amp-hair203.com Open in urlscan Pro
157.7.107.31 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://amp-hair203.com/
Submission: On April 14 via api (April 14th 2023, 8:20:23 am UTC) from US — Scanned from JP

Summary HTTP 242 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 71 IPs in 5 countries across 58 domains to perform 242 HTTP transactions. The main IP is 157.7.107.31, located in Japan and belongs to INTERQ GMO Internet,Inc, JP. The main domain is amp-hair203.com.

This is the only time amp-hair203.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	157.7.107.31 157.7.107.31	7506 (INTERQ GM...) (INTERQ GMO Internet)
4	2404:6800:400... 2404:6800:4004:810::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4004:820::200a	15169 (GOOGLE) (GOOGLE)
1 2	13.249.167.17 13.249.167.17	16509 (AMAZON-02) (AMAZON-02)
10	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
13	2404:6800:400... 2404:6800:4004:820::2002	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2404:6800:400... 2404:6800:4004:825::200e	15169 (GOOGLE) (GOOGLE)
2 3	52.69.217.165 52.69.217.165	16509 (AMAZON-02) (AMAZON-02)
8	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
4	2404:6800:400... 2404:6800:4004:824::2003	15169 (GOOGLE) (GOOGLE)
1	13.225.165.94 13.225.165.94	16509 (AMAZON-02) (AMAZON-02)
7	2404:6800:400... 2404:6800:4004:823::2002	15169 (GOOGLE) (GOOGLE)
2 7	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2404:6800:400... 2404:6800:4004:825::2008	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:826::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:801::2002	15169 (GOOGLE) (GOOGLE)
20	2404:6800:400... 2404:6800:4004:813::2001	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:826::2003	15169 (GOOGLE) (GOOGLE)
10	2600:9000:213... 2600:9000:2138:b200:18:a16b:fc80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	133.186.12.13 133.186.12.13	10010 (TOKAI TOK...) (TOKAI TOKAI Communications Corporation)
9	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
4	2600:9000:21d... 2600:9000:21d2:6000:18:6371:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2606:2800:248... 2606:2800:248:2f:1d8a:787:dc7:17df	15133 (EDGECAST) (EDGECAST)
6	2404:6800:400... 2404:6800:4004:80c::2002	15169 (GOOGLE) (GOOGLE)
3	143.204.80.133 143.204.80.133	16509 (AMAZON-02) (AMAZON-02)
3	182.22.16.123 182.22.16.123	23816 (YAHOO Yah...) (YAHOO Yahoo Japan Corporation)
1	2404:6800:400... 2404:6800:4004:827::2003	15169 (GOOGLE) (GOOGLE)
2	35.190.49.157 35.190.49.157	15169 (GOOGLE) (GOOGLE)
2	52.68.232.16 52.68.232.16	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:213... 2600:9000:2138:a200:2:d490:4d80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2404:6800:400... 2404:6800:4004:808::2004	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:823::2003	15169 (GOOGLE) (GOOGLE)
2	183.79.255.28 183.79.255.28	24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2602:803:c006... 2602:803:c006:158::65	26667 (RUBICONPR...) (RUBICONPROJECT)
1	104.18.24.185 104.18.24.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	103.231.99.77 103.231.99.77	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2406:2600:4::12 2406:2600:4::12	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3	3.114.145.15 3.114.145.15	16509 (AMAZON-02) (AMAZON-02)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
1	13.225.160.84 13.225.160.84	16509 (AMAZON-02) (AMAZON-02)
1	23.35.112.82 23.35.112.82	16625 (AKAMAI-AS) (AKAMAI-AS)
2	3.221.54.232 3.221.54.232	14618 (AMAZON-AES) (AMAZON-AES)
2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	23.219.68.33 23.219.68.33	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.60.175.167 23.60.175.167	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2404:6800:400... 2404:6800:4004:820::2001	15169 (GOOGLE) (GOOGLE)
1	147.92.191.144 147.92.191.144	38631 (LINE LINE...) (LINE LINE Corporation)
2	2406:2600:4::1 2406:2600:4::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2 4	2406:2600:4::b 2406:2600:4::b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3	182.161.74.11 182.161.74.11	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2600:140b:400... 2600:140b:400::172d:3371	() ()
2	104.78.90.216 104.78.90.216	() ()
2	23.39.216.189 23.39.216.189	() ()
2	104.18.10.47 104.18.10.47	() ()
2 3	13.225.165.113 13.225.165.113	() ()
1	103.231.99.243 103.231.99.243	() ()
2 10	23.90.68.235 23.90.68.235	() ()
9	103.231.99.80 103.231.99.80	() ()
1 1	182.161.74.16 182.161.74.16	() ()
2 2	103.229.206.241 103.229.206.241	() ()
7 9	142.250.207.2 142.250.207.2	() ()
1 2	3.0.107.45 3.0.107.45	() ()
2 3	34.111.113.62 34.111.113.62	() ()
6 6	15.197.193.217 15.197.193.217	() ()
1 2	119.9.108.211 119.9.108.211	() ()
1	34.142.175.23 34.142.175.23	() ()
1 1	202.241.208.53 202.241.208.53	() ()
3 3	35.213.12.39 35.213.12.39	() ()
2 2	35.213.93.179 35.213.93.179	() ()
2 2	185.84.60.20 185.84.60.20	() ()
1 2	52.46.143.56 52.46.143.56	() ()
1 1	23.106.127.38 23.106.127.38	() ()
1 1	2001:df2:a300... 2001:df2:a300:bbbb::135	() ()
2 2	103.43.90.54 103.43.90.54	() ()
5 8	69.173.158.64 69.173.158.64	() ()
1 1	2406:da18:929... 2406:da18:929:5a00:303f:aec9:6f69:6d36	() ()
1	2620:1ec:21::14 2620:1ec:21::14	() ()
242	71

27 157.7.107.31 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: 157-7-107-31.virt.lolipop.jp

amp-hair203.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:810::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.249.167.17 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-249-167-17.nrt12.r.cloudfront.net

b.st-hatena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2404:6800:4004:820::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:825::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.69.217.165 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-69-217-165.ap-northeast-1.compute.amazonaws.com

www.ekiten.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:824::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.165.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-165-94.nrt12.r.cloudfront.net

b.hatena.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:823::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:825::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:826::2002 (Australia)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:801::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2404:6800:4004:813::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:80b::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:826::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2138:b200:18:a16b:fc80:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.ekiten.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 133.186.12.13 (Minatomirai, Japan)

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p013.net133186012.broadline.ne.jp

cpt.geniee.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.130.132 (United States)

ASN54113 (FASTLY, US)

image.ekiten.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21d2:6000:18:6371:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.line-website.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:248:2f:1d8a:787:dc7:17df (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:80c::2002 (Australia)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.80.133 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-80-133.nrt12.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 182.22.16.123 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)
PTR: edge1700.img.vip.otm.yimg.jp

yads.c.yimg.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.yimg.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:827::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.49.157 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 157.49.190.35.bc.googleusercontent.com

statics.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.68.232.16 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-232-16.ap-northeast-1.compute.amazonaws.com

t.afi-b.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2138:a200:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

wrappers.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:808::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 183.79.255.28 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)

b99.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c006:158::65 (Singapore)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.231.99.77 (Japan)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:4::12 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.114.145.15 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-145-15.ap-northeast-1.compute.amazonaws.com

pb.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.160.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-160-84.nrt12.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.112.82 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-112-82.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.221.54.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-54-232.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.219.68.33 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-68-33.deploy.static.akamaitechnologies.com

social-plugins.line.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.60.175.167 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-60-175-167.deploy.static.akamaitechnologies.com

d.line-scdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::2001 (Australia)

ASN15169 (GOOGLE, US)

320f55b885aa46911d8578d51a4694b8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.92.191.144 (Japan)

ASN38631 (LINE LINE Corporation, JP)

torimochi.line-apps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2406:2600:4::b (Japan) 2 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:400::172d:3371 (None, )

ASN- ()

sync6.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.78.90.216 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.39.216.189 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.47 (None, )

ASN- ()

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.165.113 (None, ) 2 redirects

ASN- ()

cr-p31.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cr-p10.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.231.99.243 (None, )

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.90.68.235 (None, ) 2 redirects

ASN- ()

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 103.231.99.80 (None, )

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.16 (None, ) 1 redirects

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.229.206.241 (None, ) 2 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.207.2 (None, ) 7 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.0.107.45 (None, ) 1 redirects

ASN- ()

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (None, ) 2 redirects

ASN- ()

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 15.197.193.217 (None, ) 6 redirects

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 119.9.108.211 (None, ) 1 redirects

ASN- ()

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.142.175.23 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.241.208.53 (None, ) 1 redirects

ASN- ()

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.213.12.39 (None, ) 3 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.93.179 (None, ) 2 redirects

ASN- ()

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.84.60.20 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.143.56 (None, ) 1 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.127.38 (None, ) 1 redirects

ASN- ()

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:df2:a300:bbbb::135 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.43.90.54 (None, ) 2 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.173.158.64 (None, ) 5 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da18:929:5a00:303f:aec9:6f69:6d36 (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 138 320f55b885aa46911d8578d51a4694b8.safeframe.googlesyndication.com	389 KB
27	amp-hair203.com amp-hair203.com	4 MB
22	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net	247 KB
22	ekiten.jp 2 redirects www.ekiten.jp — Cisco Umbrella Rank: 264560 static.ekiten.jp image.ekiten.jp	628 KB
13	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 498 ads.pubmatic.com image6.pubmatic.com simage2.pubmatic.com image2.pubmatic.com	27 KB
13	rubiconproject.com 5 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 478 eus.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	18 KB
12	wp.com i1.wp.com — Cisco Umbrella Rank: 7950 stats.wp.com — Cisco Umbrella Rank: 2720 i2.wp.com — Cisco Umbrella Rank: 7952 i0.wp.com — Cisco Umbrella Rank: 3274 pixel.wp.com — Cisco Umbrella Rank: 2485	32 KB
11	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 527 ssum-sec.casalemedia.com dsum-sec.casalemedia.com dsum.casalemedia.com	9 KB
9	criteo.com 3 redirects bidder.criteo.com — Cisco Umbrella Rank: 737 gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2685 dis.criteo.com	9 KB
7	facebook.com 2 redirects www.facebook.com — Cisco Umbrella Rank: 114	15 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	87 KB
6	adsrvr.org 6 redirects match.adsrvr.org	3 KB
6	ladsp.com 2 redirects pb.ladsp.com — Cisco Umbrella Rank: 59236 cr-p31.ladsp.com cr-p10.ladsp.com	3 KB
6	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 310 aax.amazon-adsystem.com — Cisco Umbrella Rank: 408 s.amazon-adsystem.com aax-eu.amazon-adsystem.com Failed	61 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 812 syndication.twitter.com — Cisco Umbrella Rank: 1117	149 KB
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	312 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	3 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39 ajax.googleapis.com — Cisco Umbrella Rank: 323	36 KB
4	line-website.com www.line-website.com — Cisco Umbrella Rank: 65837	16 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	40 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	tapad.com 2 redirects pixel.tapad.com	1 KB
3	yahoo.co.jp am.yahoo.co.jp — Cisco Umbrella Rank: 24588 b99.yahoo.co.jp — Cisco Umbrella Rank: 31779	18 KB
3	geniee.jp cpt.geniee.jp — Cisco Umbrella Rank: 70422	197 KB
3	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 65656 www.google.co.jp — Cisco Umbrella Rank: 23323	1 KB
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	adform.net 2 redirects c1.adform.net	1 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com	964 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net	575 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	indexww.com js-sec.indexww.com cdn.indexww.com	2 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 655	58 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 805	134 KB
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 698	450 B
2	afi-b.com t.afi-b.com — Cisco Umbrella Rank: 124815	27 KB
2	a8.net statics.a8.net — Cisco Umbrella Rank: 77889	35 KB
2	yimg.jp yads.c.yimg.jp — Cisco Umbrella Rank: 39186 s.yimg.jp — Cisco Umbrella Rank: 11003	37 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	98 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	148 KB
2	st-hatena.com 1 redirects b.st-hatena.com — Cisco Umbrella Rank: 82735	8 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 818	72 KB
1	linkedin.com px.ads.linkedin.com	513 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	618 B
1	turn.com 1 redirects ad.turn.com	425 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com	347 B
1	socdm.com 1 redirects tg.socdm.com	916 B
1	simpli.fi um.simpli.fi	610 B
1	im-apps.net sync6.im-apps.net	820 B
1	line-apps.com torimochi.line-apps.com — Cisco Umbrella Rank: 35331	229 B
1	line-scdn.net d.line-scdn.net — Cisco Umbrella Rank: 14065	9 KB
1	line.me social-plugins.line.me — Cisco Umbrella Rank: 54945	1 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1130	17 KB
1	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 20206	176 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 358	2 KB
1	geoedge.be wrappers.geoedge.be — Cisco Umbrella Rank: 29204	3 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 925	607 B
1	hatena.ne.jp b.hatena.ne.jp — Cisco Umbrella Rank: 71017	368 B
242	58

	Domain	Requested by
27	amp-hair203.com	amp-hair203.com
20	tpc.googlesyndication.com	googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
13	pagead2.googlesyndication.com	amp-hair203.com pagead2.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com
10	static.ekiten.jp	www.ekiten.jp
9	cm.g.doubleclick.net	7 redirects
9	image.ekiten.jp	www.ekiten.jp
8	i1.wp.com	amp-hair203.com
7	simage2.pubmatic.com	ads.pubmatic.com
7	www.facebook.com	2 redirects connect.facebook.net www.ekiten.jp amp-hair203.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagmanager.com
6	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
6	match.adsrvr.org	6 redirects
6	securepubads.g.doubleclick.net	googleads.g.doubleclick.net cpt.geniee.jp securepubads.g.doubleclick.net
6	connect.facebook.net	amp-hair203.com connect.facebook.net www.ekiten.jp
4	pixel.rubiconproject.com	1 redirects
4	token.rubiconproject.com	4 redirects
4	gum.criteo.com	2 redirects static.criteo.net
4	platform.twitter.com	www.ekiten.jp platform.twitter.com
4	www.line-website.com	www.ekiten.jp social-plugins.line.me www.line-website.com
4	fonts.gstatic.com	fonts.googleapis.com
4	www.google-analytics.com	amp-hair203.com www.google-analytics.com www.googletagmanager.com www.ekiten.jp
4	fonts.googleapis.com	amp-hair203.com googleads.g.doubleclick.net
3	x.bidswitch.net	3 redirects
3	pixel.tapad.com	2 redirects ads.pubmatic.com
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	mug.criteo.com
3	pb.ladsp.com	cpt.geniee.jp
3	fastlane.rubiconproject.com	cpt.geniee.jp
3	www.google.com	www.ekiten.jp tpc.googlesyndication.com
3	c.amazon-adsystem.com	cpt.geniee.jp c.amazon-adsystem.com
3	cpt.geniee.jp	www.ekiten.jp cpt.geniee.jp
3	www.ekiten.jp	2 redirects amp-hair203.com
2	ib.adnxs.com	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	c1.adform.net	2 redirects
2	a.sportradarserving.com	2 redirects
2	image2.pubmatic.com	ads.pubmatic.com
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	sync.crwdcntrl.net	1 redirects ads.pubmatic.com
2	sync.mathtag.com	2 redirects
2	cr-p31.ladsp.com	1 redirects
2	ads.pubmatic.com	cpt.geniee.jp ads.pubmatic.com
2	eus.rubiconproject.com	cpt.geniee.jp eus.rubiconproject.com
2	static.criteo.net	cpt.geniee.jp static.criteo.net
2	static.xx.fbcdn.net	www.facebook.com
2	syndication.twitter.com	platform.twitter.com amp-hair203.com
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	b99.yahoo.co.jp	s.yimg.jp www.ekiten.jp
2	t.afi-b.com	www.googletagmanager.com t.afi-b.com
2	statics.a8.net	www.googletagmanager.com
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.co.jp	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	www.googletagmanager.com	www.google-analytics.com www.ekiten.jp
2	b.st-hatena.com	1 redirects amp-hair203.com
2	maxcdn.bootstrapcdn.com	amp-hair203.com maxcdn.bootstrapcdn.com
1	px.ads.linkedin.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	ad.turn.com	1 redirects
1	ssbsync.smartadserver.com	1 redirects
1	tg.socdm.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	dis.criteo.com	1 redirects
1	cr-p10.ladsp.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	js-sec.indexww.com	cpt.geniee.jp
1	sync6.im-apps.net	cpt.geniee.jp
1	torimochi.line-apps.com	social-plugins.line.me
1	320f55b885aa46911d8578d51a4694b8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	d.line-scdn.net	social-plugins.line.me
1	social-plugins.line.me	www.line-website.com
1	secure.cdn.fastclick.net	amp-hair203.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	prebid-asia.creativecdn.com	cpt.geniee.jp
1	bidder.criteo.com	cpt.geniee.jp
1	hbopenbid.pubmatic.com	cpt.geniee.jp
1	htlb.casalemedia.com	cpt.geniee.jp
1	cdn.jsdelivr.net	cpt.geniee.jp
1	am.yahoo.co.jp	s.yimg.jp
1	www.google.co.jp	www.ekiten.jp
1	wrappers.geoedge.be	cpt.geniee.jp
1	s.yimg.jp	www.googletagmanager.com
1	csi.gstatic.com	securepubads.g.doubleclick.net
1	yads.c.yimg.jp	cpt.geniee.jp
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	b.hatena.ne.jp	amp-hair203.com
1	pixel.wp.com	amp-hair203.com
1	i0.wp.com	amp-hair203.com
1	i2.wp.com	amp-hair203.com
1	stats.wp.com	amp-hair203.com
1	ajax.googleapis.com	amp-hair203.com
0	aax-eu.amazon-adsystem.com Failed
242	95

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
plus.google.com
b.hatena.ne.jp
line.me
www.ekiten.jp

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.ekiten.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-12-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-21` - `2023-04-21`	3 months	crt.sh
*.b.hatena.ne.jp Amazon RSA 2048 M02	`2023-02-22` - `2023-11-21`	9 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.geniee.jp GeoTrust RSA CA 2018	`2023-03-17` - `2024-03-09`	a year	crt.sh
*.line-website.com GlobalSign RSA OV SSL CA 2018	`2022-06-21` - `2023-07-23`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2023-04-12` - `2024-05-11`	a year	crt.sh
*.a8.net GlobalSign GCC R3 DV TLS CA 2020	`2022-05-27` - `2023-06-28`	a year	crt.sh
t.afi-b.com Cybertrust Japan SureServer EV CA G3	`2023-01-16` - `2024-02-15`	a year	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-02-21` - `2023-10-10`	8 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
mscedge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2022-11-04` - `2023-12-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.ladsp.com GlobalSign RSA OV SSL CA 2018	`2022-05-09` - `2023-06-10`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-25` - `2023-12-25`	a year	crt.sh
w.line.me GeoTrust RSA CA 2018	`2022-09-21` - `2023-09-23`	a year	crt.sh
line-apps.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-11` - `2024-01-11`	a year	crt.sh
*.line-apps.com GlobalSign RSA OV SSL CA 2018	`2022-10-13` - `2023-11-14`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh

This page contains 28 frames:

Primary Page: http://amp-hair203.com/
Frame ID: C310A7A2E46106429ABF6BCC8F7AF7DC
Requests: 62 HTTP requests in this frame

Frame: https://www.ekiten.jp/shop_6992886/
Frame ID: 9D3BA59E1F9B4DBAF99E9199FAB22E60
Requests: 79 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/zrt_lookup.html
Frame ID: DB09D4894F8A4C41CA12A96D2230C03B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df237034cd27a324%2526domain%253Damp-hair203.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Famp-hair203.com%25252Ff6c06748512bb4%2526relation%253Dparent.parent%26container_width%3D300%26height%3D230%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F%2525E3%252582%2525A2%2525E3%252583%2525B3%2525E3%252583%252597%2525E3%252583%252598%2525E3%252582%2525A2%2525E3%252583%2525BC-amp-hair-362201357300510%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D500
Frame ID: 87163F9437F912F023CC87DA5BBBF65A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1985128326793428&output=html&h=280&slotname=5878542993&adk=561436596&adf=2510424490&pi=t.ma~as.5878542993&w=336&lmt=1681460417&format=336x280&url=http%3A%2F%2Famp-hair203.com%2F&wgl=1&dt=1681460417107&bpp=3&bdt=274&idt=276&shv=r20230412&mjsv=m202304100101&ptt=9&saldr=aa&abxe=1&correlator=7059222148692&frm=20&pv=2&ga_vid=1710795840.1681460417&ga_sid=1681460417&ga_hid=234092142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=1258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073762&oid=2&pvsid=255575912317066&tmod=1680666729&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=U7fDDlR1HL&p=http%3A//amp-hair203.com&dtd=297
Frame ID: 425ACECA0F09337F36A7C93EB5F06FE0
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1985128326793428&output=html&h=280&slotname=5878542993&adk=3850978988&adf=43369503&pi=t.ma~as.5878542993&w=336&lmt=1681460417&format=336x280&url=http%3A%2F%2Famp-hair203.com%2F&wgl=1&dt=1681460417110&bpp=1&bdt=276&idt=299&shv=r20230412&mjsv=m202304100101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=7059222148692&frm=20&pv=1&ga_vid=1710795840.1681460417&ga_sid=1681460417&ga_hid=234092142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=2643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073762&oid=2&pvsid=255575912317066&tmod=1680666729&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=UzNFpafwem&p=http%3A//amp-hair203.com&dtd=303
Frame ID: F02803BA3370A6453FA9E9FC0F89C84D
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1985128326793428&output=html&adk=1812271804&adf=3025194257&lmt=1681460417&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C260x1080_r&format=0x0&url=http%3A%2F%2Famp-hair203.com%2F&ea=0&pra=7&wgl=1&dt=1681460417126&bpp=2&bdt=293&idt=290&shv=r20230412&mjsv=m202304100101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&nras=1&correlator=7059222148692&frm=20&pv=1&ga_vid=1710795840.1681460417&ga_sid=1681460417&ga_hid=234092142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073762&oid=2&pvsid=255575912317066&tmod=1680666729&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=304
Frame ID: 84B2FBA4AE74694403D635C27FE0B0C4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Frame ID: 2657A2A096025F174FE1F6680FE09374
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Frame ID: 214FFE40839130B024E0E67779EA9563
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.ekiten.jp
Frame ID: A787CF6160D3B94313D1E89B6CBBE9D6
Requests: 2 HTTP requests in this frame

Frame: https://social-plugins.line.me/widget/share?url=https%3A%2F%2Fwww.ekiten.jp%2Fshop_6992886%2F&buttonType=share-a&size=small&count=false&color=default&lang=ja&type=share&ver=3&id=0&origin=https%3A%2F%2Fwww.ekiten.jp%2Fshop_6992886%2F&title=a.m.p%20hair%EF%BC%88%E6%98%8E%E7%9F%B3%E5%B8%82%E6%98%8E%E5%8D%97%E7%94%BA%EF%BC%89%20%7C%20%E3%82%A8%E3%82%AD%E3%83%86%E3%83%B3&env=REAL
Frame ID: 6B558CAF406E7F0186108C0E2349DEAA
Requests: 6 HTTP requests in this frame

Frame: https://www.facebook.com/v16.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1027a72dba7028%26domain%3Dwww.ekiten.jp%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.ekiten.jp%252Ff10aa2ad887cfc8%26relation%3Dparent.parent&container_width=70&href=https%3A%2F%2Fwww.ekiten.jp%2Fshop_6992886%2F&layout=button&locale=ja_JP&sdk=joey&size=small
Frame ID: D7493A81487AB965BCAD09FE441F003B
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9B5EDFF2E772176AA3D693806BB0CD98
Requests: 1 HTTP requests in this frame

Frame: https://320f55b885aa46911d8578d51a4694b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 569BB969D7208BFD1EFDC2A647A7A95F
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Frame ID: 48A5CB1F624DE80AD6BE98BDB0CD6C9D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 37EE813F253F350F0C133980C21AAA60
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F18970178006BDDAE1E7A15AEEE6CFA5
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df11b0ac3867dc%2526domain%253Damp-hair203.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Famp-hair203.com%25252Ff6c06748512bb4%2526relation%253Dparent.parent%26container_width%3D0%26height%3D230%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F%2525E3%252582%2525A2%2525E3%252583%2525B3%2525E3%252583%252597%2525E3%252583%252598%2525E3%252582%2525A2%2525E3%252583%2525BC-amp-hair-362201357300510%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D500
Frame ID: 8C9A5EEE8CF5F1108AEF178E1EF9F618
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E4477672CDADE7AA80A7A9ABA4074FBA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C80A4EEE61CBA00EB716A00632CF1DFA
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=amp-hair203.com
Frame ID: 80E69621351FD05391CF1F34FF356B64
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1122240A9646F785664308F44B33CC94
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Frame ID: 981846DEC521D80E7204E7E998CD7C77
Requests: 13 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D75BFB8AC6B40C4BA23585F879C2E39F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ekiten.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 39BA3C43796470454C78E4120B4805DC
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AfMcW8GqtTs4ks8AD1kEixK5Ys8AAAGHftnnrA
Frame ID: BB5CA66147BA4B506623372AF5476A97
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: AF889BBB03FA266FAFD6FA7A2AE4338E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:24c46439-0cc6-4b00-8ece-dea72e5df410&gdpr=0&gdpr_consent=
Frame ID: 7F296459484EC7AB4C67FF397FD9F824
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

西明石の美容院・美容室”a.m.p hair”口コミ・紹介で人気のヘアサロン

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

242
Requests

74 %
HTTPS

41 %
IPv6

58
Domains

95
Subdomains

71
IPs

5
Countries

6533 kB
Transfer

12520 kB
Size

12
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/sharer.php?src=bm&u=http%3A%2F%2Famp-hair203.com&t=%E8%A5%BF%E6%98%8E%E7%9F%B3%E3%81%AE%E7%BE%8E%E5%AE%B9%E9%99%A2%E3%80%80%E7%BE%8E%E5%AE%B9%E5%AE%A4+%E5%8F%A3%E3%82%B3%E3%83%9F%E3%81%A7%E4%BA%BA%E6%B0%97%E3%81%AE%E3%83%98%E3%82%A2%E3%82%B5%E3%83%AD%E3%83%B3+a.m.p+hair
Title: Facebook

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=http%3A%2F%2Famp-hair203.com
Title: Google+

Search URL Search Domain Scan URL

URL: http://b.hatena.ne.jp/entry/
Title: B!はてブ

Search URL Search Domain Scan URL

URL: http://line.me/R/msg/text/?%E8%A5%BF%E6%98%8E%E7%9F%B3%E3%81%AE%E7%BE%8E%E5%AE%B9%E9%99%A2%E3%80%80%E7%BE%8E%E5%AE%B9%E5%AE%A4+%E5%8F%A3%E3%82%B3%E3%83%9F%E3%81%A7%E4%BA%BA%E6%B0%97%E3%81%AE%E3%83%98%E3%82%A2%E3%82%B5%E3%83%AD%E3%83%B3+a.m.p+hair%0Ahttp%3A%2F%2Famp-hair203.com
Title: LINE

Search URL Search Domain Scan URL

URL: http://www.ekiten.jp/shop_6992886/?tnm=rsw
Title: a.m.p hairの口コミをもっと見る

Search URL Search Domain Scan URL

URL: http://www.ekiten.jp/?tnm=rsw

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

http://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css?ver=4.5.0 HTTP 307
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css?ver=4.5.0

Request Chain 21

http://b.st-hatena.com/js/bookmark_button.js HTTP 301
https://b.st-hatena.com/js/bookmark_button.js

Request Chain 35

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 36

http://www.ekiten.jp/shop_6992886/tools_review_show_widget_280_250.html HTTP 301
https://www.ekiten.jp/shop_6992886/tools_review_show_widget_280_250.html HTTP 301
https://www.ekiten.jp/shop_6992886/

Request Chain 37

http://connect.facebook.net/en_US/sdk.js HTTP 307
https://connect.facebook.net/en_US/sdk.js

