sevenzip.osdn.jp Open in urlscan Pro
202.221.179.22 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sevenzip.osdn.jp/howto/non-install-extract.html
Submission: On June 28 via manual (June 28th 2021, 3:34:38 pm UTC) from US

Summary HTTP 86 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 16 domains to perform 86 HTTP transactions. The main IP is 202.221.179.22, located in Minato-ku, Japan and belongs to IIJ Internet Initiative Japan Inc., JP. The main domain is sevenzip.osdn.jp.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 30th 2021. Valid for: a year.

This is the only time sevenzip.osdn.jp was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	202.221.179.22 202.221.179.22	2497 (IIJ Inter...) (IIJ Internet Initiative Japan Inc.)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
5	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 2	52.18.175.198 52.18.175.198	16509 (AMAZON-02) (AMAZON-02)
3 4	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
1	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::2006	15169 (GOOGLE) (GOOGLE)
3	2600:9000:210... 2600:9000:2104:4e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	3.219.181.211 3.219.181.211	14618 (AMAZON-AES) (AMAZON-AES)
86	24

9 202.221.179.22 (Minato-ku, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
PTR: projects.osdn.io

sevenzip.osdn.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.175.198 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-175-198.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.45 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2104:4e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.219.181.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-181-211.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	237 KB
15	doubleclick.net 3 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	182 KB
9	osdn.jp sevenzip.osdn.jp	31 KB
7	2mdn.net s0.2mdn.net	126 KB
7	adsafeprotected.com 1 redirects pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	95 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	ampproject.org cdn.ampproject.org	101 KB
5	googletagservices.com www.googletagservices.com	108 KB
4	google.com 1 redirects adservice.google.com www.google.com	1 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
2	gstatic.com fonts.gstatic.com	43 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	googleapis.com fonts.googleapis.com	674 B
1	googleadservices.com partner.googleadservices.com	405 B
1	google.de adservice.google.de	853 B
1	googletagmanager.com www.googletagmanager.com	36 KB
86	16

	Domain	Requested by
15	pagead2.googlesyndication.com	sevenzip.osdn.jp pagead2.googlesyndication.com tpc.googlesyndication.com 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com googleads.g.doubleclick.net ad.doubleclick.net www.googletagservices.com
10	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com sevenzip.osdn.jp 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com googleads.g.doubleclick.net
9	sevenzip.osdn.jp	sevenzip.osdn.jp
7	s0.2mdn.net	sevenzip.osdn.jp s0.2mdn.net 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com sevenzip.osdn.jp
5	www.googletagservices.com	sevenzip.osdn.jp pagead2.googlesyndication.com 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com www.googletagservices.com
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	static.adsafeprotected.com	pixel.adsafeprotected.com 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	1 redirects tpc.googlesyndication.com sevenzip.osdn.jp
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net sevenzip.osdn.jp
2	dt.adsafeprotected.com	2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	sevenzip.osdn.jp
2	pixel.adsafeprotected.com	1 redirects 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	ade.googlesyndication.com
1	ad.doubleclick.net	www.googletagservices.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.googletagmanager.com	sevenzip.osdn.jp
86	26

This site contains no links.

Subject Issuer	Validity	Valid
*.osdn.jp Sectigo RSA Domain Validation Secure Server CA	`2021-03-30` - `2022-04-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2020-10-03` - `2021-11-03`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://sevenzip.osdn.jp/howto/non-install-extract.html
Frame ID: F74E2CAA985023C9CFDA36E6FA513079
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210623/r20190131/zrt_lookup.html
Frame ID: A67E3CD8F3512A1471B6E6C01E27110F
Requests: 1 HTTP requests in this frame

Frame: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 09BFB13BC731B64290474E555D60FAF2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0405760482567529&output=html&adk=1812271804&adf=3025194257&lmt=1582692530&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsevenzip.osdn.jp%2Fhowto%2Fnon-install-extract.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624894458594&bpp=3&bdt=1418&idt=102&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5043706320315&frm=20&pv=2&ga_vid=2080071412.1624894459&ga_sid=1624894459&ga_hid=356271531&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4145734187279543&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=117
Frame ID: 857E97046C08986BF7AF6C52417C5DF7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F6815C3CA16291907BAFD2B07735F8C2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 713B719688E515CA6D4D661AC78961FC
Requests: 1 HTTP requests in this frame

Frame: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 606D1AAD29E41E83E72CA1511A36361A
Requests: 24 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032106212012000/amp4ads-v0.mjs
Frame ID: A5B2CB4E15148395883A2BBBD846E382
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPG4AIQmaDwAhiJwOptMAE&v=APEucNXWYXbG9hQXLUZNy5ukZNc-XxY8GLNfdgI7Ojbfpqz6g0qPPVcNE7UFAcyllVJ6n6-urvRNmNTJPXU8oGVbbWq_S3L7GuD21jLpqFOZ7JL32tmmB1AQlppuAyCxtA-2srhrw4KsHmBHQxYKNuNdyWndaAkix3ncCnJC3BaOUqutOXXQwS0
Frame ID: 38575FA26CCC29CE1DC271F14049A7E1
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F5E9B61C0B282649B336AF471CD4B992
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D49F60B088818017A2D1AB356595030C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9647631871950745088/index.html
Frame ID: D50366B4B4BF3266D8CB534952F5A2BF
Requests: 6 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 7017D2C324D3434488EFFBCF949C9EDB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

86
Requests

100 %
HTTPS

61 %
IPv6

16
Domains

26
Subdomains

24
IPs

4
Countries

983 kB
Transfer

2595 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 56

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEElJuPLOobOO76oga-9q-20&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEElJuPLOobOO76oga-9q-20&google_cver=1&C=1

Request Chain 57

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YNnr-HOFYqISxYgGVkRZKAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEElJuPLOobOO76oga-9q-20&google_cver=1

Request Chain 58

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFpsLfmdptI2X52eZWGOWn4&google_cver=1

Request Chain 59

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ4MTg2NDY2NDEwNzI1NTI1Nw%3D%3D

Request Chain 71

https://pixel.adsafeprotected.com/rfw/st/415630/45225569/skeleton.js?adsafe_url=https%3A%2F%2Fsevenzip.osdn.jp%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:cdb86f22-3b34-bade-fbbf-823e29bef5a4,c:gQPSOQ,sl:na,em:true,fr:false,mn:app11ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:122,fm:sBDZyOZ+11%7C12%7C13%7C14%7C15%7C16*.415630-45225569%7C161%7C1621%7C163%7C164%7C17,idMap:16*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:136,oid:4e44ca56-d826-11eb-afab-024bf4a6d028,v:19.8.208,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

86 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request non-install-extract.html Show response
sevenzip.osdn.jp/howto/ 9 KB
4 KB 1693ms
352ms Document
text/html 202.221.179.22
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to

Full URL: https://sevenzip.osdn.jp/howto/non-install-extract.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.221.179.22 Minato-ku, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS: projects.osdn.io
Software: Apache/2.4.10 (Debian) /
Resource Hash: 5e84021bf9b0f942bbfed8d3e91a15294e882dfeb281d85242097b6419d2180b

Request headers

Host: sevenzip.osdn.jp
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 28 Jun 2021 15:34:16 GMT
Server: Apache/2.4.10 (Debian)
Vary: Host,User-Agent,Accept-Encoding
Last-Modified: Wed, 26 Feb 2020 04:48:50 GMT
Accept-Ranges: bytes
Content-Length: 3646
Cache-Control: max-age=86400
Expires: Tue, 29 Jun 2021 15:34:16 GMT
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Content-Language: ja

GET
H/1.1 200
OK 7ziplogo.png
sevenzip.osdn.jp/ 1 KB
2 KB 351ms
350ms Image
image/png 202.221.179.22
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sevenzip.osdn.jp/7ziplogo.png
Requested by: Host: sevenzip.osdn.jp
URL: https://sevenzip.osdn.jp/howto/non-install-extract.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.221.179.22 Minato-ku, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS: projects.osdn.io
Software: Apache/2.4.10 (Debian) /
Resource Hash: 398c98027bb815ed3aa5a5baae7bd310d3a51b4872ad9587519114b432209874

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sevenzip.osdn.jp
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://sevenzip.osdn.jp/howto/non-install-extract.html
Connection: keep-alive
Referer: https://sevenzip.osdn.jp/howto/non-install-extract.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 28 Jun 2021 15:34:17 GMT
Last-Modified: Sat, 02 Jul 2011 10:16:34 GMT
Server: Apache/2.4.10 (Debian)
Vary: Host
Content-Language: ja
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=1, max=99
Content-Length: 1337
Expires: Wed, 28 Jul 2021 15:34:17 GMT

GET
H/1.1 200
OK 7za-file-list.png
sevenzip.osdn.jp/howto/ 1 KB
1 KB 1191ms
492ms Image
image/png 202.221.179.22
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sevenzip.osdn.jp/howto/7za-file-list.png
Requested by: Host: sevenzip.osdn.jp
URL: https://sevenzip.osdn.jp/howto/non-install-extract.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.221.179.22 Minato-ku, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS: projects.osdn.io
Software: Apache/2.4.10 (Debian) /
Resource Hash: 1e338285895ec264fa4297425be3e878e6dc121d20226d52f2eebc7d66c6d9da

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sevenzip.osdn.jp
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://sevenzip.osdn.jp/howto/non-install-extract.html
Connection: keep-alive
Referer: https://sevenzip.osdn.jp/howto/non-install-extract.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 28 Jun 2021 15:34:18 GMT
Last-Modified: Tue, 11 Mar 2014 07:04:49 GMT
Server: Apache/2.4.10 (Debian)
Vary: Host
Content-Language: ja
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=1, max=100
Content-Length: 1104
Expires: Wed, 28 Jul 2021 15:34:18 GMT

GET
H/1.1 200
OK cmd.exe.png
sevenzip.osdn.jp/howto/ 7 KB
7 KB 1054ms
351ms Image
image/png 202.221.179.22
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sevenzip.osdn.jp/howto/cmd.exe.png
Requested by: Host: sevenzip.osdn.jp
URL: https://sevenzip.osdn.jp/howto/non-install-extract.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.221.179.22 Minato-ku, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS: projects.osdn.io
Software: Apache/2.4.10 (Debian) /
Resource Hash: a8af60792a7bd12ea3db5c52633307f38212dba514e459d40ad596d1371b64ad

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sevenzip.osdn.jp
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://sevenzip.osdn.jp/howto/non-install-extract.html
Connection: keep-alive
Referer: https://sevenzip.osdn.jp/howto/non-install-extract.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 28 Jun 2021 15:34:18 GMT
Last-Modified: Tue, 11 Mar 2014 07:04:49 GMT
Server: Apache/2.4.10 (Debian)
Vary: Host
Content-Language: ja
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=1, max=97
Content-Length: 7105
Expires: Wed, 28 Jul 2021 15:34:18 GMT

