd5i3X5q-8zbxzFSIOSw0C0QE988VegmVPLT5B-PhRExPAow7bRxb2dKpFYXeDximWRfMtStndTsl5Y3AWbq_bSYW9IMN-LmJIukPqOzTOA0mm8E6uZ403_LGSo81-JBEKBQydgqlJQtUSXZ_hpODWv3GA9BiMQtOB2Z37tI9KS9FdaGoHOQ5_YPOSXperE_mYHpnw7IJfL7muJDol3-apLz1YG5PozfzHxw6Hsn8n3KwZWeiw7xewlAMjkYeAYaKuf5k4olS0_MWrT40D6VpYoC5V8OhuN8MITTaEcXJshhDga-OYyub7yDmxFzAmuIPQDZKSoIRVChV5M85wEvUVsSXH-Zygs8nz3CBv9ChBZZHekP22JA85l3AmKxmciXrxSFIky4fr98uk9V4zn2VvbbMoUti8McRGZ1dr6-2PclEgj0CHzet3xpftZqBDOjGT_RFCvlvxIZvYXayNYP_suSQRH_ZldWV1nyQweRfrjiaMcSH1sjmU-IZ5AP9mA4BSFAQtd4m5ZYAL32OBhMqdopm3wrwHVueaDRx1ctN5R32mQX_P-VA1Piafm8thS0o2RjAW4MP72AWHmADY7uaDTczdk6dj_zV2WFEtrrovCIEGaxPWl0zpvjJua2WPQPq50oruXdhq7_lc9-DWaHScK8jUEQaOXJjncN5yew8APcrHz6-t1t8l6e12zJWtyhIBGAYhl5tqN9p1NGAXUwURPkZlOLs5i8RVbAw-A42V9a7akkrtQcF6VTKmeV58wkLRsNKX0osnrXKfmU-SBs0VABcVZwqU7NdDBFg6rn34csYVbeF11t3_DoQb8iMhWnoYV-CfLCMHPxzflybKU1TZDChev_RRhsw&sai=AMfl-YT92Tev8p15QdamxFfy-aYX6nv2VRlesF6DY6nzYKXvEfnyi7u6x21HPg3ss5mY4Wl-QJOmGjkjVQJDKk8KWFb22hOfuHB6MU9s9gQS0eLg3Jqe1I7mVGpfjoQD8XQJqTM1erJP3pAtDqUHhzGvC4myxlLq9CpwuF8WNjxPHcZhE__ha2gPgTxrOHosklTeFvTvEbcf3DVEHv8h2LwTOw6HU5xBwstTqZAfjlfnz0kLfeSqpPTplvaEC24ZtuzyVLL1e36T6R9A7w3D-miL0Hgaa2ZZOBTrIGbiXwf4BNpyA5WJEDlgj-K4QGgJlG2J9U0Qh_o_p8YP2eoxDWLs1a8jIKliEYEk6AwAxPHGJnVTIsewpTI5yHMK96Z1cyyaIhzMCGZRx-HXXYWFV3UgAdP4QVLP4g-FL_9fBkcLyoG807PbEV5K6b0aeFODnZB00Y6qPNokTV3m9DAWUm0HCWmT7Wmg3rm97xdUYdUl667XuBZMezX6mKRDq3TE1kMMog&sig=Cg0ArKJSzC_GcraCnPXPEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYm9lLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=249&cbvp=2&dett=2&cstd=1&cisv=r20231207.75777&arae=0&ftch=1&adurl=

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Dec 2023 11:13:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 beacon
tag.researchnow.com/t/ Frame CCC1 42 B
434 B 119ms
118ms Image
image/gif 65.8.66.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.researchnow.com/t/beacon?pr=288232&adn=3&ca=29702965&si=3554638&pl=365167015&cr=191021523&did=ADID&ord=3755853302&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.8.66.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-66-54.yvr50.r.cloudfront.net
Software: Apache/2.4.58 () / PHP/7.2.34
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:33:06 GMT
via: 1.1 733ae4e17f2a4786e797d3450daabd46.cloudfront.net (CloudFront)
server: Apache/2.4.58 ()
x-amz-cf-pop: YVR50-C1
age: 2407
x-powered-by: PHP/7.2.34
x-cache: Hit from cloudfront
content-type: image/gif
p3p: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 42
x-amz-cf-id: P-sfMEBuf_D0AaGWCkKfuEFa0GQFt0kuzU0BH5FMQIGbZ-PX8sJ_Vw==
expires: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame E00C 39 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:26:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 290800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 02:26:33 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4580 236 KB
63 KB 78ms
78ms Script
text/javascript 2404:6800:400a:805::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2056919282269310749/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:805::2006 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2056919282269310749/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Dec 2023 11:13:13 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/2056919282269310749/ Frame 4580 124 KB
23 KB 61ms
61ms Script
application/x-javascript 2404:6800:400a:805::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2056919282269310749/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2056919282269310749/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:805::2006 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

