new-challenge123.com Open in urlscan Pro
183.181.98.15 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://new-challenge123.com/whipping-cream/
Submission: On January 10 via api (January 10th 2024, 10:47:43 pm UTC) from US — Scanned from JP

Summary HTTP 210 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 57 IPs in 10 countries across 46 domains to perform 210 HTTP transactions. The main IP is 183.181.98.15, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is new-challenge123.com.
TLS certificate: Issued by R3 on December 8th 2023. Valid for: 3 months.

This is the only time new-challenge123.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	183.181.98.15 183.181.98.15	131965 (XSERVER X...) (XSERVER Xserver Inc.)
14	2404:6800:400... 2404:6800:4004:810::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:823::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4004:80b::2008	15169 (GOOGLE) (GOOGLE)
15	2a02:6ea0:d30... 2a02:6ea0:d300::23	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2600:9000:21e... 2600:9000:21ee:8000:12:abfb:9280:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	133.237.48.7 133.237.48.7	23820 (RAKUTEN R...) (RAKUTEN Rakuten Group)
1	2600:140b:dc0... 2600:140b:dc00::173e:6a51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.60.109.202 23.60.109.202	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	2404:6800:400... 2404:6800:400a:804::2004	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
4 16	2404:6800:400... 2404:6800:4004:828::2002	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:400a:813::200e	15169 (GOOGLE) (GOOGLE)
4	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
6	2404:6800:400... 2404:6800:4004:823::2003	15169 (GOOGLE) (GOOGLE)
1	23.195.91.136 23.195.91.136	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	2406:2600:4::b 2406:2600:4::b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
1	51.79.154.29 51.79.154.29	16276 (OVH) (OVH)
2	2620:116:800e... 2620:116:800e:21:36b5:1576:d999:6e52	16509 (AMAZON-02) (AMAZON-02)
1	54.194.222.16 54.194.222.16	16509 (AMAZON-02) (AMAZON-02)
1	52.17.192.98 52.17.192.98	16509 (AMAZON-02) (AMAZON-02)
2	182.161.74.11 182.161.74.11	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1	13.214.50.225 13.214.50.225	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21e... 2600:9000:21ee:1600:12:abfb:9280:93a1	16509 (AMAZON-02) (AMAZON-02)
1 31	2404:6800:400... 2404:6800:4004:825::2001	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:812::2002	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:80f::200a	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4004:821::200e	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:400a:805::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:822::200e	15169 (GOOGLE) (GOOGLE)
8	142.250.196.98 142.250.196.98	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:2066:fc00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2404:6800:400... 2404:6800:4004:821::2003	15169 (GOOGLE) (GOOGLE)
2	178.32.210.226 178.32.210.226	16276 (OVH) (OVH)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1 2	103.43.90.117 103.43.90.117	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4	34.253.153.2 34.253.153.2	16509 (AMAZON-02) (AMAZON-02)
1 1	23.208.233.60 23.208.233.60	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.40.149.60 23.40.149.60	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6810:da14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	164.132.25.176 164.132.25.176	16276 (OVH) (OVH)
12 19	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2606:4700:303... 2606:4700:3037::ac43:8e31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	142.250.199.98 142.250.199.98	15169 (GOOGLE) (GOOGLE)
2 2	207.65.34.80 207.65.34.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	213.19.162.90 213.19.162.90	3356 (LEVEL3) (LEVEL3)
1	23.106.127.56 23.106.127.56	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	2606:4700:303... 2606:4700:3037::ac43:d5fa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	67.220.224.144 67.220.224.144	16509 (AMAZON-02) (AMAZON-02)
2 4	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1 1	2406:da18:929... 2406:da18:929:5a01:7f06:dee3:5d67:3d00	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	54.64.238.180 54.64.238.180	16509 (AMAZON-02) (AMAZON-02)
1 1	54.157.90.217 54.157.90.217	14618 (AMAZON-AES) (AMAZON-AES)
3 3	18.143.106.89 18.143.106.89	16509 (AMAZON-02) (AMAZON-02)
1	23.192.45.98 23.192.45.98	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.140.29.15 18.140.29.15	16509 (AMAZON-02) (AMAZON-02)
1 2	209.191.163.210 209.191.163.210	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 2	104.18.41.104 104.18.41.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
210	57

26 183.181.98.15 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv6014.xserver.jp

new-challenge123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2404:6800:4004:810::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:823::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:80b::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:6ea0:d300::23 (Tokyo, Japan)

ASN60068 (CDN77 ^_^, GB)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ee:8000:12:abfb:9280:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.unblockia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 133.237.48.7 (Chiyoda-ku, Japan) 1 redirects

ASN23820 (RAKUTEN Rakuten Group, Inc., JP)
PTR: hbb.afl.rakuten.co.jp

hbb.afl.rakuten.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:dc00::173e:6a51 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

thumbnail.image.rakuten.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.60.109.202 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-60-109-202.deploy.static.akamaitechnologies.com

static.affiliate.rakuten.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:400a:804::2004 (Osaka, Japan) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2404:6800:4004:828::2002 (Australia) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:400a:813::200e (Osaka, Japan)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.195.91.136 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-195-91-136.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2406:2600:4::b (Japan) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.192.166 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.79.154.29 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip29.ip-51-79-154.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800e:21:36b5:1576:d999:6e52 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.222.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-222-16.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.192.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-192-98.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.214.50.225 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-214-50-225.ap-southeast-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ee:1600:12:abfb:9280:93a1 (United States)

ASN16509 (AMAZON-02, US)

loader.unblockia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2404:6800:4004:825::2001 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:812::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:80f::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:821::200e (Australia)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:400a:805::200e (Osaka, Japan)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:822::200e (Australia)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.196.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2066:fc00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:821::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.32.210.226 (Ivry-sur-Seine, France)

ASN16276 (OVH, FR)
PTR: ip226.ip-178-32-210.eu

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.43.90.117 (Singapore, Singapore) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.253.153.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-153-2.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.208.233.60 (Tokyo, Japan) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-233-60.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.40.149.60 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-149-60.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:da14 (United States)

ASN13335 (CLOUDFLARENET, US)

fbcdn2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 164.132.25.176 (France)

ASN16276 (OVH, FR)
PTR: ip176.ip-164-132-25.eu

euw2.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 69.173.158.64 (Singapore, Singapore) 12 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8e31 (United States)

ASN13335 (CLOUDFLARENET, US)

ufpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.199.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.65.34.80 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.90 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.127.56 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:d5fa (United States)

ASN13335 (CLOUDFLARENET, US)

onclickgenius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.220.224.144 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da18:929:5a01:7f06:dee3:5d67:3d00 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.64.238.180 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-238-180.ap-northeast-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.157.90.217 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-90-217.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.143.106.89 (Singapore, Singapore) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.192.45.98 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-192-45-98.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.140.29.15 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-29-15.ap-southeast-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.191.163.210 (United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.41.104 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	752 KB
26	new-challenge123.com new-challenge123.com	335 KB
23	rubiconproject.com 14 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1520 eus.rubiconproject.com — Cisco Umbrella Rank: 951 token.rubiconproject.com — Cisco Umbrella Rank: 744 pixel.rubiconproject.com — Cisco Umbrella Rank: 620 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2989	26 KB
22	gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	600 KB
21	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 338	223 KB
15	themoneytizer.com ads.themoneytizer.com — Cisco Umbrella Rank: 55842	277 KB
8	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 173
6	amazon-adsystem.com 3 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 923 s.amazon-adsystem.com — Cisco Umbrella Rank: 398	4 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 708 fonts.googleapis.com — Cisco Umbrella Rank: 115	34 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	324 KB
5	cpx.to p.cpx.to — Cisco Umbrella Rank: 14890 s.cpx.to — Cisco Umbrella Rank: 10600	5 KB
5	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 597 mug.criteo.com — Cisco Umbrella Rank: 1867	2 KB
4	yahoo.com 4 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819 ups.analytics.yahoo.com — Cisco Umbrella Rank: 505	1 KB
4	smartadserver.com ww1097.smartadserver.com — Cisco Umbrella Rank: 54212 euw2.smartadserver.com — Cisco Umbrella Rank: 11703 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1004	6 KB
4	tmyzer.com c.tmyzer.com — Cisco Umbrella Rank: 47854	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
4	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 6	2 KB
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 658	3 KB
3	rakuten.co.jp 1 redirects hbb.afl.rakuten.co.jp — Cisco Umbrella Rank: 458424 thumbnail.image.rakuten.co.jp — Cisco Umbrella Rank: 205615 static.affiliate.rakuten.co.jp — Cisco Umbrella Rank: 379919	8 KB
2	connatix.com 1 redirects capi.connatix.com — Cisco Umbrella Rank: 1732	524 B
2	lijit.com 1 redirects ce.lijit.com — Cisco Umbrella Rank: 1432	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 845	1 KB
2	pubmatic.com 2 redirects image2.pubmatic.com — Cisco Umbrella Rank: 1555	569 B
2	fbcdn2.com fbcdn2.com — Cisco Umbrella Rank: 701342	13 KB
2	adsrvr.org 1 redirects match.adsrvr.org — Cisco Umbrella Rank: 594	974 B
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 356 secure.adnxs.com — Cisco Umbrella Rank: 793	2 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 2137 pixel.quantserve.com — Cisco Umbrella Rank: 1736	10 KB
2	leadplace.fr tag.leadplace.fr — Cisco Umbrella Rank: 53667	4 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 3634 pixel.wp.com — Cisco Umbrella Rank: 3321	3 KB
2	unblockia.com cdn.unblockia.com — Cisco Umbrella Rank: 15076 loader.unblockia.com — Cisco Umbrella Rank: 15421	39 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	149 KB
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 797	280 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 1385	651 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 1536	493 B
1	bidr.io 1 redirects match.prod.bidr.io — Cisco Umbrella Rank: 972	422 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 778	513 B
1	onclickgenius.com onclickgenius.com — Cisco Umbrella Rank: 189252	3 KB
1	ufpcdn.com ufpcdn.com — Cisco Umbrella Rank: 166467	1 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1338	280 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1945	1 KB
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 4038	826 B
1	adleadevent.com adtrack.adleadevent.com — Cisco Umbrella Rank: 51797	859 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1105	864 B
1	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 10115	36 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 395	4 KB
0	w55c.net Failed pm.w55c.net Failed
210	46

	Domain	Requested by
31	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
26	new-challenge123.com	new-challenge123.com
16	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
15	ads.themoneytizer.com	new-challenge123.com ads.themoneytizer.com
14	pagead2.googlesyndication.com	new-challenge123.com pagead2.googlesyndication.com cdn.unblockia.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
12	pixel.rubiconproject.com	6 redirects new-challenge123.com
8	www.googleadservices.com	new-challenge123.com googleads.g.doubleclick.net
7	token.rubiconproject.com	6 redirects eus.rubiconproject.com
7	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
6	www.gstatic.com	www.google.com googleads.g.doubleclick.net
5	cm.g.doubleclick.net	3 redirects new-challenge123.com
5	fonts.googleapis.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
4	s.amazon-adsystem.com	2 redirects new-challenge123.com
4	s.cpx.to	p.cpx.to new-challenge123.com
4	fonts.gstatic.com	fonts.googleapis.com
4	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
4	c.tmyzer.com	ads.themoneytizer.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.google.com	2 redirects new-challenge123.com tpc.googlesyndication.com
3	ups.analytics.yahoo.com	3 redirects
3	id5-sync.com	ads.themoneytizer.com ced.sascdn.com
3	gum.criteo.com	1 redirects ads.themoneytizer.com
2	capi.connatix.com	1 redirects new-challenge123.com
2	ce.lijit.com	1 redirects new-challenge123.com
2	pixel.tapad.com	1 redirects new-challenge123.com
2	aax-eu.amazon-adsystem.com	1 redirects new-challenge123.com
2	image2.pubmatic.com	2 redirects
2	fbcdn2.com	new-challenge123.com fbcdn2.com
2	eus.rubiconproject.com	new-challenge123.com eus.rubiconproject.com
2	match.adsrvr.org	1 redirects p.cpx.to
2	ww1097.smartadserver.com	ced.sascdn.com
2	mug.criteo.com	new-challenge123.com
2	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
2	www.googletagmanager.com	new-challenge123.com www.googletagmanager.com
1	match.sharethrough.com	new-challenge123.com
1	hb.yahoo.net	new-challenge123.com
1	sync.ipredictive.com	1 redirects
1	match.prod.bidr.io	1 redirects
1	px.ads.linkedin.com	new-challenge123.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	onclickgenius.com	fbcdn2.com
1	rtb-csync.smartadserver.com	new-challenge123.com
1	pixel-eu.rubiconproject.com	1 redirects
1	secure.adnxs.com	1 redirects
1	ufpcdn.com	fbcdn2.com
1	euw2.smartadserver.com	new-challenge123.com
1	secure-assets.rubiconproject.com	1 redirects
1	ib.adnxs.com	p.cpx.to
1	lb.eu-1-id5-sync.com	ads.themoneytizer.com
1	pixel.quantserve.com	new-challenge123.com
1	rules.quantcount.com	secure.quantserve.com
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	loader.unblockia.com	cdn.unblockia.com
1	id.crwdcntrl.net	ads.themoneytizer.com
1	adtrack.adleadevent.com	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	onetag-sys.com	ads.themoneytizer.com
1	ced.sascdn.com	ads.themoneytizer.com
1	pixel.wp.com	new-challenge123.com
1	stats.wp.com	new-challenge123.com
1	static.affiliate.rakuten.co.jp	new-challenge123.com
1	thumbnail.image.rakuten.co.jp	new-challenge123.com
1	hbb.afl.rakuten.co.jp	1 redirects
1	cdn.unblockia.com	new-challenge123.com
1	cdnjs.cloudflare.com	new-challenge123.com
1	ajax.googleapis.com	new-challenge123.com
0	pm.w55c.net Failed	new-challenge123.com
210	69

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
b.hatena.ne.jp
getpocket.com
timeline.line.me
cookpad.com
hb.afl.rakuten.co.jp
feedly.com
ja.wordpress.org