GET
H/1.1 200
OK short-cut.png
sevenzip.osdn.jp/howto/ 3 KB
3 KB 1540ms
349ms Image
image/png 202.221.179.22
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sevenzip.osdn.jp/howto/short-cut.png
Requested by: Host: sevenzip.osdn.jp
URL: https://sevenzip.osdn.jp/howto/non-install-extract.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.221.179.22 Minato-ku, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS: projects.osdn.io
Software: Apache/2.4.10 (Debian) /
Resource Hash: c9046c94969b74f64fd636d88a88bc03a156d5130f4eff4bafef1669c93dbfab

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sevenzip.osdn.jp
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://sevenzip.osdn.jp/howto/non-install-extract.html
Connection: keep-alive
Referer: https://sevenzip.osdn.jp/howto/non-install-extract.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 28 Jun 2021 15:34:18 GMT
Last-Modified: Tue, 11 Mar 2014 07:12:07 GMT
Server: Apache/2.4.10 (Debian)
Vary: Host
Content-Language: ja
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=1, max=99
Content-Length: 2773
Expires: Wed, 28 Jul 2021 15:34:18 GMT

GET
H/1.1 200
OK short-cut-extract.png
sevenzip.osdn.jp/howto/ 3 KB
3 KB 1653ms
361ms Image
image/png 202.221.179.22
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sevenzip.osdn.jp/howto/short-cut-extract.png
Requested by: Host: sevenzip.osdn.jp
URL: https://sevenzip.osdn.jp/howto/non-install-extract.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.221.179.22 Minato-ku, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS: projects.osdn.io
Software: Apache/2.4.10 (Debian) /
Resource Hash: 7e256094f968bccd72ec23128233d641cae2f5b25f0bcd842064c2bbf0631b5c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sevenzip.osdn.jp
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://sevenzip.osdn.jp/howto/non-install-extract.html
Connection: keep-alive
Referer: https://sevenzip.osdn.jp/howto/non-install-extract.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 28 Jun 2021 15:34:18 GMT
Last-Modified: Tue, 11 Mar 2014 07:04:52 GMT
Server: Apache/2.4.10 (Debian)
Vary: Host
Content-Language: ja
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=1, max=96
Content-Length: 2853
Expires: Wed, 28 Jul 2021 15:34:18 GMT

GET
H/1.1 200
OK short-cut-drag.png
sevenzip.osdn.jp/howto/ 4 KB
4 KB 1305ms
356ms Image
image/png 202.221.179.22
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sevenzip.osdn.jp/howto/short-cut-drag.png
Requested by: Host: sevenzip.osdn.jp
URL: https://sevenzip.osdn.jp/howto/non-install-extract.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.221.179.22 Minato-ku, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS: projects.osdn.io
Software: Apache/2.4.10 (Debian) /
Resource Hash: 56a75c0cc8bf6ca3a907e0e70b689bbe2586ecb6ac81fc241e93f39e7873ea4f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sevenzip.osdn.jp
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://sevenzip.osdn.jp/howto/non-install-extract.html
Connection: keep-alive
Referer: https://sevenzip.osdn.jp/howto/non-install-extract.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 28 Jun 2021 15:34:18 GMT
Last-Modified: Tue, 11 Mar 2014 07:04:52 GMT
Server: Apache/2.4.10 (Debian)
Vary: Host
Content-Language: ja
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=1, max=100
Content-Length: 4095
Expires: Wed, 28 Jul 2021 15:34:18 GMT

GET
H/1.1 200
OK short-cut-drag-end.png
sevenzip.osdn.jp/howto/ 5 KB
5 KB 964ms
357ms Image
image/png 202.221.179.22
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sevenzip.osdn.jp/howto/short-cut-drag-end.png
Requested by: Host: sevenzip.osdn.jp
URL: https://sevenzip.osdn.jp/howto/non-install-extract.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.221.179.22 Minato-ku, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS: projects.osdn.io
Software: Apache/2.4.10 (Debian) /
Resource Hash: 4f1c7274dc74d0bd374ad06e4afccfa0117ad8c3afe3cbd460d838818b14ca1a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sevenzip.osdn.jp
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://sevenzip.osdn.jp/howto/non-install-extract.html
Connection: keep-alive
Referer: https://sevenzip.osdn.jp/howto/non-install-extract.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 28 Jun 2021 15:34:18 GMT
Last-Modified: Tue, 11 Mar 2014 07:04:51 GMT
Server: Apache/2.4.10 (Debian)
Vary: Host
Content-Language: ja
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=1, max=100
Content-Length: 5076
Expires: Wed, 28 Jul 2021 15:34:18 GMT

GET
H/1.1 200
OK script-howto.js Show response
sevenzip.osdn.jp/ 2 KB
1 KB 702ms
351ms Script
application/x-javascript 202.221.179.22
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to

Full URL: https://sevenzip.osdn.jp/script-howto.js
Requested by: Host: sevenzip.osdn.jp
URL: https://sevenzip.osdn.jp/howto/non-install-extract.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.221.179.22 Minato-ku, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS: projects.osdn.io
Software: Apache/2.4.10 (Debian) /
Resource Hash: 23835fb4f46d13f5ae841def0c3bcba33d019682ce55111904cb70e7d2f6d31e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sevenzip.osdn.jp
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://sevenzip.osdn.jp/howto/non-install-extract.html
Connection: keep-alive
Referer: https://sevenzip.osdn.jp/howto/non-install-extract.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 28 Jun 2021 15:34:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Feb 2020 04:48:50 GMT
Server: Apache/2.4.10 (Debian)
Vary: Host,User-Agent,Accept-Encoding
Content-Language: ja
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Keep-Alive: timeout=1, max=98
Content-Length: 667
Expires: Mon, 05 Jul 2021 15:34:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-6708582-1

Requested by

Host: sevenzip.osdn.jp
URL: https://sevenzip.osdn.jp/script-howto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

adb95eba8e44ec52ff004428862dcd2c3bde57b625e748b359e1745a819d96f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 15:34:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36351
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 28 Jun 2021 15:34:18 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 67 KB
24 KB 444ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: sevenzip.osdn.jp
URL: https://sevenzip.osdn.jp/script-howto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f94fefa4e57a913d4369a0ac5bc7dadf6ac6b1b2a8d5c7c38257cb390a80ac01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 15:34:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "914 / 98 of 1000 / last-modified: 1624878583"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23730
x-xss-protection: 0
expires: Mon, 28 Jun 2021 15:34:18 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
49 KB 453ms
24ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: sevenzip.osdn.jp
URL: https://sevenzip.osdn.jp/script-howto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27ea74dfb4a30a347127033f5d7b36b3ede2dcb0a496d0b34f5043068b944006

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 15:34:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49104
x-xss-protection: 0
server: cafe
etag: 6451195366741806814
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 15:34:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6708582-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 153
date: Mon, 28 Jun 2021 15:31:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Mon, 28 Jun 2021 17:31:45 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
13ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=356271531&t=pageview&_s=1&dl=https%3A%2F%2Fsevenzip.osdn.jp%2Fhowto%2Fnon-install-extract.html&ul=en-us&de=UTF-8&dt=%E3%82%A4%E3%83%B3%E3%82%B9%E3%83%88%E3%83%BC%E3%83%AB%E4%B8%8D%E8%A6%81%E3%81%AEZIP%E3%80%817z%E3%80%81RAR%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB%E3%81%AE%E8%A7%A3%E5%87%8D%E6%96%B9%E6%B3%95%20%7C%207-Zip&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1315440856&gjid=397551770&cid=2080071412.1624894459&tid=UA-6708582-1&_gid=991292780.1624894459&_r=1&gtm=2ou6n0&z=1810932047

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 15:34:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sevenzip.osdn.jp
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021062205.js Show response
securepubads.g.doubleclick.net/gpt/ 326 KB
114 KB 38ms
14ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

e4fb5243d8f71436420d15fbf9dbc1b5b2d7b96d1e186d7f24c8a143ae2de492

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 15:34:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Jun 2021 16:13:51 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116215
x-xss-protection: 0
expires: Mon, 28 Jun 2021 15:34:18 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/ 240 KB
89 KB 46ms
32ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0405760482567529&plah=sevenzip.osdn.jp&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45438ac938e6613185f4cec0aac33ce6946e88ece9ffd9f916859e08d6509454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 15:34:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91015
x-xss-protection: 0
server: cafe
etag: 11458787442517343973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 15:34:18 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210623/r20190131/ Frame A67E 10 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210623/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210623/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sevenzip.osdn.jp/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sevenzip.osdn.jp/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 28 Jun 2021 03:29:52 GMT
expires: Mon, 12 Jul 2021 03:29:52 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 43466
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 38ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sevenzip.osdn.jp

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Jun 2021 15:34:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 35ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sevenzip.osdn.jp

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Jun 2021 15:34:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 137 KB
29 KB 951ms
951ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4145734187279543&correlator=349028521996150&output=ldjh&impl=fifs&vrg=2021062205&ptt=17&sc=1&sfv=1-0-38&ecs=20210628&iu_parts=9430482%2Chhr%2Chmr%2Chm7%2Chf7&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=300x250%2C300x250%2C728x90%2C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1582692530&dt=1624894458679&dlt=1624894457175&idt=1479&frm=20&biw=1600&bih=1200&oid=3&adxs=1274%2C-9%2C178%2C-9&adys=71%2C-9%2C1882%2C-9&adks=2263478373%2C1434657415%2C1610080917%2C3992042754&ucis=1%7C2%7C3%7C4&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsevenzip.osdn.jp%2Fhowto%2Fnon-install-extract.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x280%7C0x-1%7C1412x2448%7C0x-1&msz=300x250%7C0x-1%7C728x90%7C0x-1&ga_vid=2080071412.1624894459&ga_sid=1624894459&ga_hid=356271531&ga_fc=false&fws=0%2C2%2C0%2C2&ohw=0%2C0%2C0%2C0&btvi=0%7C-1%7C1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

cda07571b7df709a7b95bed79d012b6f47aec7f9598516750d0e1023cf1a7a32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 15:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29015
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sevenzip.osdn.jp
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 09BF 6 KB
3 KB 48ms
14ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sevenzip.osdn.jp/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sevenzip.osdn.jp/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 28 Jun 2021 15:34:18 GMT
expires: Tue, 28 Jun 2022 15:34:18 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 197 B
405 B 16ms
15ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sevenzip.osdn.jp&callback=_gfp_s_&client=ca-pub-0405760482567529

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0405760482567529&plah=sevenzip.osdn.jp&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

f006f84f2480948eeac84b6b13f004a7f19888fda289606c1dc6efc839d00328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 15:34:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 857E 3 KB
732 B 145ms
145ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0405760482567529&output=html&adk=1812271804&adf=3025194257&lmt=1582692530&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsevenzip.osdn.jp%2Fhowto%2Fnon-install-extract.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624894458594&bpp=3&bdt=1418&idt=102&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5043706320315&frm=20&pv=2&ga_vid=2080071412.1624894459&ga_sid=1624894459&ga_hid=356271531&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4145734187279543&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=117