201690e77af103eaa78d36bc357a0fe6357078f2ecbd6228f89cf50823a1e01a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2056919282269310749/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 20 Dec 2024 17:35:16 GMT
date: Thu, 21 Dec 2023 17:35:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322677
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23428
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 18:10:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame AFFE 0
0 43ms
43ms Fetch
image/gif 142.250.207.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuLtRFSbU_CyuDaa8eILThjVqUfRUmtVgBaX1VG_m0_DOL2OBEZtzIsXX5rIPAPNorOC3Z23Yt3B4ozAKr2sovW32kqElFDcibDi8hM4frI0wzayXXChPJi_9zogB1QI4eWska0LHgXGwuoIhTKZlvY_YcZmFHXgsRzsPFYUTmRp1SnnvzWRa4Doi3STJbbB-BjtBuhe2Z-ouo_av42ZOq0hQjZ8a7Fb6-_QTMJq33JTVvWnh5Vu1TLIFOqxQchhwNTKvWN2UVC5QshQrmfhROq6kP62ZfHIaUVCmnQOcx6eJvEcim7AyMUneJFafMNLKuPxIoiBFhZaruC780gLNDM1ikzoWAP_Yc7tVIMKkCwh7qk7ePCFIavhCpg-BfeloS_h76B6Y3LqDV6s6AuKg8l1oyq03mT4xx6iA8HuxhyoqeQR-OWBpTz6Xkjt6wpyDk-sUUR2v_9mdOYZKU8KoJjp4pwzGGUqMe5Z2ULjcayerr0w6NNP--doRXEJU5tV_X0lxZsoSi9ki4Mfh4o9SX1RXmItCmJ6vDsOP9j3_wo4vqyt9pnfsghKZ1YXpfYF8JKdPfPPc7gHDzNFvei-90Eb1kYnwjUG8N3urnlnEKYhCpogR_hAxPGw3xplgFwyp99wYN6lXh3-EMocH0q3ZC2VeRYE1GifiNVeSsakk-L5PM7ZyjGeZFAVgbItmTPlrsh3R7x1tdFxK_wrq352lQylt8eYbpLzTcueeRScq_7ZSP9OitKk3r3d5KpHzpM9yaWP23KAb3uCR8J_PcZqUfdkIxWGu0Bfak_cHN5TzgJkN1DQOWZgPci55J3f72lV8f58iuT_GJZTBHkiTmaNslM98YfgmOLBI2WJzGCIl_NcaJ7jgry2xSnp5RRlBIyi84kJ8OhmL1ha3rYhhuTw18CV_WIKa9DZ6YsYgPboT8gflo9WPeG-Lw_ocRSPCSoSVXuy0asOj41zJLpklpfSDVrIpobAMWEBu4O7UQlAN0_2m9FJyz-NnjZzLQh_MeyU2TnANTOFvd8pxOls4TSIoOq0KSBwtqJO60TuOORm3TrwNAembcjWTNbm9WWtVNkTL4zIZgwyc-hCV8Le5vgx31psctcU6OH0wgDRjfe75xieVokg-ZEcimiNopRS4XMrgiwpl9sFI5bhEPJ1lNlHFiB2nGyOXa20CDr19bqxLlFVp6hONvbhRPICXPs8UUzA8euukqc1unelJy0eI6gXDYkKsGovteX7gn_jPU9JJbcXADKR20TPaxnGLqXOsHycf765yv6UK31mLBp7-MEXEsFmGFHc25_AkIcoiS8d4glkMDMEsPICcuEAyZWYLA5pOzTxeeYq6E&sai=AMfl-YQLHD6TM57CsTX2KFy-jamEaqcELQ2UJjuVQF7fsBf3NnJw-68UL7n4scmz9gR1AQcWzfEbAOQzmiDqUslVAI2d4rdA77TwnFqG0YsoFp0ROTIC1Zk1csiSTnsCHFyP6IS53yQIsP2OHlFNUNKdgEYs7KjWGog12AGXh-0PyQifUwyqIOvFzOZrliiMVDCQNoWmyA-C3a2yPC41FyBeRp5tDM1T2l3CpolJitkFyVRS58LXZsfpPs7FjulrApGvJutNIw_d-N8Lbs0c_dwnoGVryt7FQZtpTZaB6cGLkV-R-a6wOKQBSuxGhkAxPojpqoFyEbL4Ym4__60PNpChdl_WC2HBCCWCx8LcgxzugIkNgBgDsvQy2iGKdlZForFgUwNSBfHuZoWm6JqMXoWt-XfO3-W3j3mvlOelLkaG6ySLkycgTkIMzVs93QJmmxkiZOGv4zk3mnnlrcHGn6JNv658PkR0SJl_SQbbdyAE5VeB-_IPqn8Kplk_tkkELoYmwg&sig=Cg0ArKJSzMAP47iAfC1CEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYm9lLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=331&vt=11&dtpt=196&dett=3&cstd=133&cisv=r20231207.44237&arae=0&ftch=1&adurl=