Subject Issuer	Validity	Valid
www.new-challenge123.com R3	`2023-12-08` - `2024-03-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
1266287590.rsc.cdn77.org R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh
*.unblockia.com Amazon RSA 2048 M01	`2023-02-21` - `2024-03-22`	a year	crt.sh
intl.rakuten-static.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-04-17`	4 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
c.tmyzer.com R3	`2023-11-20` - `2024-02-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.sascdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-14` - `2024-07-17`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2023-08-30` - `2024-09-11`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2024-01-09` - `2025-01-13`	a year	crt.sh
*.adleadevent.com Amazon RSA 2048 M01	`2023-06-27` - `2024-07-25`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M03	`2023-10-08` - `2024-11-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2024-01-09` - `2025-01-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
ufpcdn.com GTS CA 1P5	`2024-01-02` - `2024-04-01`	3 months	crt.sh
onclickgenius.com GTS CA 1P5	`2024-01-04` - `2024-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://new-challenge123.com/whipping-cream/
Frame ID: 35F025B8825D23DA021E24290A48FD0A
Requests: 95 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: 5ADAE763B4BF3860EB82EABBBDDD1F36
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6561002033229695&output=html&adk=1812271804&adf=3025194257&lmt=1704926850&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704926850701&bpp=5&bdt=161&idt=210&shv=r20240109&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=720562420050&frm=20&pv=2&ga_vid=1148661662.1704926851&ga_sid=1704926851&ga_hid=862722657&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320238%2C31080259%2C31080261%2C31080266%2C44798934%2C31080218%2C95321963%2C95320894&oid=2&pvsid=4270021573324575&tmod=1091523602&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=224
Frame ID: B3B0E921549D22B8EEB019BCA9CE6ACE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6561002033229695&output=html&h=280&slotname=7319246346&adk=4189558454&adf=2137404282&pi=t.ma~as.7319246346&w=800&fwrn=4&fwrnh=100&lmt=1704926850&rafmt=1&format=800x280&url=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704926850931&bpp=11&bdt=392&idt=11&shv=r20240109&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=720562420050&frm=20&pv=1&ga_vid=1148661662.1704926851&ga_sid=1704926851&ga_hid=862722657&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=1065&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320238%2C31080259%2C31080261%2C31080266%2C44798934%2C31080218%2C95321963%2C95320894&oid=2&pvsid=4270021573324575&tmod=1091523602&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=15
Frame ID: 81968873C09B7C5C029799F4D8E4AB42
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6561002033229695&output=html&h=280&slotname=6703813459&adk=3481391005&adf=2740954024&pi=t.ma~as.6703813459&w=336&lmt=1704926850&rafmt=12&format=336x280&url=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704926850958&bpp=4&bdt=419&idt=4&shv=r20240109&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280&nras=1&correlator=720562420050&frm=20&pv=1&ga_vid=1148661662.1704926851&ga_sid=1704926851&ga_hid=862722657&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320238%2C31080259%2C31080261%2C31080266%2C44798934%2C31080218%2C95321963%2C95320894&oid=2&pvsid=4270021573324575&tmod=1091523602&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Frame ID: 711F31C26B320A6959CBCCDB60B98E11
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6561002033229695&output=html&h=280&slotname=1995806867&adk=371297691&adf=1862175494&pi=t.ma~as.1995806867&w=336&lmt=1704926850&rafmt=12&format=336x280&url=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704926850972&bpp=11&bdt=433&idt=11&shv=r20240109&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280%2C336x280&nras=1&correlator=720562420050&frm=20&pv=1&ga_vid=1148661662.1704926851&ga_sid=1704926851&ga_hid=862722657&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320238%2C31080259%2C31080261%2C31080266%2C44798934%2C31080218%2C95321963%2C95320894&oid=2&pvsid=4270021573324575&tmod=1091523602&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Frame ID: 2C12B01624CB522A5D37B61154728832
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6561002033229695&output=html&h=280&slotname=7319246346&adk=3244606608&adf=3089871629&pi=t.ma~as.7319246346&w=800&fwrn=4&fwrnh=100&lmt=1704926850&rafmt=1&format=800x280&url=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704926850992&bpp=1&bdt=452&idt=1&shv=r20240109&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280%2C336x280%2C336x280&nras=1&correlator=720562420050&frm=20&pv=1&ga_vid=1148661662.1704926851&ga_sid=1704926851&ga_hid=862722657&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=3900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320238%2C31080259%2C31080261%2C31080266%2C44798934%2C31080218%2C95321963%2C95320894&oid=2&pvsid=4270021573324575&tmod=1091523602&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=4
Frame ID: 64844B9AB3E8EE6321CE6CE3B6AA18C6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1704926851115
Frame ID: 5F195350CA1C5B2B528BD55C287E27DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 92887D6C599B16D48D0F37FEA41BF47E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: A028817388AD45D12CEA731104277445
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 01B166B4F65ADCD16AE99AB52D43DBC9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: E73B8394BE52184C88B0A575F279C7E2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: BB1ECD0276DEC8D756D23300A73446AA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 73BD0AA85F8713C41AF7E9C339064DA7
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 299E585830FE0B9FDF4F2EABF541CF8B
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E5%92%8C%E3%81%95%E3%83%83%E3%81%84%E3%83%96%E3%81%91%E5%B9%B3%E3%83%8D%E9%A8%93%E3%82%92%E5%BA%83%E3%83%B3%E3%83%BC%E7%B6%9A%E3%82%A4%E3%82%BF%E3%82%8B%E3%83%AD%E5%91%8A%E3%83%88%E4%BD%93%E3%81%97%E3%82%AF%E3%81%A6%E3%81%8F%E3%81%AA%E3%81%A0
Frame ID: BC3A36DFCA5A67DABBBC87FBE3076806
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: 4887FE46A1818A9EA18C749B3C550A56
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: 8FE52B7F66B7F254DF86C5D5330D156A
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&id=MTIZ
Frame ID: CA43388BC7EFC7D038E9010640BE2594
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 152D095E0CDDEEA427481435FB16F007
Requests: 20 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 54BEE4DE4A569127FCB7989DDDD96971
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ABF22318568FDE6038D83CBC79207124
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 85E812F2A10996FE7C4010498A0716F4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

生クリームの泡立て器代用にはフォークやヘラが良い？超簡単な方法も！

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

210
Requests

87 %
HTTPS

42 %
IPv6

46
Domains

69
Subdomains

57
IPs

10
Countries

2882 kB
Transfer

7518 kB
Size

72
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/intent/tweet?text=%E7%94%9F%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%A0%E3%81%AE%E6%B3%A1%E7%AB%8B%E3%81%A6%E5%99%A8%E4%BB%A3%E7%94%A8%E3%81%AB%E3%81%AF%E3%83%95%E3%82%A9%E3%83%BC%E3%82%AF%E3%82%84%E3%83%98%E3%83%A9%E3%81%8C%E8%89%AF%E3%81%84%EF%BC%9F%E8%B6%85%E7%B0%A1%E5%8D%98%E3%81%AA%E6%96%B9%E6%B3%95%E3%82%82%EF%BC%81&url=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&related=newchallenge123
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&t=%E7%94%9F%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%A0%E3%81%AE%E6%B3%A1%E7%AB%8B%E3%81%A6%E5%99%A8%E4%BB%A3%E7%94%A8%E3%81%AB%E3%81%AF%E3%83%95%E3%82%A9%E3%83%BC%E3%82%AF%E3%82%84%E3%83%98%E3%83%A9%E3%81%8C%E8%89%AF%E3%81%84%EF%BC%9F%E8%B6%85%E7%B0%A1%E5%8D%98%E3%81%AA%E6%96%B9%E6%B3%95%E3%82%82%EF%BC%81
Title: Facebook

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/s/new-challenge123.com/whipping-cream/
Title: はてブ

Search URL Search Domain Scan URL

URL: https://getpocket.com/edit?url=https://new-challenge123.com/whipping-cream/
Title: Pocket

Search URL Search Domain Scan URL

URL: https://timeline.line.me/social-plugin/share?url=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F
Title: LINE

Search URL Search Domain Scan URL

URL: https://cookpad.com/recipe/971201
Title: こちら

Search URL Search Domain Scan URL

URL: https://hb.afl.rakuten.co.jp/hgc/19c6bdd4.5f2020b8.19c6bdd5.5236884a/?pc=https%3A%2F%2Fitem.rakuten.co.jp%2Fbeisia%2F19551%2F&m=http%3A%2F%2Fm.rakuten.co.jp%2Fbeisia%2Fi%2F10014802%2F&link_type=picttext&ut=eyJwYWdlIjoiaXRlbSIsInR5cGUiOiJwaWN0dGV4dCIsInNpemUiOiIyNDB4MjQwIiwibmFtIjoxLCJuYW1wIjoicmlnaHQiLCJjb20iOjEsImNvbXAiOiJkb3duIiwicHJpY2UiOjAsImJvciI6MSwiY29sIjoxLCJiYnRuIjoxLCJwcm9kIjowfQ%3D%3D

Search URL Search Domain Scan URL

URL: https://twitter.com/newchallenge123

Search URL Search Domain Scan URL

URL: https://feedly.com/i/discover/sources/search/feed/https%3A%2F%2Fnew-challenge123.com

Search URL Search Domain Scan URL

URL: https://ja.wordpress.org/
Title: WordPress.org

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://hbb.afl.rakuten.co.jp/hgb/19c6bdd4.5f2020b8.19c6bdd5.5236884a/?me_id=1307506&item_id=10014802&m=https%3A%2F%2Fthumbnail.image.rakuten.co.jp%2F%400_mall%2Fbeisia%2Fcabinet%2Fh301217%2F19551.jpg%3F_ex%3D80x80&pc=https%3A%2F%2Fthumbnail.image.rakuten.co.jp%2F%400_mall%2Fbeisia%2Fcabinet%2Fh301217%2F19551.jpg%3F_ex%3D240x240&s=240x240&t=picttext HTTP 302
https://thumbnail.image.rakuten.co.jp/@0_mall/beisia/cabinet/h301217/19551.jpg?_ex=240x240

Request Chain 72

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnew-challenge123.com%2F&domain=new-challenge123.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=i6FdQnx2UHoyWG5pdmh2YUxyZUdpVWxScXFEMldqR2d6UTMvaXd1Uy9Ub0VucDdvOU1jZWwvWVM0SjVOVE93V2NJNEpURTdCMlo1TFNOYnVXNW9EMnptVmtkYWQrWGxjc21oQm12OVRvZnRZYVlRWDkyaTNmWloxSnN2UUw4Q1JBeW5uU3ZyU0FOdnhTcmlqUWxYeFBhdUt0ZlhROHdOUHFwRDczbWhHTWxWQ3VWeXh6Y3k3QzE3dm1NR0ExaEFzZ09uVkp5SmxONE1RWGRISDNDWTZFZVA3VzBYSW5LNU1RdTZIRVZVeHpmUDM2ZnhJK0N6NVpSNkhVTW4rZnNVWG5kdGFCfA&cppv=2

Request Chain 87

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 108

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCW46TzmgEQsAkYsAkyCCtyDyDi_3UE HTTP 301
https://tpc.googlesyndication.com/simgad/12589505205993449889

Request Chain 111

https://googleads.g.doubleclick.net/pagead/adview?ai=C1Oyggx6fZZ2TAbvVs8IPgKy8iAXivKmhdeaXh_H0EKip1865DhABIKnm6mJgifPFhPQToAHPx-fHA8gBAqkCMmBrYEt-PT6oAwHIA8kEqgT8AU_Q77pyqqKlo8oZF9cM7rzCQqkl8JrUyAfKSxkUDIE8zQbhee6WssqyO5WUiX-v3ZA0RPmjg9naYJAdMRFNQTnEnCa7LQDDUb9lCXq_IJbLtz3U4Gz674cNhcoz_OaEGiLhGpmJrrrVw8YQQxmBv8rHyEIQUpZeYXgTfGgcdc079QQhQxG-Ygi0CCytNv-T_qxmcX9glGm1mv8mv8NCSuG5KosZz1XJsB_j4p3Wc8-XZ9eMt_OMuIv2LuJGbjdL1Uwh57V9jKicsfMraFhZsnQ6iwDkdi0ABupYO1lAvYOxmaHMy9lh16HspqVsEUSs901UAJxWveDhuJUFMcAE5e2I65oEiAXmx7qBSJIFBAgEGAGSBQQIBRgEoAYCgAeZuJg4qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ24ED0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOljmxsq689ODA5oJkAFodHRwczovL3JlcG9ydGluZy5ic2Eub3JnL3IvcmVwb3J0L2FkZC5hc3B4P2xuPWphLWpwJnNyYz1KUCZ1dG1fc291cmNlPUdETl9DQVQxOV9DQUQmdXRtX21lZGl1bT1iYW5uZXImdXRtX2NvbnRlbnQ9Q0FUMTlfQ0FEJnV0bV9jYW1wYWlnbj1EU0tfUEOACgHICwGiDAgqBgoEu7uxAtoMEAoKEMCPy_X3uPLdLxICAQPYEw3QFQGAFwGyFxwKGggAEhRwdWItNjU2MTAwMjAzMzIyOTY5NRgA&sigh=JvfgT53zuDc&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_088nV4dm6RqmAZ81DRDOVv3nY03hLXeVfvtQJgv8jWpfHpCBrBHFpbHZKHdFUr1jnNEbC-TtgCDA15jdjuj5hPfQmutOqi3mfiYYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x581c5f03dda22f140000000000000000%22,%222%22:%220x8156c8ccb45003c30000000000000000%22,%223%22:%220xf18e32731a3911450000000000000000%22,%224%22:%220x6387ef25892c6a880000000000000000%22,%225%22:%220x49f08ae1fae07070000000000000000%22},%22debug_key%22:%223572767319028818675%22,%22debug_reporting%22:true,%22destination%22:%22https://bsa.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22955900879%22],%2222%22:[%22true%22],%224%22:[%2201-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226699088425190824321%22}&andc=true

Request Chain 124

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 130

https://googleads.g.doubleclick.net/pagead/adview?ai=CRE2ygx6fZeoVy_Ts6w-X9qDgB-K8qaF15peH8fQQ8oT7464PEAEgqebqYmCJ88WE9BOgAc_H58cDyAECqQIyYGtgS349PqgDAcgDyQSqBPwBT9ASKZzViE2wOUYFRYZmRz2fNTNSiMWWI_FMUI1HT8zvIYwd3mavPZ1ONWznc1hZZs2sS22Qik1B_Fs9GxwraJbvaDoBIYUceMykgzkPAtiDaU57C8Dez7DGrMum2SsG1rHt2RN6hgMUZxE0Ybz5-sM_B6xdnAAygd_59_i__dAtLwGGglKFmNX6mtANZZw7ugGC0mFI233z8pOz3GhdY9EYdpmIUn73lIzbrKvt55v8F0yEaupuYbcDIn4olsmZ5hecmUH0KMYzQzZGd5nGslXU8RHwLSFEmMOqc2WtZkClfEts76zTedb_XqrhJLVIk-Ek6M504c7ebgJ2wATl7YjrmgSIBebHuoFIkgUECAQYAZIFBAgFGASgBgKAB5m4mDioB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBD-nAXSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WNG7ybrz04MDmgmQAWh0dHBzOi8vcmVwb3J0aW5nLmJzYS5vcmcvci9yZXBvcnQvYWRkLmFzcHg_bG49amEtanAmc3JjPUpQJnV0bV9zb3VyY2U9R0ROX0NBVDE5X0NBRCZ1dG1fbWVkaXVtPWJhbm5lciZ1dG1fY29udGVudD1DQVQxOV9DQUQmdXRtX2NhbXBhaWduPURTS19QQ4AKAcgLAdoMEQoLEJDsmsXYuICRugESAgED2BMN0BUBgBcBshccChoIABIUcHViLTY1NjEwMDIwMzMyMjk2OTUYAA&sigh=_S1JLznyQec&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_3TSym-taxJrF_kWNi0ACTVIV3gL7sDfg7PJCa0urbQt7r-pI0N-AeSCw2rw0hC_HAo6hQW6JxsnAchlHlJAVmKJ_o23c3QxNXhgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x581c5f03dda22f140000000000000000%22,%222%22:%220x8156c8ccb45003c30000000000000000%22,%223%22:%220xf18e32731a3911450000000000000000%22,%224%22:%220x6387ef25892c6a880000000000000000%22,%225%22:%220x49f08ae1fae07070000000000000000%22},%22debug_key%22:%222481535211302408633%22,%22debug_reporting%22:true,%22destination%22:%22https://bsa.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22955900879%22],%2222%22:[%22true%22],%224%22:[%2201-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215878929388349937361%22}&andc=true