Request Chain 55

https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df237034cd27a324%26domain%3Damp-hair203.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Famp-hair203.com%252Ff6c06748512bb4%26relation%3Dparent.parent&container_width=300&height=230&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2F%25E3%2582%25A2%25E3%2583%25B3%25E3%2583%2597%25E3%2583%2598%25E3%2582%25A2%25E3%2583%25BC-amp-hair-362201357300510%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=false&width=500 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df237034cd27a324%2526domain%253Damp-hair203.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Famp-hair203.com%25252Ff6c06748512bb4%2526relation%253Dparent.parent%26container_width%3D300%26height%3D230%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F%2525E3%252582%2525A2%2525E3%252583%2525B3%2525E3%252583%252597%2525E3%252583%252598%2525E3%252582%2525A2%2525E3%252583%2525BC-amp-hair-362201357300510%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D500

Request Chain 188

https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df11b0ac3867dc%26domain%3Damp-hair203.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Famp-hair203.com%252Ff6c06748512bb4%26relation%3Dparent.parent&container_width=0&height=230&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2F%25E3%2582%25A2%25E3%2583%25B3%25E3%2583%2597%25E3%2583%2598%25E3%2582%25A2%25E3%2583%25BC-amp-hair-362201357300510%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=false&width=500 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df11b0ac3867dc%2526domain%253Damp-hair203.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Famp-hair203.com%25252Ff6c06748512bb4%2526relation%253Dparent.parent%26container_width%3D0%26height%3D230%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F%2525E3%252582%2525A2%2525E3%252583%2525B3%2525E3%252583%252597%2525E3%252583%252598%2525E3%252582%2525A2%2525E3%252583%2525BC-amp-hair-362201357300510%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D500

Request Chain 201

https://gum.criteo.com/sid/json?origin=publishertag&domain=www.ekiten.jp&sn=ChromeSyncframe&so=0&topUrl=amp-hair203.com&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=gCwd6nxzTlJGR24xdEpQenRaNnhMSUxBWWh4VklVdmIzTGRvRVArVmY4YWNVVVRDVFVQMnAvWkl0QmlENTBoaHFVL0hZTWwzVkNPQ1FWdVBCdXBVQ2crZVV0SytqdURRdElSd05rOTFwYmROSFQrNVd4eFBmQW5zZWZNQkIra29DRXMxSW9RSk55Y1Y5dWJkU0JZUlZNVG5WbXAwOW9uSjZSS2xLNDV1U0ZvajZZY3l2V0R1b05MR1ZGc1VFWm1mS0x6TkRnUzAxRjZWRzhwb2cyT3dFS0gzMnZkYWJCUGwyZlVuUnFwcm1EemlYUnRoNHBqOGxxdVhHT3R0VUhyZVVlcXNjajBON0hFU3UrdnRHeTVmWlRyZ1VSUFZ6bUlEcElWKzd1TE9zcGFHK2JyST18&cppv=2

Request Chain 204

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Famp-hair203.com%2F&domain=www.ekiten.jp&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=55_5LHxjdkE2azNuTkdOd1JqR2cxUm4yTThhbWVhSFBsREd5eWUrTHprbE1DeHlnYzlxSGwzTy9mRFVwWXJKK3d0cUVtVTlLMEozak51RkU4YWJYZTNsUVNwWkwvcFhBNlVqcGVCODF6ZjFHU09NZHVnUkV2ZVRiaTN4Qk1BQ1lIMm03b1Roemw4MHR1bUg4V2hXd0U0dmVzanNzVHNtdUxHMWtISlZYMEd4UHRLcWFUeXhxbWpkbjlFenVtd2l0QlF2dThPQlFBWHdLQmtRbXgzSFFHY0NsYlY1ZXEraFlvYnFheGpDR3ZFYjcvY0lkMHFQY0MxN1QrSFRIOXg3SGY4bnVIYWpxNExnOVAxNHBLNkNXZTRMSmNMb25uSDRFb2JUaTQ5dCtmMGQyKzRFdz18&cppv=2

Request Chain 209

https://cr-p31.ladsp.com/cookiesender/31 HTTP 302
https://cr-p31.ladsp.com/cookiesender/31?cr=true

Request Chain 214

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ekiten.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ekiten.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 215

https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AfMcW8GqtTs4ks8AD1kEixK5Ys8AAAGHftnnrA

Request Chain 216

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 217

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:24c46439-0cc6-4b00-8ece-dea72e5df410&gdpr=0&gdpr_consent=

Request Chain 218

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VOGRga6bRnqK_R-strgZeA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 219

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=54E19181-AE9B-467A-8AFD-1FACB6B81978&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=54E19181-AE9B-467A-8AFD-1FACB6B81978&gdpr=0&gdpr_consent=&ct=y

Request Chain 220

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=54E19181-AE9B-467A-8AFD-1FACB6B81978 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=54E19181-AE9B-467A-8AFD-1FACB6B81978 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=89fb800c-c452-4362-bd48-4275a86b9439%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ae37c613-8bfa-4f79-b13f-d2bb4fb995f0&ttd_puid=89fb800c-c452-4362-bd48-4275a86b9439%2C%2C

Request Chain 221

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=54E19181-AE9B-467A-8AFD-1FACB6B81978&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=54E19181-AE9B-467A-8AFD-1FACB6B81978&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 222

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTRFMTkxODEtQUU5Qi00NjdBLThBRkQtMUZBQ0I2QjgxOTc4&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 223

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKDwnN7jsvPSGTxrOKqPy4k&google_cver=1

Request Chain 225

https://tg.socdm.com/rtb/sync?proto=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZDkMxsCo5soAAGElKL4AAAAA

Request Chain 226

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=2bdebf48-7b73-4c2b-8611-579da9b0a077&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=dea0539e-4225-43a5-8188-1ed36292392f&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 227

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ae37c613-8bfa-4f79-b13f-d2bb4fb995f0&gdpr=0&gdpr_consent=

Request Chain 228

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7130697014077080616

Request Chain 229

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://match.adsrvr.org/track/cmb/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ae37c613-8bfa-4f79-b13f-d2bb4fb995f0&expiration=1684052422&gdpr=0&gdpr_consent=

Request Chain 230

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZDkMxpnyD-8W66LiouIZVQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEO01KVoedVRgfZS5nh9k21c&google_cver=1

Request Chain 231

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZDkMxpnyD_8W66LiouIZVQAAFR0AAAAB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZDkMxpnyD_8W66LiouIZVQAAFR0AAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 232

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZDkMxpnyD_8W66LiouIZVQAAFR0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEF8ffpNvgnbB9ZNfhD5-mI&google_cver=1

Request Chain 233

https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8727031194070963273&gdpr=0&gdpr_consent=

Request Chain 234

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e5166439-0cc6-4d00-a173-d09f1b02a68b

Request Chain 235

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4531809269666740691

Request Chain 236

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D190%26external_user_id%3D%24UID HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8500445744931311125

Request Chain 238

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzViZjViYTQ5YjM3MmZiZjU5ZjIwOTY3MTQxNWNlYzhlY2QyMmQ2OA

Request Chain 239

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/45QR4X0DdkqyJtudW8FESw?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VZU7d95E2oIqKKFL8vlb2R4uO5UnrH4o3.LZMA--~A

Request Chain 240

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t

Request Chain 241

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGGA4ARP-Z-9GTG

Request Chain 242

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t

Request Chain 243

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ae37c613-8bfa-4f79-b13f-d2bb4fb995f0&gdpr=0&gdpr_consent=&expires=30

Request Chain 244

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIV14TFYfc3AApYlhZCjDgg&google_cver=1

Request Chain 245

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdHQTRBUlAtWi05R1RH HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKoMJWVJljpC5YFWjZ_ODq4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdHQTRBUlAtWi05R1RH&google_push=

242 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
amp-hair203.com/ 67 KB
13 KB 1338ms
1325ms Document
text/html 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache / PHP/5.6.40
Resource Hash: fc07a8a493c10a84067b5940109578189c329644710d5a6ffc405034bcec60a2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: none
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 12873
Content-Type: text/html; charset=UTF-8
Date: Fri, 14 Apr 2023 08:20:16 GMT
Link: <http://amp-hair203.com/wp-json/>; rel="https://api.w.org/", <https://wp.me/7JvTm>; rel=shortlink
Server: Apache
Vary: Range,Accept-Encoding
X-Powered-By: PHP/5.6.40

GET
H2 200 css
fonts.googleapis.com/ 2 KB
934 B 86ms
40ms Stylesheet
text/css 2404:6800:4004:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400

Requested by

Host: amp-hair203.com
URL: http://amp-hair203.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3af438b85a9f38ae85d45012804b50fd14883aa73e1837547d2926ca7045c45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Apr 2023 08:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 08:12:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Apr 2023 08:20:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
519 B 87ms
41ms Stylesheet
text/css 2404:6800:4004:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans

Requested by

Host: amp-hair203.com
URL: http://amp-hair203.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

130520f7fe7ccfe1a6006ffd7a8fb21e55961b3da231cee957b29bb34b633b3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Apr 2023 08:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 08:12:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Apr 2023 08:20:16 GMT

GET
H/1.1 200
OK style.min.css
amp-hair203.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 9ms
6ms Stylesheet
text/css 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.11
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Sep 2020 02:25:04 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 7907

GET
H/1.1 200
OK sb-type-std.css
amp-hair203.com/wp-content/plugins/speech-bubble/css/ 7 KB
1 KB 9ms
4ms Stylesheet
text/css 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/wp-content/plugins/speech-bubble/css/sb-type-std.css?ver=5.5.11
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: a699595d8a764aeffaffe91b2ae8a7a387673f54817e0d20d8c752428da59dbf

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Sep 2016 08:39:25 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 1249

GET
H/1.1 200
OK sb-type-fb.css
amp-hair203.com/wp-content/plugins/speech-bubble/css/ 8 KB
2 KB 13ms
9ms Stylesheet
text/css 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/wp-content/plugins/speech-bubble/css/sb-type-fb.css?ver=5.5.11
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: 4bfd312296f6ce4d7046965082e505573ecf4e1a8e7db3c8a78b74ae19a00fc1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Sep 2016 08:39:25 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 1388

GET
H/1.1 200
OK sb-type-fb-flat.css
amp-hair203.com/wp-content/plugins/speech-bubble/css/ 8 KB
2 KB 10ms
6ms Stylesheet
text/css 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/wp-content/plugins/speech-bubble/css/sb-type-fb-flat.css?ver=5.5.11
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: efb33914f8d56c343c2d8f53438b10cbf6db572710e841570e76712f2dca1ca8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Sep 2016 08:39:25 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 1284

GET
H/1.1 200
OK sb-type-ln.css
amp-hair203.com/wp-content/plugins/speech-bubble/css/ 9 KB
2 KB 8ms
5ms Stylesheet
text/css 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/wp-content/plugins/speech-bubble/css/sb-type-ln.css?ver=5.5.11
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: bdbbfcb06d7bb24246a34c0531bcb663e30313548693508879f82c9c492bde32

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Sep 2016 08:39:25 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 1459

GET
H/1.1 200
OK sb-type-ln-flat.css
amp-hair203.com/wp-content/plugins/speech-bubble/css/ 8 KB
2 KB 8ms
4ms Stylesheet
text/css 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/wp-content/plugins/speech-bubble/css/sb-type-ln-flat.css?ver=5.5.11
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: 6909b19e21897a72788ccfbfb3156bc57ecba58de8cd86d839a382212c9db517

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Sep 2016 08:39:25 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 1346

GET
H/1.1 200
OK sb-type-pink.css
amp-hair203.com/wp-content/plugins/speech-bubble/css/ 7 KB
1 KB 21ms
7ms Stylesheet
text/css 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/wp-content/plugins/speech-bubble/css/sb-type-pink.css?ver=5.5.11
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: 202e583125ed1f7d3725aaa76d45a001bead25ead00fd9c16158f787f432d06c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Sep 2016 08:39:25 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 1273

GET
H/1.1 200
OK sb-type-rtail.css
amp-hair203.com/wp-content/plugins/speech-bubble/css/ 7 KB
1 KB 21ms
8ms Stylesheet
text/css 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/wp-content/plugins/speech-bubble/css/sb-type-rtail.css?ver=5.5.11
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: 9d91b92a98e0531b38dadd932958f8381b2e204aed6e10832e221e61a91a7b60

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Sep 2016 08:39:25 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 1252

GET
H/1.1 200
OK sb-type-drop.css
amp-hair203.com/wp-content/plugins/speech-bubble/css/ 7 KB
2 KB 21ms
7ms Stylesheet
text/css 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/wp-content/plugins/speech-bubble/css/sb-type-drop.css?ver=5.5.11
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: d7dfb01ecf89563fe0be62a5b4958e2294cf7012115a72e0c65e2d07155ee63e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Sep 2016 08:39:25 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 1323

GET
H/1.1 200
OK sb-type-think.css
amp-hair203.com/wp-content/plugins/speech-bubble/css/ 5 KB
1 KB 21ms
7ms Stylesheet
text/css 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/wp-content/plugins/speech-bubble/css/sb-type-think.css?ver=5.5.11
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: 8b2e3ca39f719db021cf62da12a9e883c6f48a9a1d57ae127d8f3af73539501e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Sep 2016 08:39:25 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 1001

GET
H/1.1 200
OK sb-no-br.css
amp-hair203.com/wp-content/plugins/speech-bubble/css/ 83 B
348 B 20ms
6ms Stylesheet
text/css 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/wp-content/plugins/speech-bubble/css/sb-no-br.css?ver=5.5.11
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: 5f5a2ab6f266073addd32288f2f0e6a9a860d9831913d46614528f7581581872

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Sep 2016 08:39:25 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 88

GET
H/1.1 200
OK screen.min.css
amp-hair203.com/wp-content/plugins/table-of-contents-plus/ 1 KB
717 B 21ms
7ms Stylesheet
text/css 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2002
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: 2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Sep 2020 02:25:50 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 456

GET
H/1.1 200
OK normalize.css
amp-hair203.com/wp-content/themes/stingerplus/css/ 2 KB
1 KB 28ms
5ms Stylesheet
text/css 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/wp-content/themes/stingerplus/css/normalize.css?ver=1.5.9
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: 72e5e3fcd775fb75052cfa8980a8664b47e978d986fc7ab4ccd5f5c70c2ce9fb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2016 05:57:16 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 898

GET
H2

200

font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/
Redirect Chain

http://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css?ver=4.5.0
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css?ver=4.5.0

27 KB
7 KB

26ms
9ms

Stylesheet
text/css

2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css?ver=4.5.0

Requested by

Host: amp-hair203.com
URL: http://amp-hair203.com/

Protocol

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625, 617, 617
age: 11712883
cdn-cachedat: 2021-04-27 10:27:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: d2c40924b4265e1afbc4b237bdbc524e
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 7b7a87556cb2b009-NRT
cdn-requestpullsuccess: True

Redirect headers

Location: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css?ver=4.5.0
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK style.css
amp-hair203.com/wp-content/themes/stingerplus-child/ 694 B
549 B 28ms
5ms Stylesheet
text/css 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/wp-content/themes/stingerplus-child/style.css?ver=5.5.11
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: f0906c164edb8b9b1eeaa8fdba14621e5b4e58d85f6c78a07e8512b5eda4a363

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Jul 2016 03:55:06 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 288

GET
H/1.1 200
OK jetpack.css
amp-hair203.com/wp-content/plugins/jetpack/css/ 75 KB
14 KB 29ms
6ms Stylesheet
text/css 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/wp-content/plugins/jetpack/css/jetpack.css?ver=9.4.2
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: 50230a768774ba88bdeb31d5bf3cdcd95b90248334753ab4256aed572396d97b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Jun 2021 17:56:10 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 13701

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
34 KB 9ms
4ms Script
text/javascript 2404:6800:4004:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js?ver=1.11.3

Requested by

Host: amp-hair203.com
URL: http://amp-hair203.com/

Protocol

HTTP/1.1

Server

2404:6800:4004:820::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 06:11:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 94109
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 33507
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 12 Apr 2024 06:11:47 GMT

GET
H/1.1 200
OK cropped-flowRoot457.png
amp-hair203.com/wp-content/uploads/2016/07/ 403 KB
404 KB 9ms
8ms Image
image/png 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://amp-hair203.com/wp-content/uploads/2016/07/cropped-flowRoot457.png
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: 73d6e5c5185ed88c385c4614b3e7411978826deaf645d21871ab53b1f7e50fce

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Jul 2016 00:56:54 GMT
Server: Apache
Transfer-Encoding: chunked
Vary: Range,Accept-Encoding
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: none

GET
H/1.1 200
OK no-img.png
amp-hair203.com/wp-content/themes/stingerplus/images/ 359 B
637 B 9ms
7ms Image
image/png 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://amp-hair203.com/wp-content/themes/stingerplus/images/no-img.png
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: ab25fc8a4bd25de702592cc4ca30050fd2c1a349357360fe6f7ad5d407185683

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2016 05:57:16 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: none
Content-Length: 375

GET
H2

200

bookmark_button.js Show response
b.st-hatena.com/js/
Redirect Chain

http://b.st-hatena.com/js/bookmark_button.js
https://b.st-hatena.com/js/bookmark_button.js

20 KB
7 KB

20ms
3ms

Script
application/x-javascript

13.249.167.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.st-hatena.com/js/bookmark_button.js

Requested by

Host: amp-hair203.com
URL: http://amp-hair203.com/

Protocol

Server

13.249.167.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-167-17.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

ff6c7e12a48fa77ed222b18ebd834a1ac84e30fee80ec69637d5bcd2add16dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 22:01:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 485a3f3952abb9ffd104282711d087dc.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C3
age: 37155
x-cache: Hit from cloudfront
last-modified: Thu, 13 Apr 2023 01:39:22 GMT
server: nginx
etag: W/"64375d4a-5016"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=86400
x-amz-cf-id: GYhjb04PHG4VjpPrmRzJHTbtRQ1D7-3F13Ie6v52nKyhr82JXWjcvQ==
expires: Fri, 14 Apr 2023 22:01:02 GMT

Redirect headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Via: 1.1 f6e36d57fcfa2325d4864c3a378068da.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: NRT12-C3
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://b.st-hatena.com/js/bookmark_button.js
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: PZqUf1JBN65l9iTZV2fK7-pwqQYjaORY_78mgXCUiyS3xWNlGLP6tg==

GET
H2 200 box_top.gif
i1.wp.com/www.img01.ekiten.jp/images/ 70 B
227 B 22ms
1ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.img01.ekiten.jp/images/box_top.gif?resize=290%2C10

Requested by

Host: amp-hair203.com
URL: http://amp-hair203.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

9dd7930d2bfee7822410928d05b2a8053b94651d81abd3a40b8f42af4fdb3f51

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc: HIT nrt 4
date: Fri, 14 Apr 2023 08:20:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 Apr 2023 07:28:09 GMT
server: nginx
etag: "f090356804a2c89a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.img01.ekiten.jp/images/box_top.gif>; rel="canonical"
content-length: 70
expires: Fri, 11 Apr 2025 19:28:09 GMT

GET
H2 200 measure_review_show_widget.gif
i1.wp.com/www.img01.ekiten.jp/images/ 2 KB
2 KB 21ms
0ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.img01.ekiten.jp/images/measure_review_show_widget.gif?w=120

Requested by

Host: amp-hair203.com
URL: http://amp-hair203.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

b1b5823974e980147374f3d26df73800931f9e66855b90b412d7cffa7f07e797

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc: HIT nrt 7
date: Fri, 14 Apr 2023 08:20:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Sep 2022 23:27:54 GMT
server: nginx
etag: "0f8f8c1ea51d7dbc"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.img01.ekiten.jp/images/measure_review_show_widget.gif>; rel="canonical"
content-length: 2140
expires: Thu, 05 Sep 2024 11:27:54 GMT

GET
H2 200 box_bottom.gif
i1.wp.com/www.img01.ekiten.jp/images/ 72 B
222 B 22ms
2ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.img01.ekiten.jp/images/box_bottom.gif?resize=290%2C10

Requested by

Host: amp-hair203.com
URL: http://amp-hair203.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

eeca018400700ce24d9b641d89a5d2d7f371cef9bf82cd8b875a949228d71e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc: HIT nrt 4
date: Fri, 14 Apr 2023 08:20:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Apr 2023 13:09:18 GMT
server: nginx
etag: "3397a8e3c8261736"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.img01.ekiten.jp/images/box_bottom.gif>; rel="canonical"
content-length: 72
expires: Sat, 05 Apr 2025 01:09:18 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
50 KB 107ms
105ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: amp-hair203.com
URL: http://amp-hair203.com/

Protocol

HTTP/1.1

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34577df14a5c3dd592ecadb660d224d82486058bcbce71083a99e5651a7b5d81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 50792
X-XSS-Protection: 0
Server: cafe
ETag: 3077852159781522095
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Fri, 14 Apr 2023 08:20:17 GMT

GET
H/1.1 200
OK photon.min.js Show response
amp-hair203.com/wp-content/plugins/jetpack/_inc/build/photon/ 758 B
696 B 6ms
5ms Script
application/javascript 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Jun 2021 17:56:10 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: none
Content-Length: 421

GET
H/1.1 200
OK front.min.js Show response
amp-hair203.com/wp-content/plugins/table-of-contents-plus/ 6 KB
3 KB 4ms
4ms Script
application/javascript 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2002
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: 4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Sep 2020 02:25:50 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: none
Content-Length: 2349

GET
H/1.1 200
OK facebook-embed.min.js Show response
amp-hair203.com/wp-content/plugins/jetpack/_inc/build/ 737 B
735 B 3ms
3ms Script
application/javascript 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/wp-content/plugins/jetpack/_inc/build/facebook-embed.min.js
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: 75f7bf0ff2d3d8880e9006a2567b8d07183899dc678a5d396f5c5febd9006187

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Jun 2021 17:56:10 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: none
Content-Length: 460

GET
H/1.1 200
OK wp-embed.min.js Show response
amp-hair203.com/wp-includes/js/ 1 KB
1 KB 4ms
4ms Script
application/javascript 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/wp-includes/js/wp-embed.min.js?ver=5.5.11
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 05:58:17 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: none
Content-Length: 765

GET
H/1.1 200
OK base.js Show response
amp-hair203.com/wp-content/themes/stingerplus/js/ 6 KB
2 KB 3ms
3ms Script
application/javascript 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/wp-content/themes/stingerplus/js/base.js?ver=5.5.11
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: 361cec3bfc2dd33b737944f5a67dfc6dae9a8bba49d8f1e2f7339c3f6dfce4ca

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2016 05:57:16 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: none
Content-Length: 1956

GET
H/1.1 200
OK scroll.js Show response
amp-hair203.com/wp-content/themes/stingerplus/js/ 3 KB
1 KB 6ms
6ms Script
application/javascript 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/wp-content/themes/stingerplus/js/scroll.js?ver=5.5.11
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: 88b88140a0257b0563ce76a4db5b28e6247909731ac6995e82dd17768a735ce1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2016 05:57:16 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: none
Content-Length: 859

GET
H2 200 e-202315.js Show response
stats.wp.com/ 9 KB
3 KB 22ms
0ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202315.js
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc: HIT nrt
date: Fri, 14 Apr 2023 08:20:16 GMT
content-encoding: br
server: nginx
etag: W/"61adb0c2-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sat, 06 Apr 2024 12:13:10 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
amp-hair203.com/wp-includes/js/ 14 KB
5 KB 9ms
9ms Script
application/javascript 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.11
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: 07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 05:58:18 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: none
Content-Length: 4662

GET
H/1.1 200
OK style.css
amp-hair203.com/wp-content/themes/stingerplus/ 55 KB
11 KB 6ms
6ms Stylesheet
text/css 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://amp-hair203.com/wp-content/themes/stingerplus/style.css
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/wp-content/themes/stingerplus-child/style.css?ver=5.5.11
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: b55dd05f670b41860201b86f90cc50994d8e6221555557742ae9df852638d29f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/wp-content/themes/stingerplus-child/style.css?ver=5.5.11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Aug 2016 01:42:27 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 11075

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

82ms
2ms

Script
text/javascript

2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: amp-hair203.com
URL: http://amp-hair203.com/

Protocol

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Apr 2023 08:04:57 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 920
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 14 Apr 2023 10:04:57 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

/ Show response
www.ekiten.jp/shop_6992886/ Frame 9D3B
Redirect Chain

http://www.ekiten.jp/shop_6992886/tools_review_show_widget_280_250.html
https://www.ekiten.jp/shop_6992886/tools_review_show_widget_280_250.html
https://www.ekiten.jp/shop_6992886/

125 KB
26 KB

851ms
851ms

Document
text/html

52.69.217.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ekiten.jp/shop_6992886/
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.69.217.165 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-69-217-165.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d592013bb319d85f8307f822960b9aa008f51921527b427eed8f06795fe2fd91

Request headers

Referer: http://amp-hair203.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 14 Apr 2023 08:20:17 GMT
server: nginx

Redirect headers

content-type: text/html; charset=UTF-8
date: Fri, 14 Apr 2023 08:20:17 GMT
location: https://www.ekiten.jp/shop_6992886/
server: nginx

GET
H2

200

sdk.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/sdk.js
https://connect.facebook.net/en_US/sdk.js

3 KB
2 KB

18ms
4ms

Script
application/x-javascript

2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: amp-hair203.com
URL: http://amp-hair203.com/

Protocol

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

68c12e995384f6fe6f3731b744de076b7355617b7618d44d9bc25972d1cef0bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Apr 2023 08:20:17 GMT
content-md5: nt2Kt0MoSuQ3vMN+gqm8Rg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: fZUi8dHT+sukWkM4KadHcNZujVSQxpXjJtfYNRH/cWyq1qJG/wzWfcAe7WVgVf2RApAwwK+pg8WQi5vjtjM5vA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 382461245
x-fb-content-md5: 0340b629222508ec350ba0974ab18be1
cross-origin-opener-policy: same-origin-allow-popups
etag: "b4fe990a3dceae5fb30b9a8b87201544"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 14 Apr 2023 08:28:57 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/sdk.js#xfbml=1&appId=249643311490&version=v2.3
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK a183743f871935013a03591fd2d353f4_l.jpg
amp-hair203.com/wp-content/uploads/2018/02/ 3 MB
3 MB 15ms
9ms Image
image/jpeg 157.7.107.31
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://amp-hair203.com/wp-content/uploads/2018/02/a183743f871935013a03591fd2d353f4_l.jpg
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 157.7.107.31 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-31.virt.lolipop.jp
Software: Apache /
Resource Hash: dcaf45c8858c3d48ebd02eab1598410c7d2ba7ebd6b9531826c440ca75759593

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Feb 2018 04:52:12 GMT
Server: Apache
Transfer-Encoding: chunked
Vary: Range,Accept-Encoding
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: none

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 65 KB
66 KB 136ms
126ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css?ver=4.5.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css?ver=4.5.0
Origin: http://amp-hair203.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 987
cdn-cachedat: 09/13/2022 20:52:11
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66624
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 286afe0bc2fda9f00eeecb153bd30e43
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7b7a87562cd2f69d-NRT
cdn-requestpullsuccess: True

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 12 KB
13 KB 54ms
2ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://amp-hair203.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:35:40 GMT
x-content-type-options: nosniff
age: 251077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12708
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:35:40 GMT

GET
H2 200 Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_DjQbMZhLw.woff2
fonts.gstatic.com/s/josefinsans/v25/ 11 KB
11 KB 55ms
4ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v25/Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_DjQbMZhLw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a79b18e7744f210f2400940cbd7e4b7767391e833645f761b759e9a1a365af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://amp-hair203.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:00:01 GMT
x-content-type-options: nosniff
age: 249616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10892
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:56:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 11:00:01 GMT

GET
H2 200 IMG_20181205_150537_1-scaled.jpg
i1.wp.com/amp-hair203.com/wp-content/uploads/2020/02/ 4 KB
4 KB 114ms
111ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/amp-hair203.com/wp-content/uploads/2020/02/IMG_20181205_150537_1-scaled.jpg?resize=150%2C150