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 791E 42 B
64 B 83ms
45ms Fetch
image/gif 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaWGIOJ1XT6gtI1IQ7B8LgoLEdFYpzg4RYiwjkolXfTckCl5EiLc9FMwfwAvD_DGo883Ma09Rt4yXlEb3rFc0ifiyPzrCmEFRtbp094rX27nqkFdfTMBReQYAVpTS65CLaGKydB2seiNMyJCBljRMo7Vrc&sai=AMfl-YTPqKFcS0R9-cuWhbqrrork_2WzPsnh3sY0vzI0LQsJFM08VODPfI7AEaQ2XcJ4vK5P0mrjOGVUHsU1ZUiogtvgkEWl-oE3G6U0E-w6BNVcnNB1UiO4tAY-L1MZJWm3wQ3Oi7gMwg6heu_eY0IILQ&sig=Cg0ArKJSzPQRNRH-9ATVEAE&cid=CAQSTwAvHhf_Gt3CHFV5r7A0XFBXSwbmf6lq50Ib0lJkFVBINTYnnrpuxJ3KDykTCjlEFpDjHbJIiK4xnLlA-Wi5v8MhNwbguXFGQJTBV6sDB08YAQ&id=lidar2&mcvt=1013&p=0,0,600,300&mtos=0,1013,1013,1013,1013&tos=0,1013,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=0.85&if=1&vu=1&app=0&itpl=20&adk=4248768080&rs=2&la=0&cr=0&vs=4&r=v&rst=1703502791841&rpt=828&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E40 0
20 B 42ms
42ms Image
image/gif 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B42m8x2OJZYq2NsybqQGw_5rIDgAAAAA4AeAEAg&bg=!HB-lH1DNAAY3kmNgF5I7ADQBe5WfOHU-9RhjOndHjLhe8TTS5q_96c3Ttkm_0Kd8G9hCMemsWnBPUjqJm2dNIDS4pOlPAgAAALtSAAAAAWgBB5kDNbCYMvoOp8rbu8dgktQIi8p2OfsHacBTAawrIQmNARHzUwTwGdc8bJbIDDSZxui3BemsclSL6lRvm27kDwnJ0gT2VCyCdFy7Ser7_J3iwDJyWU3aFm0pPDCyeoiAgzHfD1xN0K4KHOKWMv_DJujpBFNVYby2zokdl6f8RbA6gXHs-BSPp3mEgz3fzfsTWQjj9sSUXPKH9jsxIrFaHtCFPoRCeWeTkMuW_x1w4Ex5Hvpx4fSmudUKJE_43yVEuamR3w58PCUOf3vEsZ3m5_OtK-YZ6xOSd59B1B6TwUQ_3f7tKx1KmZ32pKahDyfqaBfyqzTFg9orsaUPbqj3Q5OonrcAEstWXJUX4wFkdJZMEkwX2DPt1nEu_P_bbAXdoIVwixsf9yG8NIiKo3HRx92RPF0dbo2EAXg9eBq6vGkgCe8QZlzX8cLcyis0T-T4WFMtMWZbsd1sPdvmSrQzraV2ObIXU0uV49Icnsa4Ooh2BhIxmbkaN0wJnfQRnt9d2zvR9CHBwiuL-V3vlQKJHlQGHmZbzhxdek4-AiP5xmnMipBGgF3E1DtK0EZn2voQJ0CoVtRDDcOo6Pd0jwej3ySL-tZrgkSSl8ohgMEy1ATrU9699zTtf2zO6GWZcWRUMNRq7pDtvyQJYglFPdYzz0-7ae6JZMtTtk75ZmjcBBANP2UKEN9anGko1azb5y9q6g53lIf0QnRLNXCYTzsKiM3vZWpGg2gnUqBf2cy5KnDO7l4E4kgD3ukLWx8hQpBXoaCjgqEUuvFeWImsF6sr-dYbwP96YIoRHNCzdk4BidL3EExgRyj8HUMliASwydUqGJah8HkKLfys_YXbJ2VQesxfNF5GXhBfLI7by4NI1KFR2Kzjn18Uq8mndz2lFrS-tV3C4EtjdNsor5-bFAzQwiUbemdP-ZidttlEPVj3-RmsM9VtonVW0EEGlJwr93nI7qW8yeTxdVhubg0jUEMwy05DBMPDDxldlmpf1iKK6SQ1XDP7r2_r4AuF481clFoC_0YLYaxON5syjb6nRx2Zjn8qrqQaFbhPNm9PyDSfElsjM9toSBf9TUF5nAEsvVj6tLSRzCbOlOIJ