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50606e7d2c3797490f8a879b5bf8d542b083ffd9757c503968a639cf52c6e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0405760482567529&output=html&adk=1812271804&adf=3025194257&lmt=1582692530&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsevenzip.osdn.jp%2Fhowto%2Fnon-install-extract.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624894458594&bpp=3&bdt=1418&idt=102&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5043706320315&frm=20&pv=2&ga_vid=2080071412.1624894459&ga_sid=1624894459&ga_hid=356271531&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4145734187279543&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=117
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sevenzip.osdn.jp/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sevenzip.osdn.jp/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 28 Jun 2021 15:34:18 GMT
server: cafe
content-length: 529
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 28-Jun-2021 15:49:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Jun 2021 15:34:18 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92857904df325afe1f29a64b2382eb7df89626a03d79bd16be4dac1296c3aef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 15:34:18 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624469958711216"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27719
x-xss-protection: 0
expires: Mon, 28 Jun 2021 15:34:18 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 38ms
38ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-0405760482567529&c=3&e=2570847921467975139&n=0&t=0&w=98&x=0

Requested by

Host: sevenzip.osdn.jp
URL: https://sevenzip.osdn.jp/howto/non-install-extract.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 15:34:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 33ms
19ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210623&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

914590c9d94f460ce1789fb731650c617288c3ca58428ecc2c79944dca7bfe7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Jun 2021 15:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7875
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 15:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 28 Jun 2021 15:34:19 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F681 12 KB
5 KB 21ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sevenzip.osdn.jp/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sevenzip.osdn.jp/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 28 Jun 2021 15:22:33 GMT
expires: Tue, 28 Jun 2022 15:22:33 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 706
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 713B 783 B
782 B 15ms
14ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a914a6595baee5b2e8d5fb5a5b112c0ada80bcad767b09959ef4c4cca279f6b2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8F1lyYPPF+bN8NdGY6uwyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sevenzip.osdn.jp/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sevenzip.osdn.jp/

Response headers

expires: Mon, 28 Jun 2021 15:34:19 GMT
date: Mon, 28 Jun 2021 15:34:19 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-8F1lyYPPF+bN8NdGY6uwyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js Show response
pagead2.googlesyndication.com/bg/ Frame F681 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 14:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5767
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jun 2022 14:57:07 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210623&jk=4145734187279543&bg=!r6ylrOjNAAYo4NJEKOA7ACkAdvg8WmLN7ipxKpA350o9zl4sNwJUbgyqIJ85pw37-4hnH1nDEMLLTAIAAABHUgAAAAhoAQcKAPnFbnAGu2gEgZWrnTNQAm8WZP2GXhwXee68P5Dsj5hOF20-NHoqVOvpBMAtvjs66rhRRD_oVAeOZXddlkGspS6W1oYdpzAS97aZOnBNN1_w6I1SiZMV0neEBCMTIqbmPRo1PACvDBqcavc_1yuZBV_MRLvRxPDdyOaMDUHioXQfHROTiszY5691wXk7d63Gi6BzDSbcH6F117WH-tN8kp0Q3NuFwoti4zUI76sq3pR6c8m-lohtoItb7FSgFrVEOXNlAHxSC2ygQWuRbu1mhAjuvzabVsIc0Db0CAg_2g8tVsSJDChHwcINB48TE9p0KjKiA0Rm5lHS04WZAmx_dDIobEBo5YAGEGYpOkFsAIzq-7l6e6gwPIxzzBr0hf80L78BKlvl_FUvV0IpC9y5zux9g5aEgkc8vMK04z0OzuLae14b-3LIJUnmasd6pS3YuqMgzDyrXqJAl7hYWA6hOMXy-wtH4P91uWFwRWfRcrOU5418DGNEBtrA2yX7HrHyfWEwq03tAiK1GgkbhSn1D0Pr3xrZyeVUQhQs_nAeKgqbDa-WOkhDTmcfFVkHrfixL0vMhZapl1622MsFs9BRP73XeZliXV56jQRIILs72Roy7JSXfw7ahyl3sZggfTqkTfcj26XlStbGOHkpZ0KDI_Ll-1364A1_4Tsy27Yte6JRgsB1BrXuoNgHf9wGqigZI3zOnz2V1cROFrA4DM-NsAt40r3MWPQS_IYjlNOgnfD1USTvxSdoR4u_j1FFs8aRo109UDxe6WNZIzgqybjA5eEdCutO80p19rO9F0V4OPGBa56Td6lJTgGUncVlktNPnwrNBchGPhn7s0_Od0_LYe-APGaJrivqkEPwrk6z4R8n1ieWa48vMnlFIdIakbKgaoRgLOFiuz6d2pTQqdDgEgis4lPPEflOmF6NWGSgqtscB-Ut8WxlWHKof2_mEqdxvjRuPGTXl3N6WPAj9UiVcyP26hlxwYEnE8rmcWa-cTRXMRWIwzhfMaULNKKTr6DM4boPlXcqHZMPMYRIXarsq03luqW6s5pcZL-yT46_Lvx7Nl2JSIpcX6Jq_Wo91G5quVBGmCcWLvJb4N4lMITadt2nGoHBx97YO41oEkNknOBqqonLtvJOmlV6O-wiHdsQa_GywUyN2rk4_A

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 15:34:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 606D 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sevenzip.osdn.jp/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sevenzip.osdn.jp/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 28 Jun 2021 15:34:18 GMT
expires: Tue, 28 Jun 2022 15:34:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032106212012000/ Frame A5B2 188 KB
55 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032106212012000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1778683328481e57cd94fdc4895256fbb8f29051f1e2ab57214c27561b084ad9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 461713
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55193
x-xss-protection: 0
server: sffe
date: Wed, 23 Jun 2021 07:19:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9664f92835c200dc"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 07:19:06 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032106212012000/v0/ Frame A5B2 13 KB
5 KB 48ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032106212012000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42c0019ac2f32d24160ef9f53853c7caeb65ea3b21bcbcd8e3b90a5a230dfba4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 444205
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4815
x-xss-protection: 0
server: sffe
date: Wed, 23 Jun 2021 12:10:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9c6d4b511682de4a"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 12:10:54 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032106212012000/v0/ Frame A5B2 86 KB
27 KB 45ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032106212012000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac42f28820c1a06584cf80f69fc888b8d19d7b87197bef5ea6ea355b712df62c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 482023
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27658
x-xss-protection: 0
server: sffe
date: Wed, 23 Jun 2021 01:40:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "89763648e638c628"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 01:40:36 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032106212012000/v0/ Frame A5B2 4 KB
2 KB 47ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032106212012000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48f9695743d1ea7156fe612eb25beb3be6ca81d94a30891b848d0177137dfaa6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 498243
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1490
x-xss-protection: 0
server: sffe
date: Tue, 22 Jun 2021 21:10:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e9b373dc53e7b532"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 21:10:16 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032106212012000/v0/ Frame A5B2 40 KB
13 KB 44ms
18ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032106212012000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e54b897cb477a0ce61dc7c6900e1c57a4f127c24716662b84313be238e0f7abb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 467565
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12852
x-xss-protection: 0
server: sffe
date: Wed, 23 Jun 2021 05:41:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "432397294f345717"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 05:41:34 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A5B2 3 KB
674 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 13:40:27 GMT
server: ESF
date: Mon, 28 Jun 2021 15:34:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Jun 2021 15:34:19 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10821392584666589115/ Frame A5B2 3 KB
3 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10821392584666589115/downsize_200k_v1?w=100&h=100

Requested by

Host: sevenzip.osdn.jp
URL: https://sevenzip.osdn.jp/howto/non-install-extract.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e68a2c9d1fe7d6309da6cd320a5caa728d2e3e6476518bf2ee25e55a3c165a48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 20:49:27 GMT
x-content-type-options: nosniff
age: 499492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2994
x-xss-protection: 0
last-modified: Wed, 16 Sep 2020 11:33:53 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 20:49:27 GMT

GET
DATA 200
OK truncated
/ Frame A5B2 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 816109a133504890a3276068620a0c62a2f5a172fb64a7b1e16028cc18b034da

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 en_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A5B2 3 KB
3 KB 8ms
6ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en_bl.png

Requested by

Host: sevenzip.osdn.jp
URL: https://sevenzip.osdn.jp/howto/non-install-extract.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f1343ca74e009a2949392688b30d4a9a8f7f642ae4b593c9fdc76284531b049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Jun 2021 07:19:37 GMT
x-content-type-options: nosniff
server: cafe
age: 29682
etag: 3004170791804808702
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2980
x-xss-protection: 0
expires: Tue, 29 Jun 2021 07:19:37 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A5B2 344 B
368 B 9ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: sevenzip.osdn.jp
URL: https://sevenzip.osdn.jp/howto/non-install-extract.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Jun 2021 07:19:06 GMT
x-content-type-options: nosniff
server: cafe
age: 29713
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 29 Jun 2021 07:19:06 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame A5B2 0
0 16ms
13ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQjVJYcMMnZL-nRsjguGrY9AME62YpH9cR2et-JkXZfaQSS48LygcW6hv28VJMocv1WxAeWyrbA4wRNOjbF5_fsErNsyw
Requested by: Host: sevenzip.osdn.jp
URL: https://sevenzip.osdn.jp/howto/non-install-extract.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A5B2 0
0 61ms
42ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cbw3A-uvZYIrnLMTu-gb0jYOID4jjhelhkcPg97YNyrqM8b4BEAEgguq8C2CVgoCAjAegAcixqc0DyAEB4AIAqAMBqgSQAk_QOHFV7C9Ycm8tGTcv7ZZnyECinLvE3zBX7265d0vdJqxlYCHCUCmEoxADXV4b1Wy1ubJnsgbnmgk1GRcbgYnMQd6QwtSJTsfnre6nbIqP9FSokdppvPf8Jl8sCTiSuTFlYo1bzglSVGnX1tLT3g7it8-F80cItC22NU8DEDDiQYBQNPadHEO9UWUhBJjXWP304i5Dz8yCO8SRtkblrQESEhRGyye83rdyRbKR-MN_7Bib9aXC8WjmMUSvlxIQFyukpnpsgiIiiAXsd8DFaX4o3Bl7Dg4Vu94gYV9AUHunoPe1swG-7MCnua-r8VCDVbPY2bOWIFiIYtWFRNq3zUb69Bp_LC0Ez5LgP_a0zqzkwASU5Oq8wgPgBAGSBQQIBBgBkgUECAUYBIAH5OriNagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBD3lw3SCAkIiOGAEBABGB2ACgHICwHYEwyIFAHQFQGAFwGyFxoKGAgAEhRwdWItMDQwNTc2MDQ4MjU2NzUyOQ&sigh=OgK6Qa8lSbA&template_id=5001
Requested by: Host: sevenzip.osdn.jp
URL: https://sevenzip.osdn.jp/howto/non-install-extract.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sevenzip.osdn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame A5B2 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://sevenzip.osdn.jp
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 12:14:46 GMT
x-content-type-options: nosniff
age: 443973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 12:14:46 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame A5B2 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://sevenzip.osdn.jp
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:25:33 GMT
x-content-type-options: nosniff
age: 457726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 08:25:33 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3857 624 B
297 B 25ms
22ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPG4AIQmaDwAhiJwOptMAE&v=APEucNXWYXbG9hQXLUZNy5ukZNc-XxY8GLNfdgI7Ojbfpqz6g0qPPVcNE7UFAcyllVJ6n6-urvRNmNTJPXU8oGVbbWq_S3L7GuD21jLpqFOZ7JL32tmmB1AQlppuAyCxtA-2srhrw4KsHmBHQxYKNuNdyWndaAkix3ncCnJC3BaOUqutOXXQwS0