Requested by

Host: amp-hair203.com
URL: http://amp-hair203.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

be980e6cb8ab2c88119a851d32bd7639a0bccd0c2fbe56787686046c42c3a20c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc: MISS nrt 2
date: Fri, 14 Apr 2023 08:20:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 Apr 2023 13:56:01 GMT
server: nginx
etag: "73f4cb3973152b8b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://amp-hair203.com/wp-content/uploads/2020/02/IMG_20181205_150537_1-scaled.jpg>; rel="canonical"
content-length: 3826
expires: Sun, 13 Apr 2025 01:56:01 GMT

GET
H2 200 IMG_20181202_103235-scaled.jpg
i1.wp.com/amp-hair203.com/wp-content/uploads/2020/09/ 4 KB
4 KB 118ms
114ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/amp-hair203.com/wp-content/uploads/2020/09/IMG_20181202_103235-scaled.jpg?resize=150%2C150

Requested by

Host: amp-hair203.com
URL: http://amp-hair203.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

5d44e294a74cd0996b87c8b9d8ab4c33c76e55ac7f48107aa1e2d5d20544c49f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc: MISS nrt 4
date: Fri, 14 Apr 2023 08:20:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 Apr 2023 13:56:01 GMT
server: nginx
etag: "ce21f08921eb57b6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://amp-hair203.com/wp-content/uploads/2020/09/IMG_20181202_103235-scaled.jpg>; rel="canonical"
content-length: 4178
expires: Sun, 13 Apr 2025 01:56:01 GMT

GET
H2 200 IMG_20181124_143635-scaled.jpg
i2.wp.com/amp-hair203.com/wp-content/uploads/2020/09/ 4 KB
4 KB 108ms
104ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/amp-hair203.com/wp-content/uploads/2020/09/IMG_20181124_143635-scaled.jpg?resize=150%2C150

Requested by

Host: amp-hair203.com
URL: http://amp-hair203.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

74998239350a15f83838d5dc78e0ae394ad0406ec49cea1ef9bf80d352cd439a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc: MISS nrt 1
date: Fri, 14 Apr 2023 08:20:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 Apr 2023 13:56:01 GMT
server: nginx
etag: "d3a5a48ff1b2d730"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://amp-hair203.com/wp-content/uploads/2020/09/IMG_20181124_143635-scaled.jpg>; rel="canonical"
content-length: 4198
expires: Sun, 13 Apr 2025 01:56:01 GMT

GET
H2 200 IMG_20181124_122120.jpg
i1.wp.com/amp-hair203.com/wp-content/uploads/2019/01/ 2 KB
2 KB 117ms
113ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/amp-hair203.com/wp-content/uploads/2019/01/IMG_20181124_122120.jpg?resize=150%2C150

Requested by

Host: amp-hair203.com
URL: http://amp-hair203.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

0047eacce776fda3e476f9febf0c5a023d5bf2953b94906bca1c96acff1da7ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc: MISS nrt 3
date: Fri, 14 Apr 2023 08:20:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 Apr 2023 13:56:02 GMT
server: nginx
etag: "ff70c5b16ff7f2c7"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://amp-hair203.com/wp-content/uploads/2019/01/IMG_20181124_122120.jpg>; rel="canonical"
content-length: 2364
expires: Sun, 13 Apr 2025 01:56:02 GMT

GET
H2 200 IMG_20181021_162603.jpg
i1.wp.com/amp-hair203.com/wp-content/uploads/2019/01/ 4 KB
4 KB 110ms
107ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/amp-hair203.com/wp-content/uploads/2019/01/IMG_20181021_162603.jpg?resize=150%2C150

Requested by

Host: amp-hair203.com
URL: http://amp-hair203.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

4e56a432e88c70f63773479185d81ade2d28c76ef7ce8d04c00a1ad0b8e8d8b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc: MISS nrt 3
date: Fri, 14 Apr 2023 08:20:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 Apr 2023 13:56:02 GMT
server: nginx
etag: "1d7021b36204ab3d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://amp-hair203.com/wp-content/uploads/2019/01/IMG_20181021_162603.jpg>; rel="canonical"
content-length: 4376
expires: Sun, 13 Apr 2025 01:56:02 GMT

GET
H2 200 IMG_20181204_175514.jpg
i0.wp.com/amp-hair203.com/wp-content/uploads/2019/01/ 3 KB
3 KB 107ms
103ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/amp-hair203.com/wp-content/uploads/2019/01/IMG_20181204_175514.jpg?resize=150%2C150

Requested by

Host: amp-hair203.com
URL: http://amp-hair203.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

f8d8e9f9d9d2586787ebe02685be4d31e7da518ffa33f245928bfe10beb7ecfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc: MISS nrt 3
date: Fri, 14 Apr 2023 08:20:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 Apr 2023 13:56:01 GMT
server: nginx
etag: "cb1168a69bf5d0be"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://amp-hair203.com/wp-content/uploads/2019/01/IMG_20181204_175514.jpg>; rel="canonical"
content-length: 3368
expires: Sun, 13 Apr 2025 01:56:01 GMT

GET
H2 200 IMG_20181016_125941.jpg
i1.wp.com/amp-hair203.com/wp-content/uploads/2019/01/ 3 KB
4 KB 105ms
103ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/amp-hair203.com/wp-content/uploads/2019/01/IMG_20181016_125941.jpg?resize=150%2C150

Requested by

Host: amp-hair203.com
URL: http://amp-hair203.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

87d3e210c6d2304d1396f191a799cfc90df9640a9aa8cb7f052d9013efa76737

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc: MISS nrt 8
date: Fri, 14 Apr 2023 08:20:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 Apr 2023 13:56:02 GMT
server: nginx
etag: "9e6eb9726ff8a043"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://amp-hair203.com/wp-content/uploads/2019/01/IMG_20181016_125941.jpg>; rel="canonical"
content-length: 3514
expires: Sun, 13 Apr 2025 01:56:02 GMT

GET
H/1.1 200
OK g.gif
pixel.wp.com/ 50 B
247 B 8ms
2ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.wp.com/g.gif?v=ext&j=1%3A9.4.2&blog=114281708&post=0&tz=9&srv=amp-hair203.com&host=amp-hair203.com&ref=&fcp=0&rand=0.35887229405613397
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: HTTP/1.1
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 14 Apr 2023 08:20:17 GMT
Cache-Control: no-cache
Server: nginx
Connection: keep-alive
Content-Length: 50
Content-Type: image/gif

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 32ms
7ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=5dcd73dddbe4f7c2cf0d93e1413c562c

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e73cc38db2c31ccb096016bc3a0e4fb938258d1442784a794e87c4a2bd42e129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://amp-hair203.com/
Origin: http://amp-hair203.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Apr 2023 08:20:17 GMT
content-md5: FD+W7AdbMQCZlYARqK7wbA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87100
x-fb-rlafr: 0
x-fb-debug: ZgvvG8l5oc+Eq7fZXHIkMecpLxq8iu2olfvyFEUySY9ugOdXtSF+c8/1Cp1l42WCRYMmFaIYjKT7tVTG1clawQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 6975e845b898f50d7d3c8dfbeb8e2293
cross-origin-opener-policy: same-origin-allow-popups
etag: "1d4e48e47cb71e532fd78fb0d999dbb2"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 13 Apr 2024 06:53:03 GMT

GET
H2 200 /
b.hatena.ne.jp/entry/button/ 43 B
368 B 47ms
12ms Image
image/gif 13.225.165.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.hatena.ne.jp/entry/button/?url=http%3A%2F%2Famp-hair203.com%2F&layout=simple&format=image

Requested by

Host: amp-hair203.com
URL: http://amp-hair203.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.165.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-165-94.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:17 GMT
via: 1.1 e6b20196b0d9593ce8bf37920e475b8c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
x-amz-cf-pop: NRT12-C4
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: public, max-age=3600, s-maxage=3600
content-length: 43
x-amz-cf-id: qibsHpyknp5I9K4LIEyLU9bMHJ5Cl4S2L8kRAp8V3j3zgSRCEoDk7A==

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304100101/ 345 KB
116 KB 169ms
127ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304100101/show_ads_impl_fy2021.js?bust=31073762

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f03cd11544b40c903f9c42be9c4cfd8865261fbda6e06a48658f80482c535d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118220
x-xss-protection: 0
server: cafe
etag: 12761327764658444029
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Apr 2023 08:20:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/ Frame DB09 10 KB
5 KB 48ms
3ms Document
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://amp-hair203.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 31016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Apr 2023 23:43:21 GMT
etag: 2378337311435320485
expires: Thu, 27 Apr 2023 23:43:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
220 B 43ms
41ms XHR
text/plain 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=234092142&t=pageview&_s=1&dl=http%3A%2F%2Famp-hair203.com%2F&ul=en-us&de=UTF-8&dt=%E8%A5%BF%E6%98%8E%E7%9F%B3%E3%81%AE%E7%BE%8E%E5%AE%B9%E9%99%A2%E3%83%BB%E7%BE%8E%E5%AE%B9%E5%AE%A4%E2%80%9Da.m.p%20hair%E2%80%9D%E5%8F%A3%E3%82%B3%E3%83%9F%E3%83%BB%E7%B4%B9%E4%BB%8B%E3%81%A7%E4%BA%BA%E6%B0%97%E3%81%AE%E3%83%98%E3%82%A2%E3%82%B5%E3%83%AD%E3%83%B3&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=415290525&gjid=1620726507&cid=1710795840.1681460417&tid=UA-70134246-1&_gid=1596297117.1681460417&_r=1&_slc=1&z=268543548

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e57c7e5259fdb6f0b0aff74e04501ec34a21ee9bbc2c1ad54b241c4668c3184e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://amp-hair203.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://amp-hair203.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.facebook.com/login/ Frame 8716
Redirect Chain

https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df237034cd27a324%26domain%3Damp-hai...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbit...

0
0

167ms
166ms

Document
text/html

2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df237034cd27a324%2526domain%253Damp-hair203.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Famp-hair203.com%25252Ff6c06748512bb4%2526relation%253Dparent.parent%26container_width%3D300%26height%3D230%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F%2525E3%252582%2525A2%2525E3%252583%2525B3%2525E3%252583%252597%2525E3%252583%252598%2525E3%252582%2525A2%2525E3%252583%2525BC-amp-hair-362201357300510%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D500

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=5dcd73dddbe4f7c2cf0d93e1413c562c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://amp-hair203.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 14 Apr 2023 08:20:17 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: maWfsxYb/ImTnCTEmv2lNwpKm1SxiFtEqLBvdiBv0CUp1LAzmBVJkecrlnBKK26QMERG04/8+kV1H0EwDiMHjQ==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 08:20:17 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v10.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df237034cd27a324%2526domain%253Damp-hair203.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Famp-hair203.com%25252Ff6c06748512bb4%2526relation%253Dparent.parent%26container_width%3D300%26height%3D230%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F%2525E3%252582%2525A2%2525E3%252583%2525B3%2525E3%252583%252597%2525E3%252583%252598%2525E3%252582%2525A2%2525E3%252583%2525BC-amp-hair-362201357300510%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D500
origin-agent-cluster: ?0
pragma: no-cache
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: 4PS77LntIFjmVpE4N/EMfKm2IJCDie3uVYgu3uNFNp6A8FwcszdcCw5xxgiGxS1cpQj6WU8U/c2urQwlDTVrlA==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 198 KB
71 KB 114ms
67ms Script
application/javascript 2404:6800:4004:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TELSNNSKSQ&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b8dc499d4e65a79ee59e9098869006c774bd474e0c24fd6e6ce567df216f5f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72717
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Apr 2023 08:20:17 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
607 B 92ms
41ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=amp-hair203.com&callback=_gfp_s_&client=ca-pub-1985128326793428

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304100101/show_ads_impl_fy2021.js?bust=31073762

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

862a6b9a37f7d9e2d768a4e107a34e60c16adb50ec1e74bb6f17cab633356046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
531 B 78ms
38ms Script
application/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=amp-hair203.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304100101/show_ads_impl_fy2021.js?bust=31073762

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 81ms
38ms Script
application/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=amp-hair203.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304100101/show_ads_impl_fy2021.js?bust=31073762

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 425A 90 KB
32 KB 350ms
349ms Document
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1985128326793428&output=html&h=280&slotname=5878542993&adk=561436596&adf=2510424490&pi=t.ma~as.5878542993&w=336&lmt=1681460417&format=336x280&url=http%3A%2F%2Famp-hair203.com%2F&wgl=1&dt=1681460417107&bpp=3&bdt=274&idt=276&shv=r20230412&mjsv=m202304100101&ptt=9&saldr=aa&abxe=1&correlator=7059222148692&frm=20&pv=2&ga_vid=1710795840.1681460417&ga_sid=1681460417&ga_hid=234092142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=1258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073762&oid=2&pvsid=255575912317066&tmod=1680666729&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=U7fDDlR1HL&p=http%3A//amp-hair203.com&dtd=297

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304100101/show_ads_impl_fy2021.js?bust=31073762

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45d06e62303223a5633371ca2f39f30a8c72de97c8cce76266756a29905b845b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://amp-hair203.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 32988
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 08:20:17 GMT
expires: Fri, 14 Apr 2023 08:20:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F028 93 KB
33 KB 410ms
410ms Document
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1985128326793428&output=html&h=280&slotname=5878542993&adk=3850978988&adf=43369503&pi=t.ma~as.5878542993&w=336&lmt=1681460417&format=336x280&url=http%3A%2F%2Famp-hair203.com%2F&wgl=1&dt=1681460417110&bpp=1&bdt=276&idt=299&shv=r20230412&mjsv=m202304100101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=7059222148692&frm=20&pv=1&ga_vid=1710795840.1681460417&ga_sid=1681460417&ga_hid=234092142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=2643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073762&oid=2&pvsid=255575912317066&tmod=1680666729&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=UzNFpafwem&p=http%3A//amp-hair203.com&dtd=303

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304100101/show_ads_impl_fy2021.js?bust=31073762

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fe4ddd4d65e20bf058455be00e691c6f040df69e88746198c6fe866bff6d51a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://amp-hair203.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33653
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 08:20:17 GMT
expires: Fri, 14 Apr 2023 08:20:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 84B2 0
180 B 44ms
44ms Document
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1985128326793428&output=html&adk=1812271804&adf=3025194257&lmt=1681460417&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C260x1080_r&format=0x0&url=http%3A%2F%2Famp-hair203.com%2F&ea=0&pra=7&wgl=1&dt=1681460417126&bpp=2&bdt=293&idt=290&shv=r20230412&mjsv=m202304100101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&nras=1&correlator=7059222148692&frm=20&pv=1&ga_vid=1710795840.1681460417&ga_sid=1681460417&ga_hid=234092142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073762&oid=2&pvsid=255575912317066&tmod=1680666729&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=304

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304100101/show_ads_impl_fy2021.js?bust=31073762

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://amp-hair203.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 08:20:17 GMT
expires: Fri, 14 Apr 2023 08:20:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 38ms
38ms Ping
text/plain 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TELSNNSKSQ&gtm=45je34c0&_p=234092142&cid=1710795840.1681460417&ul=en-us&sr=1600x1200&ir=1&_eu=EBA&_s=1&sid=1681460417&sct=1&seg=0&dl=http%3A%2F%2Famp-hair203.com%2F&dt=%E8%A5%BF%E6%98%8E%E7%9F%B3%E3%81%AE%E7%BE%8E%E5%AE%B9%E9%99%A2%E3%83%BB%E7%BE%8E%E5%AE%B9%E5%AE%A4%E2%80%9Da.m.p%20hair%E2%80%9D%E5%8F%A3%E3%82%B3%E3%83%9F%E3%83%BB%E7%B4%B9%E4%BB%8B%E3%81%A7%E4%BA%BA%E6%B0%97%E3%81%AE%E3%83%98%E3%82%A2%E3%82%B5%E3%83%AD%E3%83%B3&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TELSNNSKSQ&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://amp-hair203.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 425A 8 KB
4 KB 43ms
2ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1985128326793428&output=html&h=280&slotname=5878542993&adk=561436596&adf=2510424490&pi=t.ma~as.5878542993&w=336&lmt=1681460417&format=336x280&url=http%3A%2F%2Famp-hair203.com%2F&wgl=1&dt=1681460417107&bpp=3&bdt=274&idt=276&shv=r20230412&mjsv=m202304100101&ptt=9&saldr=aa&abxe=1&correlator=7059222148692&frm=20&pv=2&ga_vid=1710795840.1681460417&ga_sid=1681460417&ga_hid=234092142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=1258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073762&oid=2&pvsid=255575912317066&tmod=1680666729&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=U7fDDlR1HL&p=http%3A//amp-hair203.com&dtd=297

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78cad1fb95d1e9bbe4a7b1f90fa38ef699314ee65bf914e65ffae62005103a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:33:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3465
x-xss-protection: 0
server: cafe
etag: 6788195977828770272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:33:19 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 425A 1 KB
483 B 46ms
44ms Stylesheet
text/css 2404:6800:4004:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%82%A7%E3%82%B9%E6%A5%BD%E4%BD%8D%E3%80%90%E5%A4%A9%E3%82%A5%EF%BC%81%E5%8B%95%E3%81%9F%E3%83%BC%E3%81%AE%E3%81%A8%E3%82%89%E3%80%8D%E3%81%A3%E6%BF%80%E8%8F%8C%E6%AE%BA%E5%A1%97%E5%A4%89%E3%80%91%E6%84%9F%E3%82%8B%E7%88%AA1%E5%8E%9A%E3%81%95%E3%82%B8%E3%80%8C%E5%88%86%E3%83%AB%E3%81%AB%E8%89%B2%E3%83%BB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52100f80262a5d4ad0270ae3f2e8bc90bca11de2872ec5e3a38682f9779f64ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Apr 2023 08:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 08:20:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Apr 2023 08:20:17 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 425A 2 KB
818 B 5ms
3ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:29:13 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame 425A 22 KB
9 KB 44ms
4ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:29:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 425A 3 KB
1 KB 4ms
2ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:29:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 425A 20 KB
8 KB 44ms
4ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:29:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 425A 159 KB
49 KB 119ms
72ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Apr 2023 08:20:17 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 425A 33 KB
14 KB 50ms
3ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 15:09:39 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 425A 0
0 53ms
53ms Fetch
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6JojwQw5ZPS_Gq2P29gPt5GKcMv1lv9v29b95aoRv-EeEAEg4rj4NGCJ88WE9BOgAZ6k9JUDyAEJqQLBRslKczdAPqgDAcgDywSqBNgBT9BxLRBUKXLtqud_MNhx0a0SLypQnj0QBtDqGyyRVRfsFOqlqxKlnwl0Gw-87xh8Z5RVk1Mf2w8G497-h752jHy1E4c6i__RbMVzzBaoMav5WstIqiwL6O8JsooDFFYzTbadu076h5PtpONMeWg-y9FpzyGKnszS99h9ez1mIp-1C6pf5pXVxsYniYXq6J8NtTPBh25rQa_V7Cz9w0GTkL0yxtRc-ZhKmZDJDnzhqUxolEbr2tHm0j2LTi9IVoQKBa0K_oep-vyiSVo9DXxLJ9QJJYrM1F3awATR2MqfowSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHytuLaqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJmyDNIIDwiAYRABGB8yAooCOgKAQIAKAcgLAbgT5APYEwyIFALQFQGYFgGAFwGyFxwKGggAEhRwdWItMTk4NTEyODMyNjc5MzQyOBgA&sigh=vgZGFEMvsGk&uach_m=[UACH]&cid=CAQSGwBygQiDHDnvdM6jkpxxbUCNe__2lNqKKH0koRgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1985128326793428&output=html&h=280&slotname=5878542993&adk=561436596&adf=2510424490&pi=t.ma~as.5878542993&w=336&lmt=1681460417&format=336x280&url=http%3A%2F%2Famp-hair203.com%2F&wgl=1&dt=1681460417107&bpp=3&bdt=274&idt=276&shv=r20230412&mjsv=m202304100101&ptt=9&saldr=aa&abxe=1&correlator=7059222148692&frm=20&pv=2&ga_vid=1710795840.1681460417&ga_sid=1681460417&ga_hid=234092142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=1258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073762&oid=2&pvsid=255575912317066&tmod=1680666729&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=U7fDDlR1HL&p=http%3A//amp-hair203.com&dtd=297
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Apr 2023 08:20:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 14 Apr 2023 08:20:17 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/7819165835088003900/ Frame 425A 34 KB
34 KB 5ms
3ms Image
image/jpeg 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7819165835088003900/2076313506083323656

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fe28efd1bf1d2628cf8ef17b19bda3585bbf58fc96db5d8d1ed2e9eb2a5b4e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 23:44:52 GMT
x-content-type-options: nosniff
age: 30925
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34506
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 00:42:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 12 Apr 2024 23:44:52 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/12980324145893222333/ Frame 425A 3 KB
4 KB 6ms
4ms Image
image/jpeg 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12980324145893222333/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62d60a01e048100a90d879edb0a5ce713ad4be4fc31d11bc16af38c7fe33ac0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 20:10:56 GMT
x-content-type-options: nosniff
age: 302961
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3471
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 15:55:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 09 Apr 2024 20:10:56 GMT

GET
DATA 200
OK truncated
/ Frame 425A 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame F028 8 KB
3 KB 3ms
2ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1985128326793428&output=html&h=280&slotname=5878542993&adk=3850978988&adf=43369503&pi=t.ma~as.5878542993&w=336&lmt=1681460417&format=336x280&url=http%3A%2F%2Famp-hair203.com%2F&wgl=1&dt=1681460417110&bpp=1&bdt=276&idt=299&shv=r20230412&mjsv=m202304100101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=7059222148692&frm=20&pv=1&ga_vid=1710795840.1681460417&ga_sid=1681460417&ga_hid=234092142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=2643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073762&oid=2&pvsid=255575912317066&tmod=1680666729&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=UzNFpafwem&p=http%3A//amp-hair203.com&dtd=303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78cad1fb95d1e9bbe4a7b1f90fa38ef699314ee65bf914e65ffae62005103a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:33:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3465
x-xss-protection: 0
server: cafe
etag: 6788195977828770272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:33:19 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F028 1 KB
387 B 42ms
41ms Stylesheet
text/css 2404:6800:4004:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E5%A4%89%E3%81%A3%E8%8F%8C%E4%BD%8D%E3%82%89%E3%81%AE%E5%A1%97%E3%83%BC%E3%80%8D%E5%8B%95%E3%82%A5%E5%A4%A9%E7%88%AA1%E3%81%9F%E3%81%A8%E3%80%90%E3%82%B9%E3%82%A7%E8%89%B2%E3%81%AB%E6%AE%BA%E3%83%BB%E6%BF%80%E6%84%9F%E3%83%AB%E3%80%8C%E5%88%86%E3%82%B8%EF%BC%81%E3%81%95%E5%8E%9A%E3%82%8B%E6%A5%BD%E3%80%91

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1985128326793428&output=html&h=280&slotname=5878542993&adk=3850978988&adf=43369503&pi=t.ma~as.5878542993&w=336&lmt=1681460417&format=336x280&url=http%3A%2F%2Famp-hair203.com%2F&wgl=1&dt=1681460417110&bpp=1&bdt=276&idt=299&shv=r20230412&mjsv=m202304100101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=7059222148692&frm=20&pv=1&ga_vid=1710795840.1681460417&ga_sid=1681460417&ga_hid=234092142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=2643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073762&oid=2&pvsid=255575912317066&tmod=1680666729&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=UzNFpafwem&p=http%3A//amp-hair203.com&dtd=303

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52100f80262a5d4ad0270ae3f2e8bc90bca11de2872ec5e3a38682f9779f64ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Apr 2023 08:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 08:20:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Apr 2023 08:20:17 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame F028 2 KB
799 B 3ms
2ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1985128326793428&output=html&h=280&slotname=5878542993&adk=3850978988&adf=43369503&pi=t.ma~as.5878542993&w=336&lmt=1681460417&format=336x280&url=http%3A%2F%2Famp-hair203.com%2F&wgl=1&dt=1681460417110&bpp=1&bdt=276&idt=299&shv=r20230412&mjsv=m202304100101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=7059222148692&frm=20&pv=1&ga_vid=1710795840.1681460417&ga_sid=1681460417&ga_hid=234092142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=2643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073762&oid=2&pvsid=255575912317066&tmod=1680666729&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=UzNFpafwem&p=http%3A//amp-hair203.com&dtd=303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:29:13 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame F028 22 KB
9 KB 4ms
3ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1985128326793428&output=html&h=280&slotname=5878542993&adk=3850978988&adf=43369503&pi=t.ma~as.5878542993&w=336&lmt=1681460417&format=336x280&url=http%3A%2F%2Famp-hair203.com%2F&wgl=1&dt=1681460417110&bpp=1&bdt=276&idt=299&shv=r20230412&mjsv=m202304100101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=7059222148692&frm=20&pv=1&ga_vid=1710795840.1681460417&ga_sid=1681460417&ga_hid=234092142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=2643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073762&oid=2&pvsid=255575912317066&tmod=1680666729&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=UzNFpafwem&p=http%3A//amp-hair203.com&dtd=303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:29:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame F028 3 KB
1 KB 3ms
3ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1985128326793428&output=html&h=280&slotname=5878542993&adk=3850978988&adf=43369503&pi=t.ma~as.5878542993&w=336&lmt=1681460417&format=336x280&url=http%3A%2F%2Famp-hair203.com%2F&wgl=1&dt=1681460417110&bpp=1&bdt=276&idt=299&shv=r20230412&mjsv=m202304100101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=7059222148692&frm=20&pv=1&ga_vid=1710795840.1681460417&ga_sid=1681460417&ga_hid=234092142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=2643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073762&oid=2&pvsid=255575912317066&tmod=1680666729&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=UzNFpafwem&p=http%3A//amp-hair203.com&dtd=303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:29:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame F028 20 KB
8 KB 4ms
4ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1985128326793428&output=html&h=280&slotname=5878542993&adk=3850978988&adf=43369503&pi=t.ma~as.5878542993&w=336&lmt=1681460417&format=336x280&url=http%3A%2F%2Famp-hair203.com%2F&wgl=1&dt=1681460417110&bpp=1&bdt=276&idt=299&shv=r20230412&mjsv=m202304100101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=7059222148692&frm=20&pv=1&ga_vid=1710795840.1681460417&ga_sid=1681460417&ga_hid=234092142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=2643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073762&oid=2&pvsid=255575912317066&tmod=1680666729&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=UzNFpafwem&p=http%3A//amp-hair203.com&dtd=303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:29:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F028 159 KB
49 KB 55ms
55ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1985128326793428&output=html&h=280&slotname=5878542993&adk=3850978988&adf=43369503&pi=t.ma~as.5878542993&w=336&lmt=1681460417&format=336x280&url=http%3A%2F%2Famp-hair203.com%2F&wgl=1&dt=1681460417110&bpp=1&bdt=276&idt=299&shv=r20230412&mjsv=m202304100101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=7059222148692&frm=20&pv=1&ga_vid=1710795840.1681460417&ga_sid=1681460417&ga_hid=234092142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=2643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073762&oid=2&pvsid=255575912317066&tmod=1680666729&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=UzNFpafwem&p=http%3A//amp-hair203.com&dtd=303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Apr 2023 08:20:17 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame F028 33 KB
14 KB 17ms
4ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1985128326793428&output=html&h=280&slotname=5878542993&adk=3850978988&adf=43369503&pi=t.ma~as.5878542993&w=336&lmt=1681460417&format=336x280&url=http%3A%2F%2Famp-hair203.com%2F&wgl=1&dt=1681460417110&bpp=1&bdt=276&idt=299&shv=r20230412&mjsv=m202304100101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=7059222148692&frm=20&pv=1&ga_vid=1710795840.1681460417&ga_sid=1681460417&ga_hid=234092142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=2643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073762&oid=2&pvsid=255575912317066&tmod=1680666729&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=UzNFpafwem&p=http%3A//amp-hair203.com&dtd=303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 15:09:39 GMT