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B24A 0
20 B 43ms
43ms Image
image/gif 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BGVBsx2OJZYu2NsybqQGw_5rIDgAAAAA4AeAEAg&bg=!SkmlSQbNAAY3kmNgF5I7ADQBe5WfOKBgNLcixlyajLrfjFdWdOVpTtjQdMP92q1GrD5lB4dBu8rR9VMGzmIDTM3xj_htAgAAALFSAAAAAmgBB5kDKxNlGYc2-0Vi0FRvZuki9TnliW5qGElGxpHjKT9vTOpeIcEFn7tFMLkkj1PFVIzx6Xj1p1rHAK9t3Tl5IhW8OXX8WSH3xIi3BK_XqtsNbKmiAeA28udbzEaBi89vLVG0Uc8tnJaNWDHTb0fPXrIJUotkiuECV8S-axHDk5_pxul-waDtcV6L60tbK6j2-s69ycsyAjI8b2qeySzpsLPwKlfvyE-xu29QnI-ju-M9UmYUQjQJQKIY4jrlekIrwvWVK_9g1CqB12vpe5BsLC3fZAuN3ZlmpZkvRe_VdgbuxLwBlJiX6doDBFSTmO-Jdy62bYMgcAcf9qvfjItoMY_HHTQX7dJCEpzTAoABPkKiW3MY_PLSumS33giS6DBQ3z3aY8RUz765AA-el2XbzGT7sSx3-Ich2eqbWVLqSO4_Khw_-cdlk5BkATzG3yKK4JOLY7kyoHjG77Y4sAjuamOH73HXYKYtV47BGMSpwYpRm9Yl2SCWBrrTLotKS1G1Cudf2UIxNNoAoUk-QdMXdNRZllZGItQOpa82pI6z8UGD3rulK2mve7BBk6Zi2dcAQC1uI1Ma2ThycVbLDOyaWQPjYrHdnRwvQo3E7OI-X3UKXC9uIVpg-VTO5xI8CmC-DFTWWsMjCndQm-M3IY7kNjP43kYAFWbxMVoZOfrt1p027fLeLjhGus4e75W3PxSx785yFmAjK2lL1O4aYrs8jURSnovjVuIfp-vWw3ToZu9Mj9ClXJ5fsT__jCVk545dlgikFp71j9Of6QQFqI69Bl_q-grXD-XN7RX84OgZCbYoaEvzOxXYM075cxV9nUPvxALEDSuyjnh5NIjcqEtYQNJp-t7GC-BOFuqUyjcOy2-uaoRcbQ17gTIW7-3lSbC1YoMsthC0VCqT7IcGsfsmPmbyTlS2KIlCAs12OMomZayozEcr7gtgP10GlhFcNhqDJ8cxjWRnTKaBG9FljnNTMISUGVO20LK7PS0iJKLIlmON-1JWHsVxFg7KNNF0WCLl-dZDu_XZAG6566S4ZfHhw_nAos7tkZgrNiRc-xTO1AYHPfBk3h1zbMo2EgauqiY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E00C 0
20 B 44ms
44ms Image
image/gif 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B0bFMx2OJZYy2NsybqQGw_5rIDgAAAAA4AeAEAg&bg=!zM-lz4DNAAY3kmNgF5I7ADQBe5WfOIrCqGCduTTgUE7m46fQGTkMn5ChKKyxgsfzPaeEwiBcnXixEuHoRsTdJeVijuRmAgAAAKdSAAAAAmgBB5kDKU3WeyoLp7UnVuefM5Ncqj11nEqPg6rYG-0GJ_v9TvOYUtchrVWswUt8qOwzY2ZEBeX28TrOrAIrM8J7Cct5Z4sRZpwX7wG9Xb99yNQRr2mHTxytIfQ4NN0TpCyjdylpV7tCcr2v2FtbN4fFB_HdS7MqXHn-IFUxLYMRjGjTffhxjIMBDZLeNli-7zoQIPNzIUfyfAGytXDIZRk68SxmpvMcV1uTWghU7qbYNfC4uDEgdYhohRvc4ZTTud4m8Z7il_8Gt82QTV-G7fwRB42sc9ythziRfMf6j3r6cWeNoJYcdvz7MPzwTbxTBL2Kx4sFo_p3PqXxMY0qjb3sj9_GFG9HwRL9av2zybjyOnE-Gkrn9mzaIikQR8fdQB0fT0yQYVSwwTtIjZStCa5GU0TTDWzj4Vs0l_CbihWcErTy4ssR7JanDfMxu8HaasVeVSuE0-ofyExa3FaBksQs8_x3IQoTi9YEE8P1_s2DGqqf5wlIr02warepfyJI3pWb8v5Sq-00Ov1j9SZNSz0XxoSXj6K2wuK094IRG740P1PZIpkYDprMCPgi1Owq2rPgIbETOTf8Xl8SGsl30H1RmHh2g3gqtDQNchiEkTigOsJJAZ70SFtFnJfX7lRfXJ7o997PTl9p-xPDbRKeDVvFWu8oG79afLW8l5WfDPCdTGrJIdRvn86MyLJY2i5wUsWTtETfEPdk73WFl6_AsDRwX100xxu8CyG91KffcJpBZBiax2rmRktCcBkz9YR9wtjznoxo_QNFWrzdN1rxV1VYkG90PHlmDwv2BC-kmKnx-6owzbmLj89cDpby9BUxbGmJwvHCUA-zKFfUYBFWUiEYNV0sAkjXsXg60U_9l_aiNRIz_aqZ0g6OggyEDMdUwcV69-8V-oOsz_QuyUlG8kZQvEl-17V4kheegswiVYT0i3EarKnCcrk_MYkP8xZtn1t3BupfPeI9XIEb9wj8yXDRAGLoIQ8mH2YfnLp0cSoZD_vym0hcz8b_PApHD6ozhRy3kcwjQUbzrR5yiksHuUdllUNa7DygoIY1bmAVBoeGzzMQ7HSAJbb53tF8AfP7