Request Chain 131

https://googleads.g.doubleclick.net/pagead/adview?ai=CFithgh6fZcfnO7fe7OsPlL2ZmAib-ZahdZSv4NepEmQQASCp5upiYInzxYT0E6ABocCY8SjIAQmpAgpFNmtZtoI-qAMByAPLBKoE_QFP0ImfWj7byLPekexErzC2cF1xyPQaczGOrNX7hBefHboytzb7iSwJtU4aky48MEWC0rOHpmNfbgWaKbngo-dt-xA2lVmbyLyUGbE-sbS2ef2e2QVG1jQSLcRBPHlcrrnUdW79Z6NuRc2zu_74baIRtJicz-ug_uz121o8Svb-9LJq_9GWIVoraSIj2So5RuFS35rf6uEqrHx-8oyYmm85oe0LYga3iLNxdfAUXgevbyfOvJV6LTzV2Dh8zjaW3jwxK0dv2EcgiSxrsVYrCQakjWcHpYDt1CdDVGAECDv9ttnjANeVFCEV0dbzuIl8wkE5QUSmqJ7G6f64-OGmwAT72L34xgSIBebomuBNkgUECAQYAZIFBAgFGASgBi6AB7bG29cEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEI6LCdIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYg5XIuvPTgwOaCYICaHR0cHM6Ly93d3cudGVtdS5jb20vanAva3VpcGVyL3VuMS5odG1sP3N1Ymo9ZmVlZC11biZfYmdfZnM9MSZfcF9tYXQxX3R5cGU9MSZfcF9qdW1wX2lkPTcyNSZfeF92c3Rfc2NlbmU9YWRnJmxvY2FsZV9vdmVycmlkZT0xMDB-amF-SlBZJmdvb2RzX2lkPTYwMTA5OTUxMjk5MjYxMCZfcF9yZnM9MSZfeF9hZHNfY2hhbm5lbD1nb29nbGUmX3hfYWRzX3N1Yl9jaGFubmVsPW90aGVyJl94X2JnX2FkaWQ9Z2QyMjczNjExLTQmdG9waWNfY2xhc3NpZnk9MTIxgAoByAsB2gwQCgoQ0NbJqe7tpu1JEgIBA9gTC9AVAYAXAbIXHAoaCAASFHB1Yi02NTYxMDAyMDMzMjI5Njk1GAA&sigh=icTzJkX4hIQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_AIVut-8vnrW3xsEhLj9s1LlBVkNk04hD0PzjeurgsMAbG3w8TpM-ZKoaiEJO79awOX4ud21TES8vcQ6WHkNIWjVeyijm4uaKlu0YAQ&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc2ac95b125fa42090000000000000000%22,%222%22:%220x2271007e8591599d0000000000000000%22,%223%22:%220xf8a8439955fdefc40000000000000000%22,%224%22:%220x85c0b708c62d89fe0000000000000000%22,%225%22:%220xe714dd7620038cc30000000000000000%22},%22debug_key%22:%227165268447382481276%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2201-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223080189183017511233%22}&andc=true

Request Chain 163

https://googleads.g.doubleclick.net/pagead/adview?ai=CVnU6gh6fZamHO4X47OsPt_un8AKA0YuWdamq8euSEvqn-9vXDhABIKnm6mJgifPFhPQToAGhnIm9KcgBCakCMmBrYEt-PT6oAwHIA8sEqgSBAk_QdbHcudm_J06CIyZnblp2ZwrC6nWBPzFzZ0QvYb7H8mREr5OivI9PzeIdregvxL1hq5HE3GKv2ib7JBsT2JfaY5kuRZftcixHQohQIqTP2PpiTHiQo-TD6ttGAci9THK-AubIBCKb8YHE4WlqIgRO0zOJ2X8w25G3luwn_TOgtw61mXdsTvDmzcQTizM2V-uM-bnNxVnlS1DwCSoU0YyxvSL1uITw6OMZeKLzs6cP8ucSx1raDNt8thNjqlp02TtLmqwqIHIvNCiixgZtqBFtTuunopAHjVbXyiPKWGDL8lHnW5xR8DOqKbVn0iGr31B_8v9eWBP-VxTkzdVV_OH3wASA6rjqygSIBbq7-ZRNkgUECAQYAZIFBAgFGASgBi6AB6HU2ZwEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQrL0G0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOli6s8e689ODA5oJuAFodHRwczovL3d3dy5zb255LmpwL3hwZXJpYS94cGVyaWEveHBlcmlhMW01Lz9zX3RjPXNvbWNfYWR2X2FkX3hwZXJpYTAzMV9EXzAyLTU2LTAyX290X3BjX3JlXzAwODQzJnV0bV9zb3VyY2U9YWQmdXRtX21lZGl1bT1hZHYmdXRtX2NhbXBhaWduPXNvbWNfZ2RuX3hwZXJpYTAzMV9EXzAyLTU2LTAyX290X3BjX3JlX290LXBjgAoByAsB2gwRCgsQ8P2t77fmscOXARICAQO4E-QD2BMMiBQB0BUBmBYBgBcBshccChoIABIUcHViLTY1NjEwMDIwMzMyMjk2OTUYAA&sigh=TrARz02iEt8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_7KBvfePq4Bd9YRwVLg0vwOkRAZOJS459gVH7WikZxRtYEM_EQk2-oRnnbXKI-Bv-UcPwqYKZ3hq3RFf5YzYNfu1M06vVJT7gMBgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9955c12c5acd0eb50000000000000000%22,%222%22:%220x7763ebf08c54e4b20000000000000000%22,%223%22:%220xcac61f1d3bf975190000000000000000%22,%224%22:%220xd6af752ea28a72ff0000000000000000%22,%225%22:%220x713d8282061b6bd10000000000000000%22},%22debug_key%22:%228962466783115554576%22,%22debug_reporting%22:true,%22destination%22:%22https://sony.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211133931041%22],%2222%22:[%22true%22],%224%22:[%2201-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22849281312363106529%22}&andc=true

Request Chain 167

https://id5-sync.com/i/102/8.gif?id5id=ID5*Mp6pKnpWG_pjiCSyZVugWKfrbXho4ApUPQkLH-06kK17eskMwmE673LavMfZRgZMe3uWlUWrEmlbGUcuNDsvCQ&o=api&gdpr_consent=undefined&gdpr=0 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-8654cP6H5GkguKxv8zxGrUPxZmJIlko3oZcB55IMsw&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/102/102/7/2.gif?puid=4337286605742151663&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F102%2F2%2F6%2F3.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/102/2/6/3.gif?puid=4831174728172398760&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=31763bd4-cae9-4c42-8d80-b57097e2ebcc&ttl=%%TTL%% HTTP 302
https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1 HTTP 303
https://id5-sync.com/k/155.gif?puid=AADL6E7LPj0AABQaue42Kw&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F3%2F6.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F3%2F6.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/102/123/3/6.gif?puid=18cf58f3a9a-9690000010e5346&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F2%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F2%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/102/112/2/7.gif?puid=91C7A194861DB78C&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F1%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F1%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/102/104/1/8.gif?puid=f9d32763-b83b-488a-b949-534493cf6919&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F163%2F0%2F9.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D0%26gdpr_consent%3D

Request Chain 175

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Request Chain 182

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm HTTP 302
https://s.cpx.to/sync?dsp_uid=CAESEAtKKzsT0iQRHKDKoohiAiM&dsp=dbm&google_cver=1

Request Chain 183

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D12761%26url%3Dhttps%253A%252F%252Fnew-challenge123.com%252Fwhipping-cream%252F%26hn_ver%3D72%26fid%3D3fa30afb-1236-4c80-95c3-a7d61efc3307%26dsp%3DTTD%26dsp_uid%3D31763bd4-cae9-4c42-8d80-b57097e2ebcc HTTP 302
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=4831174728172398760&pid=12761&url=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&hn_ver=72&fid=3fa30afb-1236-4c80-95c3-a7d61efc3307&dsp=TTD&dsp_uid=31763bd4-cae9-4c42-8d80-b57097e2ebcc

Request Chain 184

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=2BBE60C0-8D19-4FF3-A7B0-C9F0C73A7AE5

Request Chain 185

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=smartadserver&khaos=LR8DFFPR-1B-MG70 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LR8DFFPR-1B-MG70

Request Chain 188

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t

Request Chain 189

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=31763bd4-cae9-4c42-8d80-b57097e2ebcc&gdpr=0&gdpr_consent=&expires=30

Request Chain 190

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmE2NDQyOTBmMjEwOGFkNjg3MmFmZmJiYjI2ZGY5NDdkZTY3ZGUxYg

Request Chain 191

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LR8DFFPR-1B-MG70&ex=d-rubiconproject.com&status=ok

Request Chain 192

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=JJ9LFInKRviMsFiOUkZb_Q&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=JJ9LFInKRviMsFiOUkZb_Q

Request Chain 193

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/egSNBhsOsD3mHKde1FgWFMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-DqNr0zVE2oKDQkl9LlGSu3.nqbOk00wln9PH2g--~A

Request Chain 194

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFI4REZGUFItMUItTUc3MA== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH6nhvYxlDXZkXcVeNNu8p8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI4REZGUFItMUItTUc3MA==&google_push=

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKowSL2OAXFR6AkuVaKwGLk&google_cver=1

Request Chain 196

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR8DFFPR-1B-MG70

Request Chain 197

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADL6E7LPj0AABQaue42Kw&expires=30

Request Chain 198

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=7f3f2d37-1a1e-48b7-8df0-902fb01d627d&expires=30

Request Chain 199

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LR8DFFWS-1V-GM9Z&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LR8DFFWS-1V-GM9Z&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LR8DFFWS-1V-GM9Z&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1TVC5CZURWRTJ1RzltUUNZX25VREZNWVdCYWhFVG1VMH5B&ovsid=LR8DFFWS-1V-GM9Z&dpid=58160

Request Chain 200

https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR8DFFPR-1B-MG70 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LR8DFFPR-1B-MG70

Request Chain 201

https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR8DFFPR-1B-MG70

Request Chain 202

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LR8DFFPR-1B-MG70 HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LR8DFFPR-1B-MG70&dnr=1

Request Chain 203

https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
https://capi.connatix.com/us/pixel?puid=LR8DFFPR-1B-MG70&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://capi.connatix.com/us/pixel?puid=LR8DFFPR-1B-MG70&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

210 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
new-challenge123.com/whipping-cream/ 306 KB
42 KB 756ms
386ms Document
text/html 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: 0b822d9fdd1d6e43f77403f4f29ffcde7ac733280389be849984925ed05c51c7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 10 Jan 2024 22:47:30 GMT
link: <https://new-challenge123.com/wp-json/>; rel="https://api.w.org/", <https://new-challenge123.com/wp-json/wp/v2/posts/1283>; rel="alternate"; type="application/json", <https://new-challenge123.com/?p=1283>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-pingback: https://new-challenge123.com/xmlrpc.php

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 136ms
93ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d219e2c4ef25017a3f58cdb24b069430b6708f5d797b861499a9fe5e46b7d12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51536
x-xss-protection: 0
server: cafe
etag: 14108104898572067999
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 22:47:30 GMT

GET
H2 200 icomoon.woff
new-challenge123.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/ 13 KB
8 KB 18ms
14ms Font
application/font-woff 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://new-challenge123.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.woff
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: ef76f153d610c355de8f8aeb1fbe3c17c3f40927d999d2ad4fbf54a7034e43f0

Request headers

Referer: https://new-challenge123.com/whipping-cream/
Origin: https://new-challenge123.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: br
last-modified: Sat, 30 Sep 2023 18:21:52 GMT
server: nginx
etag: W/"32c8-606979d844c2b"
vary: Accept-Encoding
content-type: application/font-woff
cache-control: max-age=604800
expires: Wed, 17 Jan 2024 22:47:30 GMT

GET
H2 200 fontawesome-webfont.woff2
new-challenge123.com/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/ 75 KB
76 KB 18ms
14ms Font
application/octet-stream 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://new-challenge123.com/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://new-challenge123.com/whipping-cream/
Origin: https://new-challenge123.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
last-modified: Sat, 30 Sep 2023 18:21:52 GMT
server: nginx
etag: "12d68-606979d80160e"
content-type: application/octet-stream
cache-control: max-age=604800
accept-ranges: bytes
content-length: 77160
expires: Wed, 17 Jan 2024 22:47:30 GMT

GET
H2 200 style.min.css
new-challenge123.com/wp-includes/css/dist/block-library/ 93 KB
13 KB 26ms
22ms Stylesheet
text/css 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://new-challenge123.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.4&fver=20230520035405
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: br
last-modified: Sat, 20 May 2023 15:54:05 GMT
server: nginx
etag: W/"1732d-5fc220c174121"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Wed, 17 Jan 2024 22:47:30 GMT

GET
H2 200 blocks.style.build.css
new-challenge123.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/ 184 B
368 B 27ms
23ms Stylesheet
text/css 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://new-challenge123.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css?ver=2.0.76&fver=20230930062217
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: 36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
last-modified: Sat, 30 Sep 2023 18:22:17 GMT
server: nginx
etag: "b8-606979effa0c1"
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 184
expires: Wed, 17 Jan 2024 22:47:30 GMT

GET
H2 200 style.css
new-challenge123.com/wp-content/themes/cocoon-master/ 224 KB
43 KB 27ms
23ms Stylesheet
text/css 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://new-challenge123.com/wp-content/themes/cocoon-master/style.css?ver=6.1.4&fver=20230930062152
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: 588cc054f12d99a10d26fc568cb002503e2642db4e854a2f1a5bf5aabff59607

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: br
last-modified: Sat, 30 Sep 2023 18:21:52 GMT
server: nginx
etag: W/"37f15-606979d844c2b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Wed, 17 Jan 2024 22:47:30 GMT

GET
H2 200 keyframes.css
new-challenge123.com/wp-content/themes/cocoon-master/ 292 B
477 B 16ms
13ms Stylesheet
text/css 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://new-challenge123.com/wp-content/themes/cocoon-master/keyframes.css?ver=6.1.4&fver=20230930062152
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: d04b1faa2da8b85f4f650a0ed3645bb5aee8b8faa5ce054de1115b315059ad68