GET
DATA 200
OK truncated
/ Frame 425A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ba6edebf7db013be1cb824cff5d448b8130dd5faaa279643c6188a3ef87321b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F028 0
0 51ms
50ms Fetch
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Clc_vwQw5ZKmpG8WP29gPqf6roAbL9Zb_b9vW_eWqEb_hHhABIOK4-DRgifPFhPQToAGepPSVA8gBCakCwUbJSnM3QD6oAwHIA8sEqgTbAU_Q82yq3S3vxBujgPXxDiMWGg8BKsI__zGcqxDs0_nBq9l6_8rgdwgFbLxELxY8RnbzrgIYB4EOwHJdROJ0nUCSlLCQWX5DBKO0tcnN2zDR36g-poKkDzTFOtnX2xx3chocyXHOdE2NS4121s3Nb9eVYJKnHj0ksr0JFG_1Cj4T-FSoY5yVgviAOOZBoVUQLzcng_Ywr9Yr2S4T1wlrGRelDhIWvLRWDWdomR7phC_Go3jSWIai_6qc7gTaMNIZPQ-PQ4R8kpj--_A52tU9FQNVj1JWw8rya072w8AE0djKn6MEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8rbi2qoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDmkQXSCA8IgGEQARgfMgKKAjoCgECACgHICwG4E-QD2BMMiBQC0BUBmBYBgBcBshccChoIABIUcHViLTE5ODUxMjgzMjY3OTM0MjgYAA&sigh=bDEVcdxK9m0&uach_m=[UACH]&cid=CAQSGwBygQiDZJOzb9FkqrBI36Tw1g1AXjozLYL2uBgB&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1985128326793428&output=html&h=280&slotname=5878542993&adk=3850978988&adf=43369503&pi=t.ma~as.5878542993&w=336&lmt=1681460417&format=336x280&url=http%3A%2F%2Famp-hair203.com%2F&wgl=1&dt=1681460417110&bpp=1&bdt=276&idt=299&shv=r20230412&mjsv=m202304100101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=7059222148692&frm=20&pv=1&ga_vid=1710795840.1681460417&ga_sid=1681460417&ga_hid=234092142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=2643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073762&oid=2&pvsid=255575912317066&tmod=1680666729&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=UzNFpafwem&p=http%3A//amp-hair203.com&dtd=303

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1985128326793428&output=html&h=280&slotname=5878542993&adk=3850978988&adf=43369503&pi=t.ma~as.5878542993&w=336&lmt=1681460417&format=336x280&url=http%3A%2F%2Famp-hair203.com%2F&wgl=1&dt=1681460417110&bpp=1&bdt=276&idt=299&shv=r20230412&mjsv=m202304100101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=7059222148692&frm=20&pv=1&ga_vid=1710795840.1681460417&ga_sid=1681460417&ga_hid=234092142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=2643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073762&oid=2&pvsid=255575912317066&tmod=1680666729&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=UzNFpafwem&p=http%3A//amp-hair203.com&dtd=303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Apr 2023 08:20:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 14 Apr 2023 08:20:17 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/7819165835088003900/ Frame F028 34 KB
34 KB 4ms
4ms Image
image/jpeg 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7819165835088003900/2076313506083323656

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1985128326793428&output=html&h=280&slotname=5878542993&adk=3850978988&adf=43369503&pi=t.ma~as.5878542993&w=336&lmt=1681460417&format=336x280&url=http%3A%2F%2Famp-hair203.com%2F&wgl=1&dt=1681460417110&bpp=1&bdt=276&idt=299&shv=r20230412&mjsv=m202304100101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=7059222148692&frm=20&pv=1&ga_vid=1710795840.1681460417&ga_sid=1681460417&ga_hid=234092142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=2643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073762&oid=2&pvsid=255575912317066&tmod=1680666729&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=UzNFpafwem&p=http%3A//amp-hair203.com&dtd=303

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fe28efd1bf1d2628cf8ef17b19bda3585bbf58fc96db5d8d1ed2e9eb2a5b4e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 23:44:52 GMT
x-content-type-options: nosniff
age: 30925
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34506
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 00:42:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 12 Apr 2024 23:44:52 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12980324145893222333/ Frame F028 3 KB
3 KB 3ms
3ms Image
image/jpeg 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12980324145893222333/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1985128326793428&output=html&h=280&slotname=5878542993&adk=3850978988&adf=43369503&pi=t.ma~as.5878542993&w=336&lmt=1681460417&format=336x280&url=http%3A%2F%2Famp-hair203.com%2F&wgl=1&dt=1681460417110&bpp=1&bdt=276&idt=299&shv=r20230412&mjsv=m202304100101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=7059222148692&frm=20&pv=1&ga_vid=1710795840.1681460417&ga_sid=1681460417&ga_hid=234092142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=2643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073762&oid=2&pvsid=255575912317066&tmod=1680666729&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=UzNFpafwem&p=http%3A//amp-hair203.com&dtd=303

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62d60a01e048100a90d879edb0a5ce713ad4be4fc31d11bc16af38c7fe33ac0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 20:10:56 GMT
x-content-type-options: nosniff
age: 302961
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3471
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 15:55:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 09 Apr 2024 20:10:56 GMT

GET
DATA 200
OK truncated
/ Frame F028 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F028 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b44142b7e0dbd5a63bf933419c6caa70c50e7c23ce76c9670d4314d91fedadd4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 app.css
static.ekiten.jp/css/pc/ Frame 9D3B 194 KB
30 KB 81ms
4ms Stylesheet
text/css 2600:9000:2138:b200:18:a16b:fc80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ekiten.jp/css/pc/app.css?update=20230403
Requested by: Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2138:b200:18:a16b:fc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cdd2bb2f7e3649ac31f7106678eee60cadfa6c5b7e0bb3386b76297337771742

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: JSesSLJbpfSiFtI5AudqLoILFrTugjYp
content-encoding: gzip
via: 1.1 f227d65e557c0035788e7808ccccd7d8.cloudfront.net (CloudFront)
date: Thu, 13 Apr 2023 14:47:33 GMT
last-modified: Wed, 12 Apr 2023 07:52:41 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-C2
age: 63165
x-amz-server-side-encryption: AES256
etag: W/"3018eff86ba876530fbcb5881fc118f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: MtflUAiZn1dY1jrVSuOcQXNisT5TQtBMKpxmSJdW6A2vR8KIiLsC8A==

GET
H2 200 shop.css
static.ekiten.jp/css/sp/ Frame 9D3B 23 KB
6 KB 80ms
4ms Stylesheet
text/css 2600:9000:2138:b200:18:a16b:fc80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ekiten.jp/css/sp/shop.css?update=EKIUSER-63
Requested by: Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2138:b200:18:a16b:fc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d0521c5ba590b9521df405eb08c9ed17a8bca20b0c0105077ffb2d1a71b6312

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 17:21:13 GMT
x-amz-version-id: 6nfodvgYN.6jXE4yBNfY3QVJ35rQCaCO
content-encoding: br
last-modified: Thu, 13 Apr 2023 06:20:53 GMT
server: AmazonS3
via: 1.1 f227d65e557c0035788e7808ccccd7d8.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C2
etag: W/"c8a9c36d4f485715a5b2b738214a3bf2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
age: 53945
x-amz-cf-id: uihtlmUyo2TiAII6ocfd0Gs_hGbWCoFd2hm94zMgwxPN1zaxmQFIVQ==

GET
H2 200 wrapper.min.js Show response
cpt.geniee.jp/hb/v1/216871/751/ Frame 9D3B 15 KB
3 KB 26ms
2ms Script
application/javascript 133.186.12.13
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://cpt.geniee.jp/hb/v1/216871/751/wrapper.min.js
Requested by: Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.13 Minatomirai, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p013.net133186012.broadline.ne.jp
Software: nginx /
Resource Hash: 2bcc6a54520a4230156f441c18c568d6e9b92c3ed795191ba869e09c5ead2071

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:17 GMT
content-encoding: gzip
last-modified: Fri, 14 Apr 2023 01:05:36 GMT
server: nginx
etag: W/"6438a6e0-3a32"
content-type: application/javascript
cache-control: max-age=3600, private
cross-origin-resource-policy: cross-origin
expires: Fri, 14 Apr 2023 09:20:17 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/ja_JP/ Frame 9D3B 3 KB
2 KB 7ms
5ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/sdk.js

Requested by

Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bdb30e5b6744f9b072731980ce9d8b0bd39d0c97d0b8c4670e5925263666fa55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.ekiten.jp/
Origin: https://www.ekiten.jp
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Apr 2023 08:20:17 GMT
content-md5: +dGGTp0xrmCnHtvBBFR7vQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: qSdVEKOZCzkCJy8qGY4bTsha2nW2bvESZvP+vDezaz8Y8ArGBlXgiYz07ZGhBH8opg6T0E/JgAgvZhCoCbJ31g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: d0dfd0a20a9332242282468b9e2bdd86
cross-origin-opener-policy: same-origin-allow-popups
etag: "b8c7c883119ecaa61c7fe5db5f49bfe8"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Fri, 14 Apr 2023 08:21:00 GMT

GET
H2 200 logo.svg
static.ekiten.jp/image/ Frame 9D3B 2 KB
1 KB 20ms
9ms Image
image/svg+xml 2600:9000:2138:b200:18:a16b:fc80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ekiten.jp/image/logo.svg
Requested by: Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2138:b200:18:a16b:fc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0082622da8888f30332703c1f826441abb83ce6ebaf5449059812453e347f59f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 17:20:22 GMT
x-amz-version-id: X2Bp1mG67yNOHci7aSzto90G6U41Y0Uf
content-encoding: br
last-modified: Thu, 13 Apr 2023 06:20:54 GMT
server: AmazonS3
via: 1.1 f227d65e557c0035788e7808ccccd7d8.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C2
etag: W/"c04f16435adce659ce8d07e894ccb043"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
age: 53996
x-amz-cf-id: NUisJ6RQXyB15gJpKozGHy5YfuOSnnwSb56z1DDlhC_pJb-Mgga4dQ==

GET
H2 200 icon_map.svg
static.ekiten.jp/image/ Frame 9D3B 2 KB
1 KB 21ms
10ms Image
image/svg+xml 2600:9000:2138:b200:18:a16b:fc80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ekiten.jp/image/icon_map.svg
Requested by: Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2138:b200:18:a16b:fc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2308ab983370f5963bd916e15e763d92729f403752c87eb6746b8977ce47bf4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:43:53 GMT
x-amz-version-id: yIFs9mMK5.Uw5KPwigTynjDKxfWWV58u
content-encoding: gzip
last-modified: Thu, 13 Apr 2023 06:20:54 GMT
server: AmazonS3
via: 1.1 f227d65e557c0035788e7808ccccd7d8.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C2
etag: W/"598f2c6e415120ee841d0c3d91fcb063"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
age: 81385
x-amz-cf-id: B4x1lVFDuonppCu4wnhHtTDhvK_vE32PxfhZ_sFAL0fTBKGuztd5dA==

GET
H2 200 avatar_noImage.svg
static.ekiten.jp/image/ Frame 9D3B 1 KB
934 B 21ms
10ms Image
image/svg+xml 2600:9000:2138:b200:18:a16b:fc80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ekiten.jp/image/avatar_noImage.svg
Requested by: Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2138:b200:18:a16b:fc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ebd93687ee629c480e25db1c7ef18f53f7cfdc7cc600d39b365a4718af10c99

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 10:49:02 GMT
x-amz-version-id: 1esmLIxGp7yNYkixvuyzbnuwiThcJ17g
content-encoding: gzip
last-modified: Thu, 13 Apr 2023 06:20:54 GMT
server: AmazonS3
via: 1.1 f227d65e557c0035788e7808ccccd7d8.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C2
etag: W/"679f3cdd04a9748d0638ede041a994a0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
age: 77476
x-amz-cf-id: OX6J8yC3t_Cs5DhgkIyi27znacrGm4U8X9o8UihP4FuzRDzBBxPIIQ==

GET
H2 200 1393363_20150602150925.jpg
image.ekiten.jp/shop/6992886/ Frame 9D3B 16 KB
16 KB 43ms
18ms Image
image/jpeg 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.ekiten.jp/shop/6992886/1393363_20150602150925.jpg
Requested by: Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9660784ea56d948e4e76f033bb970464d161039b8096ab6af27e391000184198

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:18 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS
fastly-io-info: ifsz=41407 idim=300x200 ifmt=jpeg ofsz=15957 odim=300x200 ofmt=jpeg
x-amz-meta-file-mtime: 1433225365000000000ns
fastly-stats: io=1
x-amz-meta-file-atime: 1577257251000000000ns
x-amz-meta-file-group: 65534
content-length: 15957
x-served-by: cache-tyo11967-TYO, cache-nrt-rjtf7700041-NRT
server: AmazonS3
x-amz-meta-file-permissions: 100644
x-timer: S1681460418.999861,VS0,VE18
etag: "xPhZFutGP6aurAag5LrIcvZWeCfzFeoQmCO1UIUXsUY"
x-amz-meta-user-agent: aws-datasync/3.8.3.0-f4390afa
content-type: image/jpeg
x-amz-meta-file-owner: 65534
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 1577450_20151107193202.jpg
image.ekiten.jp/shop/6992886/ Frame 9D3B 17 KB
18 KB 28ms
3ms Image
image/jpeg 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.ekiten.jp/shop/6992886/1577450_20151107193202.jpg?1to1_m
Requested by: Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a3c48d54d805bc3d81c5b0d2020a7146dcb8cef1574bef1bec0df9dfa8e2e72

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:18 GMT
via: 1.1 varnish, 1.1 varnish
age: 783838
x-amz-server-side-encryption: AES256
x-cache: MISS, HIT
fastly-io-info: ifsz=101090 idim=450x300 ifmt=jpeg ofsz=17892 odim=300x300 ofmt=jpeg
x-amz-meta-file-mtime: 1446892322000000000ns
fastly-stats: io=1
x-amz-meta-file-atime: 1577257255000000000ns
x-amz-meta-file-group: 65534
content-length: 17892
x-served-by: cache-tyo11977-TYO, cache-nrt-rjtf7700041-NRT
server: AmazonS3
x-amz-meta-file-permissions: 100644
x-timer: S1681460418.000102,VS0,VE2
etag: "63BcVZdrfQfeqniEoz+yFN0zLQyBm0VQJfm9jX9OLKk"
x-amz-meta-user-agent: aws-datasync/3.8.3.0-f4390afa
content-type: image/jpeg
x-amz-meta-file-owner: 65534
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 1577451_20151107193216.jpg
image.ekiten.jp/shop/6992886/ Frame 9D3B 20 KB
21 KB 29ms
4ms Image
image/jpeg 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.ekiten.jp/shop/6992886/1577451_20151107193216.jpg?1to1_m
Requested by: Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d4cd1bde0309ed06b35ae6715790db6870a9ec5e8910c5d350eaebcf692c400

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:18 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
fastly-io-info: ifsz=112407 idim=450x300 ifmt=jpeg ofsz=20778 odim=300x300 ofmt=jpeg
x-amz-meta-file-mtime: 1446892337000000000ns
fastly-stats: io=1
x-amz-meta-file-atime: 1577257255000000000ns
x-amz-meta-file-group: 65534
content-length: 20778
x-served-by: cache-tyo11976-TYO, cache-nrt-rjtf7700041-NRT
server: AmazonS3
x-amz-meta-file-permissions: 100644
x-timer: S1681460418.000106,VS0,VE3
etag: "dqsPekLmnnKhlS7cRR0hRmeI9qlOHkb0VzCTrXGkUj0"
x-amz-meta-user-agent: aws-datasync/3.8.3.0-f4390afa
content-type: image/jpeg
x-amz-meta-file-owner: 65534
accept-ranges: bytes
x-cache-hits: 4, 0

GET
H2 200 1577452_20151107193227.jpg
image.ekiten.jp/shop/6992886/ Frame 9D3B 15 KB
15 KB 29ms
4ms Image
image/jpeg 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.ekiten.jp/shop/6992886/1577452_20151107193227.jpg?1to1_m
Requested by: Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13216ffdb40fb2890d9d0680e1ceb1e6bafae2425b18b08c79c2b0be6687b413

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:18 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
fastly-io-info: ifsz=85751 idim=450x300 ifmt=jpeg ofsz=15127 odim=300x300 ofmt=jpeg
x-amz-meta-file-mtime: 1446892347000000000ns
fastly-stats: io=1
x-amz-meta-file-atime: 1577257255000000000ns
x-amz-meta-file-group: 65534
content-length: 15127
x-served-by: cache-tyo11940-TYO, cache-nrt-rjtf7700041-NRT
server: AmazonS3
x-amz-meta-file-permissions: 100644
x-timer: S1681460418.000586,VS0,VE3
etag: "FfyOcwvkXsojkqEqQ1XvxQ1b60oI+2lUJ8e4hSxyZ6E"
x-amz-meta-user-agent: aws-datasync/3.8.3.0-f4390afa
content-type: image/jpeg
x-amz-meta-file-owner: 65534
accept-ranges: bytes
x-cache-hits: 4, 0

GET
H2 200 01_20151107131254.jpg
image.ekiten.jp/shop/6992886/ Frame 9D3B 18 KB
19 KB 26ms
1ms Image
image/jpeg 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.ekiten.jp/shop/6992886/01_20151107131254.jpg?1to1_m
Requested by: Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1bb3177a280da929d7a0b250524c993c94935bdecb7acf1e53e788aff7150795

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:18 GMT
via: 1.1 varnish, 1.1 varnish
age: 462090
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=124188 idim=960x640 ifmt=jpeg ofsz=18514 odim=400x400 ofmt=jpeg
x-amz-meta-file-mtime: 1446869575000000000ns
fastly-stats: io=1
x-amz-meta-file-atime: 1577257251000000000ns
x-amz-meta-file-group: 65534
content-length: 18514
x-served-by: cache-tyo11961-TYO, cache-nrt-rjtf7700041-NRT
server: AmazonS3
x-amz-meta-file-permissions: 100644
x-timer: S1681460418.000366,VS0,VE1
etag: "bOXZY+zW2iPjeTWtMY6w31+G0R14sloH8mknbCapfcE"
x-amz-meta-user-agent: aws-datasync/3.8.3.0-f4390afa
content-type: image/jpeg
x-amz-meta-file-owner: 65534
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 02_20151107131254.jpg
image.ekiten.jp/shop/6992886/ Frame 9D3B 21 KB
22 KB 27ms
2ms Image
image/jpeg 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.ekiten.jp/shop/6992886/02_20151107131254.jpg?1to1_m
Requested by: Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf6fe71ed0f0b16b068ae2d2af84182da680c56d455f68d20ab9bdfb30a1f119

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:18 GMT
via: 1.1 varnish, 1.1 varnish
age: 462090
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=149712 idim=960x640 ifmt=jpeg ofsz=21973 odim=400x400 ofmt=jpeg
x-amz-meta-file-mtime: 1446869575000000000ns
fastly-stats: io=1
x-amz-meta-file-atime: 1577257251000000000ns
x-amz-meta-file-group: 65534
content-length: 21973
x-served-by: cache-tyo11922-TYO, cache-nrt-rjtf7700041-NRT
server: AmazonS3
x-amz-meta-file-permissions: 100644
x-timer: S1681460418.000278,VS0,VE1
etag: "R/IwwpxCRvSW4fD15B52MlaQuSwUa8XT+aOYb6Bq0f4"
x-amz-meta-user-agent: aws-datasync/3.8.3.0-f4390afa
content-type: image/jpeg
x-amz-meta-file-owner: 65534
accept-ranges: bytes
x-cache-hits: 4, 1

GET
H2 200 1548117_20151010162306.jpg
image.ekiten.jp/shop/6992886/ Frame 9D3B 17 KB
17 KB 169ms
162ms Image
image/jpeg 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.ekiten.jp/shop/6992886/1548117_20151010162306.jpg?1to1_m
Requested by: Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c74ca5b8da1ed0a276b95c9b2d7719e1ef6c9e08b06d0728c5e0ad4397ecbda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:18 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS
fastly-io-info: ifsz=57086 idim=300x450 ifmt=jpeg ofsz=17667 odim=300x300 ofmt=jpeg
x-amz-meta-file-mtime: 1444461786000000000ns
fastly-stats: io=1
x-amz-meta-file-atime: 1577257254000000000ns
x-amz-meta-file-group: 65534
content-length: 17667
x-served-by: cache-tyo11950-TYO, cache-nrt-rjtf7700041-NRT
server: AmazonS3
x-amz-meta-file-permissions: 100644
x-timer: S1681460418.004534,VS0,VE162
etag: "yY3ybkvMb8saiowo23XIHeoJ4hD1XnFfVgyJjnqgzoc"
x-amz-meta-user-agent: aws-datasync/3.8.3.0-f4390afa
content-type: image/jpeg
x-amz-meta-file-owner: 65534
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 icon_visa.png
static.ekiten.jp/image/ Frame 9D3B 4 KB
4 KB 21ms
11ms Image
image/png 2600:9000:2138:b200:18:a16b:fc80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ekiten.jp/image/icon_visa.png
Requested by: Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2138:b200:18:a16b:fc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5e0669eaa50c85937ff58cc1b2ab963e6b71b721b7dd759220a1880268d38f4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: rA5GarbfHNGiH38aFnL6JhXysTC5HKjF
date: Fri, 14 Apr 2023 08:19:58 GMT
via: 1.1 f227d65e557c0035788e7808ccccd7d8.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 06:20:54 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-C2
age: 20
x-amz-server-side-encryption: AES256
etag: "4a51fccd26b263a94c867762779ce63a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 3631
x-amz-cf-id: rSazntXYOGue8YpRo1Zfw4_rDFLG0HPg3hyISqRThS71v6-UC1OTHg==

GET
H2 200 icon_mastercard.png
static.ekiten.jp/image/ Frame 9D3B 3 KB
3 KB 21ms
10ms Image
image/png 2600:9000:2138:b200:18:a16b:fc80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ekiten.jp/image/icon_mastercard.png
Requested by: Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2138:b200:18:a16b:fc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e14cd4399cd220e28e5e4a3b523b6fee2452c416c0aab1e421a3353822ba73a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: Gaetfgr4IrDBoSyMu.PSh8I1s_iZOF5p
date: Thu, 13 Apr 2023 11:15:22 GMT
via: 1.1 f227d65e557c0035788e7808ccccd7d8.cloudfront.net (CloudFront)
last-modified: Wed, 12 Apr 2023 07:52:42 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-C2
age: 75896
x-amz-server-side-encryption: AES256
etag: "3686c019b99c1cc70fdd4a4c76f59e90"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2610
x-amz-cf-id: iQZTPjO_sb_9Rq0RaJCD1rBbvxFY_8bUnVXAol_1sJPAUxIRASyD9A==

GET
H2 200 loader.min.js Show response
www.line-website.com/social-plugins/js/thirdparty/ Frame 9D3B 5 KB
2 KB 238ms
4ms Script
application/javascript 2600:9000:21d2:6000:18:6371:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.line-website.com/social-plugins/js/thirdparty/loader.min.js

Requested by

Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21d2:6000:18:6371:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

VOS /

Resource Hash

9f4fff267e575509a2fab753d83a325fdf8bd3d24eb7c21674a588191ec0599e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 08:21:10 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
via: 1.1 0c88657c2af66b08e91c901fabaeae8a.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C4
age: 604748
x-cache: Hit from cloudfront
x-amz-storage-class: STANDARD
last-modified: Tue, 14 Mar 2023 04:54:18 GMT
server: VOS
x-amz-meta-s3cmd-attrs: md5:8e50c4d0b7f2c69fe4b07b078876770b
etag: W/"8e50c4d0b7f2c69fe4b07b078876770b"
vary: Accept-Encoding,Origin
content-type: application/javascript
x-rgw-object-type: Normal
cache-control: public, max-age=604800
x-amz-cf-id: LaGlgNifGg3cDYh5CkF92l2Ah2PL7KdpsFKaZj_Y-T58lQKvZE10Zw==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ Frame 9D3B 91 KB
28 KB 564ms
139ms Script
application/javascript 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mbw/4798) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:18 GMT
Content-Encoding: gzip
Age: 1056
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (mbw/4798)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 20200220101217_1.jpg
image.ekiten.jp/shop/12721901/ Frame 9D3B 10 KB
10 KB 7ms
1ms Image
image/jpeg 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.ekiten.jp/shop/12721901/20200220101217_1.jpg?1to1_s
Requested by: Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 134bdfa1e5d56eef6b96009c6902c40e7688e45853b4315583672f48dddf1ba7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:18 GMT
via: 1.1 varnish, 1.1 varnish
age: 1488698
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=496293 idim=873x1000 ifmt=jpeg ofsz=10030 odim=200x200 ofmt=jpeg
x-amz-meta-file-mtime: 1624852260230000000ns
fastly-stats: io=1
x-amz-meta-file-atime: 1624852260230000000ns
x-amz-meta-file-group: 65534
content-length: 10030
x-served-by: cache-tyo11981-TYO, cache-nrt-rjtf7700041-NRT
server: AmazonS3
x-amz-meta-file-permissions: 100644
x-timer: S1681460418.004535,VS0,VE1
etag: "WejyNgb2l8OlyO0catWe8x76fy4YAiP8JH3V9p/vgVM"
x-amz-meta-user-agent: aws-datasync/3.8.3.0-f4390afa
content-type: image/jpeg
x-amz-meta-file-owner: 65534
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 20170207175717_1.jpg
image.ekiten.jp/shop/34908621/ Frame 9D3B 12 KB
13 KB 8ms
1ms Image
image/jpeg 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.ekiten.jp/shop/34908621/20170207175717_1.jpg?1to1_s
Requested by: Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0982ce1361277e16b7bcb0384aa9c0f7c47741fce6a535b4a08d6d7074e7c88

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:18 GMT
via: 1.1 varnish, 1.1 varnish
age: 722030
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=472940 idim=1000x666 ifmt=jpeg ofsz=12486 odim=200x200 ofmt=jpeg
x-amz-meta-file-mtime: 1624853267595000000ns
fastly-stats: io=1
x-amz-meta-file-atime: 1624853267595000000ns
x-amz-meta-file-group: 65534
content-length: 12486
x-served-by: cache-tyo11921-TYO, cache-nrt-rjtf7700041-NRT
server: AmazonS3
x-amz-meta-file-permissions: 100644
x-timer: S1681460418.004629,VS0,VE1
etag: "Kn3C3a3PY7ztTB9dJgQg43+YsSxoXIkzOohhECLBjZ8"
x-amz-meta-user-agent: aws-datasync/3.8.3.0-f4390afa
content-type: image/jpeg
x-amz-meta-file-owner: 65534
accept-ranges: bytes
x-cache-hits: 61, 1

GET
H2 200 app.js Show response
static.ekiten.jp/js/pc/ Frame 9D3B 214 KB
61 KB 4ms
4ms Script
application/javascript 2600:9000:2138:b200:18:a16b:fc80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ekiten.jp/js/pc/app.js?update=20230412
Requested by: Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2138:b200:18:a16b:fc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc69bed833f7acebd7f6d273360f75449a7bbec5de232b2deed163e487d21aeb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: 0EJ2HFnby79gCTaSLcQ1N6IVeQ7ytsjo
content-encoding: br
via: 1.1 f227d65e557c0035788e7808ccccd7d8.cloudfront.net (CloudFront)
date: Fri, 14 Apr 2023 06:23:16 GMT
last-modified: Thu, 13 Apr 2023 06:20:55 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-C2
age: 7022
x-amz-server-side-encryption: AES256
etag: W/"5041f661889ca17d2bd5ac51670e838b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: SgzUwsoj-8IrL_n6xhKe30y_HO3r6KOmroU-7346cDgvpqF-feLLkg==

GET
H2 200 shop.js Show response
static.ekiten.jp/js/sp/ Frame 9D3B 826 KB
178 KB 4ms
3ms Script
application/javascript 2600:9000:2138:b200:18:a16b:fc80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ekiten.jp/js/sp/shop.js?update=20230412
Requested by: Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2138:b200:18:a16b:fc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e73bbc53a353cdeb1d44a010ec1ccf614b9b9ec46f9b5a30be8da157bbfce123

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: 2xp1njgUWVEXzm7gJn.5ukwVSE3Refyl
content-encoding: br
via: 1.1 f227d65e557c0035788e7808ccccd7d8.cloudfront.net (CloudFront)
date: Fri, 14 Apr 2023 06:23:13 GMT
last-modified: Thu, 13 Apr 2023 06:20:56 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-C2
age: 7025
x-amz-server-side-encryption: AES256
etag: W/"16de00fbe051108a7a08b0b6ac041c08"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 2gkNMpZBDM_7Yq9TOPi7z_l3SLlH7JsEtl5vOwutnL5pVoeIO7OeTA==