Requested by

Host: 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
URL: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CIPG4AIQmaDwAhiJwOptMAE&v=APEucNXWYXbG9hQXLUZNy5ukZNc-XxY8GLNfdgI7Ojbfpqz6g0qPPVcNE7UFAcyllVJ6n6-urvRNmNTJPXU8oGVbbWq_S3L7GuD21jLpqFOZ7JL32tmmB1AQlppuAyCxtA-2srhrw4KsHmBHQxYKNuNdyWndaAkix3ncCnJC3BaOUqutOXXQwS0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn07gJngBqZnI5NwPRyr4CdUL1h2oqbrpnDZHSwMQB9VSBgTGh_YJR1FXOORe4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 28 Jun 2021 15:34:19 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 606D 24 KB
12 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AxihNuvcolP0Y9Re6jSLu75ZRW-fJC_y_8pLiqSyRQVeM1nex55diBV4--dmTu-cUIN4s2ZlGcuqXc7XE-XKP7CByp08MtDUHEvhcX-WwXUYF3FG5HIMHKCnSIZmZLtDk7TQlbGJcmVXxZpyRFBfXacE1BQg&cry=1&dbm_d=AKAmf-C5O2Lv2zZASF7Cnf7engznovtt_Qqh5ahVcdjHXlZGDapN-orxOKkLozE0hmOUJ5fynyR4IhJ6lEbQD3o8RElB_amOWwu6KLI6gwILDq47krbBYV-q9uUlGzQapU64HcQtaJJPnQQHdctqi-3Khe5lF6dh4I3CM6c91vYU-vJRDqsZpiW-wHSWj39T2xE6MgEzOiXRewVR_r3RaTIe3A2HXVfkJ1gQgexNilrdJ9QevN5b-0v0diX1QD3VBLLjkJzRyStSf3Wzta5PsMyb7roHLuIZPy_klniR3cpKcnAiERSO1jgxyH83htiRR4uDk20dk3KmoR3tcMIr__ayxl0cjvGobrGcZUbc7i8MwKkPdAbmJAgRi8UIhlqmLPyvR2q0fPuB2LoWd5mwVKEZWouIHoCx_UTqlH9Op_Tx21PiJaD-0tsbsCJ87EBDw-LEze37qcruXfppecLmR3ezpSTLYaKaL0xSgXR242KFUnmg_JoM6icyqCVbISl8XBedHA6wMaIo8GI6DR_SuCVV4r4SZuAa3YnCVaByshPFmctnMO9U_aELmbs7sSZcps-7is5-YM3MFn53GfxxYburfULCTBNUHjzqEGmCoMdtFpZifYWygFMtsrbQqOkZ6yTIiYfuz-Un2_kQgzotPRrJT1CfWxjXLJsNWCCs9p1B9RewBMv-r2PL5ES9GT8wUjIsSuLy6tTvdBojXzVJ3IKiPpJyMv5QxXqEhyEbHPqn0YKKr5akGVdkNG63-edXDKUOwShb9EI5Nd1oWP-omTvtwFSMpFteEum7uqJRsxFeM3NTmqBjySgf3E7E9mblr_ND1wLnzSDMr6x39lZrfnTeAJW7t5uWclyUscVvGkGYMF_CTaPXCSv38WjOyaipiGD69NjbkeIntmdlvd4vv2MkPpscfQrhZYdBd11SYbRS6cqPyExFbrEhmmV2iZWBhlvUJQzXRlpLlBxDEgsJJQDbOGDGGaz99qIx-IwZnAIK5cvdiVAVXlwcHU09SmwtYya07lcheUZZNMOWmmf3czePcw6BdGUU0N1N_KrW47aB5Z2ZRwJ5eqihRWzyB0MOlUFLnmjqYmAlVMA5g5XxJFRsTyOLCBdbS8eWl_Dot3KtnRfioF3FOlRdS2FGNbJPvu-gkonUZJ3xmVkg_BVinazP_JFCS2ohXBR721WXU9UfTi_qjbYD2VZFBuSiDsO2y-5MrPSjnzbDSn9ezYV1r1zo7p0Ntxq4ksKnPspT1EHoeiKf2Z6zsKm1aiVPSjoH9M3qIzH3sJp9AafPWOpYpdeDAnBofzYhbv9m3EC9mmLG9Uh_zKtpGmSd_22gy5jy2LHAOh1_eJEPEgq3kK9HWqoBnU2Hmopb43-G7n-RmhVmkrn2RwRzQbJ26VDnQkg_r8Ic8iYRUN5noK57b-UVu5R3jUFqz7IsmY8QtFu9e2QxXhax2x_JRCusC5QAmkCavo6d0RfOT_fF5GjaTIyAn5ZgjdZDIPM_d-91_KWyYp7-jLwOe7ZYNEl9x76eGIrI2_D72vgsiuKixz2wUr_xXQiBfUGFeOALinTOSQf0eJVpa608n-UmyZ7ckAJj_fKbzKIHLtCkvWqmNdm3qFeP-j75r-N9ltKKOAoK1so9T1IC5gsGF90V9LPYQAiQdVoh3gFbGW0fxRqYOcyOARrtN4r2nDQiJb0i-Hi2EL85KRaLSQmstVapxLm6xjMXpaVxFCllqr2v4K1_4M3wDkVc77gg-edX65l3Q7mjIukgheCsn29JmySy4KtLZx0PZDwQNVGcFAMl9KI0zp1LGYnB2za68eXuUzz-EgoI1u8PtJY4Bmq5vJDfGX04AeN_vzkEt356O-_dshgXcnZqmOzB-_SvY3KNStRX2lAIZoP0Gfvz7ssu71E99COUyojsqC11w_bCK5oMzuPaViURrAWedE6O2-BIaofyX9YjEgxkLvZCl2YwmMwPCu4Z7eib31A-_lLEVJo3KbGk1W9BryJ8L1iVEr831eHy6tD9wg5Cr5A0jb60dwzCK5Or89E14OL8W4p76J3eM1j00QGqBatQIdPOeXPrHR7C1sZ__i9wHMS__O55QMCGo634sDRA9ZaOojgJmIxtMuhL-YsNXYF9gc9USmuOWzPH7pMmWzv0wRebfv4rc8rw9bjEsXNY2I5IOx7YE1bOS0k2KZsFyqR0gCvkuTiiziAQoSqPDQfYbSD074M-0RukZ5PmOCJgUm6ti-A_g3kRc3Nfz8dXiFkUedgWkB3DJbpI1_YZzMq276Y05Aw154tHhBD4-tLvopzMco_HL1_GfixG5ihCg65o3RBoVNl-fgpRqR7M0poM6T0G3ovV4PALcxuJH3-rats9zii2_puHdc0-rzNeuSVUvzpeVxMn5Fi2IjwTNSO3sCkhha8osqM1bhQTqbuaZpLnfJO-wBjlPA413UvYB8rqhyjcEHoAmTAhZ4XRsuyDy_HjDwsRqWrn4Lt9pJLahHXIc2w3crd0Qjzc8qfUnIwVgHNfz4y3z3Pai9HM_Dj40qInCvafGlScv2L_LGCz7c7ieUXbYRpYGoM7uRsQvXhXLp9REFp7po95LZb0fVD509YkfWGi3Nv-xLZlzfLwYYoHk1PEpDtSiUpq2RUL247iXeuomYWV34tB0bnp8rPDy8U13e7C4oSC9a07LH2RJE211rZ8fCTlRP436KyEKz8EMHIyK6RU5iO62OGO_0qtr54Qj0lrqmNMgOZ2Auo9scQ6avaW65-JXgm79r0SHF90ObuOW6l3A2YYYCasb16oo3Mz2LOiQ78yXCIikONI3UqN0NbldUaMQK4V3zDTd4KbOT8R9mcvaM-O6VnSeYjYC1Ti8TPLkXxWOhy2sbx1Su08MYZxJUEWpXzwnAaztXzY4Wxuy6Oqyrun0JvWYch82Uj91mC9Irqc_CgKTN-hoaz-V0A0nCPiz6he-uKgtAvBL4yMs379K0OoAJcwQxQ_R2GgGhW6WMEQkF6ohZUIP0xc4v7owPkFLTwTU-XyxNqfVGi-8YlirzKhbogFUgAaPpHV_mQ64i6bg6yqVeEtcV7qKFSm9bbcqhXCgJ49D8jmVufVhSqoGWaswOjtfoQH2R4LqtPVPNb-7PV2xwB5vv3NB9cI2julE23828mXtO8xzRZhdf772-lks5q0ELafhvIkAzfrw2PCIX8ILA_pPGtpljIMjLg8VEl1eoXo4CEo1zyQ7mojTwHWPlNhaJ2WAaqRZ6PciJ9u2JLIo3ZijNOflqDwH6tKHKuky6EXszsUBTBn1rTqu1Lu4AYhqeaxKKLmaS_ww1JxxP0gbTIwG4NIxlzI0EA8hp1nJM9-XN3YmhCSpg7sM12kdctMsEbvAngibKEpSsZrkVa0Y2ICN8xJWValpCUPgbp3yL0Tr3WE1AFoOhJBKZdegPmmbd1XkOEgv3D6C1GTsntAwS01nVUb9Vgj0qn5bgZyDXUfwwF-WEZwtEQY8p3L8kBjnjqh6g8Wu09qPsxTvkq2V8Im6VMYBBl8esWf_Vfhoydx2NZNRB7pMLBxoletecujH3ADdqOKFrV4zs0YtqjOkgxod8Rlf-cTfR3tIh1llYqTphQPA-kTY8Tv_1j16w&cid=CAASFeRo-8VfBvS_59Xtg4dsNxC4MbROMg&rfl=1%2Chttps%253A%252F%252Fsevenzip.osdn.jp%252F%240

Requested by

Host: sevenzip.osdn.jp
URL: https://sevenzip.osdn.jp/howto/non-install-extract.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e80f257bc87ff3302ba19f31bee1b176c8d736b95eb9efe9132c4df2ae6a942b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 15:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12418
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 606D 42 B
63 B 41ms
38ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DBuLUR2mfVsXU5Eo8AUPJaLRXJpXTr_jrK0RMLcNuhbo5s18xmpNErgLeqBtqMl0svtK_dmhViLOZAnz5Sx6aN3LVIKvGjzDBkhIZ5yxnQ9_5-RNg