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
fx.ma-bank.net/json/ 0
0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 55ms
55ms XHR
application/json 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87d53db00a54c6338e8c271d97cd76eb7b67b23523310914a099a2d53cae106a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12280
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AE1F 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96302123003ecdbdcf50e2786fafa2f7e073fd019c236eccc3495198a3964ccb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame AE1F 0
0 49ms
48ms Fetch
image/gif 142.250.207.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstX_dQ_ulg3rrYDM_C52uBKfwUm5nIDSmHfdpsVDMj8t8iYETTokSjkASZHYNOUHiQ6c6MJxegTAjzCKoRzWnAI4EaA3LHYtU3aXkLTKMK_z9IucpjZF5GOao890sKsHPoVsDIzalOqXOrTkxpy2hTPtiB-bg4T-_E-hU4SMQDDv-7nhpUkL3gK-2BSUSmdmYG4wluiSn7CQRu82zbLihGh7AzpAGB7PZr-KWecW6R-jI0bMvD69ZgL1Gi2XyxzSbg5ylF7ud1I2V-dQuR3e7-rrObcFLv15FBSSa_6yPkVUTw4bY9bi2c29ZgcYatz2vKPbkM1LGJuWRmJLKFvIL4UpYSB-SOlNQzdfzV93D_MQdDIE77rKrniF4L6cmSxldTgrDwldHC-K8ZwmK4f9i7eA-n2-AykzZ-MPk29wJBE3Wu1g-rcQFfdJCdQIVZ6zUHMIcrD8jzeOrkOE0mOi0ff-9vtBmfYkEGxhNaqx1LGZtukNEg6pWneo16qmlhAWL-QPF7Sl6C6O0MxlTop8LjHnHrVFqZLymnr27WRy9WGh4jn9ItP5SkLXoZrONNqY54ThdXAXuiZvaB5KLqVK-bwlq60Ph1MtYX8iggSD3-KvMBSdL8MieDsleEfx-sX8miM49h_v4Aea8ke3phn_iltlQrI2x3RjxKkmTHNkOvC7SiUx5sEN7WtUYjR40LJ45Uru17DkRamlxI0Tw3YFSUgr3tU5jd1nAFtwqS4E87ygfUJXtS0v70MwcV98PqbAuxm_FJruUFwEephrEK67NrK3B8AwoyvwrJIDPBzGAo4XliajqTsFhqxux4nJ0waq5_zl0BHIxaLaLUiYU6581O2O7pPnj7-YVfjgSYcj6gbHiwWeVhImnQJOyBWSHmcOojjoHw78mfvWySjZWmpSdxn9Q1ax2np8GRSK9PikYbIWqPGGBptLvnldchl72vQw2qR7rlyEOL3c1w1OD09FrxP_uVMCOsvJ_jzSPZo-Slqq-QRc0dZR31J5076-iHsig03M3IvR6rdFxF9U-9JEaLX-jp3vWIYnT66axNsWEEVQQ9IUu44COaWH-AoYGFH-BBUSJkHJCp09bbEaQ5kYDEmBaX3Do0iHD9GAXbHlHh0A_x29N1-g0-46XBWHPnHhSMLkqQV7j_ZmFscte8wWTXWijWJi6g2JTI6CJBqDKwT3v1Q6xgzpRnu6qnCIB5i_FFuGNEp8Ra6np6eZ4cKDthmAY-fMPAUJZhTwwPgJMPuiU2jilIjJ2945DPF7YjJq2YFBE2OBXtcATCGNDvBU48NVUOq0sJeBfB7MwCAnU37zg6rwk9ByWI-wIkCU1LJbjXDJIhetg&sai=AMfl-YQBOqWTS78HvIXc0L4i0_7gwET7Q0X4KPJT-X0EHFBZc1oRjZXNgBCqFESfMKPMrGfPLpjNtWpT25gxsVvGXSkAQoagBm-OeD29jo7bGoZ8d1cTW2hEYvFYPMcEJTGIYVHATlga1rHEVdxim09lluWY_IK5RYVaNTzc_F803hF1UiGwI4rNwejdJhMnOXbYNL13W7ThHpVwIa6qoBgGz-QBIceWc24e_nXI_UyQ4Nyf-DLvQWjSMwQI-KJOs1ov4QVUosWDloTmFhb178vkmlHJFTpyDvImqUaNgtfjcSOlyZ_0N9_0k_4N8opb3loUYoEWyw-y4aafImtFymJXr9npo1XGFBeebhEQzR9qiwgXNz5vrJIGJhtp2VejTIqD8DvjeHXktGinR8udWwdkBFC-7hdsdf2q3yKlwiL59DFhaZRXdA9QZLR6-rMollauwQYqkea1hIH0KUBPVSTsxMO6h8ixct_419CkRVOBRZPc1NUvF7eSOfo1qUH6h2OnHA&sig=Cg0ArKJSzBUBl2zLdZPQEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYm9lLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=631&cbvp=2&dett=2&cstd=0&cisv=r20231207.47277&arae=0&ftch=1&adurl=

Requested by

Host: fx.ma-bank.net
URL: http://fx.ma-bank.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Dec 2023 11:13:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 beacon
tag.researchnow.com/t/ Frame AE1F 42 B
434 B 119ms
118ms Image
image/gif 65.8.66.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.researchnow.com/t/beacon?pr=288232&adn=3&ca=29702965&si=3554638&pl=365167015&cr=191021523&did=ADID&ord=3308572256&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.8.66.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-66-54.yvr50.r.cloudfront.net
Software: Apache/2.4.58 () / PHP/7.2.34
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:33:06 GMT
via: 1.1 733ae4e17f2a4786e797d3450daabd46.cloudfront.net (CloudFront)
server: Apache/2.4.58 ()
x-amz-cf-pop: YVR50-C1
age: 2407
x-powered-by: PHP/7.2.34
x-cache: Hit from cloudfront
content-type: image/gif
p3p: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 42
x-amz-cf-id: Sb9oo4iqZ4ufuGwe753mQLqWLkOtv8YvotRPrU2Rrl9hIenKRrjJSw==
expires: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 58ms
58ms Script
text/javascript 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Dec 2023 11:13:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EF2D 13 KB
5 KB 5ms
4ms Document
text/html 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fx.ma-bank.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 290036
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 02:39:18 GMT
expires: Sat, 21 Dec 2024 02:39:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 49C9 829 B
558 B 42ms
41ms Document
text/html 2404:6800:4004:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