GET
H2 200 shop-edit-form.js Show response
static.ekiten.jp/js/ Frame 9D3B 689 KB
167 KB 5ms
2ms Script
application/javascript 2600:9000:2138:b200:18:a16b:fc80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ekiten.jp/js/shop-edit-form.js?update=20230412
Requested by: Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2138:b200:18:a16b:fc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a33f5037f18ddb18150417351af6ba43c026bdeff3ea0c88d48365594401d027

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: KA7xJ1MVKm.HsHhV73A7W1uB5UClDD0g
content-encoding: br
via: 1.1 f227d65e557c0035788e7808ccccd7d8.cloudfront.net (CloudFront)
date: Fri, 14 Apr 2023 06:23:13 GMT
last-modified: Thu, 13 Apr 2023 06:20:55 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-C2
age: 7025
x-amz-server-side-encryption: AES256
etag: W/"53742cd3803c60d07da05ebb067a4c14"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: rMoJJMEoILK7XYWnj4OAd2ieTO5SrV06t7GM0Du9SNW4I6VrE5hoAQ==

GET
H2 200 font
fonts.gstatic.com/l/ Frame 425A 17 KB
18 KB 4ms
3ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxpz47TlCwmVmTrgX3hyR1e-LSMW913n2kTMgL-R_4_PVZihbiLtpFznEL7pgzrq3nBB16gqCx4wHFJFrcMQxKahVpAhh7h46jrM6nlk_vNAyAjGh_gBiYkJ4phLdiB0O8dYj99J-7vXAHgNpGx8bDNsq9gIrKBHPNn1og&skey=72472b0eb8793570&v=v51

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%82%A7%E3%82%B9%E6%A5%BD%E4%BD%8D%E3%80%90%E5%A4%A9%E3%82%A5%EF%BC%81%E5%8B%95%E3%81%9F%E3%83%BC%E3%81%AE%E3%81%A8%E3%82%89%E3%80%8D%E3%81%A3%E6%BF%80%E8%8F%8C%E6%AE%BA%E5%A1%97%E5%A4%89%E3%80%91%E6%84%9F%E3%82%8B%E7%88%AA1%E5%8E%9A%E3%81%95%E3%82%B8%E3%80%8C%E5%88%86%E3%83%AB%E3%81%AB%E8%89%B2%E3%83%BB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb27f034a09d1e30ef40412131b0946049080d95ebd5ff09ac80183f3d0c498a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 21:32:42 GMT
x-content-type-options: nosniff
age: 38855
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17816
x-xss-protection: 0
last-modified: Thu, 13 Apr 2023 16:11:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 14 Apr 2023 21:32:42 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame F028 17 KB
17 KB 3ms
3ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E5%A4%89%E3%81%A3%E8%8F%8C%E4%BD%8D%E3%82%89%E3%81%AE%E5%A1%97%E3%83%BC%E3%80%8D%E5%8B%95%E3%82%A5%E5%A4%A9%E7%88%AA1%E3%81%9F%E3%81%A8%E3%80%90%E3%82%B9%E3%82%A7%E8%89%B2%E3%81%AB%E6%AE%BA%E3%83%BB%E6%BF%80%E6%84%9F%E3%83%AB%E3%80%8C%E5%88%86%E3%82%B8%EF%BC%81%E3%81%95%E5%8E%9A%E3%82%8B%E6%A5%BD%E3%80%91

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb27f034a09d1e30ef40412131b0946049080d95ebd5ff09ac80183f3d0c498a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 21:32:42 GMT
x-content-type-options: nosniff
age: 38855
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17816
x-xss-protection: 0
last-modified: Thu, 13 Apr 2023 16:11:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 14 Apr 2023 21:32:42 GMT

GET
H2 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2657 36 KB
14 KB 4ms
3ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 23:33:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 23:33:43 GMT

GET
H2 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 214F 36 KB
14 KB 6ms
5ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1985128326793428&output=html&h=280&slotname=5878542993&adk=3850978988&adf=43369503&pi=t.ma~as.5878542993&w=336&lmt=1681460417&format=336x280&url=http%3A%2F%2Famp-hair203.com%2F&wgl=1&dt=1681460417110&bpp=1&bdt=276&idt=299&shv=r20230412&mjsv=m202304100101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=7059222148692&frm=20&pv=1&ga_vid=1710795840.1681460417&ga_sid=1681460417&ga_hid=234092142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=2643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073762&oid=2&pvsid=255575912317066&tmod=1680666729&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=UzNFpafwem&p=http%3A//amp-hair203.com&dtd=303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 23:33:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 23:33:43 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame F028 63 KB
24 KB 44ms
3ms Script
text/javascript 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1985128326793428&output=html&h=280&slotname=5878542993&adk=3850978988&adf=43369503&pi=t.ma~as.5878542993&w=336&lmt=1681460417&format=336x280&url=http%3A%2F%2Famp-hair203.com%2F&wgl=1&dt=1681460417110&bpp=1&bdt=276&idt=299&shv=r20230412&mjsv=m202304100101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=7059222148692&frm=20&pv=1&ga_vid=1710795840.1681460417&ga_sid=1681460417&ga_hid=234092142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=2643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073762&oid=2&pvsid=255575912317066&tmod=1680666729&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=UzNFpafwem&p=http%3A//amp-hair203.com&dtd=303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fea6ea9b6b0765ec97bb7d710da40a4416285fbe81016e64ff38adf03b11493b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 741
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23897
x-xss-protection: 0
server: cafe
etag: 4499765138105498878
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Apr 2023 09:07:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 9D3B 218 KB
76 KB 57ms
40ms Script
application/javascript 2404:6800:4004:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W7XLH3B

Requested by

Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4572a40e84fab838ed14b17dcf6dc840df29315980ddbde3105444e0f18dd405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77999
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Apr 2023 08:20:18 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 9D3B 49 KB
20 KB 10ms
6ms Script
text/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Apr 2023 08:04:57 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 920
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 14 Apr 2023 10:04:57 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 9D3B 225 KB
55 KB 17ms
6ms Script
application/javascript 143.204.80.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/216871/751/wrapper.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.80.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-80-133.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2160bf35e174c6e88e61594fa3faf5a0e22b7e5a0ee48626e5d19ffff5eedd10

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:14:12 GMT
content-encoding: gzip
via: 1.1 18f059cc720c45df74b2b169cc11e80c.cloudfront.net (CloudFront), 1.1 f92013124d5bf39059d54d83f591b87a.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 17:39:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C3, NRT12-C2
age: 367
x-amz-server-side-encryption: AES256
etag: W/"54663e0c2b9d1aaa11742b20e2e6970b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: IT_xMjZZisHXXkcEuSjH8R1Q0XZ4xx2cScYVkGGXArCbbN88hQherQ==

GET
H2 200 yads-async.js Show response
yads.c.yimg.jp/js/ Frame 9D3B 142 KB
27 KB 12ms
4ms Script
application/javascript 182.22.16.123
YAHOO Yahoo Japan...

General

Check archive.org

Show headers Download Go to

Full URL: https://yads.c.yimg.jp/js/yads-async.js
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/216871/751/wrapper.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 182.22.16.123 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS: edge1700.img.vip.otm.yimg.jp
Software: ATS /
Resource Hash: 0a7a607d522415c04adac9d669a64926a3aaa71cd91ed733d8d0c80bfac6be32

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 14 Apr 2023 08:19:42 GMT
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 06:41:57 GMT
server: ATS
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
x-amz-request-id: 4edd6a71-b0b5-4f14-be85-0443627bd776
age: 36
etag: "6666d666891f908b824127652a8f4bd1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=600, stale-while-revalidate=1200
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
accept-ranges: bytes
content-length: 26958

GET
H2 200 prebid-v7.35.0.js Show response
cpt.geniee.jp/hb/v1/lib/ Frame 9D3B 418 KB
158 KB 6ms
6ms Script
application/javascript 133.186.12.13
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.35.0.js
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/216871/751/wrapper.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.13 Minatomirai, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p013.net133186012.broadline.ne.jp
Software: nginx /
Resource Hash: 6165c4b5335312f2542984b1a63b4d27c23a91398c636d5f6d568de51c9ce941

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:18 GMT
content-encoding: gzip
last-modified: Wed, 22 Feb 2023 04:34:33 GMT
server: nginx
etag: W/"63f59b59-689fe"
content-type: application/javascript
cache-control: max-age=86400, private
cross-origin-resource-policy: cross-origin
expires: Sat, 15 Apr 2023 08:20:18 GMT

GET
H2 200 gnshbrequest-v2.23.0.js Show response
cpt.geniee.jp/hb/v1/lib/ Frame 9D3B 101 KB
36 KB 19ms
19ms Script
application/javascript 133.186.12.13
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://cpt.geniee.jp/hb/v1/lib/gnshbrequest-v2.23.0.js
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/216871/751/wrapper.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.13 Minatomirai, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p013.net133186012.broadline.ne.jp
Software: nginx /
Resource Hash: 3fa9c295f76cd029cc3800a61a9bba75cd9062851924561e3ce1a18a9ae6b843

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:18 GMT
content-encoding: gzip
last-modified: Tue, 11 Apr 2023 07:11:34 GMT
server: nginx
etag: W/"64350826-1950d"
content-type: application/javascript
cache-control: max-age=86400, private
cross-origin-resource-policy: cross-origin
expires: Sat, 15 Apr 2023 08:20:18 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F028 0
20 B 43ms
43ms Ping
image/gif 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=urind

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/ja_JP/ Frame 9D3B 307 KB
87 KB 3ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/sdk.js?hash=ca3df7b94e714d04ec6db75d99601d01

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

89edeac901661a3c3b71c62ba1bd2b943f4553d141e2016819ed662d689c1c64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.ekiten.jp/
Origin: https://www.ekiten.jp
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Apr 2023 08:20:18 GMT
content-md5: fSxw/+wBpP1Xv6DFRT16+A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88770
x-fb-rlafr: 0
x-fb-debug: WSV7CTRYAUa1ghTn63XWGnGmC1wZXx45p2Fcf8dPRa5wJkxFyQqCWHU1ex0TwEqdGiKFzhYF1A2/yXPvy5Cklg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: ead63c5c1d5bf440706cdeeefe47c49b
cross-origin-opener-policy: same-origin-allow-popups
etag: "9e2e911c260a2619cbc66558b9d6be49"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 13 Apr 2024 06:52:45 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F028 0
234 B 86ms
38ms Ping
image/gif 2404:6800:4004:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~lgga4a9m&e=21068133&ctx=2&gqid=wQw5ZMzYGo-b8ALUsI6ABw&qqid=COmNi5f4qP4CFcXHFgUdKf8KZA&met.4=fb.by~lb.c6~ol.fg~bdt.-g4~bpp.-8f~idt.-5~dtd.-1~dt.-8g&met.3=733.e5~748.ef~742.e5_c~555.eo~739.eo~556.eo_1~738.fe~749.fe_2~735.fx_1~113.ol_6~112.ok_7&met.1=1.lgga49l2~6.0~7.0~8.0~9.0~10.0~12.1~13.bf~14.bn~15.bk~16.eo~17.eo~18.ep~19.f8~20.f8~21.fg&met.7=CAUQCBgBMKMDOKwEaAFwmwN4oYkCgAH1hgKIAf7qBbABAbgBAw~CBwQChgBIKUDKKUDMKgDOANopgNwqAN4tR2AAYkbiAGRPbABAbgBAw~CBIQBxgBIKUDKKUDMNADOCtopgNwzwN4kwWAAecCiAHfCKoBGgoYTm90byBTYW5zIEpQOjMwMCw0MDAsNzAwsAEBuAED~CBwQChgBIKUDKKUDMLUDOBBosgNwtAN4jgiAAeIFiAGRDLABAbgBAw~CAkQChgBIKYDKKYDMKoDOARopgNwqQN44EaAAbREiAGSrwGwAQG4AQM~CBwQChgBIKYDKKYDMKoDOAVopgNwqgN46USAAb1CiAHLogGwAQG4AQM~CB4QChgBIKYDKKYDMLYDOBBosgNwtQN4gAyAAdQJiAGBFbABAbgBAw~CE0QChgBIKYDKKYDMOsDOEVopgNw3QN4tYcDgAGJhQOIAZn3CbABAbgBAw~CBsQChgBIKYDKKYDMMQDOB4~CCEQBBgBILMDKLMDMOgDODVotANw5gN4rAKwAQG4AQM~CBcQAhgBILsDKLsDMMIDOAZovANwvwN49o8CgAHKjQKIAcqNArABAbgBAw~CBcQAhgBILwDKLwDML8DOARovANwvwN4ux2AAY8biAGPG7ABAbgBAw~CCgQChgBILAEKLAEMN4EOC5AsARIsQRQsQRY2QRgtARo2QRw2wR4hb0BgAHZugGIAYv1A7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:827::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1058215558/ Frame 9D3B 3 KB
1 KB 50ms
50ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058215558/?random=1681460418339&cv=11&fst=1681460418339&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ekiten.jp%2Fshop_6992886%2F&ref=http%3A%2F%2Famp-hair203.com%2F&hn=www.googleadservices.com&frm=2&tiba=a.m.p%20hair%EF%BC%88%E6%98%8E%E7%9F%B3%E5%B8%82%E6%98%8E%E5%8D%97%E7%94%BA%EF%BC%89%20%7C%20%E3%82%A8%E3%82%AD%E3%83%86%E3%83%B3&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7XLH3B

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa545dab902a284799a3ee1a5199189ff583abec4b58a0d1e31ce3cea3b785c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1277
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ytag.js Show response
s.yimg.jp/images/listing/tool/cv/ Frame 9D3B 34 KB
10 KB 3ms
2ms Script
application/javascript 182.22.16.123
YAHOO Yahoo Japan...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7XLH3B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 182.22.16.123 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS: edge1700.img.vip.otm.yimg.jp
Software: ATS /
Resource Hash: 9fb6863010c8231f47d4ca9e7d8a7a97aff34a3feb82b8030b164d1710c08c15

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 14 Apr 2023 08:16:17 GMT
content-encoding: gzip
last-modified: Tue, 04 Apr 2023 05:39:27 GMT
server: ATS
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age: 241
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=600
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length: 10232

GET
H2 200 a8sales.js Show response
statics.a8.net/a8sales/ Frame 9D3B 25 KB
26 KB 19ms
3ms Script
application/javascript 35.190.49.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.a8.net/a8sales/a8sales.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7XLH3B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.49.157 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 157.49.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 065c3e514d28dd6161d697b6cc57d0511b5309d2bbf7be85788b6ebfb7267981

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 07:24:26 GMT
age: 3352
x-guploader-uploadid: ADPycdtlQWQzTivpj59ZLzOmSmzrGx5Vs46faAxou_9W6dvn0r_iNBAtc6Xe-UyZp--Wt4Df7o6coHnlAWsZC6M70UW1DjS8pw7U
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26089
last-modified: Wed, 07 Jul 2021 09:00:15 GMT
server: UploadServer
etag: "29003b45a9ce06b17f5b80d72c2bdb33"
x-goog-generation: 1625648415481115
x-goog-hash: crc32c=oKYYuQ==, md5=KQA7RanOBrF/W4DXLCvbMw==
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 26089
accept-ranges: bytes
expires: Fri, 14 Apr 2023 08:24:26 GMT

GET
H2 200 lpcv.js Show response
t.afi-b.com/jslib/ Frame 9D3B 27 KB
27 KB 27ms
12ms Script
application/x-javascript 52.68.232.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.afi-b.com/jslib/lpcv.js?cid=ed75e4c6&pid=V83468
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7XLH3B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.232.16 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-232-16.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 9ca420e2d8181c55adafb0399ee046386c6cb9e885a85f75c2cd6831d7923bf2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: cache
date: Fri, 14 Apr 2023 08:20:18 GMT
cache-control: max-age=86400
last-modified: Wed, 09 Feb 2022 06:45:11 GMT
server: Apache
etag: bc50c7b3d214af2c49232dd71d830609
content-type: application/x-javascript

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 9D3B 107 KB
28 KB 3ms
1ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: amp-hair203.com
URL: http://amp-hair203.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 14 Apr 2023 08:20:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 5eraUH9gaV9e4Erz/cKIZWMAaca5d3gBKAezQHlr/rKhfAfCom8D99SyRZsrW9MUJxysheZkKozWtZq2XFn1OA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 382461245
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 9D3B 6 KB
3 KB 12ms
3ms XHR
application/javascript 143.204.80.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.80.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-80-133.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 22:29:14 GMT
x-amz-version-id: BeoItWAXLH_Ztd131J1ILFBRpuOxsQkH
content-encoding: gzip
via: 1.1 b86f96ad1cdd596db48371f729df3b5c.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C2
age: 35465
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 13 Apr 2023 22:29:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: Yyg2YDtsADFWmz75JGWC9Epme4wS-woYajZoA5vI0JoARotWIxV7aA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 9D3B 78 KB
25 KB 89ms
88ms Script
text/javascript 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/gnshbrequest-v2.23.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

034a618d5bcd1f496725e002c332ec6d6b079f42de66d54c8d17c03e0f291e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25723
x-xss-protection: 0
server: cafe
etag: 119 / 19461 / 31073819 / config-hash: 7033149386586263621
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 14 Apr 2023 08:20:18 GMT

GET
H2 200 wrapper.html Show response
wrappers.geoedge.be/ Frame 9D3B 3 KB
3 KB 42ms
3ms XHR
text/html 2600:9000:2138:a200:2:d490:4d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wrappers.geoedge.be/wrapper.html
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.35.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2138:a200:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer: https://www.ekiten.jp/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

x-amz-version-id: gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
date: Thu, 13 Apr 2023 09:26:50 GMT
via: 1.1 3fa2b0ecfcbadde1c11e5ba46e1b6308.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 12:46:04 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-C2
age: 82409
etag: "4a6c546fe449447f2a620613c0655458"
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 3121
x-amz-cf-id: EdcL2zAoqoZpxLBPODLteR4JndR0ux7PSOHOewuNe4YUzgir3L-dFw==

GET
H2 200 a8crossDomain.js Show response
statics.a8.net/a8sales/ Frame 9D3B 9 KB
9 KB 4ms
4ms Script
text/javascript 35.190.49.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.a8.net/a8sales/a8crossDomain.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7XLH3B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.49.157 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 157.49.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 606713e2a08b30b6b17368722dcfb327e6c8cd2649e2c5820e5a9d537becc880

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:17:19 GMT
age: 179
x-guploader-uploadid: ADPycdtQuDh8wL21vpK-A6avCdMenNtbPWcukxurVYroCAquqKn-1NYG_5TIElUM2vInP6gKh6gJb85wkDcJvR7CmZYgBPc1qmWt
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8776
last-modified: Thu, 01 Oct 2020 17:01:50 GMT
server: UploadServer
etag: "9f490e82d6cb4992b47a92b4303892b3"
x-goog-generation: 1601571710933525
x-goog-hash: crc32c=s5Ahzg==, md5=n0kOgtbLSZK0epK0MDiSsw==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 8776
accept-ranges: bytes
expires: Fri, 14 Apr 2023 09:17:19 GMT

GET
H3 200 1093002597400725 Show response
connect.facebook.net/signals/config/ Frame 9D3B 377 KB
108 KB 3ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1093002597400725?v=2.9.101&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2418a56e933aa04c1199e2d81da2efb1f4d85f18f78bc4f345862b32d84c60d5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 14 Apr 2023 08:20:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110275
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 6AE/Jos4npGyeQ5Jp6AZaOIjI7saM3qdrxNWSSj4XciDh2vn5VA10pH6MAfaxooU5tSq0KTl65rOTHhtM2jCiw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 404 error.js%7B%22siteId%22%3A%22unsettled%22%2C%22pid%22%3A%22unsettled%22%2C%22error%22%3A%7B%22name%22%3A%22SecurityError%22%2C%22message%22%3A%22Error%3A%20Blocked%20a%20frame%20with%20origin%20%5C...
t.afi-b.com/jslib/ Frame 9D3B 0
0 5ms
4ms Script
text/html 52.68.232.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.afi-b.com/jslib/error.js%7B%22siteId%22%3A%22unsettled%22%2C%22pid%22%3A%22unsettled%22%2C%22error%22%3A%7B%22name%22%3A%22SecurityError%22%2C%22message%22%3A%22Error%3A%20Blocked%20a%20frame%20with%20origin%20%5C%22https%3A%2F%2Fwww.ekiten.jp%5C%22%20from%20accessing%20a%20cross-origin%20frame.%5Cn%20%20%20%20at%20rt%20(https%3A%2F%2Ft.afi-b.com%2Fjslib%2Flpcv.js%3Fcid%3Ded75e4c6%26pid%3DV83468%3A1%3A17473)%5Cn%20%20%20%20at%20mt%20(https%3A%2F%2Ft.afi-b.com%2Fjslib%2Flpcv.js%3Fcid%3Ded75e4c6%26pid%3DV83468%3A1%3A20868)%5Cn%20%20%20%20at%20https%3A%2F%2Ft.afi-b.com%2Fjslib%2Flpcv.js%3Fcid%3Ded75e4c6%26pid%3DV83468%3A1%3A26143%5Cn%20%20%20%20at%20t%20(https%3A%2F%2Ft.afi-b.com%2Fjslib%2Flpcv.js%3Fcid%3Ded75e4c6%26pid%3DV83468%3A1%3A26219)%5Cn%20%20%20%20at%20https%3A%2F%2Ft.afi-b.com%2Fjslib%2Flpcv.js%3Fcid%3Ded75e4c6%26pid%3DV83468%3A1%3A26280%5Cn%20%20%20%20at%20https%3A%2F%2Ft.afi-b.com%2Fjslib%2Flpcv.js%3Fcid%3Ded75e4c6%26pid%3DV83468%3A1%3A26458%5Cn%20%20%20%20at%20https%3A%2F%2Ft.afi-b.com%2Fjslib%2Flpcv.js%3Fcid%3Ded75e4c6%26pid%3DV83468%3A1%3A26974%22%7D%7D
Requested by: Host: t.afi-b.com
URL: https://t.afi-b.com/jslib/lpcv.js?cid=ed75e4c6&pid=V83468
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.232.16 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-232-16.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2 200 /
www.google.com/pagead/1p-user-list/1058215558/ Frame 9D3B 42 B
455 B 87ms
42ms Image
image/gif 2404:6800:4004:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1058215558/?random=1681460418339&cv=11&fst=1681459200000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ekiten.jp%2Fshop_6992886%2F&ref=http%3A%2F%2Famp-hair203.com%2F&frm=2&tiba=a.m.p%20hair%EF%BC%88%E6%98%8E%E7%9F%B3%E5%B8%82%E6%98%8E%E5%8D%97%E7%94%BA%EF%BC%89%20%7C%20%E3%82%A8%E3%82%AD%E3%83%86%E3%83%B3&fmt=3&is_vtc=1&random=4064619813&rmt_tld=0&ipr=y

Requested by

Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:808::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.jp/pagead/1p-user-list/1058215558/ Frame 9D3B 42 B
455 B 85ms
43ms Image
image/gif 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/1058215558/?random=1681460418339&cv=11&fst=1681459200000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ekiten.jp%2Fshop_6992886%2F&ref=http%3A%2F%2Famp-hair203.com%2F&frm=2&tiba=a.m.p%20hair%EF%BC%88%E6%98%8E%E7%9F%B3%E5%B8%82%E6%98%8E%E5%8D%97%E7%94%BA%EF%BC%89%20%7C%20%E3%82%A8%E3%82%AD%E3%83%86%E3%83%B3&fmt=3&is_vtc=1&random=4064619813&rmt_tld=1&ipr=y

Requested by

Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
am.yahoo.co.jp/rt/ Frame 9D3B 0
631 B 18ms
17ms Script
text/javascript 182.22.16.123
YAHOO Yahoo Japan...