Requested by

Host: 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
URL: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 15:34:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 606D 8 KB
4 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
URL: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e94a4ffe8f92e41c3d79836d2aef56457ab8fb74eb258462987af0215a512e6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 14:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3828
x-xss-protection: 0
last-modified: Thu, 17 Jun 2021 19:49:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 28 Jun 2021 15:47:40 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/415630/45225569/ Frame 606D 48 KB
14 KB 119ms
53ms Script
application/javascript 52.18.175.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/415630/45225569/skeleton.js
Requested by: Host: 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
URL: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.175.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-175-198.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 763a057465bc63d544cbdf4be931ae933ec54bda36b8415c276b22ae7f6a7c13

Request headers

Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 15:34:19 GMT
content-encoding: gzip
x-server-name: app11.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/ Frame 606D 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/window_focus_fy2019.js

Requested by

Host: 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
URL: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 15:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 15:33:45 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 606D 125 KB
38 KB 31ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
URL: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 15:34:19 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624469964731542"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38558
x-xss-protection: 0
expires: Mon, 28 Jun 2021 15:34:19 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/ Frame 606D 13 KB
6 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
URL: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 15:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 5108850372203985220
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 15:34:11 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A5B2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
15ms

Image
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: sevenzip.osdn.jp
URL: https://sevenzip.osdn.jp/howto/non-install-extract.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Mon, 28 Jun 2021 15:34:19 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210623/r20110914/ Frame 606D 22 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210623/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AxihNuvcolP0Y9Re6jSLu75ZRW-fJC_y_8pLiqSyRQVeM1nex55diBV4--dmTu-cUIN4s2ZlGcuqXc7XE-XKP7CByp08MtDUHEvhcX-WwXUYF3FG5HIMHKCnSIZmZLtDk7TQlbGJcmVXxZpyRFBfXacE1BQg&cry=1&dbm_d=AKAmf-C5O2Lv2zZASF7Cnf7engznovtt_Qqh5ahVcdjHXlZGDapN-orxOKkLozE0hmOUJ5fynyR4IhJ6lEbQD3o8RElB_amOWwu6KLI6gwILDq47krbBYV-q9uUlGzQapU64HcQtaJJPnQQHdctqi-3Khe5lF6dh4I3CM6c91vYU-vJRDqsZpiW-wHSWj39T2xE6MgEzOiXRewVR_r3RaTIe3A2HXVfkJ1gQgexNilrdJ9QevN5b-0v0diX1QD3VBLLjkJzRyStSf3Wzta5PsMyb7roHLuIZPy_klniR3cpKcnAiERSO1jgxyH83htiRR4uDk20dk3KmoR3tcMIr__ayxl0cjvGobrGcZUbc7i8MwKkPdAbmJAgRi8UIhlqmLPyvR2q0fPuB2LoWd5mwVKEZWouIHoCx_UTqlH9Op_Tx21PiJaD-0tsbsCJ87EBDw-LEze37qcruXfppecLmR3ezpSTLYaKaL0xSgXR242KFUnmg_JoM6icyqCVbISl8XBedHA6wMaIo8GI6DR_SuCVV4r4SZuAa3YnCVaByshPFmctnMO9U_aELmbs7sSZcps-7is5-YM3MFn53GfxxYburfULCTBNUHjzqEGmCoMdtFpZifYWygFMtsrbQqOkZ6yTIiYfuz-Un2_kQgzotPRrJT1CfWxjXLJsNWCCs9p1B9RewBMv-r2PL5ES9GT8wUjIsSuLy6tTvdBojXzVJ3IKiPpJyMv5QxXqEhyEbHPqn0YKKr5akGVdkNG63-edXDKUOwShb9EI5Nd1oWP-omTvtwFSMpFteEum7uqJRsxFeM3NTmqBjySgf3E7E9mblr_ND1wLnzSDMr6x39lZrfnTeAJW7t5uWclyUscVvGkGYMF_CTaPXCSv38WjOyaipiGD69NjbkeIntmdlvd4vv2MkPpscfQrhZYdBd11SYbRS6cqPyExFbrEhmmV2iZWBhlvUJQzXRlpLlBxDEgsJJQDbOGDGGaz99qIx-IwZnAIK5cvdiVAVXlwcHU09SmwtYya07lcheUZZNMOWmmf3czePcw6BdGUU0N1N_KrW47aB5Z2ZRwJ5eqihRWzyB0MOlUFLnmjqYmAlVMA5g5XxJFRsTyOLCBdbS8eWl_Dot3KtnRfioF3FOlRdS2FGNbJPvu-gkonUZJ3xmVkg_BVinazP_JFCS2ohXBR721WXU9UfTi_qjbYD2VZFBuSiDsO2y-5MrPSjnzbDSn9ezYV1r1zo7p0Ntxq4ksKnPspT1EHoeiKf2Z6zsKm1aiVPSjoH9M3qIzH3sJp9AafPWOpYpdeDAnBofzYhbv9m3EC9mmLG9Uh_zKtpGmSd_22gy5jy2LHAOh1_eJEPEgq3kK9HWqoBnU2Hmopb43-G7n-RmhVmkrn2RwRzQbJ26VDnQkg_r8Ic8iYRUN5noK57b-UVu5R3jUFqz7IsmY8QtFu9e2QxXhax2x_JRCusC5QAmkCavo6d0RfOT_fF5GjaTIyAn5ZgjdZDIPM_d-91_KWyYp7-jLwOe7ZYNEl9x76eGIrI2_D72vgsiuKixz2wUr_xXQiBfUGFeOALinTOSQf0eJVpa608n-UmyZ7ckAJj_fKbzKIHLtCkvWqmNdm3qFeP-j75r-N9ltKKOAoK1so9T1IC5gsGF90V9LPYQAiQdVoh3gFbGW0fxRqYOcyOARrtN4r2nDQiJb0i-Hi2EL85KRaLSQmstVapxLm6xjMXpaVxFCllqr2v4K1_4M3wDkVc77gg-edX65l3Q7mjIukgheCsn29JmySy4KtLZx0PZDwQNVGcFAMl9KI0zp1LGYnB2za68eXuUzz-EgoI1u8PtJY4Bmq5vJDfGX04AeN_vzkEt356O-_dshgXcnZqmOzB-_SvY3KNStRX2lAIZoP0Gfvz7ssu71E99COUyojsqC11w_bCK5oMzuPaViURrAWedE6O2-BIaofyX9YjEgxkLvZCl2YwmMwPCu4Z7eib31A-_lLEVJo3KbGk1W9BryJ8L1iVEr831eHy6tD9wg5Cr5A0jb60dwzCK5Or89E14OL8W4p76J3eM1j00QGqBatQIdPOeXPrHR7C1sZ__i9wHMS__O55QMCGo634sDRA9ZaOojgJmIxtMuhL-YsNXYF9gc9USmuOWzPH7pMmWzv0wRebfv4rc8rw9bjEsXNY2I5IOx7YE1bOS0k2KZsFyqR0gCvkuTiiziAQoSqPDQfYbSD074M-0RukZ5PmOCJgUm6ti-A_g3kRc3Nfz8dXiFkUedgWkB3DJbpI1_YZzMq276Y05Aw154tHhBD4-tLvopzMco_HL1_GfixG5ihCg65o3RBoVNl-fgpRqR7M0poM6T0G3ovV4PALcxuJH3-rats9zii2_puHdc0-rzNeuSVUvzpeVxMn5Fi2IjwTNSO3sCkhha8osqM1bhQTqbuaZpLnfJO-wBjlPA413UvYB8rqhyjcEHoAmTAhZ4XRsuyDy_HjDwsRqWrn4Lt9pJLahHXIc2w3crd0Qjzc8qfUnIwVgHNfz4y3z3Pai9HM_Dj40qInCvafGlScv2L_LGCz7c7ieUXbYRpYGoM7uRsQvXhXLp9REFp7po95LZb0fVD509YkfWGi3Nv-xLZlzfLwYYoHk1PEpDtSiUpq2RUL247iXeuomYWV34tB0bnp8rPDy8U13e7C4oSC9a07LH2RJE211rZ8fCTlRP436KyEKz8EMHIyK6RU5iO62OGO_0qtr54Qj0lrqmNMgOZ2Auo9scQ6avaW65-JXgm79r0SHF90ObuOW6l3A2YYYCasb16oo3Mz2LOiQ78yXCIikONI3UqN0NbldUaMQK4V3zDTd4KbOT8R9mcvaM-O6VnSeYjYC1Ti8TPLkXxWOhy2sbx1Su08MYZxJUEWpXzwnAaztXzY4Wxuy6Oqyrun0JvWYch82Uj91mC9Irqc_CgKTN-hoaz-V0A0nCPiz6he-uKgtAvBL4yMs379K0OoAJcwQxQ_R2GgGhW6WMEQkF6ohZUIP0xc4v7owPkFLTwTU-XyxNqfVGi-8YlirzKhbogFUgAaPpHV_mQ64i6bg6yqVeEtcV7qKFSm9bbcqhXCgJ49D8jmVufVhSqoGWaswOjtfoQH2R4LqtPVPNb-7PV2xwB5vv3NB9cI2julE23828mXtO8xzRZhdf772-lks5q0ELafhvIkAzfrw2PCIX8ILA_pPGtpljIMjLg8VEl1eoXo4CEo1zyQ7mojTwHWPlNhaJ2WAaqRZ6PciJ9u2JLIo3ZijNOflqDwH6tKHKuky6EXszsUBTBn1rTqu1Lu4AYhqeaxKKLmaS_ww1JxxP0gbTIwG4NIxlzI0EA8hp1nJM9-XN3YmhCSpg7sM12kdctMsEbvAngibKEpSsZrkVa0Y2ICN8xJWValpCUPgbp3yL0Tr3WE1AFoOhJBKZdegPmmbd1XkOEgv3D6C1GTsntAwS01nVUb9Vgj0qn5bgZyDXUfwwF-WEZwtEQY8p3L8kBjnjqh6g8Wu09qPsxTvkq2V8Im6VMYBBl8esWf_Vfhoydx2NZNRB7pMLBxoletecujH3ADdqOKFrV4zs0YtqjOkgxod8Rlf-cTfR3tIh1llYqTphQPA-kTY8Tv_1j16w&cid=CAASFeRo-8VfBvS_59Xtg4dsNxC4MbROMg&rfl=1%2Chttps%253A%252F%252Fsevenzip.osdn.jp%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 15:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8676
x-xss-protection: 0
server: cafe
etag: 11618055936852703379
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 15:34:08 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 606D 41 KB
15 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 10:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17978
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jun 2022 10:34:41 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3857
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEElJuPLOobOO76oga-9q-20&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEElJuPLOobOO76oga-9q-20&google_cver=1&C=1