970e3e1dfa583eaff9a2c6e44f3f46a2eaf28c3c887a52c0e7f33e96b1cc520f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ayoF89r7ue68bWdhd-D_vw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://fx.ma-bank.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ayoF89r7ue68bWdhd-D_vw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 11:13:14 GMT
expires: Mon, 25 Dec 2023 11:13:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame EF2D 39 KB
15 KB 4ms
3ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:26:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 290801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 02:26:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 49C9 0
0 42ms
42ms Image
text/html 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3665428768285153&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EF2D 0
10 B 3ms
2ms Image
text/plain 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?p0Af2Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:13:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CCC1 42 B
64 B 44ms
44ms Fetch
image/gif 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJ7nBrJr9_0ihgPz3NFxxyBlXQyHkHYgfVQ60m47YKIacEj9JBvJ1AhKFiLuOxIxgWaoyPcuK-1PW6vpAmx7n54CgLyflbPxm1LkJuCe4679fpDzMtKfYzKJ224N0jPTZ3tHNMK701I3H3NFxfqdrc-DHO&sai=AMfl-YSQwwDkqnUpMp9_2ls1j1i-ncmfbAdR95lOy9UVRAxLkzANBMGzYFoRbpjAQaCPhtfVixZMzcxwDY8x983SQ7ua2e9MlNdlc4HV2DrFN_rT1RpF135rSKHRfnVbQPAiX1MuULhLjiw2RkMwRFk&sig=Cg0ArKJSzK2_XNGZXa7YEAE&cid=CAQSTQAvHhf_q_amwOfzY_b8X9Y2j2uhqOOUEftWpe9yeuFRiLt2AbiyqGRSEDufSBk243NDzetFWsgm1Xb8Jh0qygzFdbuGj1f5Wp1zHSL9GAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1703502793243&rpt=234&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AFFE 42 B
64 B 43ms
42ms Fetch
image/gif 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYIEIKr1vaiNX-kU-Ux4Y3497jOune49s0zuDPoR2N1lGMP3UVeooTWlMOQuo5YjnQOrbKzX8u9SReQfrzYf0f8nNI6pqvx-ERk3GbqfvcWMvQdQ8PvN6PmE6pM96hKO9GoM5lsHYajYNYLM7hIqMaNLaS&sai=AMfl-YTd-ZHb_tIJRMX-Ulg8LdoS4SfXdfD4MIvCFLBo0Nb6g-9kE6OosnP0LTEsqDQuENdEMrJSD5iGJLs63FvJhf-SzJJ4_Nh7U-OAZpxvpx_ksWfW9kABu1gsKBpfcKnrcyfxM8NIK_bunV-CLs0&sig=Cg0ArKJSzCUeTxYgIKBGEAE&cid=CAQSTQAvHhf_q_amwOfzY_b8X9Y2j2uhqOOUEftWpe9yeuFRiLt2AbiyqGRSEDufSBk243NDzetFWsgm1Xb8Jh0qygzFdbuGj1f5Wp1zHSL9GAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=692,1000,1000,1000,1000&tos=692,308,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1703502793311&rpt=574&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AE1F 42 B
64 B 46ms
45ms Fetch
image/gif 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1v_86ugDy2bFwO8nQLsy5nRrFIzVeCMQIIxRLPljFQCkUVB7JKFKUPh1z8Oy04XFHmAPdhwxa4xsAtS88atpwSLmy6DqFt8gXV2CBmz1FlUqd18f0rBm7YqsTSbXpXMXld0x5o7IwHzyqHWkOClHRmLWz&sai=AMfl-YRlaRPoLS6d4zjBlnS7qpJXIY-ZzxAdELpqwbtQqxaZSLEfsGTpR0IuwoNGrAJ5yuz_0AzSbp82WJoHRwBatCjOgzfugmEN4YHYVqs_YeZF_ox3YHlMKzU8D-ho5o8DNq8wFMZYXm3QDW3uZGc&sig=Cg0ArKJSzG0zr2w6t9d4EAE&cid=CAQSTQAvHhf_q_amwOfzY_b8X9Y2j2uhqOOUEftWpe9yeuFRiLt2AbiyqGRSEDufSBk243NDzetFWsgm1Xb8Jh0qygzFdbuGj1f5Wp1zHSL9GAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1703502793267&rpt=611&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 11:13:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
45ms Image
text/html 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3665428768285153&bg=!6eql6qXNAAY3kmNgF5I7ADQBe5WfOOkuwMJoq7qpGONNrmSP8moUHYIeyEtZnR-sWGt-U9r5o8_GKkjXORxH9gTTQrlhAgAAAPFSAAAAA2gBB5kDFfqmLN6blK91WL8HxDF4G_uIvhCHsJclaBsTakD8PWG4Oi679fD63_mz7DtT7L7Ek8aX2yqP05O2zULLh4lrg_7bgc53VEkoiV5WdJLeEzkaLQNyXQZl-B9x6rmLG559fG656BAnjoXxYfCs9dAWx9mZQaFBxzea-aCq5lZh4y9Ew57cPvfAF_gxF5RyA9kyWt8IvkGNaayuyrc9v4JXARlE15Du3jFcOSNoLu3P_rymVghnYsy7hs1pf3MdPfIpuMBAgfJZwhdW9AIa-MKD_Glu6tNmQdotScMAiTF-DigMY019XF3v6UISv1zysZ0W07CdcR_p7cyCbh6UPDzif5OkWL0gN72k_cwOwxR8w7JkSrxP7UHPx3flSb6A3n_RrnD8YKndco8Mllab761WFEqen4srvWy3wnX2CY1kf9v43CAcMMtEGeRcBYggMxq37TkgBS25flHLGKRVNVsS469BQvrNchAzXfpCSOLQ_Emc2Ox40m0GLM_u4f5LEgIhI3dOLlN5dOCGTbzLtCVc44e1wwhxMAsGN91XbQiOYz8FQ7J5E1shONqdkC_nC-xiQXAHjayWxoNUdPcu2XizG-T4iv9k1NZMO9ITVOSZG5BqzYSczqygWeD7ywQUa3RaRdwqAlHw7_88hHKX_WcQH7yvdhp489-iRGyzvZB8Bt_I4lNWXIjIUq8MvPdYHuwixMsOzEgs6-rwOAnNUAmd8tgkEUViiXRD-kwFbhbQK1NlKhLCNgMiTPlBA7-UwFZaUyJfKS5X2XYUa77_jVUrwwuFJEp4a7Al-eeF9acC314-CPOGPdV0etJumgGc3o-Ep9opKdWnZVHF9dzLNAmQoD_A7ZKESjXRFlNSxLKdGubXVwV2mGgycSxdjqky8NbD0tPbLc13J8wSO_7ix1RT1Xmsw02xlKXsFL5MGaf3DdqJcsNTTojewVuVR6ZSqVwDudGFnj-7pp0xoR2pVbaC5ZcY4R_m93uHECVl-e6iDwRrYczCwlfICrS0jeNKXUxafSKF2OPa8T9G1KSSeimRs7VcQhG55w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fx.ma-bank.net
URL: https://fx.ma-bank.net/json/?id=json_list&ymd=NaN