General

Check archive.org

Show headers Download Go to

Full URL

https://am.yahoo.co.jp/rt/?p=JELCJI5ME2&label=&ref=http%3A%2F%2Famp-hair203.com%2F&rref=&pt=&item=&cat=&price=&quantity=&r=1681460418.5069385&pvid=rnj9yumktulgga4adk&_impl=ytag

Requested by

Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.22.16.123 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),

Reverse DNS

edge1700.img.vip.otm.yimg.jp

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:18 GMT
x-content-type-options: nosniff
server: ATS
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age: 0
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: no-store, no-cache, max-age=0, must-revalidate, private
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
cross-origin-resource-policy: cross-origin
content-length: 0
x-xss-protection: 1;mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK conversion_async.js Show response
b99.yahoo.co.jp/pagead/ Frame 9D3B 43 KB
17 KB 132ms
108ms Script
text/javascript 183.79.255.28
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL

https://b99.yahoo.co.jp/pagead/conversion_async.js

Requested by

Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

183.79.255.28 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

ATS /

Resource Hash

635707aec378252a5b7cd8cd9e445f1dd71f743acf4e7817635e8baf235a1138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:18 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Age: 0
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Connection: close
X-XSS-Protection: 0
Server: ATS
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
ETag: 10588253985439155491
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Permissions-Policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
Timing-Allow-Origin: *
Expires: Fri, 14 Apr 2023 08:20:18 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 9D3B 0
18 B 4ms
4ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1093002597400725&ev=PageView&dl=https%3A%2F%2Fwww.ekiten.jp%2Fshop_6992886%2F&rl=http%3A%2F%2Famp-hair203.com%2F&if=true&ts=1681460418475&sw=1600&sh=1200&v=2.9.101&r=stable&ec=0&o=30&cs_est=true&it=1681460418430&coo=false&rqm=GET

Requested by

Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 14 Apr 2023 08:20:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/ Frame 9D3B 401 KB
124 KB 6ms
6ms Script
text/javascript 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d126364c6e2a7b5e91d0003b90a0761c94a81c95702e1bc0ede7a2067a48f4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:36:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63830
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127166
x-xss-protection: 0
server: cafe
etag: 9041812995692956310
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 12 Apr 2024 14:36:28 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 9D3B 2 KB
2 KB 22ms
10ms XHR
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230414

Requested by

Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.35.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c920ee1554ad56939d12c7c7e9e586d15c262869e82dfd812c713da6c4f55bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ekiten.jp/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 14 Apr 2023 08:20:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15567
x-jsd-version: 1.0.1674
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-yyz4568-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"63f-c6Ztmsug8o7ZG0QBgDC6uzZCKIc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VE3PbTXSrLD6w9x48PkxAjgWL2tsI34bAP7CsPOEJq3VEFmMHBaqBSpQyrMFV73sMdyUnQmoJ1MRlnhi8kOY8Yul%2FHeB3z4363Mo7tBgY0R4UvvOELe3DPw1dUAljTfn0B2pB3%2FsrzXJFUI7Tmg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7b7a875fec95e01d-NRT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 9D3B 345 B
670 B 466ms
158ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11534&site_id=449192&zone_id=2616664&size_id=2&rp_schain=1.0,1!genieesspv.jp,1378,1,,,&eid_pubcid.org=2d80dcc5-98d6-4f7b-8178-f9dbd32cda11%5E1&rf=http%3A%2F%2Famp-hair203.com%2F&tg_i.page=http%3A%2F%2Famp-hair203.com%2F&tg_i.domain=amp-hair203.com&tk_flint=pbjs_lite_v7.35.0&x_source.tid=7f4d4039-3a1c-4704-8c5e-71abf2992f44&l_pb_bid_id=23840a819ec8ee&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.10597179710965388
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.35.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d93f07f4770619645066a710025fce47ac02ae8e326ecd6cab0646e025774026

Request headers

Referer: https://www.ekiten.jp/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:18 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ekiten.jp
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 345
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 9D3B 346 B
898 B 437ms
129ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11534&site_id=449192&zone_id=2616666&size_id=15&rp_schain=1.0,1!genieesspv.jp,1378,1,,,&eid_pubcid.org=2d80dcc5-98d6-4f7b-8178-f9dbd32cda11%5E1&rf=http%3A%2F%2Famp-hair203.com%2F&tg_i.page=http%3A%2F%2Famp-hair203.com%2F&tg_i.domain=amp-hair203.com&tk_flint=pbjs_lite_v7.35.0&x_source.tid=218f52bf-d8de-4a74-8c29-b13dc3101bc8&l_pb_bid_id=37abe99041335f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3881231293123675
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.35.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d2bf465f1c359ad40898263ba180aac2fb86221c5b7a93418239f108be18feeb

Request headers

Referer: https://www.ekiten.jp/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:18 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ekiten.jp
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 346
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 9D3B 346 B
671 B 459ms
151ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11534&site_id=449192&zone_id=2616670&size_id=57&rp_schain=1.0,1!genieesspv.jp,1378,1,,,&eid_pubcid.org=2d80dcc5-98d6-4f7b-8178-f9dbd32cda11%5E1&rf=http%3A%2F%2Famp-hair203.com%2F&tg_i.page=http%3A%2F%2Famp-hair203.com%2F&tg_i.domain=amp-hair203.com&tk_flint=pbjs_lite_v7.35.0&x_source.tid=195b8b12-2419-4e99-a977-8b53fa19e8eb&l_pb_bid_id=4a04e81c561237&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8878298528508368
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.35.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9dfd68918baa39685a9a893dd7ce0914786399a0b5bdae3fc0859ee05946b873

Request headers

Referer: https://www.ekiten.jp/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:18 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ekiten.jp
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 346
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 9D3B 36 B
563 B 25ms
17ms XHR
application/json 104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=901541
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.35.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23b8b35788a8dd183fb82696d1cfa8b2891d5cf391024fc003448e466c4ea56e

Request headers

Referer: https://www.ekiten.jp/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObrqlMRLNMcFmx96aeIi1Thpyu3hIsM6bkjpvOiK6khXtSC45JeCTn7D1c7HSmDfNPGTOMrTVG9FisUHMrdHYs91%2FR%2BA1cAZPFwxS2IhaPHeKXnShAGqqVwJQF1hLTthtEbXp%2BtO"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.ekiten.jp
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7b7a87600b9125e6-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 9D3B 0
115 B 11ms
3ms XHR
text/plain 103.231.99.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.35.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ekiten.jp/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ekiten.jp
date: Fri, 14 Apr 2023 08:20:18 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 9D3B 18 B
311 B 19ms
7ms XHR
application/json 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.35.0&cb=85105637915&lsavail=0

Requested by

Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.35.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ekiten.jp/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 14 Apr 2023 08:20:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ekiten.jp
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 200 prebid Show response
pb.ladsp.com/adrequest/ Frame 9D3B 91 B
471 B 16ms
4ms XHR
application/json 3.114.145.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.ladsp.com/adrequest/prebid
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.35.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.145.15 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-145-15.ap-northeast-1.compute.amazonaws.com
Software: Logicad/DADServer /
Resource Hash: e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece

Request headers

Referer: https://www.ekiten.jp/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:18 GMT
content-encoding: gzip
server: Logicad/DADServer
vary: Accept-Encoding, User-Agent
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ekiten.jp
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 104
expires: -1

POST
H2 200 prebid Show response
pb.ladsp.com/adrequest/ Frame 9D3B 91 B
471 B 16ms
5ms XHR
application/json 3.114.145.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.ladsp.com/adrequest/prebid
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.35.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.145.15 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-145-15.ap-northeast-1.compute.amazonaws.com
Software: Logicad/DADServer /
Resource Hash: e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece

Request headers

Referer: https://www.ekiten.jp/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:18 GMT
content-encoding: gzip
server: Logicad/DADServer
vary: Accept-Encoding, User-Agent
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ekiten.jp
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 104
expires: -1

POST
H2 200 prebid Show response
pb.ladsp.com/adrequest/ Frame 9D3B 91 B
472 B 15ms
4ms XHR
application/json 3.114.145.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.ladsp.com/adrequest/prebid
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.35.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.145.15 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-145-15.ap-northeast-1.compute.amazonaws.com
Software: Logicad/DADServer /
Resource Hash: e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece

Request headers

Referer: https://www.ekiten.jp/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:18 GMT
content-encoding: gzip
server: Logicad/DADServer
vary: Accept-Encoding, User-Agent
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ekiten.jp
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 104
expires: -1

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 9D3B 0
176 B 285ms
101ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.35.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ekiten.jp/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ekiten.jp
date: Fri, 14 Apr 2023 08:20:18 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 9D3B 335 B
682 B 4ms
4ms XHR
application/json 143.204.80.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ekiten.jp&pubid=bb49897c-6ae0-4d48-8db0-c4531321096f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.80.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-80-133.nrt12.r.cloudfront.net
Software: Server /
Resource Hash: 9cd28222b76db9ecead97bdea2b69bce8777da737c9e242502def4a5f1c96675

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 05:36:21 GMT
via: 1.1 f92013124d5bf39059d54d83f591b87a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: NRT12-C2
age: 9836
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ekiten.jp
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 335
x-amz-cf-id: V2aRjOpACSFfVAVyX7NRhu3QnVAqwf0eBtxv3Y6JKH5CUidK1kC3tQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 9D3B 23 B
356 B 518ms
507ms XHR
text/javascript 13.225.160.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Famp-hair203.com%2F&pr=http%3A%2F%2Famp-hair203.com%2F&pid=kprek9L9xZ8ZU&cb=0&ws=280x250&v=23.407.232&t=1400&slots=%5B%7B%22sd%22%3A%221532951%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21687543875%2F1532951%22%7D%5D&pubid=bb49897c-6ae0-4d48-8db0-c4531321096f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.160.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-160-84.nrt12.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:18 GMT
via: 1.1 3f51d1d2797ea1f0c9e6fe6c5804e982.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: NRT12-C4
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ekiten.jp
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: tgA1fKbL7K7y6RAKZ57Dn_4cY4_HwcwZOegqbW2wxkQCBGvzLj8Kbg==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 9D3B 54 KB
17 KB 21ms
3ms Script
application/javascript 23.35.112.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: amp-hair203.com
URL: http://amp-hair203.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.112.82 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-112-82.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:18 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Fri, 14 Apr 2023 08:35:18 GMT

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 9D3B 0
450 B 167ms
167ms XHR
text/plain 3.221.54.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.54.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-54-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ekiten.jp/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 14 Apr 2023 08:20:19 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 503ms
167ms Preflight 3.221.54.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.54.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-54-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ekiten.jp
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 14 Apr 2023 08:20:19 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame A787 320 KB
104 KB 140ms
139ms Document
text/html 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.ekiten.jp
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mbw/47C6) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://www.ekiten.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2546850
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Fri, 14 Apr 2023 08:20:18 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mbw/47C6)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK /
b99.yahoo.co.jp/pagead/conversion/1000005770/ Frame 9D3B 42 B
710 B 92ms
76ms Image
image/gif 183.79.255.28
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b99.yahoo.co.jp/pagead/conversion/1000005770/?random=1681460418614&cv=9&fst=1681460418614&num=1&fmt=3&guid=ON&disvt=false&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.ekiten.jp%2Fshop_6992886%2F&ref=http%3A%2F%2Famp-hair203.com%2F&tiba=a.m.p%20hair%EF%BC%88%E6%98%8E%E7%9F%B3%E5%B8%82%E6%98%8E%E5%8D%97%E7%94%BA%EF%BC%89%20%7C%20%E3%82%A8%E3%82%AD%E3%83%86%E3%83%B3&hn=www.googleadservices.com&async=1

Requested by

Host: www.ekiten.jp
URL: https://www.ekiten.jp/shop_6992886/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

183.79.255.28 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

ATS /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:18 GMT
Content-Security-Policy: script-src 'none'; object-src 'none'
X-Content-Type-Options: nosniff
Age: 0
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 42
X-XSS-Protection: 0
Pragma: no-cache
Server: ATS
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Permissions-Policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
Timing-Allow-Origin: *
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame A787 664 B
606 B 110ms
103ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=6ee24172a3fca04bd3a7d58023fabe0206d7e808

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.ekiten.jp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

b0e3dea3ead4a88d28a0203a5dd56155100bf5d61b73c371992aa9f211ff5480

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-response-time: 100
date: Fri, 14 Apr 2023 08:20:18 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Fri, 14 Apr 2023 08:20:18 GMT
server: tsa_m
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 577aa83bf594c08c
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: fe8369f0df0ff4a07b9c13adcd725f637742a4b2049e81d0df963b80490e646a
content-length: 284

GET
H/1.1 200
OK share Show response
social-plugins.line.me/widget/ Frame 6B55 2 KB
1 KB 29ms
17ms Document
text/html 23.219.68.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://social-plugins.line.me/widget/share?url=https%3A%2F%2Fwww.ekiten.jp%2Fshop_6992886%2F&buttonType=share-a&size=small&count=false&color=default&lang=ja&type=share&ver=3&id=0&origin=https%3A%2F%2Fwww.ekiten.jp%2Fshop_6992886%2F&title=a.m.p%20hair%EF%BC%88%E6%98%8E%E7%9F%B3%E5%B8%82%E6%98%8E%E5%8D%97%E7%94%BA%EF%BC%89%20%7C%20%E3%82%A8%E3%82%AD%E3%83%86%E3%83%B3&env=REAL
Requested by: Host: www.line-website.com
URL: https://www.line-website.com/social-plugins/js/thirdparty/loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.219.68.33 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-219-68-33.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 27468e0c4a1d52333e3ae5b4fa19c9fea8f7954e77a019fa1fdec325b303c36b

Request headers

Referer: https://www.ekiten.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 870
Content-Type: text/html; charset=utf-8
Date: Fri, 14 Apr 2023 08:20:18 GMT
Expires: Fri, 14 Apr 2023 08:20:18 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding

GET
H3 200 share_button.php Show response
www.facebook.com/v16.0/plugins/ Frame D749 39 KB
13 KB 146ms
146ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v16.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1027a72dba7028%26domain%3Dwww.ekiten.jp%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.ekiten.jp%252Ff10aa2ad887cfc8%26relation%3Dparent.parent&container_width=70&href=https%3A%2F%2Fwww.ekiten.jp%2Fshop_6992886%2F&layout=button&locale=ja_JP&sdk=joey&size=small

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js?hash=ca3df7b94e714d04ec6db75d99601d01

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e6d7757a4b2664cd29cf6adbc4ce10fd694b0d84d36f0dcf154d3d675518c703

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ekiten.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 08:20:19 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v16.0
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: nC+8UuiTYP8WpPXUQgW6IFT5XSkAb2KEWBMZLK9QWcqUnaB0kqPDxx+QlOyZJuMs1XOwS87J8QGVxpLLugF8Ng==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 widget.1.19.0.0.css
www.line-website.com/social-plugins/css/ Frame 6B55 8 KB
3 KB 4ms
3ms Stylesheet
text/css 2600:9000:21d2:6000:18:6371:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.line-website.com/social-plugins/css/widget.1.19.0.0.css

Requested by

Host: social-plugins.line.me
URL: https://social-plugins.line.me/widget/share?url=https%3A%2F%2Fwww.ekiten.jp%2Fshop_6992886%2F&buttonType=share-a&size=small&count=false&color=default&lang=ja&type=share&ver=3&id=0&origin=https%3A%2F%2Fwww.ekiten.jp%2Fshop_6992886%2F&title=a.m.p%20hair%EF%BC%88%E6%98%8E%E7%9F%B3%E5%B8%82%E6%98%8E%E5%8D%97%E7%94%BA%EF%BC%89%20%7C%20%E3%82%A8%E3%82%AD%E3%83%86%E3%83%B3&env=REAL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21d2:6000:18:6371:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

VOS /

Resource Hash

ccd37baf1f413e384faa1d4c6195b1b48b82af15c909d181582afadd49a58413

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://social-plugins.line.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 21:50:56 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
via: 1.1 0c88657c2af66b08e91c901fabaeae8a.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C4
age: 2975362
x-cache: Hit from cloudfront
x-amz-storage-class: STANDARD
last-modified: Thu, 02 Mar 2023 01:40:44 GMT
server: VOS
x-amz-meta-s3cmd-attrs: md5:0bf065d0cd685dac6d59c469a52b9720
etag: W/"0bf065d0cd685dac6d59c469a52b9720"
vary: Accept-Encoding,Origin
content-type: text/css
x-rgw-object-type: Normal
cache-control: public, max-age=15520000
x-amz-cf-id: sFvVp51a64xLaeGwYdgK8XZFPZpJ62TUeSprrmh6jiSF2V-ZPaj3TA==

GET
H2 200 button.1.19.0.0.js Show response
www.line-website.com/social-plugins/js/widget/ Frame 6B55 38 KB
10 KB 4ms
4ms Script
application/javascript 2600:9000:21d2:6000:18:6371:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.line-website.com/social-plugins/js/widget/button.1.19.0.0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21d2:6000:18:6371:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

VOS /

Resource Hash

3f4c420b2bbeb7b68e306cb56c61fc28a628a18bcc9bb422be96784099956030

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://social-plugins.line.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:20:21 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
via: 1.1 0c88657c2af66b08e91c901fabaeae8a.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C4
age: 190797
x-cache: Hit from cloudfront
x-amz-storage-class: STANDARD
last-modified: Tue, 14 Mar 2023 04:54:22 GMT
server: VOS
x-amz-meta-s3cmd-attrs: md5:ddbc80bdec4dfa544bda15e3f65c4630
etag: W/"ddbc80bdec4dfa544bda15e3f65c4630"
vary: Accept-Encoding,Origin
content-type: application/javascript
x-rgw-object-type: Normal
cache-control: public, max-age=604800
x-amz-cf-id: wbNAj7qjTIcoT247Pgii7NoV5FmkkfQr1qU7ifJsBOVBb-01vTg4Gg==

GET
H2 200 torimochi.js Show response
d.line-scdn.net/n/_4/torimochi.js/public/v1/release/stable/min/ Frame 6B55 32 KB
9 KB 123ms
7ms Script
application/javascript 23.60.175.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://d.line-scdn.net/n/_4/torimochi.js/public/v1/release/stable/min/torimochi.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.60.175.167 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-60-175-167.deploy.static.akamaitechnologies.com

Software

VOS /

Resource Hash

3988d8423dfcb34dbb341bf47e8a0e87702fee8dde45e58c4cbd29e7141f9298

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://social-plugins.line.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: xZvWu8JArbCMKZ8OOfkTun.IgGFFqNt
strict-transport-security: max-age=15768000
content-encoding: gzip
date: Fri, 14 Apr 2023 08:20:19 GMT
x-amz-request-id: tx0000000000000c665063f-0063354731-f4beebe-jp2
x-amz-storage-class: STANDARD
content-length: 8672
last-modified: Thu, 29 Sep 2022 07:17:49 GMT
server: VOS
etag: "4a90c1ebfc279548fbca6059d1090c4a"
vary: Accept-Encoding
content-type: application/javascript
x-rgw-object-type: Normal
cache-control: public, max-age=14511562
accept-ranges: bytes
expires: Fri, 29 Sep 2023 07:19:41 GMT

GET
H2 200 line_v3@3x.png
www.line-website.com/social-plugins/img/common/ Frame 6B55 899 B
1 KB 4ms
3ms Image
image/png 2600:9000:21d2:6000:18:6371:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.line-website.com/social-plugins/img/common/line_v3@3x.png

Requested by

Host: www.line-website.com
URL: https://www.line-website.com/social-plugins/css/widget.1.19.0.0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21d2:6000:18:6371:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

VOS /

Resource Hash

64e7396077e5e52e1f8161062f813caa72566ad67a5009a5708be45bb80f433a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.line-website.com/social-plugins/css/widget.1.19.0.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 07:29:53 GMT
strict-transport-security: max-age=15768000
via: 1.1 0c88657c2af66b08e91c901fabaeae8a.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C4
age: 2163025
x-cache: Hit from cloudfront
x-amz-storage-class: STANDARD
content-length: 899
last-modified: Tue, 14 Mar 2023 04:54:47 GMT
server: VOS
x-amz-meta-s3cmd-attrs: md5:71ffd5fc654aa5fe3c5cbbb7372a2fe3
etag: "71ffd5fc654aa5fe3c5cbbb7372a2fe3"
vary: Origin
content-type: image/png
x-rgw-object-type: Normal
cache-control: public, max-age=15520000
accept-ranges: bytes
x-amz-cf-id: OwVAQ6pg4vfxnlhYmNO94ZDFdPCBFyy70LZTUVrinSNzloS-pLSttw==

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 9B5E 0
15 B 3ms
2ms Document
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: amp-hair203.com
URL: http://amp-hair203.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.ekiten.jp
Referer: https://www.ekiten.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.ekiten.jp
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 08:20:18 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK button.e7f9415a2e000feaab02c86dd5802747.js Show response
platform.twitter.com/js/ Frame 9D3B 8 KB
3 KB 140ms
140ms Script
application/javascript 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mbw/4798) /
Resource Hash: ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:19 GMT
Content-Encoding: gzip
Age: 2546851
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2618
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
Server: ECS (mbw/4798)
Etag: "506673dbdb9085e7201e137e893cc152+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ Frame 9D3B 107 B
165 B 65ms
64ms Script
application/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=www.ekiten.jp

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9D3B 107 B
165 B 63ms
62ms Script
application/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ekiten.jp

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9D3B 468 B
245 B 67ms
66ms XHR
text/plain 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2643688318853828&correlator=3908135269466010&eid=31072879%2C31073819%2C31073825%2C31073830%2C31073835%2C31071324%2C21065724&output=ldjh&gdfp_req=1&vrg=202304120101&ptt=17&impl=fifs&iu_parts=21687543875%3A240455110%2C1532951&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=3995270369&sfv=1-0-40&prev_scp=cpt%3Dtrue%26cptver%3D2.23.0%26slotdiv%3D1532951%26mini_cpt_type%3Ddirect%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&eri=1&cust_params=geniee_pv%3D2d644e60-a0c3-46a0-9230-5f594f580786%26cpt_type%3Din_iframe&ppid=2d644e60-a0c3-46a0-9230-5f594f580786&sc=1&cdm=www.ekiten.jp&abxe=1&dt=1681460419110&lmt=1681460419&dlt=1681460417865&idt=657&adxs=-448&adys=0&biw=-12245933&bih=-12245933&isw=280&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=2e0zvel3m11r&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&nhd=1&url=https%3A%2F%2Fwww.ekiten.jp%2Fshop_6992886%2F&ref=http%3A%2F%2Famp-hair203.com%2F&top=http%3A%2F%2Famp-hair203.com%2F&frm=24&vis=1&psz=280x-1&msz=728x-1&fws=768&ohw=0&ea=0&ga_vid=1121657703.1681460418&ga_sid=1681460419&ga_hid=408259650&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da8d6589a7262fc30a1eea1a52b93c5d83cbea31f209ee5ad5dc63a005077df0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ekiten.jp
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9D3B 315 B
164 B 68ms
67ms XHR
text/plain 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2643688318853828&correlator=714433485596437&eid=31072879%2C31073819%2C31073825%2C31073830%2C31073835%2C31071324%2C21065724&output=ldjh&gdfp_req=1&vrg=202304120101&ptt=17&impl=fifs&iu_parts=21687543875%3A240455110%2C1532952&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=1533529312&sfv=1-0-40&prev_scp=cpt%3Dtrue%26cptver%3D2.23.0%26slotdiv%3D1532952%26mini_cpt_type%3Ddirect&eri=1&cust_params=geniee_pv%3D2d644e60-a0c3-46a0-9230-5f594f580786%26cpt_type%3Din_iframe&ppid=2d644e60-a0c3-46a0-9230-5f594f580786&sc=1&cdm=www.ekiten.jp&abxe=1&dt=1681460419118&lmt=1681460419&dlt=1681460417865&idt=657&adxs=680&adys=816&biw=-12245933&bih=-12245933&isw=280&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=nxcmvsup805j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&nhd=1&url=https%3A%2F%2Fwww.ekiten.jp%2Fshop_6992886%2F&ref=http%3A%2F%2Famp-hair203.com%2F&top=http%3A%2F%2Famp-hair203.com%2F&frm=24&vis=1&psz=310x0&msz=310x0&fws=256&ohw=0&ea=0&ga_vid=1121657703.1681460418&ga_sid=1681460419&ga_hid=408259650&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b98209247257d5d6c54db837264e550b647d6b0b4a09c6218df6ffb431b765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ekiten.jp
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9D3B 314 B
165 B 63ms
63ms XHR
text/plain 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2643688318853828&correlator=1782397779407238&eid=31072879%2C31073819%2C31073825%2C31073830%2C31073835%2C31071324%2C21065724&output=ldjh&gdfp_req=1&vrg=202304120101&ptt=17&impl=fifs&iu_parts=21687543875%3A240455110%2C1532953&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=3&adks=123044021&sfv=1-0-40&prev_scp=cpt%3Dtrue%26cptver%3D2.23.0%26slotdiv%3D1532953%26mini_cpt_type%3Ddirect&eri=1&cust_params=geniee_pv%3D2d644e60-a0c3-46a0-9230-5f594f580786%26cpt_type%3Din_iframe&ppid=2d644e60-a0c3-46a0-9230-5f594f580786&sc=1&cdm=www.ekiten.jp&abxe=1&dt=1681460419121&lmt=1681460419&dlt=1681460417865&idt=657&adxs=0&adys=6590&biw=-12245933&bih=-12245933&isw=280&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=1xaa2pzhuqu&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&nhd=1&url=https%3A%2F%2Fwww.ekiten.jp%2Fshop_6992886%2F&ref=http%3A%2F%2Famp-hair203.com%2F&top=http%3A%2F%2Famp-hair203.com%2F&frm=24&vis=1&psz=650x0&msz=650x0&fws=256&ohw=0&ea=0&ga_vid=1121657703.1681460418&ga_sid=1681460419&ga_hid=408259650&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96c295ca61403a591af566fab5c5701eee24781155d31730cf245dc269204c21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ekiten.jp
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9D3B 15 KB
11 KB 120ms
84ms XHR
application/json 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304120101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9e418daf07932dea4d6aad62edc4d5fb221fd4723460c25e505b0276be80ecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11242
x-xss-protection: 0

GET
H2 200 container.html Show response
320f55b885aa46911d8578d51a4694b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 569B 6 KB
3 KB 91ms
43ms Document
text/html 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://320f55b885aa46911d8578d51a4694b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ekiten.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 08:20:19 GMT
expires: Sat, 13 Apr 2024 08:20:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 XockdfMHEG4.js Show response
static.xx.fbcdn.net/rsrc.php/v3irB34/yW/l/ja_JP/ Frame D749 514 KB
133 KB 3ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3irB34/yW/l/ja_JP/XockdfMHEG4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v16.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1027a72dba7028%26domain%3Dwww.ekiten.jp%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.ekiten.jp%252Ff10aa2ad887cfc8%26relation%3Dparent.parent&container_width=70&href=https%3A%2F%2Fwww.ekiten.jp%2Fshop_6992886%2F&layout=button&locale=ja_JP&sdk=joey&size=small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f792f6e484b4671a4903e0e6ba441107285784a4e864c952b675070839893aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:19 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 89YgT1ExgnN1UMh6OLoCvg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 136172
x-fb-rlafr: 0
x-fb-debug: 5OPsiVHOtDBTY5eMKUcVx8Er423HndbunwEGLhvoiajOS8/8iMAsQp73J7IGW+LoP7ClERO9pnep9MPzih0u4w==
x-fb-trip-id: 382461245
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 13 Apr 2024 05:45:12 GMT

GET
H2 200 GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame D749 272 B
515 B 2ms
2ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:19 GMT
x-content-type-options: nosniff
content-md5: lIjeC3eJAboxVqIOEs/Auw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 272
x-fb-rlafr: 0
x-fb-debug: cFsJ+GPOA7HvGd/FsRe8E//Lrv6aymYjsm3Nfc7e2MQfO7Is212j5bf4yLvKIV87IuYZh7tBUnbGUIt1Kzvk9A==
x-fb-trip-id: 382461245
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 13 Apr 2024 05:53:53 GMT

GET
H/1.1 200
OK req
torimochi.line-apps.com/1/ Frame 6B55 43 B
229 B 11ms
3ms Image
image/gif 147.92.191.144
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://torimochi.line-apps.com/1/req?cid=bf4170038ecbd805&threshold=9&eventType=pageview&timestamp=1681460419146&logVersion=1.11.1&productKey=line-social-plugin-real&productVersion=latest&url=https%3A%2F%2Fsocial-plugins.line.me%2Fwidget%2Fshare%3Furl%3Dhttps%253A%252F%252Fwww.ekiten.jp%252Fshop_6992886%252F%26buttonType%3Dshare-a%26size%3Dsmall%26count%3Dfalse%26color%3Ddefault%26lang%3Dja%26type%3Dshare%26ver%3D3%26id%3D0%26origin%3Dhttps%253A%252F%252Fwww.ekiten.jp%252Fshop_6992886%252F%26title%3Da.m.p%2520hair%25EF%25BC%2588%25E6%2598%258E%25E7%259F%25B3%25E5%25B8%2582%25E6%2598%258E%25E5%258D%2597%25E7%2594%25BA%25EF%25BC%2589%2520%257C%2520%25E3%2582%25A8%25E3%2582%25AD%25E3%2583%2586%25E3%2583%25B3%26env%3DREAL&host=social-plugins.line.me&path=ver3-share-a-small-default-off&query=%3Furl%3Dhttps%253A%252F%252Fwww.ekiten.jp%252Fshop_6992886%252F%26buttonType%3Dshare-a%26size%3Dsmall%26count%3Dfalse%26color%3Ddefault%26lang%3Dja%26type%3Dshare%26ver%3D3%26id%3D0%26origin%3Dhttps%253A%252F%252Fwww.ekiten.jp%252Fshop_6992886%252F%26title%3Da.m.p%2520hair%25EF%25BC%2588%25E6%2598%258E%25E7%259F%25B3%25E5%25B8%2582%25E6%2598%258E%25E5%258D%2597%25E7%2594%25BA%25EF%25BC%2589%2520%257C%2520%25E3%2582%25A8%25E3%2582%25AD%25E3%2583%2586%25E3%2583%25B3%26env%3DREAL&hash=&referrer=https%3A%2F%2Fwww.ekiten.jp%2F&userId=bf4170038ecbd805&userAttr0=0&sessionId=bf41700357e96338&sessionPath=%2Fwidget%2Fshare&sessionQuery=%3Furl%3Dhttps%253A%252F%252Fwww.ekiten.jp%252Fshop_6992886%252F%26buttonType%3Dshare-a%26size%3Dsmall%26count%3Dfalse%26color%3Ddefault%26lang%3Dja%26type%3Dshare%26ver%3D3%26id%3D0%26origin%3Dhttps%253A%252F%252Fwww.ekiten.jp%252Fshop_6992886%252F%26title%3Da.m.p%2520hair%25EF%25BC%2588%25E6%2598%258E%25E7%259F%25B3%25E5%25B8%2582%25E6%2598%258E%25E5%258D%2597%25E7%2594%25BA%25EF%25BC%2589%2520%257C%2520%25E3%2582%25A8%25E3%2582%25AD%25E3%2583%2586%25E3%2583%25B3%26env%3DREAL&sessionParams=%7B%7D&sessionTime=1681460419144&sessionDuration=0&touchX=0&touchY=0&scrollX=0&scrollY=0&windowX=84&windowY=20&targets=%5B%5D&content=%7B%22pageview%22%3A%7B%22title%22%3A%22%22%2C%22from%22%3A%22%22%2C%22to%22%3A%22ver3-share-a-small-default-off%22%7D%2C%22extend%22%3A%7B%7D%2C%22aside%22%3A%7B%22dnt%22%3A%22null%22%2C%22safemode%22%3Afalse%2C%22exceptionCount%22%3A0%2C%22cachedId%22%3A%22bf4170038ecbd805%22%2C%22isLiffClient%22%3Afalse%2C%22liffId%22%3Anull%2C%22waitFor%22%3Anull%7D%2C%22libra%22%3A%7B%7D%2C%22tid%22%3Anull%7D
Requested by: Host: social-plugins.line.me
URL: https://social-plugins.line.me/widget/share?url=https%3A%2F%2Fwww.ekiten.jp%2Fshop_6992886%2F&buttonType=share-a&size=small&count=false&color=default&lang=ja&type=share&ver=3&id=0&origin=https%3A%2F%2Fwww.ekiten.jp%2Fshop_6992886%2F&title=a.m.p%20hair%EF%BC%88%E6%98%8E%E7%9F%B3%E5%B8%82%E6%98%8E%E5%8D%97%E7%94%BA%EF%BC%89%20%7C%20%E3%82%A8%E3%82%AD%E3%83%86%E3%83%B3&env=REAL
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.144 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://social-plugins.line.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:19 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html Show response
platform.twitter.com/widgets/ Frame 48A5 37 KB
14 KB 141ms
141ms Document
text/html 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mbw/4798) /
Resource Hash: 1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83

Request headers

Referer: https://www.ekiten.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2546819
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 14019
Content-Type: text/html; charset=utf-8
Date: Fri, 14 Apr 2023 08:20:19 GMT
Etag: "888d7d69b14c1f42e5b7c4c036fd76c6+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:11 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mbw/4798)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ Frame 9D3B 43 B
126 B 101ms
101ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.ekiten.jp%2Fshop_6992886%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22ja%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1681460419194%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=6ee24172a3fca04bd3a7d58023fabe0206d7e808

Requested by

Host: amp-hair203.com
URL: http://amp-hair203.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-response-time: 95
date: Fri, 14 Apr 2023 08:20:18 GMT
strict-transport-security: max-age=631138519
last-modified: Fri, 14 Apr 2023 08:20:19 GMT
server: tsa_m
vary: Origin
content-type: image/gif
x-transaction-id: 8aba583662112ce5
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: fe8369f0df0ff4a07b9c13adcd725f637742a4b2049e81d0df963b80490e646a
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9D3B 17 KB
6 KB 77ms
77ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073819

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Apr 2023 08:20:19 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 37EE 13 KB
5 KB 3ms
3ms Document
text/html 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ekiten.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 117333
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 23:44:46 GMT
expires: Thu, 11 Apr 2024 23:44:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F189 783 B
952 B 42ms
42ms Document
text/html 2404:6800:4004:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:808::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e452236ac4257bfc87154b889341851d1e77534889ad93cb8f3a99aba3f0c323

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jljjVxrLJJxwLwH1dRe_PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ekiten.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-jljjVxrLJJxwLwH1dRe_PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 08:20:19 GMT
expires: Fri, 14 Apr 2023 08:20:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 48A5 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 37EE 36 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 23:33:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 23:33:43 GMT

GET
H3

200

/
www.facebook.com/login/ Frame 8C9A
Redirect Chain

https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df11b0ac3867dc%26domain%3Damp-hair2...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbit...