43 B
1014 B

26ms
25ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEElJuPLOobOO76oga-9q-20&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPG4AIQmaDwAhiJwOptMAE&v=APEucNXWYXbG9hQXLUZNy5ukZNc-XxY8GLNfdgI7Ojbfpqz6g0qPPVcNE7UFAcyllVJ6n6-urvRNmNTJPXU8oGVbbWq_S3L7GuD21jLpqFOZ7JL32tmmB1AQlppuAyCxtA-2srhrw4KsHmBHQxYKNuNdyWndaAkix3ncCnJC3BaOUqutOXXQwS0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Jun 2021 15:34:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Jun 2021 15:34:20 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Jun 2021 15:34:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEElJuPLOobOO76oga-9q-20&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 28 Jun 2021 15:34:20 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3857
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YNnr-HOFYqISxYgGVkRZKAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEElJuPLOobOO76oga-9q-20&google_cver=1

43 B
894 B

33ms
32ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEElJuPLOobOO76oga-9q-20&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPG4AIQmaDwAhiJwOptMAE&v=APEucNXWYXbG9hQXLUZNy5ukZNc-XxY8GLNfdgI7Ojbfpqz6g0qPPVcNE7UFAcyllVJ6n6-urvRNmNTJPXU8oGVbbWq_S3L7GuD21jLpqFOZ7JL32tmmB1AQlppuAyCxtA-2srhrw4KsHmBHQxYKNuNdyWndaAkix3ncCnJC3BaOUqutOXXQwS0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Jun 2021 15:34:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Jun 2021 15:34:20 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Jun 2021 15:34:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEElJuPLOobOO76oga-9q-20&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3857
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFpsLfmdptI2X52eZWGOWn4&google_cver=1

43 B
1004 B

55ms
29ms

Image
image/gif

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFpsLfmdptI2X52eZWGOWn4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPG4AIQmaDwAhiJwOptMAE&v=APEucNXWYXbG9hQXLUZNy5ukZNc-XxY8GLNfdgI7Ojbfpqz6g0qPPVcNE7UFAcyllVJ6n6-urvRNmNTJPXU8oGVbbWq_S3L7GuD21jLpqFOZ7JL32tmmB1AQlppuAyCxtA-2srhrw4KsHmBHQxYKNuNdyWndaAkix3ncCnJC3BaOUqutOXXQwS0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Jun 2021 15:34:19 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b6b6e390-b761-4c0e-882f-3c1cdfc88e87
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Jun 2021 15:34:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFpsLfmdptI2X52eZWGOWn4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3857
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ4MTg2NDY2NDEwNzI1NTI1Nw%3D%3D

170 B
188 B

31ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ4MTg2NDY2NDEwNzI1NTI1Nw%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 15:34:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Jun 2021 15:34:19 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 0c12c75d-e35a-47de-9912-b72fafff5399
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ4MTg2NDY2NDEwNzI1NTI1Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 impl_v76.js Show response
www.googletagservices.com/dcm/ Frame 606D 37 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v76.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

887f063df27ef4a696d31ce39ffaded7dc0b18b2a7c82045e54bfa240c375fd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 26 Jun 2021 18:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15557
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 20:05:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Jun 2022 18:52:23 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F5E9 22 KB
8 KB 8ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 28 Jun 2021 10:15:44 GMT
expires: Tue, 28 Jun 2022 10:15:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 19115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 B24008644.271759998;dc_ver=76.220;sz=300x250;u_sd=1;dc_adk=2228999113;ord=goihil;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu8tC-uvZYIjnLMTu-gb0jYOID5_mxb5j3_Ca08Y... Show response
ad.doubleclick.net/ddm/adj/N1200812.3230469APEXOUTCOMES/ Frame 606D 45 KB
20 KB 213ms
46ms Script
text/javascript 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1200812.3230469APEXOUTCOMES/B24008644.271759998;dc_ver=76.220;sz=300x250;u_sd=1;dc_adk=2228999113;ord=goihil;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu8tC-uvZYIjnLMTu-gb0jYOID5_mxb5j3_Ca08YNsI6FngsQASCC6rwLYJWCgICMB6AB26zouALIAQmpAqf8vOjKUbc-qAMBqgTsAU_QBZeozWRQNxyCJfwlAFiv2Tg6PridSLAGb3ZrNR_rXVU0S_Myv_ZM0ShrO0SQeT3B1eLl2DGyIQMJ27Au9pHeZD59zKge5mhUfFGmrGgtJYQD2h0WlJdSATzyzjB1QiPXUFE_8RagCkScld8tjtNASY5-vMFKI_5cXMtNguqzmGqqztXd-L7UGD5AIrBKKEDOMQWEMsZ5ja2qz-V4f50J0mk3ngyQmsbKbFkdUmUxbj9AsAyaXnr56x32yIofJTL5F83MMYQaPBWSJlr4ZTRWw2YusDtcCZNptgNvucAL6AsX9jDKujuwaoEJwATW6cK1uwPgBAOQBgGgBk2AB43Tl8cBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgdgAoBmAsByAsBgAwBsBOc2_QL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRo-8VfBvS_59Xtg4dsNxC4MbROMg%26sig%3DAOD64_3m1xGsSuVi-2D-cz2yNA8Aomahhw%26client%3Dca-pub-0405760482567529%26dbm_c%3DAKAmf-BARaQ_18hH-33Bm-Uj_YtmsJMzBElSGljfGyq-kibQAcxLqQSF5ht79ZvpOM391iX2cSH9kHk3MAh9Cp1agbAt46ZYVa0dhNa0sHT8mSerZZUasSTNEqxA7eZLmFUFlhJ4x5WCVETcIi-NiimWt7-ZZM0nlA%26cry%3D1%26dbm_d%3DAKAmf-DINkoSsJBrAxa_nhBELs6nqjd-VZBfslO88050kvwezDIlP9V2qdHSwp-jyzzfXfkGxuA7bbQpHVOwFD8hDoZO-iSfZsYba4V02Bq-9QVbn9mo0ztYMydAHbQAv-kQmvhBUQeqC8i-YoqKABIENXLdAvEkt6G3rvC3naLO6AmTS9jTmu4Fj5aKoKpCxJpIO91e-0V3eFCJlhyk1W99nKcztwVILKOfkH3KMBy_ShSMsleKmKMdx9CJF_CgTxup3W1pFufyXs5k7wMUKlCL2N6j_dSzZYYEZmfTTRTKdzDGCfPhrMt6GAE7UIuS6VDLhYc3koMkD_tcHNkmLLq26Fk9zobby9zqpK0SEnQhvhA-vpvtk5DBntEkxydUqFK3pHHUYTgSs0shm8_XscPpVNFbScy-Qt5rZRJShsF0T0Qyq-y_1rZflYSHHstY-JDUq3vdmaTnpivd_8-IGfqw7ZxqCIg7JlJC5fq4mdzzJOMwdvlncZs%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Fsevenzip.osdn.jp%2F$0;xdt=1;crlt=8bfx1_gsg_;osda=2;sttr=40;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v76.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

aa1941e80928e9b7d64a68cec42aed23c07f4521bfe5e63d8bb44b33a6229751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 15:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19785
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js Show response
pagead2.googlesyndication.com/bg/ Frame F5E9 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 14:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5767
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jun 2022 14:57:07 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 606D 111 KB
39 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: sevenzip.osdn.jp
URL: https://sevenzip.osdn.jp/howto/non-install-extract.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 12:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11077
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Jun 2021 12:29:43 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210623/r20110914/elements/html/ Frame 606D 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210623/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1200812.3230469APEXOUTCOMES/B24008644.271759998;dc_ver=76.220;sz=300x250;u_sd=1;dc_adk=2228999113;ord=goihil;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu8tC-uvZYIjnLMTu-gb0jYOID5_mxb5j3_Ca08YNsI6FngsQASCC6rwLYJWCgICMB6AB26zouALIAQmpAqf8vOjKUbc-qAMBqgTsAU_QBZeozWRQNxyCJfwlAFiv2Tg6PridSLAGb3ZrNR_rXVU0S_Myv_ZM0ShrO0SQeT3B1eLl2DGyIQMJ27Au9pHeZD59zKge5mhUfFGmrGgtJYQD2h0WlJdSATzyzjB1QiPXUFE_8RagCkScld8tjtNASY5-vMFKI_5cXMtNguqzmGqqztXd-L7UGD5AIrBKKEDOMQWEMsZ5ja2qz-V4f50J0mk3ngyQmsbKbFkdUmUxbj9AsAyaXnr56x32yIofJTL5F83MMYQaPBWSJlr4ZTRWw2YusDtcCZNptgNvucAL6AsX9jDKujuwaoEJwATW6cK1uwPgBAOQBgGgBk2AB43Tl8cBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgdgAoBmAsByAsBgAwBsBOc2_QL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRo-8VfBvS_59Xtg4dsNxC4MbROMg%26sig%3DAOD64_3m1xGsSuVi-2D-cz2yNA8Aomahhw%26client%3Dca-pub-0405760482567529%26dbm_c%3DAKAmf-BARaQ_18hH-33Bm-Uj_YtmsJMzBElSGljfGyq-kibQAcxLqQSF5ht79ZvpOM391iX2cSH9kHk3MAh9Cp1agbAt46ZYVa0dhNa0sHT8mSerZZUasSTNEqxA7eZLmFUFlhJ4x5WCVETcIi-NiimWt7-ZZM0nlA%26cry%3D1%26dbm_d%3DAKAmf-DINkoSsJBrAxa_nhBELs6nqjd-VZBfslO88050kvwezDIlP9V2qdHSwp-jyzzfXfkGxuA7bbQpHVOwFD8hDoZO-iSfZsYba4V02Bq-9QVbn9mo0ztYMydAHbQAv-kQmvhBUQeqC8i-YoqKABIENXLdAvEkt6G3rvC3naLO6AmTS9jTmu4Fj5aKoKpCxJpIO91e-0V3eFCJlhyk1W99nKcztwVILKOfkH3KMBy_ShSMsleKmKMdx9CJF_CgTxup3W1pFufyXs5k7wMUKlCL2N6j_dSzZYYEZmfTTRTKdzDGCfPhrMt6GAE7UIuS6VDLhYc3koMkD_tcHNkmLLq26Fk9zobby9zqpK0SEnQhvhA-vpvtk5DBntEkxydUqFK3pHHUYTgSs0shm8_XscPpVNFbScy-Qt5rZRJShsF0T0Qyq-y_1rZflYSHHstY-JDUq3vdmaTnpivd_8-IGfqw7ZxqCIg7JlJC5fq4mdzzJOMwdvlncZs%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Fsevenzip.osdn.jp%2F$0;xdt=1;crlt=8bfx1_gsg_;osda=2;sttr=40;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 15:30:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 15:30:04 GMT

GET
H2 200 main.gr.19.8.208.js Show response
static.adsafeprotected.com/ Frame 606D 183 KB
58 KB 47ms
17ms Script
application/javascript 2600:9000:2104:4e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.208.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/415630/45225569/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb4f72d25680709016867e9157369325b3c4e36138a2cdb7d7ae40839ae0ab90