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
last-modified: Sat, 30 Sep 2023 18:21:52 GMT
server: nginx
etag: "124-606979d844c2b"
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 292
expires: Wed, 17 Jan 2024 22:47:30 GMT

GET
H2 200 font-awesome.min.css
new-challenge123.com/wp-content/themes/cocoon-master/webfonts/fontawesome/css/ 30 KB
7 KB 18ms
14ms Stylesheet
text/css 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://new-challenge123.com/wp-content/themes/cocoon-master/webfonts/fontawesome/css/font-awesome.min.css?ver=6.1.4&fver=20230930062152
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: 6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: br
last-modified: Sat, 30 Sep 2023 18:21:52 GMT
server: nginx
etag: W/"792a-606979d80160e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Wed, 17 Jan 2024 22:47:30 GMT

GET
H2 200 style.css
new-challenge123.com/wp-content/themes/cocoon-master/webfonts/icomoon/ 3 KB
927 B 26ms
23ms Stylesheet
text/css 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://new-challenge123.com/wp-content/themes/cocoon-master/webfonts/icomoon/style.css?ver=6.1.4&fver=20230930062152
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: a868308d4ca1802090bfd3cc581924bc22275a3bc16fad2df4480e3976a0a5a2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: br
last-modified: Sat, 30 Sep 2023 18:21:52 GMT
server: nginx
etag: W/"adb-606979d844c2b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Wed, 17 Jan 2024 22:47:30 GMT

GET
H2 200 baguetteBox.min.css
new-challenge123.com/wp-content/themes/cocoon-master/plugins/baguettebox/dist/ 4 KB
1 KB 26ms
23ms Stylesheet
text/css 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://new-challenge123.com/wp-content/themes/cocoon-master/plugins/baguettebox/dist/baguetteBox.min.css?ver=6.1.4&fver=20230930062152
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: 70b31859862eb4792df8aa4daa383b355918490f84d956eb5ec12f3aa53b98bd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: br
last-modified: Sat, 30 Sep 2023 18:21:52 GMT
server: nginx
etag: W/"e19-606979d7d956f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Wed, 17 Jan 2024 22:47:30 GMT

GET
H2 200 style.css
new-challenge123.com/wp-content/themes/cocoon-child-master/ 827 B
1012 B 17ms
14ms Stylesheet
text/css 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://new-challenge123.com/wp-content/themes/cocoon-child-master/style.css?ver=6.1.4&fver=20190831040759
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: 3f05670ce03ae2bf06b48e05ab042494c7858db58886f351a3d576c4ff8f5ce3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
last-modified: Sat, 31 Aug 2019 16:07:59 GMT
server: nginx
etag: "33b-5916bf14ccdf2"
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 827
expires: Wed, 17 Jan 2024 22:47:30 GMT

GET
H2 200 keyframes.css
new-challenge123.com/wp-content/themes/cocoon-child-master/ 130 B
314 B 26ms
24ms Stylesheet
text/css 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://new-challenge123.com/wp-content/themes/cocoon-child-master/keyframes.css?ver=6.1.4&fver=20190831040759
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: 6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
last-modified: Sat, 31 Aug 2019 16:07:59 GMT
server: nginx
etag: "82-5916bf14cbe52"
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 130
expires: Wed, 17 Jan 2024 22:47:30 GMT

GET
H2 200 jetpack.css
new-challenge123.com/wp-content/plugins/jetpack/css/ 72 KB
14 KB 25ms
22ms Stylesheet
text/css 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://new-challenge123.com/wp-content/plugins/jetpack/css/jetpack.css?ver=9.8.2&fver=20230530040048
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: a63e79b5a97bf477e7d6ad34b4f8be2e4e8c7f3162f7d58b156ff0557f65c312

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: br
last-modified: Tue, 30 May 2023 16:00:48 GMT
server: nginx
etag: W/"11f12-5fceb4e86bcde"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Wed, 17 Jan 2024 22:47:30 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 88 KB
31 KB 44ms
3ms Script
text/javascript 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js?ver=3.6.1

Requested by

Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 04:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31100
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 04:45:46 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/ 11 KB
4 KB 14ms
7ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/jquery-migrate.min.js?ver=3.0.1

Requested by

Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3242778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3718
last-modified: Wed, 18 Nov 2020 00:51:42 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fb4701e-2c03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUwK5B5UTP76%2BizpjD0PeXQcYsm8gv1mmDZ9384EnGY8OBzJs0CJohrSS6hajWhXZE8RRe5WB0Qa%2F3ZSjwGGD7LzyFgQXsXG2i6CmH4fPfWYBvcAnmq9r1kZ5DDCFk69mNCIdZDT9g1CyLbenFcfWFYV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8438764ffb73af82-NRT
expires: Mon, 30 Dec 2024 22:47:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 96ms
52ms Script
application/javascript 2404:6800:4004:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-112012224-6

Requested by

Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f528b9ba01109026363e739295e39b49b294416ef6cbb2222bc1ca05d7f7198

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69323
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 22:14:18 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Jan 2024 22:47:30 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
3 KB 275ms
3ms Script
text/html 2a02:6ea0:d300::23
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=11
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::23 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-nzt: EwwB1GYyGQH3gvgAAAwBWbuiLAH3BgAAAAwB1GY4AQH3BQAAAA
x-accel-expires: @1705468021
date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: gzip
x-77-age: 63629
x-cache-lb: HIT, HIT
x-age-lb: 6, 63618
server: CDN77-Turbo
x-77-pop: tokyoJP
x-77-nzt-ray: 6bd0fe11edbb49c8821e9f65be35b430
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1704863232

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 3 KB
1 KB 371ms
99ms Script
text/html 2a02:6ea0:d300::23
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=104906&formatId=11
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::23 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 851f8da92c164172cb58c771529f8197af7894c458b2ae201aef027f9d379511

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-nzt: EwgB1GYyGQFBDAFZu6IwAffA8QAACAHUZjiZAYE
x-accel-expires: @1705469762
date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: gzip
x-77-age: 61888
x-cache-lb: HIT, MISS
x-age-lb: 61888
server: CDN77-Turbo
x-77-pop: tokyoJP
x-77-nzt-ray: 6bd0fe11edbb49c8821e9f65b1d1b830
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1704864962

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
3 KB 275ms
4ms Script
text/html 2a02:6ea0:d300::23
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=30
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::23 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-nzt: EwwB1GYyGQH3afgAAAwBWbuiMAH3HgAAAAwBJRPCNAH3BgAAAA
x-accel-expires: @1705468021
date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: gzip
x-77-age: 63629
x-cache-lb: HIT, HIT
x-age-lb: 30, 63593
server: CDN77-Turbo
x-77-pop: tokyoJP
x-77-nzt-ray: 6bd0fe11edbb49c8821e9f658bc4ba30
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1704863257

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 3 KB
1 KB 371ms
100ms Script
text/html 2a02:6ea0:d300::23
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=104906&formatId=30
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::23 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c79267d5322afb9348828cf5b1e38be06a6a54428ad9fc6a0e5221240ba290d7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-nzt: EwgB1GYyGQFBDAFZu6IwAffA8QAACAElE8IxAYE
x-accel-expires: @1705469762
date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: gzip
x-77-age: 61888
x-cache-lb: HIT, MISS
x-age-lb: 61888
server: CDN77-Turbo
x-77-pop: tokyoJP
x-77-nzt-ray: 6bd0fe11edbb49c8821e9f650bd8bd30
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1704864962

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
3 KB 275ms
4ms Script
text/html 2a02:6ea0:d300::23
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=39
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::23 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-nzt: EwwB1GYyGQH3YfUAAAwBj/QhpAH3/gIAAAwB1GY4AQH3KQAAAA
x-accel-expires: @1705468026
date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: gzip
x-77-age: 63624
x-cache-lb: HIT, HIT
x-age-lb: 766, 62817
server: CDN77-Turbo
x-77-pop: tokyoJP
x-77-nzt-ray: 6bd0fe11edbb49c8821e9f65735dbf30
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1704864033

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 3 KB
1 KB 371ms
100ms Script
text/html 2a02:6ea0:d300::23
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=104906&formatId=39
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::23 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e2e5685c38df339f14f980645e78aac716ddccd8e9a1939554f4985c5155a1f8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-nzt: EwgB1GYyGQFBDAFZu6NfAffA8QAACAElE8IxAYE
x-accel-expires: @1705469762
date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: gzip
x-77-age: 61888
x-cache-lb: HIT, MISS
x-age-lb: 61888
server: CDN77-Turbo
x-77-pop: tokyoJP
x-77-nzt-ray: 6bd0fe11edbb49c8821e9f658d58c230
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1704864962

GET
H2 200 h.js Show response
cdn.unblockia.com/ 164 KB
39 KB 189ms
3ms Script
application/x-javascript 2600:9000:21ee:8000:12:abfb:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unblockia.com/h.js
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ee:8000:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7d2974070cf9f476d97e4401209a440e8fee787781d9084655cca366dad4d21

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: m8vKRZ4OANVjVfMIKL3cKYiXKt6EM9QQ
content-encoding: gzip
via: 1.1 3cfd9ad591925b5c5135a28bc8744964.cloudfront.net (CloudFront)
date: Wed, 10 Jan 2024 06:04:41 GMT
x-amz-cf-pop: NRT20-C4
age: 60170
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:987257285531:build/unblockia-loader-codebuild-project:4e52eb3f-761b-4c10-a85a-162fb4fa3980
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: fb4d4b7b1d35720e2d2481016ef4369b
last-modified: Tue, 20 Jun 2023 10:06:46 GMT
server: AmazonS3
etag: W/"bc5af0220c4116294c4e9c72ae4e244c"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 02f1ef29ead1d705cce351046cded37a79615ae12624547bfa0e8307765c8765
x-amz-cf-id: 9N7vsWwtjCjBRwo0R24ZYae_IjkiOXUpnUHYXh-ZYa53D72R_dpuFw==

GET
H2 200 alexandra-tincu-eHv6C67JmxQ-unsplash-e1575473412132.jpg
new-challenge123.com/wp-content/uploads/2019/12/ 45 KB
45 KB 70ms
69ms Image
image/jpeg 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://new-challenge123.com/wp-content/uploads/2019/12/alexandra-tincu-eHv6C67JmxQ-unsplash-e1575473412132.jpg
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: a039d27d15dfd1092a9770dc18807257ea73e08f16c0887f698f42c0bd4668ad

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
last-modified: Wed, 04 Dec 2019 15:30:12 GMT
server: nginx
etag: "b483-598e27d1a1e23"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 46211
expires: Wed, 17 Jan 2024 22:47:30 GMT

GET
H2

200

19551.jpg
thumbnail.image.rakuten.co.jp/@0_mall/beisia/cabinet/h301217/
Redirect Chain

https://hbb.afl.rakuten.co.jp/hgb/19c6bdd4.5f2020b8.19c6bdd5.5236884a/?me_id=1307506&item_id=10014802&m=https%3A%2F%2Fthumbnail.image.rakuten.co.jp%2F%400_mall%2Fbeisia%2Fcabinet%2Fh301217%2F19551....
https://thumbnail.image.rakuten.co.jp/@0_mall/beisia/cabinet/h301217/19551.jpg?_ex=240x240

6 KB
6 KB

221ms
49ms

Image
image/webp

2600:140b:dc00::173e:6a51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumbnail.image.rakuten.co.jp/@0_mall/beisia/cabinet/h301217/19551.jpg?_ex=240x240
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Server: 2600:140b:dc00::173e:6a51 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 244e0869dcec925214583fbe28a07c07dd7f2eb15e02f8a9430119366ab34a45

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
last-modified: Mon, 15 Apr 2019 03:28:33 GMT
server: nginx
etag: "5cb3fa61-11c70"
vary: Origin
content-type: image/webp
access-control-expose-headers: x-cdn-served-from
cache-control: max-age=3600
accept-ranges: none
x-cdn-served-from: Akamai
link: <https://tshop.r10s.jp/beisia/cabinet/h301217/19551.jpg?fitin=700:700>; rel="canonical"
content-length: 5932
expires: Wed, 10 Jan 2024 23:47:30 GMT

Redirect headers

Location: https://thumbnail.image.rakuten.co.jp/@0_mall/beisia/cabinet/h301217/19551.jpg?_ex=240x240
Date: Wed, 10 Jan 2024 22:47:30 GMT
X-Content-Type-Options: nosniff
Server: Apache
Connection: close
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK rl.svg
static.affiliate.rakuten.co.jp/makelink/ 3 KB
1 KB 41ms
11ms Image
image/svg+xml 23.60.109.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.affiliate.rakuten.co.jp/makelink/rl.svg

Requested by

Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.60.109.202 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-60-109-202.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d04fa817da92f0a8df1bd32c33c2392693baeaa393d763066a9ef8dee539f655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 22:47:30 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
Last-Modified: Thu, 06 Sep 2018 03:49:41 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1142
x-xss-protection: 1; mode=block

GET
H2 200 no-amp-logo.png
new-challenge123.com/wp-content/themes/cocoon-master/images/ 2 KB
3 KB 21ms
18ms Image
image/png 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://new-challenge123.com/wp-content/themes/cocoon-master/images/no-amp-logo.png
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: 175c4fe3443878bf56533ef4f3911719314806ededecdf3417b75a3e39873316

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
last-modified: Sat, 30 Sep 2023 18:21:52 GMT
server: nginx
etag: "9ac-606979d7c7c30"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2476
expires: Wed, 17 Jan 2024 22:47:30 GMT

GET
H2 200 no-image-160.png
new-challenge123.com/wp-content/themes/cocoon-master/images/ 1 KB
1 KB 22ms
19ms Image
image/png 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://new-challenge123.com/wp-content/themes/cocoon-master/images/no-image-160.png
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: 24618759553d2d90a974988b439a698f4fb0a69a2e00526b64555b900a280527

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
last-modified: Sat, 30 Sep 2023 18:21:52 GMT
server: nginx
etag: "40f-606979d7c7c30"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1039
expires: Wed, 17 Jan 2024 22:47:30 GMT

GET
H2 200 lauren-mancke-sil2Hx4iupI-unsplash-e1575558461326.jpg
new-challenge123.com/wp-content/uploads/2019/12/ 22 KB
23 KB 20ms
19ms Image
image/jpeg 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://new-challenge123.com/wp-content/uploads/2019/12/lauren-mancke-sil2Hx4iupI-unsplash-e1575558461326.jpg
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: cf74ad67677396ce9f821a2b7ec2180da8b22711f67e2d03912234ff19b7ed21