0
0

169ms
169ms

Document
text/html

2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df11b0ac3867dc%2526domain%253Damp-hair203.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Famp-hair203.com%25252Ff6c06748512bb4%2526relation%253Dparent.parent%26container_width%3D0%26height%3D230%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F%2525E3%252582%2525A2%2525E3%252583%2525B3%2525E3%252583%252597%2525E3%252583%252598%2525E3%252582%2525A2%2525E3%252583%2525BC-amp-hair-362201357300510%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D500

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=5dcd73dddbe4f7c2cf0d93e1413c562c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://amp-hair203.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 14 Apr 2023 08:20:19 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: HiEBc3r9AYYO0/chtq5DqAwhbJzt7qDTHekJIMFts3lH3pcr2bWQJXHtjKCDO18bYsmrSl6SA7ix1dvDjaVq1w==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 08:20:19 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v10.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df11b0ac3867dc%2526domain%253Damp-hair203.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Famp-hair203.com%25252Ff6c06748512bb4%2526relation%253Dparent.parent%26container_width%3D0%26height%3D230%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F%2525E3%252582%2525A2%2525E3%252583%2525B3%2525E3%252583%252597%2525E3%252583%252598%2525E3%252582%2525A2%2525E3%252583%2525BC-amp-hair-362201357300510%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D500
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: bRDha6WAWHIX9fgP0rleIb55y+RgXhzCJ6XsbOHlFgU9Gl4L35UPU9xMP/0Jj8dsSFN9xr6aUUXmvi0T/NarcQ==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 61ms
61ms XHR
application/json 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230412&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304100101/show_ads_impl_fy2021.js?bust=31073762

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d52996c06b2c5455116212038587245acd7fdae66039137699c8fdeb797dd83d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11475
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F189 0
0 44ms
44ms Image
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304120101&jk=2643688318853828&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 37EE 0
10 B 13ms
7ms Image
text/plain 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ISz4dQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 74ms
74ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304100101/show_ads_impl_fy2021.js?bust=31073762

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Apr 2023 08:20:19 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E447 13 KB
5 KB 4ms
3ms Document
text/html 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://amp-hair203.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 117333
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 23:44:46 GMT
expires: Thu, 11 Apr 2024 23:44:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C80A 783 B
534 B 41ms
40ms Document
text/html 2404:6800:4004:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c2fd1349a22911667d44e295ed207a74963ee05b2c883f2921002582c26cc9ba

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mgdLOZXK2NTov0LYNLxtFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://amp-hair203.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-mgdLOZXK2NTov0LYNLxtFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 08:20:19 GMT
expires: Fri, 14 Apr 2023 08:20:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame E447 36 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 23:33:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 23:33:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C80A 0
0 39ms
38ms Image
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230412&jk=255575912317066&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E447 0
10 B 2ms
2ms Image
text/plain 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?w5EgUg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 publishertag.prebid.134.js Show response
static.criteo.net/js/ld/ Frame 9D3B 89 KB
29 KB 18ms
9ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.134.js

Requested by

Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.35.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:15:33 GMT
server: nginx
etag: W/"642e8db5-162ff"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Apr 2023 08:20:19 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 80E6 15 KB
6 KB 30ms
7ms Document
text/html 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=amp-hair203.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

0553908ed23b6f479104f6c06a6119ae89aafb26085c5bae840faa7948a56a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ekiten.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 08:20:19 GMT
server: Kestrel
server-processing-duration-in-ticks: 683311
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.134.js Show response
static.criteo.net/js/ld/ Frame 9D3B 89 KB
29 KB 30ms
12ms XHR
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.134.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:15:33 GMT
server: nginx
etag: W/"642e8db5-162ff"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Apr 2023 08:20:20 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 80E6
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=www.ekiten.jp&sn=ChromeSyncframe&so=0&topUrl=amp-hair203.com&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=gCwd6nxzTlJGR24xdEpQenRaNnhMSUxBWWh4VklVdmIzTGRvRVArVmY4YWNVVVRDVFVQMnAvWkl0QmlENTBoaHFVL0hZTWwzVkNPQ1FWdVBCdXBVQ2crZVV0SytqdURRdElSd05rOTFwYmROSFQrNVd4eFBmQW5zZWZNQk...

415 B
644 B

236ms
4ms

Fetch
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=gCwd6nxzTlJGR24xdEpQenRaNnhMSUxBWWh4VklVdmIzTGRvRVArVmY4YWNVVVRDVFVQMnAvWkl0QmlENTBoaHFVL0hZTWwzVkNPQ1FWdVBCdXBVQ2crZVV0SytqdURRdElSd05rOTFwYmROSFQrNVd4eFBmQW5zZWZNQkIra29DRXMxSW9RSk55Y1Y5dWJkU0JZUlZNVG5WbXAwOW9uSjZSS2xLNDV1U0ZvajZZY3l2V0R1b05MR1ZGc1VFWm1mS0x6TkRnUzAxRjZWRzhwb2cyT3dFS0gzMnZkYWJCUGwyZlVuUnFwcm1EemlYUnRoNHBqOGxxdVhHT3R0VUhyZVVlcXNjajBON0hFU3UrdnRHeTVmWlRyZ1VSUFZ6bUlEcElWKzd1TE9zcGFHK2JyST18&cppv=2

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

28992ebe61ae32bb63154f8c831aaa16f9fbc33525b590b1dcbe918035be363f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:19 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1552430
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:19 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=gCwd6nxzTlJGR24xdEpQenRaNnhMSUxBWWh4VklVdmIzTGRvRVArVmY4YWNVVVRDVFVQMnAvWkl0QmlENTBoaHFVL0hZTWwzVkNPQ1FWdVBCdXBVQ2crZVV0SytqdURRdElSd05rOTFwYmROSFQrNVd4eFBmQW5zZWZNQkIra29DRXMxSW9RSk55Y1Y5dWJkU0JZUlZNVG5WbXAwOW9uSjZSS2xLNDV1U0ZvajZZY3l2V0R1b05MR1ZGc1VFWm1mS0x6TkRnUzAxRjZWRzhwb2cyT3dFS0gzMnZkYWJCUGwyZlVuUnFwcm1EemlYUnRoNHBqOGxxdVhHT3R0VUhyZVVlcXNjajBON0hFU3UrdnRHeTVmWlRyZ1VSUFZ6bUlEcElWKzd1TE9zcGFHK2JyST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 372880
content-length: 0
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9D3B 0
0 40ms
39ms Image
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304120101&jk=2643688318853828&bg=!aWqlaj7NAAZA7GLoYOw7ADkAdvg8Ws4SVyIQP6v5xT1AomB92vNSZAsrwwkEGxMnFZfsz9OQeqtPE6XbvKRb2qrCqcZl3anojbMCAAAAflIAAAAiaAEHmQMKd1ck5sX4n67_7ww33-u7MmKoh4E3_qPEYbnPz5h9y3j1qnGguCsW7ycBgp07oQEh7qFFpHwutqaokm6EzCBMPIoit-Vx8-IWjgDLMJ3uJB05PXRiOwCy3wE_bPnk7FY4H8XyqXLW7HLR1g_yAMV3EsxKyja9_XpQ_LrTimrxBvaCf05T9aYB6oquj7MsauNjjdWN1T0PSTe4U2v39mzF7ukIYY53TFiURNsVOq6sF_gHfPBdePxQEli_9939EZRnjhMyfJ-N-dfcQheB6WGdMlmRLbnNuXzmlbAFbSl10Rdavgwc61CFL5oNdWsZ1omDrK_1NkM6teEBPlFc2z3O0VEtBHZrn-5AFAf0wc92n4eLFTN5E1nafnf_LFVHfiaJ5M89bIHRIWxk2EtyoqDYT9seJPc1KPJqg7CDk6iq2Eq0up4WNynYD6b-qIs36zZD6yv5AsAuzehqpEQJYa0Ke3kVW1qO1sbJIVMG7l4im9NZayHDUUb8Mcj0e1bPa6PrzPxV0kGUyNQOugA-vm355Vklstmw_sH1lHZPTm6yZgJozrsiNb4WsJJWSfr5l6UIg6Q41CNkhtOURq07vNKDk2HcizrNJ-8z76lC8RDaX1oD6XHxpzDRhK_5a9Dx-5h11DQOKXZIsUq_EHKzd7BmRok491J3ahaKQMe6uaxY77OV5pjwB_JcaFbjdvBLIsIYn_gEK2xQHIVydU16Nf83grNLUXLM6WxK-Yj3HPsHJA3NiwBRho0k2uPvfYtdRd8kptzg6ThdxDdLojqPfCFmlyQrm0pRmxdai5tn95XVKonNn8VbZ5lkMRTyFgP9Pp-S5Hoi1GeorGacthU96DKZRwcoH-EUPmLxibhI2xu-kqBdzI_dHP4SDFakQQ9A6Q0E0M98xcWcdD1qlZvOfV3NoazQS8toOjvEQ5fU2UFkQtB1IDt_fQPEG2nkshIMM5mmAurYG3ro0fCjtSVQnVQjoUtiiD-7Klq--y5F-kpUs5Xvu_i7pMiGFoFysYSVhUQY7W7Y-LewdCAO1w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230412&jk=255575912317066&bg=!zM-lz5vNAAZA7GLoYOw7ADkAdvg8Wn5fqBetzdW-hDiQvv1Nzk7yCqxbuadLyuCuPlkxU-71JBfM5lS5ahT7YJWxdq9I4jeNjkMCAAAAT1IAAAACaAEHCgCS2q4O4qy33EV3ZszM0y6AVUxl5oIp57olB6UInP4nzrLKP4BAIzvaigsEwklFa0B6Xl8Cs-yKz2uc3U76-bAjxQoOF_x3qqFX7LQAJeEisykgCdEREIXMesR2F3XGiX577vvwAStjPJbpRXn6DMhi0celrFY6u2iKjezrdBVnmcf3patzFNOlCqQmQPUac-Vtu0qZAuSBRgIpwUEteqWtTgQCbVsq4tjCtTZBciGVm4_TpL2jZO4f0SV8o22aw3go0IgIqF8CWztOjGKy7-nmAefP8aaCGQ-XlKB7MRf_MLkCKT6M4tvq-qQpxxIgTA1aXYm9x7ACe2D0Gw9L1A2nrdGezO_q3MTHxpzxMMAa0oqrMvMJsUhj9fpIxSWXWEpy89AWL_lmjXTEf2cC165_IHDsXJeUj3yxr_6GEhTlNSGW3I3TY6ycBk9_2LJrgLqIGTKq_eZ5tf81iN76CgjxZuEn1juOohK4L4F5UjQO7WPpWx_XywSSY_TQ5EN2H42WMZ5jmDpaWYQJHfU-GDPqkxfaPd-0s1envy7AoqOKU2oC1I2pIW68Zn3w7WyyQnln87PWZZ0kORNifFUTlkrAtmS1QDJARKwFNY5jhnNdVISViBIh3pqMV7XCFSKsM0VFPTUX0n9W-VgQH-WbEGzd6Rvd9upHLOoSNXHR9tFwAUFK7icIavmAjHBwCaoZeNj53_CpvR_MBF0bktMWFjxfQAS0LvWAMDuKQtEg_Mmf3Z8JA5WN2yhPwq9bB4tl9O85h3i5aRIQksc9iVxDx5pGtUkE04yoUhxOAnE_6vUaU6FcDG3vx-dXNeDCale0z-Kqao8UDwJw7iEz4ixuMLb7cBajygLhhHqiOIMmjHM2BYwL1p_EwZAnRDnhLAFI8u-vse3GbZTk4jVVTjlrxJOqFjYoxMqdYGwL1z1xSw-FOYxpIf0LWX88Z-BO2G7Fu65taj-5XpwYWLEbkU_7l-09PZJJuGmdwJe-SY7MMrDycF1WYE7vaVSivPv1lcWknO-ZF88e3LK7feVfCrFA3VRu00USEBgngvjvSwPEAPRY8BhDFGqtRFR-LsDWEmK-QhaEydVcAP_h4qzb9Uabd24KDXXVo8-zZrf-0vBgTy0_UJR98-Gh_sGt4VIZY_N670_RoO8dcU7lkhQBmaD8phA21m_8wD9cEoCfaw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://amp-hair203.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9D3B
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Famp-hair203.com%2F&domain=www.ekiten.jp&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=55_5LHxjdkE2azNuTkdOd1JqR2cxUm4yTThhbWVhSFBsREd5eWUrTHprbE1DeHlnYzlxSGwzTy9mRFVwWXJKK3d0cUVtVTlLMEozak51RkU4YWJYZTNsUVNwWkwvcFhBNlVqcGVCODF6ZjFHU09NZHVnUkV2ZVRiaTN4Qk...

453 B
711 B

6ms
4ms

XHR
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=55_5LHxjdkE2azNuTkdOd1JqR2cxUm4yTThhbWVhSFBsREd5eWUrTHprbE1DeHlnYzlxSGwzTy9mRFVwWXJKK3d0cUVtVTlLMEozak51RkU4YWJYZTNsUVNwWkwvcFhBNlVqcGVCODF6ZjFHU09NZHVnUkV2ZVRiaTN4Qk1BQ1lIMm03b1Roemw4MHR1bUg4V2hXd0U0dmVzanNzVHNtdUxHMWtISlZYMEd4UHRLcWFUeXhxbWpkbjlFenVtd2l0QlF2dThPQlFBWHdLQmtRbXgzSFFHY0NsYlY1ZXEraFlvYnFheGpDR3ZFYjcvY0lkMHFQY0MxN1QrSFRIOXg3SGY4bnVIYWpxNExnOVAxNHBLNkNXZTRMSmNMb25uSDRFb2JUaTQ5dCtmMGQyKzRFdz18&cppv=2

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

f158d01e073ba235308cef8059ba4eed59ae4b613564d970d4278be3b41d612a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:21 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1194361
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:21 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=55_5LHxjdkE2azNuTkdOd1JqR2cxUm4yTThhbWVhSFBsREd5eWUrTHprbE1DeHlnYzlxSGwzTy9mRFVwWXJKK3d0cUVtVTlLMEozak51RkU4YWJYZTNsUVNwWkwvcFhBNlVqcGVCODF6ZjFHU09NZHVnUkV2ZVRiaTN4Qk1BQ1lIMm03b1Roemw4MHR1bUg4V2hXd0U0dmVzanNzVHNtdUxHMWtISlZYMEd4UHRLcWFUeXhxbWpkbjlFenVtd2l0QlF2dThPQlFBWHdLQmtRbXgzSFFHY0NsYlY1ZXEraFlvYnFheGpDR3ZFYjcvY0lkMHFQY0MxN1QrSFRIOXg3SGY4bnVIYWpxNExnOVAxNHBLNkNXZTRMSmNMb25uSDRFb2JUaTQ5dCtmMGQyKzRFdz18&cppv=2
access-control-allow-origin: https://www.ekiten.jp
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 381349
content-length: 0
expires: 0

GET
H/1.1 200
OK pid Show response
sync6.im-apps.net/8015/ Frame 9D3B 70 B
820 B 522ms
13ms XHR
application/json 2600:140b:400::172d:3371

General

Check archive.org

Show headers Download Go to

Full URL: https://sync6.im-apps.net/8015/pid
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.35.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:400::172d:3371 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b373ebb7c892f586efc76d175f016e2fa62b023c4637f3c92438d6a37a0cfbe

Request headers

Referer: https://www.ekiten.jp/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.ekiten.jp
Date: Fri, 14 Apr 2023 08:20:22 GMT
Cache-Control: private, max-age=1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 70
Content-Type: application/json

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1122 281 B
554 B 21ms
2ms Document
text/html 104.78.90.216

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.35.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.78.90.216 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ekiten.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 14 Apr 2023 08:20:22 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9818 16 KB
6 KB 15ms
3ms Document
text/html 23.39.216.189

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.35.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.39.216.189 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.ekiten.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=20790
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 14 Apr 2023 08:20:22 GMT
expires: Fri, 14 Apr 2023 14:06:52 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame D75B 3 KB
2 KB 25ms
8ms Document
text/html 104.18.10.47

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.35.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.ekiten.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7b7a8778df17f5e1-NRT
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 14 Apr 2023 08:20:22 GMT
expires: Fri, 14 Apr 2023 12:20:22 GMT
last-modified: Mon, 25 Jul 2022 19:18:30 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2

200

31
cr-p31.ladsp.com/cookiesender/ Frame 9D3B
Redirect Chain

https://cr-p31.ladsp.com/cookiesender/31
https://cr-p31.ladsp.com/cookiesender/31?cr=true

43 B
506 B

7ms
7ms

Image
image/gif

13.225.165.113

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cr-p31.ladsp.com/cookiesender/31?cr=true
Protocol: H2
Server: 13.225.165.113 -, , ASN (),
Reverse DNS
Software: Logicad /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.ekiten.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:22 GMT
via: 1.1 3793d7fea64206c86c6da516357453b6.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: NRT12-C4
x-cache: Miss from cloudfront
content-type: image/gif
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
cache-control: no-cache
content-length: 43
x-amz-cf-id: KeD7c0qfQ1fMuZzVh7WS-h6MfblmMAv0BcoLTTzDpAZey-eCqmvUAw==
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:22 GMT
via: 1.1 3793d7fea64206c86c6da516357453b6.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: NRT12-C4
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://cr-p31.ladsp.com/cookiesender/31?cr=true
content-type: text/html;charset=utf-8
cache-control: no-cache
content-length: 0
x-amz-cf-id: wcwVKBsY-PWa1AgFyUWg6Yzx4IyXlHFNKE0iNa4Xc99RUMUi_dJIsQ==
expires: -1

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 13ms
4ms Preflight
application/json 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Famp-hair203.com%2F&domain=www.ekiten.jp&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.ekiten.jp
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.ekiten.jp
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 14 Apr 2023 08:20:21 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 301116
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 8ms
3ms Preflight
application/json 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 14 Apr 2023 08:20:22 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 287490
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1122 34 KB
10 KB 4ms
4ms Script
text/html 104.78.90.216

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.78.90.216 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 92decaa1c8d1c282144f6ced813b17d1210a8b1eeaba495c07df6a4210357e7e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 08:20:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Apr 2023 21:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=47260
Connection: keep-alive
Content-Length: 10019
Expires: Fri, 14 Apr 2023 21:28:02 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 9818 2 KB
3 KB 8ms
2ms Script
text/html 103.231.99.243

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52026324&p=157786&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.243 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f715b40655480805109bba5632ca8906fb8b99d7371c0edc274436041227e6f3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 14 Apr 2023 08:20:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 39BA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ekiten.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ekiten.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
2 KB

6ms
5ms

Document
text/html

23.90.68.235

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ekiten.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.90.68.235 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 1d1aad1cf153d0e3c44ab7842d649b9eaec6ad3819ea0be0ea6e126eeabc3abc

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1768
Content-Type: text/html
Date: Fri, 14 Apr 2023 08:20:22 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 14 Apr 2023 08:20:22 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
Location: /usermatch?d=https%3A%2F%2Fwww.ekiten.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame BB5C
Redirect Chain

https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AfMcW8GqtTs4ks8AD1kEixK5Ys8AAAGHftnnrA

42 B
440 B

13ms
3ms

Document
image/gif

103.231.99.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AfMcW8GqtTs4ks8AD1kEixK5Ys8AAAGHftnnrA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 14 Apr 2023 08:20:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
date: Fri, 14 Apr 2023 08:20:22 GMT
expires: -1
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AfMcW8GqtTs4ks8AD1kEixK5Ys8AAAGHftnnrA
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
pragma: no-cache
server: Logicad
via: 1.1 3793d7fea64206c86c6da516357453b6.cloudfront.net (CloudFront)
x-amz-cf-id: vQlFiRWvzqQ-RpGg1CAMq2J8vbJDSYT0LIU70JTf8otKMngeowGX3w==
x-amz-cf-pop: NRT12-C4
x-cache: Miss from cloudfront

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame AF88
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
95 B

4ms
3ms

Document
image/gif

103.231.99.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 14 Apr 2023 08:20:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 08:20:21 GMT
expires: Fri, 14 Apr 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1107337
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7F29
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:24c46439-0cc6-4b00-8ece-dea72e5df410&gdpr=0&gdpr_consent=

42 B
323 B

2ms
2ms

Document
image/gif

103.231.99.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:24c46439-0cc6-4b00-8ece-dea72e5df410&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 14 Apr 2023 08:20:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Fri, 14 Apr 2023 08:20:22 GMT
Expires: Fri, 14 Apr 2023 08:20:21 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 796 58fb543 master hkg-pixel-x3 config_version:"unknown"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:24c46439-0cc6-4b00-8ece-dea72e5df410&gdpr=0&gdpr_consent=

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9818
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VOGRga6bRnqK_R-strgZeA%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

4ms
4ms

Image
text/html

23.39.216.189

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol: H2
Server: 23.39.216.189 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:22 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=20790
accept-ranges: bytes
content-length: 5554
expires: Fri, 14 Apr 2023 14:06:52 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 9818
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=54E19181-AE9B-467A-8AFD-1FACB6B81978&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=54E19181-AE9B-467A-8AFD-1FACB6B81978&gdpr=0&gdpr_consent=&ct=y

49 B
265 B

96ms
96ms

Image
image/gif

3.0.107.45

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=54E19181-AE9B-467A-8AFD-1FACB6B81978&gdpr=0&gdpr_consent=&ct=y
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol: H2
Server: 3.0.107.45 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:22 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.22.195
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=54E19181-AE9B-467A-8AFD-1FACB6B81978&gdpr=0&gdpr_consent=&ct=y
cache-control: no-cache
x-server: 10.42.26.64
content-length: 0
expires: 0

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 9818
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=54E19181-AE9B-467A-8AFD-1FACB6B81978
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=54E19181-AE9B-467A-8AFD-1FACB6B81978
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=89fb800c-c452-4362-bd48-4275a86b9439%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ae37c613-8bfa-4f79-b13f-d2bb4fb995f0&ttd_puid=89fb800c-c452-4362-bd48-4275a86b9439%2C%2C

95 B
123 B

43ms
43ms

Image
image/png

34.111.113.62

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ae37c613-8bfa-4f79-b13f-d2bb4fb995f0&ttd_puid=89fb800c-c452-4362-bd48-4275a86b9439%2C%2C

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786

Protocol

Server

34.111.113.62 -, , ASN (),

Reverse DNS

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:22 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:22 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ae37c613-8bfa-4f79-b13f-d2bb4fb995f0&ttd_puid=89fb800c-c452-4362-bd48-4275a86b9439%2C%2C
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 359

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 9818
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=54E19181-AE9B-467A-8AFD-1FACB6B81978&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=54E19181-AE9B-467A-8AFD-1FACB6B81978&sInitiator=external&gdpr=0&gdpr_consent=

42 B
569 B

55ms
55ms

Image
image/gif

119.9.108.211

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=54E19181-AE9B-467A-8AFD-1FACB6B81978&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol: HTTP/1.1
Server: 119.9.108.211 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:15 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:15 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=54E19181-AE9B-467A-8AFD-1FACB6B81978&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 9818
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTRFMTkxODEtQUU5Qi00NjdBLThBRkQtMUZBQ0I2QjgxOTc4&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

4ms
2ms

Image
image/gif

103.231.99.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol: H2
Server: 103.231.99.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 14 Apr 2023 08:20:22 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 9818
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKDwnN7jsvPSGTxrOKqPy4k&google_cver=1

42 B
302 B

3ms
2ms

Image
image/gif

103.231.99.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKDwnN7jsvPSGTxrOKqPy4k&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol: H2
Server: 103.231.99.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 14 Apr 2023 08:20:22 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKDwnN7jsvPSGTxrOKqPy4k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 9818 43 B
610 B 222ms
72ms Image
image/gif 34.142.175.23

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.142.175.23 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 13 Apr 2023 08:20:22 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9818
Redirect Chain

https://tg.socdm.com/rtb/sync?proto=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZDkMxsCo5soAAGElKL4AAAAA

42 B
280 B

3ms
2ms

Image
image/gif

103.231.99.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZDkMxsCo5soAAGElKL4AAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol: H2
Server: 103.231.99.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 14 Apr 2023 08:20:21 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

X-SO-Cluster-ID: 0
Date: Fri, 14 Apr 2023 08:20:22 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=pubmatic","cluster_id":0,"gdpr":false,"ipv4":"217.138.252.58","key":"ZDkMxsCo5soAAGElKL4AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40145"}
X-SO-Key: ZDkMxsCo5soAAGElKL4AAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40145
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZDkMxsCo5soAAGElKL4AAAAA
Cache-Control: private
X-SO-HostName: a-ad40145.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 2
Content-Length: 0
X-SO-LB-Hostname: a-tgng40006.dc2p.scaleout.jp
X-SO-IP: 217.138.252.58

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9818
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=2bdebf48-7b73-4c2b-8611-579da9b0a077&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=dea0539e-4225-43a5-8188-1ed36292392f&gdpr=&gdpr_consent=&gdpr_pd=

1 B
184 B

3ms
3ms

Image
text/html

103.231.99.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=dea0539e-4225-43a5-8188-1ed36292392f&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol: H2
Server: 103.231.99.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Fri, 14 Apr 2023 08:20:22 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=dea0539e-4225-43a5-8188-1ed36292392f&gdpr=&gdpr_consent=&gdpr_pd=
Date: Fri, 14 Apr 2023 08:20:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9818
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ae37c613-8bfa-4f79-b13f-d2bb4fb995f0&gdpr=0&gdpr_consent=