Request headers

Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 15:40:15 GMT
content-encoding: gzip
age: 604445
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 21 Jun 2021 15:24:47 GMT
server: AmazonS3
etag: W/"4ccbccfb51d58c8d8a82265693b3dbf5"
vary: Accept-Encoding
x-amz-version-id: YgB3nt2AbxYJtg4p4HEAhgIcdEMvef5I
via: 1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: AMS1-C1
content-type: application/javascript
x-amz-cf-id: 3HafaV9_gqoMoDG_Im0Cs8yjmpF7mMLa3CvvUIkNOzTyNZTCYIqKwg==

GET
DATA 200
OK truncated
/ Frame 606D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd1400737b37b1cdbd3c86a7a91f88c3079e916ac85f39bed9eabe3c482b110e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D49F 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 28 Jun 2021 10:15:44 GMT
expires: Tue, 28 Jun 2022 10:15:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 19116
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 index.html Show response
s0.2mdn.net/sadbundle/9647631871950745088/ Frame D503 72 KB
19 KB 21ms
7ms Document
text/html 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9647631871950745088/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7e42ee60db7aec585d99659508b3343197bd9521683aa84d6a853b59a9693dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/9647631871950745088/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 22 Jun 2021 23:02:35 GMT
expires: Wed, 22 Jun 2022 23:02:35 GMT
last-modified: Fri, 30 Oct 2020 05:43:06 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 19099
age: 491505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 606D 0
545 B 65ms
42ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFCaseMmn8VnUhMUiGwuLk4gn1lpxgMZtomQY8qP-HvFWLi-usynAp8cYn01ZEvM9ngMlDinD8glzDqUMi4umW3v5QDAA0n9R5dpBA4Ty8jwx8TEliyq8qv1rL-ykvaP4XuF9YL4VcOd34feyRPK6p&sig=Cg0ArKJSzPPDa05K5vkTEAE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=81&cbvp=1&cstd=78&cisv=r20210623.00876&adurl=

Requested by

Host: sevenzip.osdn.jp
URL: https://sevenzip.osdn.jp/howto/non-install-extract.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 28 Jun 2021 15:34:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 606D
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/415630/45225569/skeleton.js?adsafe_url=https%3A%2F%2Fsevenzip.osdn.jp%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.g...
https://static.adsafeprotected.com/skeleton.js

17 B
463 B

13ms
12ms

Script
application/javascript

2600:9000:2104:4e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
URL: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 17:26:20 GMT
via: 1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
age: 10102081
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: DQYy5vgSN8gaddyW2fFUTpda5tgpJZuRgKvJ6V8Kl7hd6Wd20pfs4A==

Redirect headers

pragma: no-cache
date: Mon, 28 Jun 2021 15:34:20 GMT
x-server-name: app08.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame 7017 82 KB
22 KB 14ms
13ms Script
application/javascript 2600:9000:2104:4e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
URL: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 00:43:18 GMT
content-encoding: gzip
age: 1349463
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: AmazonS3
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
vary: Accept-Encoding
x-amz-version-id: Yr.mBFfewYS8TEW0QSrmcai42PlDhFZ2
via: 1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: AMS1-C1
content-type: application/javascript
x-amz-cf-id: L15SjHG68HzlH90LPVOL5Cz1qFJYyPwCL6K2B14Yz9EcA1xG2z4qwA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 606D 43 B
216 B 313ms
103ms Image
image/gif 3.219.181.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=415630&asId=cdb86f22-3b34-bade-fbbf-823e29bef5a4&tv=%7Bc:gQPSPh,pingTime:-2,time:162,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:111,bdZ:231,beA:455,beZ:456,mfA:577,cmA:578,inA:578,inZ:581,prA:581,prZ:586,si:591,poA:592,poZ:599,cmZ:599,mfZ:599,loA:613,loZ:615,ltA:617,ltZ:617%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:250,t:135%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:163,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:135,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B39~1%5D,as:%5B39~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sBDZyOZ+11%7C12%7C13%7C14%7C15%7C16*.415630-45225569%7C161%7C1621%7C163%7C164%7C17,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:25,readyFired:true%7D&br=u
Requested by: Host: 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
URL: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.181.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-181-211.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 15:34:20 GMT
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 200 rHFBlN4oL05Ux9gYvr7a9rbt1s0P-Z7gKSgB9mRTgDU.js Show response
pagead2.googlesyndication.com/bg/ Frame D49F 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rHFBlN4oL05Ux9gYvr7a9rbt1s0P-Z7gKSgB9mRTgDU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac714194de282f4e54c7d818bebedaf6b6edd6cd0ff99ee0292801f664538035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 11:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5752
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jun 2022 11:38:44 GMT

GET
H3-29 200 DcmEnabler_01_242.js Show response
s0.2mdn.net/879366/ Frame D503 29 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_242.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647631871950745088/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9647631871950745088/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 10:48:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17124
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10603
x-xss-protection: 0
last-modified: Thu, 06 Feb 2020 15:49:49 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Jun 2021 10:48:56 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 606D 0
23 B 62ms
47ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: sevenzip.osdn.jp
URL: https://sevenzip.osdn.jp/howto/non-install-extract.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 28 Jun 2021 15:34:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F5E9 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJOnO--vZYLXSL9uRgQf8oYW4CwAAAAA4AeAEAg&bg=!ysmlyY3NAAYo4NJEKOA7ACkAdvg8WjHIyyDkYLdNGq0b0RWwFc6plAfZZYNVShFKmxBZewl3jf9uUgIAAADHUgAAABpoAQcKAKzEM151zMIb9-OSQ2KP1fhw-DrLQHuRv8hLHRy9q8LmtGthvw6rNMoHS2CsO2QPqcz5wGs6CPH9oBgweof3YikBb7YsfBMZY25qltnuCdo1N0LL8QLb0K0xtgfYP58HnjzZSNVA-UpNMg94oe-g7Ymb8DrZBEtw6J-fs9qSACoV_roEe31FFJAxVyR7rLfJAG-RmFRJsviP2Zuu6o_kcR4NBZdbsksZMZMclRc-mQLHyac67VGwBjJkJTipWy2UXTuATRjDaGysb6XSi9xSJld5f0AZXuA7-Z7ddF9rfNosS0Cl9R72uVi66qV-1cjzJ1r7ixegy9qChWh16uHSO6sWrizSB1TrpRp543Ue2ND595snnkhjisxriCg73-1yiRUE6_1FQkfhys7CAthVe0k619_fSIvZguW8EHREY_mkK5VQeq127-GCeWtZfREuFTHddwZnZfVew8Iv8PIM5NcJwFmrvfVjQ_d169oVhbLpPJa_Roa0vvyhqXf7hVuNgqoUMcFAMMsfr4IrFeRQvOsVxJuYCygKWIVfccvHzV-hIwfrfsnVvetmhQv8rCq-pYaXzPmnlRn5_5iKnk3DzclJ7aslbxQEnJod6NDoonS0CgHX7Gf0omK6yXVWl0ERWyghA2jwMzpomWSJ8bA0cjlsPKdJXMMpmbkk7AYcDrS51L146SXEZmtB3UXVIrrtCkGC1h3xSjaAHTOMrXDt-h92t-W913yI0d3bR1Z7O3JNv7qVfIGUeAKrYF_cGMfLgwtIC1Ou8wSGZoRfSiCz4abYt4yEYrKXtTtNo4qDiV4jIfOJC9qXp06rnvd66xwjFSZz3e-gBZz6rpe-f4y4B-m-ui_7kblWFFuK31qOxDMzSjfzBJrEf3MIOi6SnzrUKzYJksuFUsT_wgSTj6k3h3YsDwaICyaKSgGYFk9r2UxsxH2HLjJlEzV2VBJZkXkxFbJ-vtsjnLaO5RpVIEXnloPrADY8JajEM-Y8AsDahlSmW4Fb0embuBUoPvS-D_OihJNIJ5jFn2QHujPWb38JCgu1wEW5NrYK4b0_U0egPra5hb1tJeoHXYrf0UBhg1CNutmHBp0VASGDXE686S073uR1zaA_USAfaf9VkmxFdudsMBSrVXrGNsbk3rydE0nlPYe4Wu4-0bbUghf5N0lVmvRx6aM1SgwW

Requested by

Host: 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
URL: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 15:34:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 btn-2x_2.png
s0.2mdn.net/sadbundle/9647631871950745088/ Frame D503 6 KB
7 KB 9ms
8ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647631871950745088/btn-2x_2.png

Requested by

Host: 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
URL: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc2f883b38e206b37edf1eb472e3301c994edfe81fa38d5b035641d06e4fb32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9647631871950745088/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 14:27:45 GMT
x-content-type-options: nosniff
age: 522395
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6655
x-xss-protection: 0
last-modified: Fri, 30 Oct 2020 05:43:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 14:27:45 GMT

GET
H3-29 200 invisalign-2x.png
s0.2mdn.net/sadbundle/9647631871950745088/ Frame D503 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647631871950745088/invisalign-2x.png

Requested by

Host: 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
URL: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bf753ad26782258d7c6de2c9111c89c4d3cc5f682c5705287540665cb804e06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9647631871950745088/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 10:57:44 GMT
x-content-type-options: nosniff
age: 534996
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3191
x-xss-protection: 0
last-modified: Fri, 30 Oct 2020 05:43:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 10:57:44 GMT

GET
H3-29 200 frame-1-2x_2.png
s0.2mdn.net/sadbundle/9647631871950745088/ Frame D503 7 KB
7 KB 8ms
7ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647631871950745088/frame-1-2x_2.png

Requested by

Host: 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
URL: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5efde9b56071951c07f5bf2289287738c67d6bcf6fcaf76bc789b7054f7dc0cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9647631871950745088/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 07:20:06 GMT
x-content-type-options: nosniff
age: 461654
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6876
x-xss-protection: 0
last-modified: Fri, 30 Oct 2020 05:43:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 07:20:06 GMT

GET
H3-29 200 300x250-2.jpg
s0.2mdn.net/sadbundle/9647631871950745088/ Frame D503 42 KB
42 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647631871950745088/300x250-2.jpg