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
last-modified: Thu, 05 Dec 2019 15:07:41 GMT
server: nginx
etag: "593b-598f64a6a3ac9"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 22843
expires: Wed, 17 Jan 2024 22:47:30 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
3 KB 2ms
1ms Script
text/html 2a02:6ea0:d300::23
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=6
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::23 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-nzt: EwwB1GYyGQH3h/gAAAwBWbujXwH3AgAAAAwB1GY4AQH3BQAAAA
x-accel-expires: @1705468020
date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: gzip
x-77-age: 63630
x-cache-lb: HIT, HIT
x-age-lb: 2, 63623
server: CDN77-Turbo
x-77-pop: tokyoJP
x-77-nzt-ray: 6bd0fe11edbb49c8821e9f65d5050531
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1704863227

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 3 KB
1 KB 99ms
99ms Script
text/html 2a02:6ea0:d300::23
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=104906&formatId=6
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::23 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 16f8e9d3c8f62ed85126178e302337ce5e301fd6a4c2fd710546655f857d95e0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-nzt: EwgB1GYyGQFBDAFZu6IsAffA8QAACAElE8IoAYE
x-accel-expires: @1705469762
date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: gzip
x-77-age: 61888
x-cache-lb: HIT, MISS
x-age-lb: 61888
server: CDN77-Turbo
x-77-pop: tokyoJP
x-77-nzt-ray: 6bd0fe11edbb49c8821e9f6585990831
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1704864962

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 99ms
43ms Script
text/javascript 2404:6800:400a:804::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit

Requested by

Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:804::2004 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

23f50e78088d702434a208cf161e6ca9cffaf1da8337df1a4902a081659dbb05

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 10 Jan 2024 22:47:30 GMT

GET
H2 200 baguetteBox.min.js Show response
new-challenge123.com/wp-content/themes/cocoon-master/plugins/baguettebox/dist/ 9 KB
4 KB 21ms
19ms Script
application/javascript 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://new-challenge123.com/wp-content/themes/cocoon-master/plugins/baguettebox/dist/baguetteBox.min.js?ver=6.1.4&fver=20230930062152
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: d14fb24c37234368d688c39915a6c76c65d542aab34b5ef8cda4534cc2affaa8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: br
last-modified: Sat, 30 Sep 2023 18:21:52 GMT
server: nginx
etag: W/"256a-606979d7d956f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Wed, 17 Jan 2024 22:47:30 GMT

GET
H2 200 comment-reply.min.js Show response
new-challenge123.com/wp-includes/js/ 3 KB
2 KB 20ms
19ms Script
application/javascript 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://new-challenge123.com/wp-includes/js/comment-reply.min.js?ver=6.1.4&fver=20230127040038
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: br
last-modified: Fri, 27 Jan 2023 04:00:38 GMT
server: nginx
etag: W/"ba5-5f336e889bfde"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Wed, 17 Jan 2024 22:47:30 GMT

GET
H2 200 javascript.js Show response
new-challenge123.com/wp-content/themes/cocoon-master/ 8 KB
3 KB 22ms
21ms Script
application/javascript 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://new-challenge123.com/wp-content/themes/cocoon-master/javascript.js?ver=6.1.4&fver=20230930062152
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: eeaac89cfeb579ae2e2f1dc78eefbfd26e68779a836ff6b63c60961e25bd407d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: br
last-modified: Sat, 30 Sep 2023 18:21:52 GMT
server: nginx
etag: W/"1e2e-606979d844c2b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Wed, 17 Jan 2024 22:47:30 GMT

GET
H2 200 javascript.js Show response
new-challenge123.com/wp-content/themes/cocoon-child-master/ 298 B
493 B 21ms
19ms Script
application/javascript 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://new-challenge123.com/wp-content/themes/cocoon-child-master/javascript.js?ver=6.1.4&fver=20190831040759
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: b0bb9969a7c75f2d24e8c08cacb1856ecc281c6759da8ab8c60b43605b8c3b5b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
last-modified: Sat, 31 Aug 2019 16:07:59 GMT
server: nginx
etag: "12a-5916bf14cbe52"
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 298
expires: Wed, 17 Jan 2024 22:47:30 GMT

GET
H2 200 ads.js Show response
new-challenge123.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ 562 B
757 B 47ms
45ms Script
application/javascript 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://new-challenge123.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.76&fver=20230930062217
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: 7278214b0f01bfd6c59032cb72f2ddf23530e597ee18bc2653505118bce7516f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
last-modified: Sat, 30 Sep 2023 18:22:17 GMT
server: nginx
etag: "232-606979eff71e1"
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 562
expires: Wed, 17 Jan 2024 22:47:30 GMT

GET
H2 200 akismet-frontend.js Show response
new-challenge123.com/wp-content/plugins/akismet/_inc/ 10 KB
3 KB 22ms
21ms Script
application/javascript 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://new-challenge123.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1696098140&fver=20230930062220
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: 5734f1b66dcb622529d435aba20990813d43553f949bc0813719b4e7d1252527

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: br
last-modified: Sat, 30 Sep 2023 18:22:20 GMT
server: nginx
etag: W/"29ed-606979f2558ec"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Wed, 17 Jan 2024 22:47:30 GMT

GET
H2 200 e-202402.js Show response
stats.wp.com/ 7 KB
3 KB 9ms
1ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202402.js
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT nrt
date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14377-1704402356680.846
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Mon, 06 Jan 2025 16:13:30 GMT

GET
H2 200 access.php
new-challenge123.com/wp-content/themes/cocoon-master/lib/analytics/ 0
79 B 170ms
170ms Image
text/html 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://new-challenge123.com/wp-content/themes/cocoon-master/lib/analytics/access.php?post_id=1283&post_type=post
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
server: nginx
accept-ranges: bytes
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/ 401 KB
136 KB 109ms
108ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_fy2021.js?bust=31080218

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8dfb3fa0c1e5fc30b35396abc6218cf8d16972546a200789a323922a7593c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139096
x-xss-protection: 0
server: cafe
etag: 15796496814493596789
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 22:47:30 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 5ADA 9 KB
4 KB 40ms
2ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://new-challenge123.com/whipping-cream/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 70080
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 03:19:30 GMT
etag: 9219409622527106327
expires: Wed, 24 Jan 2024 03:19:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
81 KB 57ms
57ms Script
application/javascript 2404:6800:4004:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WTRJSYC2WT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-112012224-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3324d20d2228f1eaf2e89974c040176e580d47956909cd60c2ff087f9348a7d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82352
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Jan 2024 22:47:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 69ms
10ms Script
text/javascript 2404:6800:400a:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-112012224-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:813::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 10 Jan 2024 22:21:38 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1552
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 11 Jan 2024 00:21:38 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
209 B 42ms
41ms XHR
text/plain 2404:6800:400a:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=862722657&t=pageview&_s=1&dl=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&ul=en-us&de=UTF-8&dt=%E7%94%9F%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%A0%E3%81%AE%E6%B3%A1%E7%AB%8B%E3%81%A6%E5%99%A8%E4%BB%A3%E7%94%A8%E3%81%AB%E3%81%AF%E3%83%95%E3%82%A9%E3%83%BC%E3%82%AF%E3%82%84%E3%83%98%E3%83%A9%E3%81%8C%E8%89%AF%E3%81%84%EF%BC%9F%E8%B6%85%E7%B0%A1%E5%8D%98%E3%81%AA%E6%96%B9%E6%B3%95%E3%82%82%EF%BC%81&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=1294145902&gjid=396224979&cid=1148661662.1704926851&tid=UA-112012224-6&_gid=1207574947.1704926851&_r=1&gtm=457e4180&gcd=11l1l1l1l1&dma=0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=668526590

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:813::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://new-challenge123.com/whipping-cream/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 22:47:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://new-challenge123.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 42ms
42ms Ping
text/plain 2404:6800:400a:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-WTRJSYC2WT&gtm=45je4180v9134568112&_p=1704926850601&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1148661662.1704926851&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1704926850&sct=1&seg=0&dl=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&dt=%E7%94%9F%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%A0%E3%81%AE%E6%B3%A1%E7%AB%8B%E3%81%A6%E5%99%A8%E4%BB%A3%E7%94%A8%E3%81%AB%E3%81%AF%E3%83%95%E3%82%A9%E3%83%BC%E3%82%AF%E3%82%84%E3%83%98%E3%83%A9%E3%81%8C%E8%89%AF%E3%81%84%EF%BC%9F%E8%B6%85%E7%B0%A1%E5%8D%98%E3%81%AA%E6%96%B9%E6%B3%95%E3%82%82%EF%BC%81&en=page_view&_fv=1&_ss=1&ep.anonymize_ip=true&tfd=1119
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WTRJSYC2WT&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:813::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 22:47:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://new-challenge123.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B3B0 359 KB
83 KB 496ms
496ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6561002033229695&output=html&adk=1812271804&adf=3025194257&lmt=1704926850&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704926850701&bpp=5&bdt=161&idt=210&shv=r20240109&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=720562420050&frm=20&pv=2&ga_vid=1148661662.1704926851&ga_sid=1704926851&ga_hid=862722657&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320238%2C31080259%2C31080261%2C31080266%2C44798934%2C31080218%2C95321963%2C95320894&oid=2&pvsid=4270021573324575&tmod=1091523602&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=224

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_fy2021.js?bust=31080218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46c3794d8000e7eed704a8d275bc9e958527d150e511e895539842dc265a2454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://new-challenge123.com/whipping-cream/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 84480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 22:47:31 GMT
expires: Wed, 10 Jan 2024 22:47:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
281 B 932ms
276ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=104906&f=11&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=104906&formatId=11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:31 GMT
server: nginx
x-iplb-request-id: 1FCC91A8:8CD8_36264064:01BB_659F1E83_5835CF79:0F25
x-iplb-instance: 58017
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

GET
H2 200 requestform3.js Show response
ads.themoneytizer.com/s/ 97 KB
16 KB 98ms
98ms Script
text/html 2a02:6ea0:d300::23
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=104906&formatId=11
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=104906&formatId=11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::23 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 15d543225c00b9c3c25093addae90f168711a1e3b0116aae1d0e05e129233865

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-nzt: EwgB1GYyGQFBDAGP9CGkAffA8QAACAElE8IxAYE
x-accel-expires: @1705469762
date: Wed, 10 Jan 2024 22:47:31 GMT
content-encoding: gzip
x-77-age: 61888
x-cache-lb: HIT, MISS
x-age-lb: 61888
server: CDN77-Turbo
x-77-pop: tokyoJP
x-77-nzt-ray: 6bd0fe11edbb49c8821e9f659bed6a37
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1704864962

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
281 B 926ms
266ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=104906&f=30&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=104906&formatId=30
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:31 GMT
server: nginx
x-iplb-request-id: 1FCC91A8:8CE4_36264064:01BB_659F1E83_5828D670:7BB1
x-iplb-instance: 58069
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

GET
H2 200 requestform3.js Show response
ads.themoneytizer.com/s/ 95 KB
16 KB 286ms
285ms Script
text/html 2a02:6ea0:d300::23
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=104906&formatId=30
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=104906&formatId=30
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::23 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f1238aeb0cfbba3ccb5433e1c5134e8d01b566f0daa2436082141b86bcad4e1d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-nzt: EwgB1GYyGQFBDAFZu6NfAffA8QAACAElE8I0AYE
x-accel-expires: @1705469762
date: Wed, 10 Jan 2024 22:47:31 GMT
content-encoding: gzip
x-77-age: 61888
x-cache-lb: HIT, MISS
x-age-lb: 61888
server: CDN77-Turbo
x-77-pop: tokyoJP
x-77-nzt-ray: 6bd0fe11edbb49c8821e9f6542387337
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1704864962

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
281 B 937ms
277ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=104906&f=39&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=104906&formatId=39
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:31 GMT
server: nginx
x-iplb-request-id: 1FCC91A8:8CCC_36264064:01BB_659F1E83_58384C9B:122A
x-iplb-instance: 57779
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

GET
H2 200 requestform3.js Show response
ads.themoneytizer.com/s/ 92 KB
15 KB 106ms
105ms Script
text/html 2a02:6ea0:d300::23
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=104906&formatId=39
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=104906&formatId=39
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::23 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2eea22b4af3460211e173c83a145c9fdea326d91400feac018f492e4094700e6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-nzt: EwgB1GYyGQFBDAFZu6IsAffA8QAACAHUZjicAYE
x-accel-expires: @1705469762
date: Wed, 10 Jan 2024 22:47:31 GMT
content-encoding: gzip
x-77-age: 61888
x-cache-lb: HIT, MISS
x-age-lb: 61888
server: CDN77-Turbo
x-77-pop: tokyoJP
x-77-nzt-ray: 6bd0fe11edbb49c8821e9f65cdf37c37
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1704864962

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8196 206 KB
48 KB 371ms
371ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6561002033229695&output=html&h=280&slotname=7319246346&adk=4189558454&adf=2137404282&pi=t.ma~as.7319246346&w=800&fwrn=4&fwrnh=100&lmt=1704926850&rafmt=1&format=800x280&url=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704926850931&bpp=11&bdt=392&idt=11&shv=r20240109&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=720562420050&frm=20&pv=1&ga_vid=1148661662.1704926851&ga_sid=1704926851&ga_hid=862722657&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=1065&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320238%2C31080259%2C31080261%2C31080266%2C44798934%2C31080218%2C95321963%2C95320894&oid=2&pvsid=4270021573324575&tmod=1091523602&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=15

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_fy2021.js?bust=31080218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e24a5fefc526444231dbcb81349b64d257aee6142b619f4d940482547c47cadb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://new-challenge123.com/whipping-cream/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 48471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 22:47:31 GMT
expires: Wed, 10 Jan 2024 22:47:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 711F 106 KB
39 KB 493ms
493ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6561002033229695&output=html&h=280&slotname=6703813459&adk=3481391005&adf=2740954024&pi=t.ma~as.6703813459&w=336&lmt=1704926850&rafmt=12&format=336x280&url=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704926850958&bpp=4&bdt=419&idt=4&shv=r20240109&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280&nras=1&correlator=720562420050&frm=20&pv=1&ga_vid=1148661662.1704926851&ga_sid=1704926851&ga_hid=862722657&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320238%2C31080259%2C31080261%2C31080266%2C44798934%2C31080218%2C95321963%2C95320894&oid=2&pvsid=4270021573324575&tmod=1091523602&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_fy2021.js?bust=31080218

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13b51aabcb301fe17ea986e50a28e5b39811a98155f84351143b0bf31177456b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://new-challenge123.com/whipping-cream/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40032
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 22:47:31 GMT
expires: Wed, 10 Jan 2024 22:47:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2C12 106 KB
39 KB 266ms
265ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6561002033229695&output=html&h=280&slotname=1995806867&adk=371297691&adf=1862175494&pi=t.ma~as.1995806867&w=336&lmt=1704926850&rafmt=12&format=336x280&url=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704926850972&bpp=11&bdt=433&idt=11&shv=r20240109&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280%2C336x280&nras=1&correlator=720562420050&frm=20&pv=1&ga_vid=1148661662.1704926851&ga_sid=1704926851&ga_hid=862722657&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320238%2C31080259%2C31080261%2C31080266%2C44798934%2C31080218%2C95321963%2C95320894&oid=2&pvsid=4270021573324575&tmod=1091523602&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_fy2021.js?bust=31080218