42 B
279 B

2ms
2ms

Image
image/gif

103.231.99.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ae37c613-8bfa-4f79-b13f-d2bb4fb995f0&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol: H2
Server: 103.231.99.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 14 Apr 2023 08:20:21 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:22 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ae37c613-8bfa-4f79-b13f-d2bb4fb995f0&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 355

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9818
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7130697014077080616

42 B
242 B

3ms
3ms

Image
image/gif

103.231.99.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7130697014077080616
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol: H2
Server: 103.231.99.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 14 Apr 2023 08:20:22 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7130697014077080616
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 39BA
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://match.adsrvr.org/track/cmb/casale?
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ae37c613-8bfa-4f79-b13f-d2bb4fb995f0&expiration=1684052422&gdpr=0&gdpr_consent=

43 B
632 B

3ms
3ms

Image
image/gif

23.90.68.235

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ae37c613-8bfa-4f79-b13f-d2bb4fb995f0&expiration=1684052422&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ekiten.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.90.68.235 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Apr 2023 08:20:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:22 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ae37c613-8bfa-4f79-b13f-d2bb4fb995f0&expiration=1684052422&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 323

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 39BA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZDkMxpnyD-8W66LiouIZVQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEO01KVoedVRgfZS5nh9k21c&google_cver=1

43 B
632 B

3ms
3ms

Image
image/gif

23.90.68.235

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEO01KVoedVRgfZS5nh9k21c&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ekiten.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.90.68.235 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Apr 2023 08:20:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEO01KVoedVRgfZS5nh9k21c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 39BA
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZDkMxpnyD_8W66LiouIZVQAAFR0AAAAB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZDkMxpnyD_8W66LiouIZVQAAFR0AAAAB&gpp=&gpp_sid=&dcc=t

43 B
855 B

190ms
190ms

Image
image/gif

52.46.143.56

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZDkMxpnyD_8W66LiouIZVQAAFR0AAAAB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ekiten.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.143.56 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Apr 2023 08:20:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8MRTAJSF5QBCJD3PTYQ6
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Apr 2023 08:20:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XRDXV0DND9DW93H9182Z
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZDkMxpnyD_8W66LiouIZVQAAFR0AAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 39BA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZDkMxpnyD_8W66LiouIZVQAAFR0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEF8ffpNvgnbB9ZNfhD5-mI&google_cver=1

43 B
766 B

3ms
3ms

Image
image/gif

23.90.68.235

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEF8ffpNvgnbB9ZNfhD5-mI&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ekiten.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.90.68.235 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Apr 2023 08:20:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEF8ffpNvgnbB9ZNfhD5-mI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 39BA
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8727031194070963273&gdpr=0&gdpr_consent=

43 B
632 B

3ms
3ms

Image
image/gif

23.90.68.235

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8727031194070963273&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ekiten.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.90.68.235 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Apr 2023 08:20:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8727031194070963273&gdpr=0&gdpr_consent=
date: Fri, 14 Apr 2023 08:20:22 GMT
content-length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 39BA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e5166439-0cc6-4d00-a173-d09f1b02a68b

43 B
632 B

3ms
3ms

Image
image/gif

23.90.68.235

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e5166439-0cc6-4d00-a173-d09f1b02a68b
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ekiten.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.90.68.235 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Apr 2023 08:20:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

Date: Fri, 14 Apr 2023 08:20:22 GMT
Server: MT3 796 58fb543 master hkg-pixel-x24 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e5166439-0cc6-4d00-a173-d09f1b02a68b
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 14 Apr 2023 08:20:21 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 39BA
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4531809269666740691

43 B
632 B

3ms
3ms

Image
image/gif

23.90.68.235

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4531809269666740691
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ekiten.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.90.68.235 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Apr 2023 08:20:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4531809269666740691
pragma: no-cache
date: Fri, 14 Apr 2023 08:20:22 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

crum
dsum.casalemedia.com/ Frame 39BA
Redirect Chain

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D190%26external_user_id%3D%24UID
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8500445744931311125

43 B
632 B

11ms
4ms

Image
image/gif

23.90.68.235

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8500445744931311125
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ekiten.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.90.68.235 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Apr 2023 08:20:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Date: Fri, 14 Apr 2023 08:20:22 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.252.58; 217.138.252.58; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 113da2da-ad55-4022-8836-9087b72870c2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8500445744931311125
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 39BA 43 B
353 B 16ms
7ms Image
image/gif 104.18.10.47

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZDkMxpnyD-8W66LiouIZVQAA%265405
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ekiten.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:22 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 36391
etag: "da1f1d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b7a87793ad2e38c-NRT
content-length: 43
expires: Sat, 15 Apr 2023 08:20:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1122
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzViZjViYTQ5YjM3MmZiZjU5ZjIwOTY3MTQxNWNlYzhlY2QyMmQ2OA

170 B
188 B

44ms
43ms

Image
image/png

142.250.207.2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzViZjViYTQ5YjM3MmZiZjU5ZjIwOTY3MTQxNWNlYzhlY2QyMmQ2OA

Protocol

Server

142.250.207.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzViZjViYTQ5YjM3MmZiZjU5ZjIwOTY3MTQxNWNlYzhlY2QyMmQ2OA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 38ddff6a66d3988dfd0c6ea3be81c5f1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 1122
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/45QR4X0DdkqyJtudW8FESw?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VZU7d95E2oIqKKFL8vlb2R4uO5UnrH4o3.LZMA--~A

42 B
702 B

124ms
124ms

Image
image/gif

69.173.158.64

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VZU7d95E2oIqKKFL8vlb2R4uO5UnrH4o3.LZMA--~A
Protocol: HTTP/1.1
Server: 69.173.158.64 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 030b4ddd4a4f3e9891a065664f20c4bb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 14 Apr 2023 08:20:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VZU7d95E2oIqKKFL8vlb2R4uO5UnrH4o3.LZMA--~A
content-length: 0

GET

dcm
s.amazon-adsystem.com/ Frame 1122
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t

0
0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 1122
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGGA4ARP-Z-9GTG

0
513 B

115ms
107ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGGA4ARP-Z-9GTG
Protocol: H2
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:20:22 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4B9691D06E41466284DC539ECC5C0526 Ref B: TYO01EDGE1512 Ref C: 2023-04-14T08:20:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX5R4M6KY5CsdPIe69gEA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGGA4ARP-Z-9GTG
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: beb52df1a5a4b2f2cb3f37642c514298
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET

dcm
aax-eu.amazon-adsystem.com/s/ Frame 1122
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t

0
0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 1122
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ae37c613-8bfa-4f79-b13f-d2bb4fb995f0&gdpr=0&gdpr_consent=&expires=30

42 B
702 B

419ms
104ms

Image
image/gif

69.173.158.64

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ae37c613-8bfa-4f79-b13f-d2bb4fb995f0&gdpr=0&gdpr_consent=&expires=30
Protocol: HTTP/1.1
Server: 69.173.158.64 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 550b0c1400f70e56269f7c1848fb3166
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:22 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ae37c613-8bfa-4f79-b13f-d2bb4fb995f0&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 1122
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIV14TFYfc3AApYlhZCjDgg&google_cver=1

42 B
702 B

420ms
108ms

Image
image/gif

69.173.158.64

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIV14TFYfc3AApYlhZCjDgg&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.158.64 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIV14TFYfc3AApYlhZCjDgg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1122
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdHQTRBUlAtWi05R1RH
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKoMJWVJljpC5YFWjZ_ODq4&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdHQTRBUlAtWi05R1RH&google_push=

170 B
188 B

43ms
43ms

Image
image/png

142.250.207.2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdHQTRBUlAtWi05R1RH&google_push=

Protocol

Server

142.250.207.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 08:20:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdHQTRBUlAtWi05R1RH&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: dedf7fc216a5bbc739a54325e875a79f
Expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t

Domain: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.amp-hair203.com/	1970-01-20 11:05:46	Name: _gid Value: GA1.2.1596297117.1681460417
.amp-hair203.com/	1970-01-20 11:04:20	Name: _gat Value: 1
.amp-hair203.com/	1970-01-20 20:40:20	Name: _ga_TELSNNSKSQ Value: GS1.1.1681460417.1.0.1681460417.0.0.0
.amp-hair203.com/	1970-01-20 20:40:20	Name: _ga Value: GA1.1.1710795840.1681460417
.amp-hair203.com/	1970-01-20 20:25:56	Name: __gads Value: ID=fed2b578d7fdd1c2-2267e5ec2edd0095:T=1681460417:RT=1681460417:S=ALNI_MaMG8-VkYTMwcedjGm_Ljo_91qSgw
.amp-hair203.com/	1970-01-20 20:25:56	Name: __gpi Value: UID=00000bf46ddd7c37:T=1681460417:RT=1681460417:S=ALNI_MYbh-YvYPa_vyzFSAsVkImzHLPKGw
.doubleclick.net/	1970-01-20 20:40:20	Name: IDE Value: AHWqTUl3YVMjMpleAjMkSF72I8zlhe1SL91VABssHQWxgEsdtaXsGcOPBP5dBSwxSSc
.yahoo.co.jp/	1970-01-20 19:51:22	Name: XA Value: 9hv6bh5i3i362&sd=B&t=1681460418&u=1681460418&v=1
.yahoo.co.jp/	1970-01-20 20:40:20	Name: XB Value: 9hv6bh5i3i362&b=3&s=4t
.rubiconproject.com/	1970-01-20 19:49:56	Name: khaos Value: LGGA4ARP-Z-9GTG
.rubiconproject.com/	1970-01-20 19:49:56	Name: audit Value: 1\|WD0cx+9RTMIq6ayzqmbTGFqbBgMWySGKid6DeFnocd9Txq82I+FWtgFMfUDbdO3Tg4RJFA7EC3kLyv/bz6o898xuhZpbWKLt3mTPEDs62G0=
.criteo.com/	1970-01-20 20:25:56	Name: uid Value: 5db969ec-6cbd-49f2-9ebd-764329c0afeb

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://t.afi-b.com/jslib/error.js%7B%22siteId%22%3A%22unsettled%22%2C%22pid%22%3A%22unsettled%22%2C%22error%22%3A%7B%22name%22%3A%22SecurityError%22%2C%22message%22%3A%22Error%3A%20Blocked%20a%20frame%20with%20origin%20%5C%22https%3A%2F%2Fwww.ekiten.jp%5C%22%20from%20accessing%20a%20cross-origin%20frame.%5Cn%20%20%20%20at%20rt%20(https%3A%2F%2Ft.afi-b.com%2Fjslib%2Flpcv.js%3Fcid%3Ded75e4c6%26pid%3DV83468%3A1%3A17473)%5Cn%20%20%20%20at%20mt%20(https%3A%2F%2Ft.afi-b.com%2Fjslib%2Flpcv.js%3Fcid%3Ded75e4c6%26pid%3DV83468%3A1%3A20868)%5Cn%20%20%20%20at%20https%3A%2F%2Ft.afi-b.com%2Fjslib%2Flpcv.js%3Fcid%3Ded75e4c6%26pid%3DV83468%3A1%3A26143%5Cn%20%20%20%20at%20t%20(https%3A%2F%2Ft.afi-b.com%2Fjslib%2Flpcv.js%3Fcid%3Ded75e4c6%26pid%3DV83468%3A1%3A26219)%5Cn%20%20%20%20at%20https%3A%2F%2Ft.afi-b.com%2Fjslib%2Flpcv.js%3Fcid%3Ded75e4c6%26pid%3DV83468%3A1%3A26280%5Cn%20%20%20%20at%20https%3A%2F%2Ft.afi-b.com%2Fjslib%2Flpcv.js%3Fcid%3Ded75e4c6%26pid%3DV83468%3A1%3A26458%5Cn%20%20%20%20at%20https%3A%2F%2Ft.afi-b.com%2Fjslib%2Flpcv.js%3Fcid%3Ded75e4c6%26pid%3DV83468%3A1%3A26974%22%7D%7D Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

320f55b885aa46911d8578d51a4694b8.safeframe.googlesyndication.com
a.sportradarserving.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.turn.com
ads.pubmatic.com
adservice.google.co.jp
adservice.google.com
ajax.googleapis.com
am.yahoo.co.jp
amp-hair203.com
b.hatena.ne.jp
b.st-hatena.com
b99.yahoo.co.jp
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
cdn.indexww.com
cdn.jsdelivr.net
cm.g.doubleclick.net
connect.facebook.net
cpt.geniee.jp
cr-p10.ladsp.com
cr-p31.ladsp.com
csi.gstatic.com
d.line-scdn.net
dis.criteo.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
image.ekiten.jp
image2.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.ladsp.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
px.ads.linkedin.com
s.amazon-adsystem.com
s.yimg.jp
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
social-plugins.line.me
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.criteo.net
static.ekiten.jp
static.xx.fbcdn.net
statics.a8.net
stats.wp.com
sync.crwdcntrl.net
sync.mathtag.com
sync6.im-apps.net
syndication.twitter.com
t.afi-b.com
tg.socdm.com
token.rubiconproject.com
torimochi.line-apps.com
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
wrappers.geoedge.be
www.ekiten.jp
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.line-website.com
x.bidswitch.net
yads.c.yimg.jp
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
103.132.192.30
103.229.206.241
103.231.99.243
103.231.99.77
103.231.99.80
103.43.90.54
104.18.10.47
104.18.24.185
104.244.42.200
104.78.90.216
119.9.108.211
13.225.160.84
13.225.165.113
13.225.165.94
13.249.167.17
133.186.12.13
142.250.207.2
143.204.80.133
147.92.191.144
15.197.193.217
151.101.130.132
157.7.107.31
182.161.74.11
182.161.74.16
182.22.16.123
183.79.255.28
185.84.60.20
192.0.76.3
192.0.77.2
2001:df2:a300:bbbb::135
202.241.208.53
23.106.127.38
23.219.68.33
23.35.112.82
23.39.216.189
23.60.175.167
23.90.68.235
2404:6800:4004:801::2002
2404:6800:4004:808::2004
2404:6800:4004:80b::2002
2404:6800:4004:80c::2002
2404:6800:4004:810::200a
2404:6800:4004:813::2001
2404:6800:4004:820::2001
2404:6800:4004:820::2002
2404:6800:4004:820::200a
2404:6800:4004:823::2002
2404:6800:4004:823::2003
2404:6800:4004:824::2003
2404:6800:4004:825::2008
2404:6800:4004:825::200e
2404:6800:4004:826::2002
2404:6800:4004:826::2003
2404:6800:4004:827::2003
2406:2600:4::1
2406:2600:4::12
2406:2600:4::b
2406:da18:929:5a00:303f:aec9:6f69:6d36
2600:140b:400::172d:3371
2600:9000:2138:a200:2:d490:4d80:93a1
2600:9000:2138:b200:18:a16b:fc80:93a1
2600:9000:21d2:6000:18:6371:bd80:93a1
2602:803:c006:158::65
2606:2800:248:2f:1d8a:787:dc7:17df
2606:4700::6810:5614
2606:4700::6812:bcf
2620:1ec:21::14
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
3.0.107.45
3.114.145.15
3.221.54.232
34.111.113.62
34.142.175.23
35.190.49.157
35.213.12.39
35.213.93.179
52.46.143.56
52.68.232.16
52.69.217.165
69.173.158.64
0047eacce776fda3e476f9febf0c5a023d5bf2953b94906bca1c96acff1da7ab
0082622da8888f30332703c1f826441abb83ce6ebaf5449059812453e347f59f
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
034a618d5bcd1f496725e002c332ec6d6b079f42de66d54c8d17c03e0f291e2c
0553908ed23b6f479104f6c06a6119ae89aafb26085c5bae840faa7948a56a84
065c3e514d28dd6161d697b6cc57d0511b5309d2bbf7be85788b6ebfb7267981
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847
0a7a607d522415c04adac9d669a64926a3aaa71cd91ed733d8d0c80bfac6be32
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d0521c5ba590b9521df405eb08c9ed17a8bca20b0c0105077ffb2d1a71b6312
0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6
130520f7fe7ccfe1a6006ffd7a8fb21e55961b3da231cee957b29bb34b633b3d
13216ffdb40fb2890d9d0680e1ceb1e6bafae2425b18b08c79c2b0be6687b413
134bdfa1e5d56eef6b96009c6902c40e7688e45853b4315583672f48dddf1ba7
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83
1bb3177a280da929d7a0b250524c993c94935bdecb7acf1e53e788aff7150795
1d1aad1cf153d0e3c44ab7842d649b9eaec6ad3819ea0be0ea6e126eeabc3abc
202e583125ed1f7d3725aaa76d45a001bead25ead00fd9c16158f787f432d06c
2160bf35e174c6e88e61594fa3faf5a0e22b7e5a0ee48626e5d19ffff5eedd10
23b8b35788a8dd183fb82696d1cfa8b2891d5cf391024fc003448e466c4ea56e
2418a56e933aa04c1199e2d81da2efb1f4d85f18f78bc4f345862b32d84c60d5
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
27468e0c4a1d52333e3ae5b4fa19c9fea8f7954e77a019fa1fdec325b303c36b
28992ebe61ae32bb63154f8c831aaa16f9fbc33525b590b1dcbe918035be363f
2bcc6a54520a4230156f441c18c568d6e9b92c3ed795191ba869e09c5ead2071
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
2ebd93687ee629c480e25db1c7ef18f53f7cfdc7cc600d39b365a4718af10c99
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34577df14a5c3dd592ecadb660d224d82486058bcbce71083a99e5651a7b5d81
361cec3bfc2dd33b737944f5a67dfc6dae9a8bba49d8f1e2f7339c3f6dfce4ca
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3988d8423dfcb34dbb341bf47e8a0e87702fee8dde45e58c4cbd29e7141f9298
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f4c420b2bbeb7b68e306cb56c61fc28a628a18bcc9bb422be96784099956030
3fa9c295f76cd029cc3800a61a9bba75cd9062851924561e3ce1a18a9ae6b843
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fe28efd1bf1d2628cf8ef17b19bda3585bbf58fc96db5d8d1ed2e9eb2a5b4e0
3fe4ddd4d65e20bf058455be00e691c6f040df69e88746198c6fe866bff6d51a
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
4572a40e84fab838ed14b17dcf6dc840df29315980ddbde3105444e0f18dd405
45d06e62303223a5633371ca2f39f30a8c72de97c8cce76266756a29905b845b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a3c48d54d805bc3d81c5b0d2020a7146dcb8cef1574bef1bec0df9dfa8e2e72
4a79b18e7744f210f2400940cbd7e4b7767391e833645f761b759e9a1a365af7
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4bfd312296f6ce4d7046965082e505573ecf4e1a8e7db3c8a78b74ae19a00fc1
4c74ca5b8da1ed0a276b95c9b2d7719e1ef6c9e08b06d0728c5e0ad4397ecbda
4e56a432e88c70f63773479185d81ade2d28c76ef7ce8d04c00a1ad0b8e8d8b8
4f03cd11544b40c903f9c42be9c4cfd8865261fbda6e06a48658f80482c535d7
50230a768774ba88bdeb31d5bf3cdcd95b90248334753ab4256aed572396d97b
52100f80262a5d4ad0270ae3f2e8bc90bca11de2872ec5e3a38682f9779f64ee
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d44e294a74cd0996b87c8b9d8ab4c33c76e55ac7f48107aa1e2d5d20544c49f
5f5a2ab6f266073addd32288f2f0e6a9a860d9831913d46614528f7581581872
606713e2a08b30b6b17368722dcfb327e6c8cd2649e2c5820e5a9d537becc880
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6165c4b5335312f2542984b1a63b4d27c23a91398c636d5f6d568de51c9ce941
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d60a01e048100a90d879edb0a5ce713ad4be4fc31d11bc16af38c7fe33ac0d
635707aec378252a5b7cd8cd9e445f1dd71f743acf4e7817635e8baf235a1138
64e7396077e5e52e1f8161062f813caa72566ad67a5009a5708be45bb80f433a
68c12e995384f6fe6f3731b744de076b7355617b7618d44d9bc25972d1cef0bf
6909b19e21897a72788ccfbfb3156bc57ecba58de8cd86d839a382212c9db517
6b373ebb7c892f586efc76d175f016e2fa62b023c4637f3c92438d6a37a0cfbe
6c920ee1554ad56939d12c7c7e9e586d15c262869e82dfd812c713da6c4f55bc
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72e5e3fcd775fb75052cfa8980a8664b47e978d986fc7ab4ccd5f5c70c2ce9fb
73d6e5c5185ed88c385c4614b3e7411978826deaf645d21871ab53b1f7e50fce
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74998239350a15f83838d5dc78e0ae394ad0406ec49cea1ef9bf80d352cd439a
75f7bf0ff2d3d8880e9006a2567b8d07183899dc678a5d396f5c5febd9006187
78cad1fb95d1e9bbe4a7b1f90fa38ef699314ee65bf914e65ffae62005103a8e
7d4cd1bde0309ed06b35ae6715790db6870a9ec5e8910c5d350eaebcf692c400
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
862a6b9a37f7d9e2d768a4e107a34e60c16adb50ec1e74bb6f17cab633356046
87d3e210c6d2304d1396f191a799cfc90df9640a9aa8cb7f052d9013efa76737
88b88140a0257b0563ce76a4db5b28e6247909731ac6995e82dd17768a735ce1
89edeac901661a3c3b71c62ba1bd2b943f4553d141e2016819ed662d689c1c64
8b2e3ca39f719db021cf62da12a9e883c6f48a9a1d57ae127d8f3af73539501e
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
92decaa1c8d1c282144f6ced813b17d1210a8b1eeaba495c07df6a4210357e7e
9660784ea56d948e4e76f033bb970464d161039b8096ab6af27e391000184198
96c295ca61403a591af566fab5c5701eee24781155d31730cf245dc269204c21
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ba6edebf7db013be1cb824cff5d448b8130dd5faaa279643c6188a3ef87321b
9ca420e2d8181c55adafb0399ee046386c6cb9e885a85f75c2cd6831d7923bf2
9cd28222b76db9ecead97bdea2b69bce8777da737c9e242502def4a5f1c96675
9d91b92a98e0531b38dadd932958f8381b2e204aed6e10832e221e61a91a7b60
9dd7930d2bfee7822410928d05b2a8053b94651d81abd3a40b8f42af4fdb3f51
9dfd68918baa39685a9a893dd7ce0914786399a0b5bdae3fc0859ee05946b873
9e14cd4399cd220e28e5e4a3b523b6fee2452c416c0aab1e421a3353822ba73a
9f4fff267e575509a2fab753d83a325fdf8bd3d24eb7c21674a588191ec0599e
9fb6863010c8231f47d4ca9e7d8a7a97aff34a3feb82b8030b164d1710c08c15
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a33f5037f18ddb18150417351af6ba43c026bdeff3ea0c88d48365594401d027
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a699595d8a764aeffaffe91b2ae8a7a387673f54817e0d20d8c752428da59dbf
aa545dab902a284799a3ee1a5199189ff583abec4b58a0d1e31ce3cea3b785c7
ab25fc8a4bd25de702592cc4ca30050fd2c1a349357360fe6f7ad5d407185683
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b0e3dea3ead4a88d28a0203a5dd56155100bf5d61b73c371992aa9f211ff5480
b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
b1b5823974e980147374f3d26df73800931f9e66855b90b412d7cffa7f07e797
b44142b7e0dbd5a63bf933419c6caa70c50e7c23ce76c9670d4314d91fedadd4
b55dd05f670b41860201b86f90cc50994d8e6221555557742ae9df852638d29f
b8dc499d4e65a79ee59e9098869006c774bd474e0c24fd6e6ce567df216f5f6b
b9e418daf07932dea4d6aad62edc4d5fb221fd4723460c25e505b0276be80ecd
bdb30e5b6744f9b072731980ce9d8b0bd39d0c97d0b8c4670e5925263666fa55
bdbbfcb06d7bb24246a34c0531bcb663e30313548693508879f82c9c492bde32
be980e6cb8ab2c88119a851d32bd7639a0bccd0c2fbe56787686046c42c3a20c
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bf6fe71ed0f0b16b068ae2d2af84182da680c56d455f68d20ab9bdfb30a1f119
c0982ce1361277e16b7bcb0384aa9c0f7c47741fce6a535b4a08d6d7074e7c88
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2308ab983370f5963bd916e15e763d92729f403752c87eb6746b8977ce47bf4
c2fd1349a22911667d44e295ed207a74963ee05b2c883f2921002582c26cc9ba
c4b98209247257d5d6c54db837264e550b647d6b0b4a09c6218df6ffb431b765
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
ccd37baf1f413e384faa1d4c6195b1b48b82af15c909d181582afadd49a58413
cdd2bb2f7e3649ac31f7106678eee60cadfa6c5b7e0bb3386b76297337771742
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d126364c6e2a7b5e91d0003b90a0761c94a81c95702e1bc0ede7a2067a48f4df
d2bf465f1c359ad40898263ba180aac2fb86221c5b7a93418239f108be18feeb
d3af438b85a9f38ae85d45012804b50fd14883aa73e1837547d2926ca7045c45
d52996c06b2c5455116212038587245acd7fdae66039137699c8fdeb797dd83d
d592013bb319d85f8307f822960b9aa008f51921527b427eed8f06795fe2fd91
d7dfb01ecf89563fe0be62a5b4958e2294cf7012115a72e0c65e2d07155ee63e
d93f07f4770619645066a710025fce47ac02ae8e326ecd6cab0646e025774026
da8d6589a7262fc30a1eea1a52b93c5d83cbea31f209ee5ad5dc63a005077df0
dc69bed833f7acebd7f6d273360f75449a7bbec5de232b2deed163e487d21aeb
dcaf45c8858c3d48ebd02eab1598410c7d2ba7ebd6b9531826c440ca75759593
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e452236ac4257bfc87154b889341851d1e77534889ad93cb8f3a99aba3f0c323
e57c7e5259fdb6f0b0aff74e04501ec34a21ee9bbc2c1ad54b241c4668c3184e
e6d7757a4b2664cd29cf6adbc4ce10fd694b0d84d36f0dcf154d3d675518c703
e73bbc53a353cdeb1d44a010ec1ccf614b9b9ec46f9b5a30be8da157bbfce123
e73cc38db2c31ccb096016bc3a0e4fb938258d1442784a794e87c4a2bd42e129
eeca018400700ce24d9b641d89a5d2d7f371cef9bf82cd8b875a949228d71e66
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb33914f8d56c343c2d8f53438b10cbf6db572710e841570e76712f2dca1ca8
f0906c164edb8b9b1eeaa8fdba14621e5b4e58d85f6c78a07e8512b5eda4a363
f158d01e073ba235308cef8059ba4eed59ae4b613564d970d4278be3b41d612a
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5e0669eaa50c85937ff58cc1b2ab963e6b71b721b7dd759220a1880268d38f4
f715b40655480805109bba5632ca8906fb8b99d7371c0edc274436041227e6f3
f792f6e484b4671a4903e0e6ba441107285784a4e864c952b675070839893aa9
f8d8e9f9d9d2586787ebe02685be4d31e7da518ffa33f245928bfe10beb7ecfb
fb27f034a09d1e30ef40412131b0946049080d95ebd5ff09ac80183f3d0c498a
fc07a8a493c10a84067b5940109578189c329644710d5a6ffc405034bcec60a2
fea6ea9b6b0765ec97bb7d710da40a4416285fbe81016e64ff38adf03b11493b
ff6c7e12a48fa77ed222b18ebd834a1ac84e30fee80ec69637d5bcd2add16dc4
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

amp-hair203.com Open in urlscan Pro 157.7.107.31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

242 Requests

74 %HTTPS

41 %IPv6

58 Domains

95 Subdomains

71 IPs

5 Countries

6533 kBTransfer

12520 kBSize

12 Cookies

6 Outgoing links

Redirected requests

242 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

amp-hair203.com Open in urlscan Pro
157.7.107.31 Public Scan

Screenshot
Live screenshot

Full Image

242
Requests

74 %
HTTPS

41 %
IPv6

58
Domains

95
Subdomains

71
IPs

5
Countries

6533 kB
Transfer

12520 kB
Size

12
Cookies

242 HTTP transactions
5 data transactions