Domain: fx.ma-bank.net
URL: https://fx.ma-bank.net/json/?id=facebook&url=http://fx.ma-bank.net/

Domain: fx.ma-bank.net
URL: https://fx.ma-bank.net/json/?id=hatena&url=http://fx.ma-bank.net/

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fx.ma-bank.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: e2sji50bcvgsbab0m1iaj50npo
img.tcs-asp.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 2410CAE548511BC4D83135304F878D25.mfive
.ma-bank.net/	1970-01-20 17:13:09	Name: _gid Value: GA1.2.1791391457.1703502792
.ma-bank.net/	1970-01-20 17:11:42	Name: _gat_gtag_UA_17348529_20 Value: 1
.ma-bank.net/	1970-01-21 02:47:42	Name: _ga_ER9R49MMD2 Value: GS1.1.1703502791.1.0.1703502791.0.0.0
.ma-bank.net/	1970-01-21 02:47:42	Name: _ga Value: GA1.1.893382917.1703502792
.ma-bank.net/	1970-01-21 02:33:18	Name: __gads Value: ID=9edf1c08ab0fb835:T=1703502791:RT=1703502791:S=ALNI_MaWj4OCoUu71bmdMKtQw6IA45bV_w
.ma-bank.net/	1970-01-21 02:33:18	Name: __gpi Value: UID=00000cc233d7ebe6:T=1703502791:RT=1703502791:S=ALNI_MalhMKTROSmy8kPMI70uQ5ni1YpCQ
.send.microad.jp/	1970-01-20 19:21:18	Name: TR Value: 64e6d9af0fa24d85a065dbddd4fbd21698667365d7a8f7f8
.casalemedia.com/	1970-01-21 01:57:18	Name: CMID Value: ZYljyGoYHIkddrdwbey6mgAA
.casalemedia.com/	1970-01-20 19:21:18	Name: CMPS Value: 5423
.casalemedia.com/	1970-01-20 19:21:18	Name: CMPRO Value: 5423
.doubleclick.net/	1970-01-21 02:47:42	Name: IDE Value: AHWqTUkhJm3hccVvAZhaXXYyikEJnVg_ki6LrtQwfLjcNsZXJjV7fZb3--GMpm2co5Q
.openx.net/	1970-01-21 01:57:18	Name: i Value: 49c3a10b-3cc8-46ac-8c09-9549666409f3\|1703502793
.adnxs.com/	1970-01-20 19:21:18	Name: uuid2 Value: 1894882310034428444
.adnxs.com/	1970-01-20 19:21:18	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%9x:CfE!@wnfH8K6pQK`!5=E<L5?%KBiTsWR`nnHyYg)aw5c3u73jy%$@X+x1Z2.c2bpRzqF1`b_^t*8?jm