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2deb2dfe8534b648034f2d5ac8161da5f10649290a313689c2fda0c384ab576a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://new-challenge123.com/whipping-cream/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39895
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 22:47:31 GMT
expires: Wed, 10 Jan 2024 22:47:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 steve-johnson-N-MqWXXZvNY-unsplash-e1575558365600-768x430.jpg
new-challenge123.com/wp-content/uploads/2019/12/ 30 KB
30 KB 24ms
24ms Image
image/jpeg 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://new-challenge123.com/wp-content/uploads/2019/12/steve-johnson-N-MqWXXZvNY-unsplash-e1575558365600-768x430.jpg
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: 30e91c4e908076065d2600d6136b034c9d7c35d993c6038dcd441ff131002d3e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:31 GMT
last-modified: Thu, 16 Jan 2020 00:40:35 GMT
server: nginx
etag: "770b-59c3712c2309e"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 30475
expires: Wed, 17 Jan 2024 22:47:31 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6484 736 B
384 B 179ms
178ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6561002033229695&output=html&h=280&slotname=7319246346&adk=3244606608&adf=3089871629&pi=t.ma~as.7319246346&w=800&fwrn=4&fwrnh=100&lmt=1704926850&rafmt=1&format=800x280&url=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704926850992&bpp=1&bdt=452&idt=1&shv=r20240109&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280%2C336x280%2C336x280&nras=1&correlator=720562420050&frm=20&pv=1&ga_vid=1148661662.1704926851&ga_sid=1704926851&ga_hid=862722657&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=3900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320238%2C31080259%2C31080261%2C31080266%2C44798934%2C31080218%2C95321963%2C95320894&oid=2&pvsid=4270021573324575&tmod=1091523602&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_fy2021.js?bust=31080218

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60dcc01e15842e83aac7bfee94fcf29f667cf27c29cdede9a9d74046ecdf2064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://new-challenge123.com/whipping-cream/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 360
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 22:47:31 GMT
expires: Wed, 10 Jan 2024 22:47:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
281 B 800ms
248ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=104906&f=6&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=104906&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:31 GMT
server: nginx
x-iplb-request-id: 1FCC91A8:8CDE_36264064:01BB_659F1E83_3F634D5A:746D
x-iplb-instance: 58148
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

GET
H2 200 requestform3.js Show response
ads.themoneytizer.com/s/ 99 KB
16 KB 185ms
185ms Script
text/html 2a02:6ea0:d300::23
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=104906&formatId=6
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=104906&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::23 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8d2b0d3968390b8e2a65670d756c65a6210ae418cc4e3d51950aaa6d27402b5f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-nzt: EwgB1GYyGQFBDAFZu6NfAffB8QAACAElE8IoAYE
x-accel-expires: @1705469762
date: Wed, 10 Jan 2024 22:47:31 GMT
content-encoding: gzip
x-77-age: 61889
x-cache-lb: HIT, MISS
x-age-lb: 61889
server: CDN77-Turbo
x-77-pop: tokyoJP
x-77-nzt-ray: 6bd0fe11edbb49c8831e9f6553ef1702
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-date: 1704864962

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 503 KB
202 KB 47ms
3ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://new-challenge123.com/whipping-cream/
Origin: https://new-challenge123.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206076
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 17:18:32 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
50 KB 107ms
68ms Fetch
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true

Requested by

Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddbc822c300779b7e3a684cff7979eec9ab675ba48a16cb3b8bdfdf0b86b5320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51564
x-xss-protection: 0
server: cafe
etag: 10386559944364519306
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 22:47:31 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 10ms
4ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.8.2&blog=166224735&post=1283&tz=9&srv=new-challenge123.com&host=new-challenge123.com&ref=&fcp=1186&rand=0.1356449985368875
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 10 Jan 2024 22:47:31 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1097/ 105 KB
36 KB 37ms
4ms Script
application/javascript 23.195.91.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1097/smart.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=104906&formatId=11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.91.136 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-195-91-136.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c81029c6b8f6b8badfa68508ca68fdb53dca16d8cacf894eff8a54be8caa125f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 22:47:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=7200
Connection: keep-alive
Content-Length: 36460
Expires: Thu, 11 Jan 2024 00:47:31 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
291 B 465ms
155ms Script
text/javascript 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=104906&formatId=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:31 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 234440
expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 4 KB
4 KB 2033ms
301ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=104906&formatId=11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 97c32278e8275102822dd3f18f9de62b7ff1f796bb43cf04c0845114ec912d16

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:32 GMT
last-modified: Wed, 06 Dec 2023 10:36:31 GMT
server: nginx/1.20.1
x-iplb-request-id: 1FCC91A8:E8BA_91EFC0A6:01BB_659F1E84_4172984E:10B0
etag: "65704eaf-f36"
x-iplb-instance: 54208
content-type: application/javascript
accept-ranges: bytes
content-length: 3894

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 5F19 2 KB
864 B 242ms
80ms Document
text/html 51.79.154.29
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1704926851115

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=104906&formatId=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.154.29 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip29.ip-51-79-154.net

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://new-challenge123.com/whipping-cream/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 378ms
75ms Script
application/javascript 2620:116:800e:21:36b5:1576:d999:6e52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=104906&formatId=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800e:21:36b5:1576:d999:6e52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:31 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 17 Jan 2024 22:47:31 GMT

GET
H2 200 px.js Show response
p.cpx.to/p/12761/ 4 KB
4 KB 813ms
241ms Script
application/javascript 54.194.222.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12761/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=104906&formatId=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.222.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-222-16.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 58ef01cf054184b5b7ee5b05ef529f9937708b1b07d4d37277117756d9139a3f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:31 GMT
cache-control: public, max-age=2419200
content-length: 4396
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK mailNotification.php Show response
adtrack.adleadevent.com/ 0
859 B 2648ms
241ms Script
application/x-javascript 52.17.192.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/mailNotification.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=104906&formatId=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.192.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-192-98.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 22:47:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jan 2024 22:47:33 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid8_30/build/dist/ 606 KB
197 KB 2ms
2ms Script
application/javascript 2a02:6ea0:d300::23
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid8_30/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=104906&formatId=11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::23 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 650f30f317ec4dfacc102202f75cfe3cf669fe646a1046ea14597f4b67d253af

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-pop: tokyoJP
date: Wed, 10 Jan 2024 22:47:31 GMT
content-encoding: gzip
x-age-lb: 2, 63624
x-77-cache: HIT
x-accel-date: 1704863227
x-77-nzt: EwwB1GYyGQH3iPgAAAwBWbuiLAH3AgAAAAwB1GY4EQH3BQAAAA
pragma: public
x-accel-expires: @1704949620
x-cache-lb: HIT, HIT
x-77-age: 63631
last-modified: Mon, 08 Jan 2024 16:09:57 GMT
server: CDN77-Turbo
x-77-nzt-ray: 6bd0fe11edbb49c8831e9f6564420607
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Thu, 11 Jan 2024 05:07:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 463ms
154ms Preflight
application/json 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnew-challenge123.com%2F&domain=new-challenge123.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://new-challenge123.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://new-challenge123.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 10 Jan 2024 22:47:31 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 213561
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnew-challenge123.com%2F&domain=new-challenge123.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=i6FdQnx2UHoyWG5pdmh2YUxyZUdpVWxScXFEMldqR2d6UTMvaXd1Uy9Ub0VucDdvOU1jZWwvWVM0SjVOVE93V2NJNEpURTdCMlo1TFNOYnVXNW9EMnptVmtkYWQrWGxjc21oQm12OVRvZnRZYVlRWDkyaTNmWloxSnN2UU...

392 B
670 B

476ms
158ms

Fetch
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=i6FdQnx2UHoyWG5pdmh2YUxyZUdpVWxScXFEMldqR2d6UTMvaXd1Uy9Ub0VucDdvOU1jZWwvWVM0SjVOVE93V2NJNEpURTdCMlo1TFNOYnVXNW9EMnptVmtkYWQrWGxjc21oQm12OVRvZnRZYVlRWDkyaTNmWloxSnN2UUw4Q1JBeW5uU3ZyU0FOdnhTcmlqUWxYeFBhdUt0ZlhROHdOUHFwRDczbWhHTWxWQ3VWeXh6Y3k3QzE3dm1NR0ExaEFzZ09uVkp5SmxONE1RWGRISDNDWTZFZVA3VzBYSW5LNU1RdTZIRVZVeHpmUDM2ZnhJK0N6NVpSNkhVTW4rZnNVWG5kdGFCfA&cppv=2

Requested by

Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

56fb58953df35255267860dc524d2bf4c84322dfa5da830e6f9dfe9f83a204f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 22:47:32 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 552379
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 22:47:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
access-control-allow-origin: https://new-challenge123.com
location: https://mug.criteo.com/sid?cpp=i6FdQnx2UHoyWG5pdmh2YUxyZUdpVWxScXFEMldqR2d6UTMvaXd1Uy9Ub0VucDdvOU1jZWwvWVM0SjVOVE93V2NJNEpURTdCMlo1TFNOYnVXNW9EMnptVmtkYWQrWGxjc21oQm12OVRvZnRZYVlRWDkyaTNmWloxSnN2UUw4Q1JBeW5uU3ZyU0FOdnhTcmlqUWxYeFBhdUt0ZlhROHdOUHFwRDczbWhHTWxWQ3VWeXh6Y3k3QzE3dm1NR0ExaEFzZ09uVkp5SmxONE1RWGRISDNDWTZFZVA3VzBYSW5LNU1RdTZIRVZVeHpmUDM2ZnhJK0N6NVpSNkhVTW4rZnNVWG5kdGFCfA&cppv=2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 335617
content-length: 0
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 134 B
420 B 755ms
251ms Fetch
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_30/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://new-challenge123.com/whipping-cream/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://new-challenge123.com
date: Wed, 10 Jan 2024 22:47:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ 75 B
826 B 331ms
81ms Fetch
application/json 13.214.50.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?c=17553
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_30/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.214.50.225 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-214-50-225.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 628143a4a9ec4807216204454c67a3e26dc9f7120ff76bf5853d9e89c978ef97

Request headers

Referer: https://new-challenge123.com/whipping-cream/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 22:47:31 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://new-challenge123.com
cache-control: no-cache
x-server: 10.42.18.45
access-control-allow-credentials: true
content-length: 75
expires: 0

POST
H2 200 102.json Show response
id5-sync.com/g/v2/ 630 B
1 KB 753ms
251ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/102.json

Requested by

Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

ffd610007ab341360059eca0e6b94c22e89f25c81ec612003ee4f814cb1a38b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://new-challenge123.com/whipping-cream/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://new-challenge123.com
date: Wed, 10 Jan 2024 22:47:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 matt-popovich-ga7xhfPmKFU-unsplash-e1575558200838-768x512.jpg
new-challenge123.com/wp-content/uploads/2019/12/ 13 KB
13 KB 22ms
22ms Image
image/jpeg 183.181.98.15
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://new-challenge123.com/wp-content/uploads/2019/12/matt-popovich-ga7xhfPmKFU-unsplash-e1575558200838-768x512.jpg
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.15 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6014.xserver.jp
Software: nginx /
Resource Hash: 85cc06d8596be6d8d84478c57e368ca4c62a62baf8995fb88d0c0a83900f3322

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:31 GMT
last-modified: Thu, 16 Jan 2020 00:40:34 GMT
server: nginx
etag: "32bd-59c3712bb897b"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 12989
expires: Wed, 17 Jan 2024 22:47:31 GMT

GET
H2 403 id.json Show response
loader.unblockia.com/c/new-challenge123.com/ 243 B
531 B 882ms
867ms Fetch
application/xml 2600:9000:21ee:1600:12:abfb:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://loader.unblockia.com/c/new-challenge123.com/id.json
Requested by: Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ee:1600:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01fa4c25f5538938fab407d075732bd41411cd7845f6d2572a63987fed0af9d5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:31 GMT
via: 1.1 ff8441cf5ba1180f46877d00029f6fec.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: NRT20-C4
x-cache: Error from cloudfront
content-type: application/xml
access-control-allow-origin: *
access-control-expose-headers: *
x-amz-cf-id: gnEwWHtd9_MKvDNT81rnDYUPOKCQ4cUThtJWOamCw_6V8214ZA_IvQ==

GET
H2 200 lib_fs_close.js Show response
ads.themoneytizer.com/ 667 B
866 B 1ms
1ms Script
application/javascript 2a02:6ea0:d300::23
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/lib_fs_close.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=104906&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::23 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-pop: tokyoJP
date: Wed, 10 Jan 2024 22:47:31 GMT
content-encoding: gzip
x-age-lb: 1, 63624
x-77-cache: HIT
x-accel-date: 1704863227
x-77-nzt: EwwB1GYyGQH3iPgAAAwBWbuiMAH3AQAAAAwB1GY4mQH3AgAAAA
pragma: public
x-accel-expires: @1704949624
x-cache-lb: HIT, HIT
x-77-age: 63627
last-modified: Thu, 19 Jan 2023 15:05:03 GMT
server: CDN77-Turbo
x-77-nzt-ray: 6bd0fe11edbb49c8831e9f652f2e120e
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Thu, 11 Jan 2024 05:07:04 GMT

GET
H2 200 moneyinimage.js Show response
ads.themoneytizer.com/ 5 KB
2 KB 1ms
1ms Script
application/javascript 2a02:6ea0:d300::23
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneyinimage.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=104906&formatId=30
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::23 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1ace0b41e6edf47af144ac8a85a7f26fac7262c182275bd5cc7dd48825555e5f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-pop: tokyoJP
date: Wed, 10 Jan 2024 22:47:31 GMT
content-encoding: gzip
x-age-lb: 28, 63595
x-77-cache: HIT
x-accel-date: 1704863256
x-77-nzt: EwwB1GYyGQH3a/gAAAwBj/QhpAH3HAAAAAwB1GY4AQH3BgAAAA
pragma: public
x-accel-expires: @1704949622
x-cache-lb: HIT, HIT
x-77-age: 63629
last-modified: Wed, 20 Sep 2023 15:37:28 GMT
server: CDN77-Turbo
x-77-nzt-ray: 6bd0fe11edbb49c8831e9f6560f3b60e
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Thu, 11 Jan 2024 05:07:02 GMT

GET
H2 200 11889871572866173719
tpc.googlesyndication.com/simgad/ Frame 2C12 43 KB
43 KB 46ms
5ms Image
image/jpeg 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11889871572866173719?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmKisfepYk50cNtFYs32W2bEU9H2w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6561002033229695&output=html&h=280&slotname=1995806867&adk=371297691&adf=1862175494&pi=t.ma~as.1995806867&w=336&lmt=1704926850&rafmt=12&format=336x280&url=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704926850972&bpp=11&bdt=433&idt=11&shv=r20240109&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280%2C336x280&nras=1&correlator=720562420050&frm=20&pv=1&ga_vid=1148661662.1704926851&ga_sid=1704926851&ga_hid=862722657&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320238%2C31080259%2C31080261%2C31080266%2C44798934%2C31080218%2C95321963%2C95320894&oid=2&pvsid=4270021573324575&tmod=1091523602&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