Requested by

Host: 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
URL: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b741b261eee959248eeb5ad87b4a14303618bfc90c5e2eb44dfb6d406b5ce48a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9647631871950745088/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 00:57:47 GMT
x-content-type-options: nosniff
age: 484593
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42553
x-xss-protection: 0
last-modified: Fri, 30 Oct 2020 05:43:06 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 00:57:47 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D49F 0
56 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BODbS_OvZYKvSA87J7_UPxoGO4A0AAAAAOAHgBAI&bg=!CQqlCk7NAAYo4NJEKOA7ACkAdvg8Wso5Oxm1IYoC9XeTeHDe6O28kspPltU2zAkhwmnyRy5iwfRyIwIAAABvUgAAAAtoAQeZAsNZFeH2mRsvOABcis_1Qe71hlHV_EmQdTf5lXKkW4K-drQgqrVL_izpv5wuJHrkB-N3AMEpDlyfzZ25rmgXzcPzgA-lPG-7VxlwjgqUSMHBps8qxgl7Bb2ZA6uAqOBKEzAJuG8No2lakuIOW1u66KHdaoC828vtOmNrT51Dr58WX702oFoGccJ3G1hr6JMFs7Gz1e9FBN_TajAD0YrabWlgRrWfdDk5OXPO-vF-gfn8J4Pt-E3AZiK3fTfMtarUGOk5dga-GawWBHRpDI7ao5JVTbmvT6sKdoNhZK0RcPoUJSKzcpPiMnzyh_sB0dfJWnn8OjmXrRA5n2bbZp9iOYD1YRvATvRFsPxeJYWM-a5aw35sOaZjDIqKtmCMUlDKb894GUoMu43Ynfw1t49bGh_-dfeP7JXsMJrlDXmdhM1YZCMZxUQ9NilKJP5B7Vq1qaDd8OvjOdFb-lnFvRc2FVN3Yn7h8kQo_93IXhPggHe4wrqUTh-QtwPmd6u7eByIyUlWqCgN--zQ2rUQ1VKWSJKA9mNEmHPLeG42T3qFawMH4AAt7sBIeqTfMArlSD7hF8dGYVfp7MN8WsKKUMFcw0k_fOYnq2LYkm7J40UBnbSmJoJfvY2LMWtpsOLOgX6a_woL3qOB0938sUiVlRTN_9L61d68CuTdN5JpOLDdh4XLH6bL24D1YKMfjo1519q2OOiZI6YEOKKzTuqe4nMCQtxmdCiJIWNFIiblqbPZJds_OzZR6fVpy54obKHYuVrDaa7YX2aCjOkxp077QUWhxFC4dDF8v0gcchQzRo6nzWTNeuMrqj-DNwysQ2onLSIDq5LurOeDA35vReSwe7xES4ZrY7Frfjvk-BiMQMNiroYTAQyqpxLqHUjXwuan5f0wKl3Spng2e8OxeBQ6mHduOu-QLowdA7qvV5vz016_LVQzR8g89A

Requested by

Host: 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
URL: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 15:34:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 606D 43 B
215 B 102ms
101ms Image
image/gif 3.219.181.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=415630&asId=cdb86f22-3b34-bade-fbbf-823e29bef5a4&tv=%7Bc:gQPSTT,pingTime:-10,time:448,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxMnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1624894460552%7C%7C55a2c07b9506b7d2ee09ca34f7f4e170%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C36021f7a12094d69b5d8f5770cb67f0c%7C%7Ce79ae8e77483953127a6416e04ffa331%7C%7C89fedcc515746bd3387368538f2c06a8%7C%7C213e0ab7d5deb8feb4af517991c933a9%7C%7C5b6479eb3e0411960bc6c55354fb1c0a%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,im:%7Bimprf:%7Bttecl:561,ecd:13,tsecr:6%7D%7D%7D
Requested by: Host: 2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
URL: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.181.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-181-211.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 15:34:20 GMT
x-server-name: dt36.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 606D 42 B
518 B 61ms
42ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukReOmwi7iS5hIU9loqh7Y4S9t2LEctWYgzpeCNznA3gbuAwk24mhCd59YPWdBrjSDRqv5mSk1TpBdYaOGi_Z_K7maRpc3BSSRZ28bSPE9KKN75OAdZxgssoU9Rw&sai=AMfl-YQ1mRkZD8zcjxgfKQ7aJOSE5ptFgBuM1g4usRu43KsjsKVLHCDWXISBIfYldTc9npmC8D2gnRDtXxngY9s-fK_VAt6jQ2j5omb03RD_wQxFC6fxGH39YwxPSq9X9mY&sig=Cg0ArKJSzIYhH1cXyxxNEAE&cid=CAASFeRo-8VfBvS_59Xtg4dsNxC4MbROMg&id=lidar2&mcvt=1001&p=71,1274,321,1574&mtos=959,1001,1001,1001,1001&tos=959,42,0,0,0&v=20210623&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2263478373&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624894459651&dlt=55&rpt=1&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 15:34:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 606D 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvW1s2GOAbxL1vcEBtfY87dwDnq2rLHirR59HmBDrCg36_a7OWyTmd5r2V505QbIQbz37myMieX_ZDDjsOvBEXAOYvSpKvG&sig=Cg0ArKJSzBqCx_fZOEVGEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210623&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=2228999113&rs=6&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 15:34:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIq8DbyNO68QIVzuS7CB3GgAPcEAAYACCQmqRA;met=1;&timestamp=1624894470659;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 606D 42 B
118 B 43ms
41ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIq8DbyNO68QIVzuS7CB3GgAPcEAAYACCQmqRA;met=1;&timestamp=1624894470659;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 15:34:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 19:21:35	Name: test_cookie Value: CheckForPermission
			.osdn.jp/	1970-01-20 04:43:10	Name: __gads Value: ID=b5d57e0be01646d1-2220b92541c900d1:T=1624894458:RT=1624894458:S=ALNI_MagxnuuPXwNnH7vMFz3-32Gscy2uA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/032106212012000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2106212012000 https://sevenzip.osdn.jp/howto/non-install-extract.html
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.003173828125 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2c5d3387f9be0a1cb4cc33a2369c23f2.safeframe.googlesyndication.com
ad.doubleclick.net
ade.googlesyndication.com
adservice.google.com
adservice.google.de
cdn.ampproject.org
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.adsafeprotected.com
s0.2mdn.net
securepubads.g.doubleclick.net
sevenzip.osdn.jp
static.adsafeprotected.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
142.250.185.102
142.250.185.162
142.250.185.98
142.250.186.98
2.18.234.21
202.221.179.22
2600:9000:2104:4e00:8:48e:53c0:93a1
2a00:1450:4001:802::2006
2a00:1450:4001:80e::2004
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:811::200e
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
3.219.181.211
37.252.172.45
52.18.175.198
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf753ad26782258d7c6de2c9111c89c4d3cc5f682c5705287540665cb804e06
0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1778683328481e57cd94fdc4895256fbb8f29051f1e2ab57214c27561b084ad9
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1e338285895ec264fa4297425be3e878e6dc121d20226d52f2eebc7d66c6d9da
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
23835fb4f46d13f5ae841def0c3bcba33d019682ce55111904cb70e7d2f6d31e
27ea74dfb4a30a347127033f5d7b36b3ede2dcb0a496d0b34f5043068b944006
398c98027bb815ed3aa5a5baae7bd310d3a51b4872ad9587519114b432209874
42c0019ac2f32d24160ef9f53853c7caeb65ea3b21bcbcd8e3b90a5a230dfba4
45438ac938e6613185f4cec0aac33ce6946e88ece9ffd9f916859e08d6509454
48f9695743d1ea7156fe612eb25beb3be6ca81d94a30891b848d0177137dfaa6
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f1c7274dc74d0bd374ad06e4afccfa0117ad8c3afe3cbd460d838818b14ca1a
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50606e7d2c3797490f8a879b5bf8d542b083ffd9757c503968a639cf52c6e47f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
56a75c0cc8bf6ca3a907e0e70b689bbe2586ecb6ac81fc241e93f39e7873ea4f
598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5e84021bf9b0f942bbfed8d3e91a15294e882dfeb281d85242097b6419d2180b
5efde9b56071951c07f5bf2289287738c67d6bcf6fcaf76bc789b7054f7dc0cc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
763a057465bc63d544cbdf4be931ae933ec54bda36b8415c276b22ae7f6a7c13
77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb
7e256094f968bccd72ec23128233d641cae2f5b25f0bcd842064c2bbf0631b5c
7f1343ca74e009a2949392688b30d4a9a8f7f642ae4b593c9fdc76284531b049
816109a133504890a3276068620a0c62a2f5a172fb64a7b1e16028cc18b034da
887f063df27ef4a696d31ce39ffaded7dc0b18b2a7c82045e54bfa240c375fd1
914590c9d94f460ce1789fb731650c617288c3ca58428ecc2c79944dca7bfe7f
92857904df325afe1f29a64b2382eb7df89626a03d79bd16be4dac1296c3aef1
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7e42ee60db7aec585d99659508b3343197bd9521683aa84d6a853b59a9693dc
a8af60792a7bd12ea3db5c52633307f38212dba514e459d40ad596d1371b64ad
a914a6595baee5b2e8d5fb5a5b112c0ada80bcad767b09959ef4c4cca279f6b2
aa1941e80928e9b7d64a68cec42aed23c07f4521bfe5e63d8bb44b33a6229751
ac42f28820c1a06584cf80f69fc888b8d19d7b87197bef5ea6ea355b712df62c
ac714194de282f4e54c7d818bebedaf6b6edd6cd0ff99ee0292801f664538035
adb95eba8e44ec52ff004428862dcd2c3bde57b625e748b359e1745a819d96f1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f
b741b261eee959248eeb5ad87b4a14303618bfc90c5e2eb44dfb6d406b5ce48a
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c9046c94969b74f64fd636d88a88bc03a156d5130f4eff4bafef1669c93dbfab
c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a
cc2f883b38e206b37edf1eb472e3301c994edfe81fa38d5b035641d06e4fb32f
cda07571b7df709a7b95bed79d012b6f47aec7f9598516750d0e1023cf1a7a32
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
dd1400737b37b1cdbd3c86a7a91f88c3079e916ac85f39bed9eabe3c482b110e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fb5243d8f71436420d15fbf9dbc1b5b2d7b96d1e186d7f24c8a143ae2de492
e54b897cb477a0ce61dc7c6900e1c57a4f127c24716662b84313be238e0f7abb
e68a2c9d1fe7d6309da6cd320a5caa728d2e3e6476518bf2ee25e55a3c165a48
e80f257bc87ff3302ba19f31bee1b176c8d736b95eb9efe9132c4df2ae6a942b
e94a4ffe8f92e41c3d79836d2aef56457ab8fb74eb258462987af0215a512e6d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f006f84f2480948eeac84b6b13f004a7f19888fda289606c1dc6efc839d00328
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f94fefa4e57a913d4369a0ac5bc7dadf6ac6b1b2a8d5c7c38257cb390a80ac01
fb4f72d25680709016867e9157369325b3c4e36138a2cdb7d7ae40839ae0ab90

sevenzip.osdn.jp Open in urlscan Pro 202.221.179.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

86 Requests

100 %HTTPS

61 %IPv6

16 Domains

26 Subdomains

24 IPs

4 Countries

983 kBTransfer

2595 kBSize

2 Cookies

0 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sevenzip.osdn.jp Open in urlscan Pro
202.221.179.22 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

100 %
HTTPS

61 %
IPv6

16
Domains

26
Subdomains

24
IPs

4
Countries

983 kB
Transfer

2595 kB
Size

2
Cookies

86 HTTP transactions
2 data transactions