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://fx.ma-bank.net/ Message: Access to XMLHttpRequest at 'https://fx.ma-bank.net/json/?id=hatena&url=http://fx.ma-bank.net/' from origin 'http://fx.ma-bank.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fx.ma-bank.net/json/?id=hatena&url=http://fx.ma-bank.net/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://fx.ma-bank.net/ Message: Access to XMLHttpRequest at 'https://fx.ma-bank.net/json/?id=facebook&url=http://fx.ma-bank.net/' from origin 'http://fx.ma-bank.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fx.ma-bank.net/json/?id=facebook&url=http://fx.ma-bank.net/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://fx.ma-bank.net/ Message: Access to XMLHttpRequest at 'https://fx.ma-bank.net/json/?id=json_list&ymd=NaN' from origin 'http://fx.ma-bank.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fx.ma-bank.net/json/?id=json_list&ymd=NaN Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fx.ma-bank.net
googleads.g.doubleclick.net
ib.adnxs.com
img.tcs-asp.net
pagead2.googlesyndication.com
s-cs.send.microad.jp
s0.2mdn.net
stats.g.doubleclick.net
tag.researchnow.com
tpc.googlesyndication.com
us-u.openx.net
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
fx.ma-bank.net
103.43.89.4
133.167.18.185
142.250.207.38
172.217.31.130
172.64.151.101
180.42.51.129
202.233.84.8
2404:6800:4004:808::2002
2404:6800:4004:80b::2001
2404:6800:4004:80b::2002
2404:6800:4004:80c::2004
2404:6800:4004:822::2002
2404:6800:4004:823::2003
2404:6800:4004:824::2008
2404:6800:4004:824::200a
2404:6800:4004:824::200e
2404:6800:4004:826::2003
2404:6800:4008:c13::9c
2404:6800:400a:805::2006
34.98.64.218
65.8.66.54
01d9c7f1e25d06ce219b7d30cbfc16ed3532fb8515992f291131c88e7552ba4d
05e08c808879f06b105eb9a706db9efc115a1ad6a3bdd536d8cac7868012ef4e
081455f242ac50315467bb6771dcc5edbe0d8c6ffab419977041c9c48ea7fa6e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d3226a7de2be9771b361f2688ea73d2c2be9c666f38a5f4c7e4c24a66ad861b
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1b30ea937dc4f10b9dfefddaef9d97eab4fc377021413f3154ae65c63f742fc9
1e109a1a9a604b335bb2235cb547eb0747f2fc61d97db8408d72ca094a9ff67a
201690e77af103eaa78d36bc357a0fe6357078f2ecbd6228f89cf50823a1e01a
236497b8399d2b7929d96aa1358615faecffc08245c9e7fbe2ace2e45e882a2c
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3912bdc1e6b317f2ba94cedff8ec333ddf68839fdbac35eaa515f1d2e978e031
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4312fd241ff2ae73de34c6c2f57b594689bcd93e3c3e83b7709b9d7a3f299543
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c906d58e2acb9e1c15b47254c7486b108005c7e7c12ad930590d58029f091c
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e140402ebe2341a804e64b51182ab4d4f57c9a94c35832db80ec5e3bdfca974
512e2947b66f587dba8c0a970e34a4194c4a926163b4f64d67e05b121a94ba9b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c657c8d95ed2d013ec526812892c6201e73b2cb21dff26170c89a613864d1e4
60678ceaa02bcdd5138f9773e8d82ca75540443a9515c36de29637b5012b3db0
6128d767a3905fa4d3c1f98cf427ef57ffc94dce142c914b27e800513e7765c5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
64b7caeb9aced89a3d434e2d4a12ee24ac7709a4a2385f70d53bd2c21596ff8c
6b48489dce6fcc728b85fdd9125bb3b02820ccbef021145a966c83d073c32279
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
784edbe880ac26cb5afad76aa67112b1a7a17e1e4de0858661188f470003a7c9
7a273e01de63664ee1a99ec41fb52f7054dfbc5be27d85c97c2e8027a6e42d35
7bc053fc396d99deaf77920a1d6bbcce0b0986cddaa7edb7ec0f0274efd7a2bc
81881de88e27be72434a9ce035cff3b0c4f7e877cc2da8fa507a3589c7b707a2
87d53db00a54c6338e8c271d97cd76eb7b67b23523310914a099a2d53cae106a
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
96302123003ecdbdcf50e2786fafa2f7e073fd019c236eccc3495198a3964ccb
970e3e1dfa583eaff9a2c6e44f3f46a2eaf28c3c887a52c0e7f33e96b1cc520f
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9eb438fdc7d3ca6bf93ed41f8769b475bf78253692e1f1a73707cad68449b270
b0983545a358cc3907ff7ff53f7c075eff35e8ca3d1c5c54704470abc4624a29
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
be74670de4d9b17b56d7b09023786666b0f6cd1c8ff9f82ab89f7068d4ba7474
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c71c6b91b7eb5caf287bc01f1bb38b55e3ed5f0ad5cda4c39c2bbef04a2dfa31
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
db7efdc534a7aaf323bb3a1dafb98bf3d5d5c9f9af1a7a658913c3bf92c34d42
dd2e45abacd4eefe130af57b2b86f59d12517553ffb804e1a262d09d96ca494c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df91b67367b0443682d3a36f915455636dca3372974b70e3cece18de21eb9ae9
e008bc0bca2fa6f9b9c113fad73551230961baec88c06b20997ec50171bb2b6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6736490fb123228d794753afcb29a63ceeb824a40c11218f1465ef08b897e39
eacfd1ada5f70157280494130312472b02b9758b69ec76cf089390ca34228c5d
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee9009e6e6fedb01792b23d64fa62d96a2bff1540f615954d52d5336cb84cfb7
eef8e23801cc13c6ecdde36dafb161c3149c6f82b88bc7204f4bb51e395d94c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1de7900d2c4ad33da626ded6919ee0a070264df0f7b6c0adcfa7f3d06a668bb
ff20220a9af9152e3e7b83c1fba65da0c97f0ff09ba696388307bd10de381218

fx.ma-bank.net Open in urlscan Pro 133.167.18.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

142 Requests

87 %HTTPS

57 %IPv6

17 Domains

21 Subdomains

21 IPs

5 Countries

1664 kBTransfer

4671 kBSize

16 Cookies

31 Outgoing links

Redirected requests

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fx.ma-bank.net Open in urlscan Pro
133.167.18.185 Public Scan

Screenshot
Live screenshot

Full Image

142
Requests

87 %
HTTPS

57 %
IPv6

17
Domains

21
Subdomains

21
IPs

5
Countries

1664 kB
Transfer

4671 kB
Size

16
Cookies

142 HTTP transactions
4 data transactions