910655b66685abc4f2bba909d60dfa6aaf19186f2678fa87213b161a87ef6252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:54:49 GMT
x-content-type-options: nosniff
age: 3162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43709
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 09:46:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Jan 2025 21:54:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 2C12 23 KB
9 KB 44ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:19:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:19:28 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9288 143 B
166 B 3ms
2ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6561002033229695&output=html&h=280&slotname=1995806867&adk=371297691&adf=1862175494&pi=t.ma~as.1995806867&w=336&lmt=1704926850&rafmt=12&format=336x280&url=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704926850972&bpp=11&bdt=433&idt=11&shv=r20240109&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280%2C336x280&nras=1&correlator=720562420050&frm=20&pv=1&ga_vid=1148661662.1704926851&ga_sid=1704926851&ga_hid=862722657&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320238%2C31080259%2C31080261%2C31080266%2C44798934%2C31080218%2C95321963%2C95320894&oid=2&pvsid=4270021573324575&tmod=1091523602&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 22:33:01 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 2C12 3 KB
1 KB 43ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:19:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 2C12 20 KB
9 KB 42ms
1ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:19:06 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C12 205 KB
65 KB 103ms
58ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 22:47:31 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 2C12 36 KB
15 KB 43ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e84408aa66b9c10dd6e2d630f717b4b4f03345cd77fc5360f4ccba99ce1fa74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:23:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14790
x-xss-protection: 0
server: cafe
etag: 14910708302111541132
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:23:46 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9288
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

43ms
43ms

Document
text/html

2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 22:47:31 GMT
expires: Wed, 10 Jan 2024 22:47:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 22:47:31 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 8196 510 B
800 B 83ms
41ms Stylesheet
text/css 2404:6800:4004:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=u%E3%83%AB%E5%A4%A7me90%E3%82%AAT%EF%BC%85%E3%82%BB%E3%83%95%EF%BC%8D%E3%83%BC%E6%9C%80

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6561002033229695&output=html&h=280&slotname=7319246346&adk=4189558454&adf=2137404282&pi=t.ma~as.7319246346&w=800&fwrn=4&fwrnh=100&lmt=1704926850&rafmt=1&format=800x280&url=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704926850931&bpp=11&bdt=392&idt=11&shv=r20240109&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=720562420050&frm=20&pv=1&ga_vid=1148661662.1704926851&ga_sid=1704926851&ga_hid=862722657&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=1065&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320238%2C31080259%2C31080261%2C31080266%2C44798934%2C31080218%2C95321963%2C95320894&oid=2&pvsid=4270021573324575&tmod=1091523602&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eff8e6a844522897b74ff661425c391c856245255ee4e41508ed8c066a722261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 22:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 22:47:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jan 2024 22:47:31 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8196 4 KB
705 B 83ms
42ms Stylesheet
text/css 2404:6800:4004:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 22:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 21:37:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jan 2024 22:47:31 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 8196 2 KB
875 B 3ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:19:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:19:28 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 8196 23 KB
9 KB 4ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:19:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:19:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 8196 3 KB
1 KB 5ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:19:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 8196 20 KB
8 KB 4ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:19:06 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8196 205 KB
65 KB 146ms
145ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 22:47:31 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 8196 37 KB
15 KB 43ms
3ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 06 Apr 2024 22:50:41 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8196 29 KB
29 KB 50ms
6ms Image
image/jpeg 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRyxnC7X7VFfkcdSDUEYZKaneYS7r-HD0XVk1WIFAWeX1lw8czIRNjzXjspZME&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bded2fafdcb56681a7ec7d3854133cc916ac2268bbb20d5bd783a2de708c4fd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 11:07:35 GMT
x-content-type-options: nosniff
age: 387596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29644
x-xss-protection: 0
last-modified: Sat, 23 Dec 2023 07:02:26 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 05 Jan 2025 11:07:35 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8196 37 KB
38 KB 51ms
7ms Image
image/jpeg 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcT1idDpZqzFH703PVx9knFNE48JsDyWlPjorKXfmTOD9fyvfgtuWqECIC685g&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

920b1fb1c1a386a8708e4ffad2da3bf664f6f3f6f448feb237a68276e9ae646d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 01:28:49 GMT
x-content-type-options: nosniff
age: 76722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38377
x-xss-protection: 0
last-modified: Sat, 24 Feb 2024 10:06:36 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 09 Jan 2025 01:28:49 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8196 24 KB
25 KB 46ms
3ms Image
image/jpeg 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTsZ0jAVB0dXy_fepLjVJjqONSn0xeGDpFvQhw-jqKhdIH_x4rjpDeT7W3EOQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03b46c8ba3370ae92dff86252cddf2a45b1e9dd08d45fca58a0b74e7d4246694

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:48:01 GMT
x-content-type-options: nosniff
age: 201570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24581
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 04:15:30 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 07 Jan 2025 14:48:01 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8196 20 KB
20 KB 51ms
8ms Image
image/jpeg 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQCLHYIOCB0E24DLwYu-9I-kbgv_9Y74FIsagwLvg4UkJHLkn5S9wvyqN_TUZM&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

434cba3583106ab91e5c771561294ce33f5db58921e465b9ddece36d8329d5ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:54:29 GMT
x-content-type-options: nosniff
age: 395582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19993
x-xss-protection: 0
last-modified: Sat, 24 Feb 2024 10:08:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 05 Jan 2025 08:54:29 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 8196 24 KB
24 KB 74ms
20ms Image
image/jpeg 2404:6800:400a:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTaa25o1BQlqOoo5_z3UBSNWNiiWJZeSbIaf73yyW6ygDrwJEwDYRTzQPPT4g&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

770158d16cb2ccb530d70933b5bd84f4569dab6fe2f56f915efb4408bb7fdaf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:50:22 GMT
x-content-type-options: nosniff
age: 14229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24073
x-xss-protection: 0
last-modified: Sun, 04 Feb 2024 03:57:58 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 09 Jan 2025 18:50:22 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8196 25 KB
25 KB 48ms
5ms Image
image/jpeg 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTjXflphjp50XZPNNUSmznV9YnFBRRMJpq0EdY3dQ9nrajRMIww4ft7Z3MOLpo&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9525bd99fea507aa6807b02db85f9d7f33e7e12096b107024ba46386656c5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:17:20 GMT
x-content-type-options: nosniff
age: 390611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25117
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 07:08:03 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 05 Jan 2025 10:17:20 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 8196 16 KB
17 KB 67ms
13ms Image
image/jpeg 2404:6800:400a:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQ8Rh4nKmgWpfVbiKQ7rUI04dg_ic0bBYrGuAEkyBzM-FGAKXrx27ZDyyidaA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

734066ffa58cefe455436ea1ba8612ba4ecc5e67d2402dcecefda2b3fa667cd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:50:41 GMT
x-content-type-options: nosniff
age: 14210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16835
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 15:10:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 09 Jan 2025 18:50:41 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 8196 25 KB
26 KB 45ms
3ms Image
image/jpeg 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTHY5Gb3Te-SGLYdfcs9LCIl4m9tuMHAZ4Mx6eyRab6igijY0aWFP10SZ4ooA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ddf527b6f51467e3acbc4f5a2991d0f5c3bb4ee5779ea9dde4abbf75def49bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:52:54 GMT
x-content-type-options: nosniff
age: 467677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25726
x-xss-protection: 0
last-modified: Sun, 01 Oct 2023 05:00:32 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 04 Jan 2025 12:52:54 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8196 26 KB
26 KB 50ms
7ms Image
image/jpeg 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRuL9dClzGD0FcRqF_OttLcfo_AsxclB9uBD4qPYh63dVpkVPH8gAiNeYz-hcw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ecd4338c1c8750762999d918a7e6b80ee1686339e86392bb2aec8553d0a2cf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 07:29:47 GMT
x-content-type-options: nosniff
age: 314264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26880
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 05:00:55 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 06 Jan 2025 07:29:47 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8196 24 KB
24 KB 42ms
4ms Image
image/jpeg 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTYak91hyV-BPcBhQLxrxIb1htPv62Yb-Qaepue3mrf5-yiu5PRj7HqxsKyDpc&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0142ce4d05b963624c6e5996c5466bc01f8ca5ba312a1dd7d6932882a3916e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:49:43 GMT
x-content-type-options: nosniff
age: 201468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24157
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 06:18:17 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 07 Jan 2025 14:49:43 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 8196 17 KB
17 KB 78ms
24ms Image
image/jpeg 2404:6800:400a:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQHxmH4LdLzIJF0CtOyr3hGNCCa2CvmoeNklfYgLh_p8j1Bh3LI2DyoMYn5yCw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09c7862ce50e9d8643376d2c0dd9a461b086c944abd5d9b1fa5741e968407b08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:45:15 GMT
x-content-type-options: nosniff
age: 14536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17236
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 03:50:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 09 Jan 2025 18:45:15 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 8196 15 KB
16 KB 60ms
10ms Image
image/jpeg 2404:6800:400a:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSUxHpIkhftJ30bpBJKkSOj2L29BZC7fPobJW5Lb-0YafqslQa58DdjzLB0imA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66168935c985d45b60e78b83aaba7a8fb40ef45801f42396610421dc8358c031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 19:05:36 GMT
x-content-type-options: nosniff
age: 13315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15591
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 04:51:27 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 09 Jan 2025 19:05:36 GMT

GET
H2

200

12589505205993449889
tpc.googlesyndication.com/simgad/ Frame 8196
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCW46TzmgEQsAkYsAkyCCtyDyDi_3UE
https://tpc.googlesyndication.com/simgad/12589505205993449889

77 KB
77 KB

2ms
2ms

Image
image/png

2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12589505205993449889

Requested by

Protocol

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Thu, 09 Jan 2025 07:25:49 GMT
date: Wed, 10 Jan 2024 07:25:49 GMT
x-content-type-options: nosniff
age: 55302
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79088
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 03:43:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

Redirect headers

date: Wed, 10 Jan 2024 11:57:12 GMT
x-content-type-options: nosniff
server: cafe
age: 39019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/12589505205993449889
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 09 Feb 2024 11:57:12 GMT

GET
DATA 200
OK truncated
/ Frame 8196 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9fe63e7f088355861b07d94f70315d9edd0a084805184415e8d5b452bc2c993

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2C12 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbfdc013e8f8b2024092639f589c254f44efa0ba008098a208605a210669db81

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 2C12
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C1Oyggx6fZZ2TAbvVs8IPgKy8iAXivKmhdeaXh_H0EKip1865DhABIKnm6mJgifPFhPQToAHPx-fHA8gBAqkCMmBrYEt-PT6oAwHIA8kEqgT8AU_Q77pyqqKlo8oZF9cM7rzCQqkl8JrUyAf...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x581c5f03dda22f140000000000000000%22,%222%22:%220x8156c8ccb45003c30000000000000000%22,%223%22:%220xf18e32...

0
0

81ms
39ms

Fetch
text/css

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x581c5f03dda22f140000000000000000%22,%222%22:%220x8156c8ccb45003c30000000000000000%22,%223%22:%220xf18e32731a3911450000000000000000%22,%224%22:%220x6387ef25892c6a880000000000000000%22,%225%22:%220x49f08ae1fae07070000000000000000%22},%22debug_key%22:%223572767319028818675%22,%22debug_reporting%22:true,%22destination%22:%22https://bsa.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22955900879%22],%2222%22:[%22true%22],%224%22:[%2201-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226699088425190824321%22}&andc=true

Requested by

Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:31 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x581c5f03dda22f140000000000000000","2":"0x8156c8ccb45003c30000000000000000","3":"0xf18e32731a3911450000000000000000","4":"0x6387ef25892c6a880000000000000000","5":"0x49f08ae1fae07070000000000000000"},"debug_key":"3572767319028818675","debug_reporting":true,"destination":"https://bsa.org","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["955900879"],"22":["true"],"4":["01-10"],"6":["true"]},"priority":"500","source_event_id":"6699088425190824321"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 10 Jan 2024 22:47:31 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 10 Jan 2024 22:47:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x581c5f03dda22f140000000000000000","2":"0x8156c8ccb45003c30000000000000000","3":"0xf18e32731a3911450000000000000000","4":"0x6387ef25892c6a880000000000000000","5":"0x49f08ae1fae07070000000000000000"},"debug_key":"3572767319028818675","debug_reporting":true,"destination":"https://bsa.org","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["955900879"],"22":["true"],"4":["01-10"],"6":["true"]},"priority":"500","source_event_id":"6699088425190824321"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame A028 50 KB
19 KB 3ms
2ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 21:09:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 524291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 21:09:20 GMT

GET
H3 200 11889871572866173719
tpc.googlesyndication.com/simgad/ Frame 711F 43 KB
43 KB 4ms
4ms Image
image/jpeg 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11889871572866173719?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmKisfepYk50cNtFYs32W2bEU9H2w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6561002033229695&output=html&h=280&slotname=6703813459&adk=3481391005&adf=2740954024&pi=t.ma~as.6703813459&w=336&lmt=1704926850&rafmt=12&format=336x280&url=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704926850958&bpp=4&bdt=419&idt=4&shv=r20240109&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280&nras=1&correlator=720562420050&frm=20&pv=1&ga_vid=1148661662.1704926851&ga_sid=1704926851&ga_hid=862722657&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320238%2C31080259%2C31080261%2C31080266%2C44798934%2C31080218%2C95321963%2C95320894&oid=2&pvsid=4270021573324575&tmod=1091523602&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

910655b66685abc4f2bba909d60dfa6aaf19186f2678fa87213b161a87ef6252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:54:49 GMT
x-content-type-options: nosniff
age: 3162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43709
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 09:46:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Jan 2025 21:54:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 711F 23 KB
9 KB 6ms
6ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:19:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:19:28 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 01B1 143 B
166 B 4ms
3ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6561002033229695&output=html&h=280&slotname=6703813459&adk=3481391005&adf=2740954024&pi=t.ma~as.6703813459&w=336&lmt=1704926850&rafmt=12&format=336x280&url=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704926850958&bpp=4&bdt=419&idt=4&shv=r20240109&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x280&nras=1&correlator=720562420050&frm=20&pv=1&ga_vid=1148661662.1704926851&ga_sid=1704926851&ga_hid=862722657&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320238%2C31080259%2C31080261%2C31080266%2C44798934%2C31080218%2C95321963%2C95320894&oid=2&pvsid=4270021573324575&tmod=1091523602&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 22:33:01 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 711F 3 KB
1 KB 6ms
6ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:19:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 711F 20 KB
8 KB 5ms
5ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:19:06 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 711F 205 KB
65 KB 74ms
73ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 22:47:31 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 711F 36 KB
14 KB 6ms
5ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e84408aa66b9c10dd6e2d630f717b4b4f03345cd77fc5360f4ccba99ce1fa74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:23:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14790
x-xss-protection: 0
server: cafe
etag: 14910708302111541132
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:23:46 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 86ms
41ms Preflight
text/html 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 10 Jan 2024 22:47:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
1 KB 176ms
3ms Script
application/javascript 2600:9000:2066:fc00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:fc00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:31:53 GMT
content-encoding: gzip
via: 1.1 af88ab761d3892ecc27061438e5b8bae.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C5
age: 939
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:35:53 GMT
server: AmazonS3
etag: W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: jWBICs08tXaQsftPf0xzrVIP10QbmA4UuDkNSjMYiAmVkabOXvlJsA==

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/ 161 KB
55 KB 98ms
97ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/reactive_library_fy2021.js?bust=31080218

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_fy2021.js?bust=31080218

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e22810429746923c1c759ce52dbfc15fddd1994ab645fb74708188081d9d0f1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56088
x-xss-protection: 0
server: cafe
etag: 17201884298682584007
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 22:47:31 GMT

GET
DATA 200
OK truncated
/ Frame 711F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 883acb93dcdc5b924d32549a10561f1b998af1ee2bc83bd1de5b0d8738ca2856

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 01B1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

39ms
39ms

Document
text/html

2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 22:47:31 GMT
expires: Wed, 10 Jan 2024 22:47:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 22:47:31 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 8196 21 KB
21 KB 43ms
2ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 13:14:04 GMT
x-content-type-options: nosniff
age: 34407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 13:14:04 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame 8196 6 KB
6 KB 43ms
3ms Font
text/html 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxor4m4x4odg91vKLBlJNTeqW0M8gj3aoAPqxsCQs9DLEset&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=u%E3%83%AB%E5%A4%A7me90%E3%82%AAT%EF%BC%85%E3%82%BB%E3%83%95%EF%BC%8D%E3%83%BC%E6%9C%80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5fb62e9c3200fa29039822e9f1a07a051d3fa8e6ca02591b1dc5f8cd3afec282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:39:38 GMT
x-content-type-options: nosniff
age: 65273
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6120
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Wed, 10 Jan 2024 04:39:38 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 8196 20 KB
20 KB 43ms
4ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 09:17:57 GMT
x-content-type-options: nosniff
age: 394174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Jan 2025 09:17:57 GMT

OPTIONS
H/1.1 204
No Content genericpost
ww1097.smartadserver.com/ Frame 0
0 927ms
241ms Preflight 178.32.210.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/genericpost
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.226 Ivry-sur-Seine, France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-178-32-210.eu
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,save-data
Access-Control-Request-Method: POST
Origin: https://new-challenge123.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,save-data
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://new-challenge123.com
date: Wed, 10 Jan 2024 22:47:31 GMT
vary: Origin

POST
H/1.1 200
OK genericpost Show response
ww1097.smartadserver.com/ 9 KB
6 KB 741ms
255ms XHR
application/javascript 178.32.210.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/genericpost
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.226 Ivry-sur-Seine, France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-178-32-210.eu
Software: /
Resource Hash: 1e897125786bddd7832a3352b7477cf469493bec08359ccfaf831d718cf0f933

Request headers

Referer: https://new-challenge123.com/whipping-cream/
accept-language: jp-JP,jp;q=0.9
Save-Data: off
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/javascript

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 22:47:32 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://new-challenge123.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
x-smrt-i: 8748517

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 711F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CRE2ygx6fZeoVy_Ts6w-X9qDgB-K8qaF15peH8fQQ8oT7464PEAEgqebqYmCJ88WE9BOgAc_H58cDyAECqQIyYGtgS349PqgDAcgDyQSqBPwBT9ASKZzViE2wOUYFRYZmRz2fNTNSiMWWI_F...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x581c5f03dda22f140000000000000000%22,%222%22:%220x8156c8ccb45003c30000000000000000%22,%223%22:%220xf18e32...

0
0

38ms
37ms

Fetch
text/css

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x581c5f03dda22f140000000000000000%22,%222%22:%220x8156c8ccb45003c30000000000000000%22,%223%22:%220xf18e32731a3911450000000000000000%22,%224%22:%220x6387ef25892c6a880000000000000000%22,%225%22:%220x49f08ae1fae07070000000000000000%22},%22debug_key%22:%222481535211302408633%22,%22debug_reporting%22:true,%22destination%22:%22https://bsa.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22955900879%22],%2222%22:[%22true%22],%224%22:[%2201-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215878929388349937361%22}&andc=true

Requested by

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:31 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x581c5f03dda22f140000000000000000","2":"0x8156c8ccb45003c30000000000000000","3":"0xf18e32731a3911450000000000000000","4":"0x6387ef25892c6a880000000000000000","5":"0x49f08ae1fae07070000000000000000"},"debug_key":"2481535211302408633","debug_reporting":true,"destination":"https://bsa.org","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["955900879"],"22":["true"],"4":["01-10"],"6":["true"]},"priority":"500","source_event_id":"15878929388349937361"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 10 Jan 2024 22:47:31 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 10 Jan 2024 22:47:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x581c5f03dda22f140000000000000000","2":"0x8156c8ccb45003c30000000000000000","3":"0xf18e32731a3911450000000000000000","4":"0x6387ef25892c6a880000000000000000","5":"0x49f08ae1fae07070000000000000000"},"debug_key":"2481535211302408633","debug_reporting":true,"destination":"https://bsa.org","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["955900879"],"22":["true"],"4":["01-10"],"6":["true"]},"priority":"500","source_event_id":"15878929388349937361"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8196
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CFithgh6fZcfnO7fe7OsPlL2ZmAib-ZahdZSv4NepEmQQASCp5upiYInzxYT0E6ABocCY8SjIAQmpAgpFNmtZtoI-qAMByAPLBKoE_QFP0ImfWj7byLPekexErzC2cF1xyPQaczGOrNX7hBe...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc2ac95b125fa42090000000000000000%22,%222%22:%220x2271007e8591599d0000000000000000%22,%223%22:%220xf8a843...

0
0

39ms
39ms

Fetch
text/css

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc2ac95b125fa42090000000000000000%22,%222%22:%220x2271007e8591599d0000000000000000%22,%223%22:%220xf8a8439955fdefc40000000000000000%22,%224%22:%220x85c0b708c62d89fe0000000000000000%22,%225%22:%220xe714dd7620038cc30000000000000000%22},%22debug_key%22:%227165268447382481276%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2201-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223080189183017511233%22}&andc=true

Requested by

Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:31 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xc2ac95b125fa42090000000000000000","2":"0x2271007e8591599d0000000000000000","3":"0xf8a8439955fdefc40000000000000000","4":"0x85c0b708c62d89fe0000000000000000","5":"0xe714dd7620038cc30000000000000000"},"debug_key":"7165268447382481276","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["01-10"],"6":["true"]},"priority":"500","source_event_id":"3080189183017511233"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 10 Jan 2024 22:47:31 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 10 Jan 2024 22:47:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc2ac95b125fa42090000000000000000","2":"0x2271007e8591599d0000000000000000","3":"0xf8a8439955fdefc40000000000000000","4":"0x85c0b708c62d89fe0000000000000000","5":"0xe714dd7620038cc30000000000000000"},"debug_key":"7165268447382481276","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["01-10"],"6":["true"]},"priority":"500","source_event_id":"3080189183017511233"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame E73B 50 KB
19 KB 2ms
2ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 21:09:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 524291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 21:09:20 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 40ms
39ms Preflight
text/html 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x581c5f03dda22f140000000000000000%22,%222%22:%220x8156c8ccb45003c30000000000000000%22,%223%22:%220xf18e32731a3911450000000000000000%22,%224%22:%220x6387ef25892c6a880000000000000000%22,%225%22:%220x49f08ae1fae07070000000000000000%22},%22debug_key%22:%222481535211302408633%22,%22debug_reporting%22:true,%22destination%22:%22https://bsa.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22955900879%22],%2222%22:[%22true%22],%224%22:[%2201-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215878929388349937361%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 10 Jan 2024 22:47:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 41ms
41ms Preflight
text/html 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 10 Jan 2024 22:47:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame BB1E 50 KB
19 KB 2ms
2ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 21:09:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 524291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 21:09:20 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 73BD 9 KB
4 KB 3ms
2ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_fy2021.js?bust=31080218

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://new-challenge123.com/whipping-cream/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 69479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 03:29:32 GMT
etag: 9219409622527106327
expires: Wed, 24 Jan 2024 03:29:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 299E 9 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_fy2021.js?bust=31080218

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://new-challenge123.com/whipping-cream/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 69479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 03:29:32 GMT
etag: 9219409622527106327
expires: Wed, 24 Jan 2024 03:29:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 73BD 4 KB
744 B 40ms
39ms Stylesheet
text/css 2404:6800:4004:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 22:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 22:00:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jan 2024 22:47:31 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 73BD 205 B
229 B 2ms
2ms Image
image/png 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:42:26 GMT
x-content-type-options: nosniff
age: 389105
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 05 Jan 2025 10:42:26 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 73BD 604 B
628 B 4ms
3ms Image
image/png 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:49:36 GMT
x-content-type-options: nosniff
age: 97075
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 08 Jan 2025 19:49:36 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 73BD 16 KB
7 KB 3ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 00:30:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 00:30:56 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 73BD 22 KB
9 KB 4ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 00:28:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 00:28:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 299E 1 KB
434 B 42ms
40ms Stylesheet
text/css 2404:6800:4004:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=e%E3%82%B5%E3%82%A4%E9%80%9F%E9%AB%98Vo%20%C2%AE2%E9%9F%B3%E3%83%A0Xa%E5%A0%B4%E9%81%A9P%E6%A5%BD%E7%99%BBG%E7%94%BB%E3%81%AB%E3%83%88%E8%A6%8Bd%E5%8B%95%E3%82%811%E6%96%B0C%E3%83%BC%E3%82%92Upgir%E3%82%B2%E5%BF%AB%E3%81%97%E6%90%AD%E3%81%A78%E8%BC%89%E3%82%82n%E3%82%8BS

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9ad992d8bee311a5f4568cd5f74fc0666a328b43ee09271a0c31eb0dfc82ddb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 22:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 22:47:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jan 2024 22:47:31 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 299E 2 KB
822 B 2ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:19:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:19:28 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 299E 23 KB
9 KB 2ms
1ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:19:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:19:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 299E 3 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:19:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 299E 20 KB
8 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:19:06 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 299E 205 KB
65 KB 58ms
57ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 22:47:31 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 299E 37 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 06 Apr 2024 22:50:41 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/1074602978381128315/ Frame 299E 20 KB
20 KB 2ms
2ms Image
image/jpeg 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1074602978381128315/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f638fb146c0ffb0980d15c048d16357bdbcebb2089ae2619b368ee39feecd1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:26:18 GMT
date: Tue, 09 Jan 2024 09:26:18 GMT
x-content-type-options: nosniff
age: 134473
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20710
x-xss-protection: 0
last-modified: Mon, 15 May 2023 06:38:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6221502303365290673/ Frame 299E 1 KB
1 KB 3ms
3ms Image
image/jpeg 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6221502303365290673/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fec081682f0b3914dd548a7efdd1b871b37feb1cc20fbe95115886261274b2c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Thu, 09 Jan 2025 07:38:16 GMT
date: Wed, 10 Jan 2024 07:38:16 GMT
x-content-type-options: nosniff
age: 54555
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1120
x-xss-protection: 0
last-modified: Mon, 15 May 2023 06:37:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 468ms
155ms Preflight
application/json 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 10 Jan 2024 22:47:31 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 236806
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 pixel;r=1502944621;labels=Categories.news%2CMots%20Cl%C3%A9s.%E7%94%9F%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%A0%20%E6%B3%A1%E7%AB%8B%E3%81%A6%20%E4%BB%A3%E7%94%A8%2CMots%20Cl%C3%A9s.%E6%B3%A1%E7%AB%8B%E...
pixel.quantserve.com/ 35 B
372 B 80ms
77ms Image
image/gif 2620:116:800e:21:36b5:1576:d999:6e52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1502944621;labels=Categories.news%2CMots%20Cl%C3%A9s.%E7%94%9F%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%A0%20%E6%B3%A1%E7%AB%8B%E3%81%A6%20%E4%BB%A3%E7%94%A8%2CMots%20Cl%C3%A9s.%E6%B3%A1%E7%AB%8B%E3%81%A6%E5%99%A8%20%E4%BB%A3%E7%94%A8%20%E3%83%95%E3%82%A9%E3%83%BC%E3%82%AF%2CMots%20Cl%C3%A9s.%E6%B3%A1%E7%AB%8B%E3%81%A6%E5%99%A8%20%E4%BB%A3%E7%94%A8%20%E3%83%98%E3%83%A9;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F;uht=2;fpan=1;fpa=P0-1226144314-1704926851571;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=new-challenge123.com;dst=0;et=1704926851832;tzo=-540;ogl=locale.ja_JP%2Csite_name.%E5%BF%85%E8%A6%81%E3%81%AA%E6%83%85%E5%A0%B1%E3%82%92%E3%81%8A%E5%B1%8A%E3%81%91%E3%83%96%E3%83%AD%E3%82%B0%2Ctype.article%2Ctitle.%E7%94%9F%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%A0%E3%81%AE%E6%B3%A1%E7%AB%8B%E3%81%A6%E5%99%A8%E4%BB%A3%E7%94%A8%E3%81%AB%E3%81%AF%E3%83%95%E3%82%A9%E3%83%BC%E3%82%AF%E3%82%84%E3%83%98%E3%83%A9%E3%81%8C%E8%89%AF%E3%81%84%EF%BC%9F%E8%B6%85%E7%B0%A1%E5%8D%98%E3%81%AA%E6%96%B9%E6%B3%95%E3%82%82%EF%BC%81%2Cdescription.%E7%94%9F%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%A0%E3%82%92%E6%B3%A1%E7%AB%8B%E3%81%A6%E3%82%8B%E6%99%82%E3%81%AE%E6%B3%A1%E7%AB%8B%E3%81%A6%E5%99%A8%E3%81%AE%E4%BB%A3%E7%94%A8%E6%96%B9%E6%B3%95%E3%81%A8%E3%81%97%E3%81%A6%E3%80%81%E3%81%A9%E3%82%93%E3%81%AA%E3%81%AE%E3%81%8C%E3%81%82%E3%82%8B%EF%BC%9F%E3%83%95%E3%82%A9%E3%83%BC%E3%82%AF%E3%82%84%E3%82%B9%E3%83%97%E3%83%BC%E3%83%B3%E3%80%81%E3%83%98%E3%83%A9%E3%81%AA%E3%82%93%E3%81%8B%E3%81%A7%E3%82%82%E6%B3%A1%E7%AB%8B%E3%81%A6%E3%82%8B%E3%81%93%E3%81%A8%E3%81%AF%E3%81%A7%E3%81%8D%E3%82%8B%EF%BC%9F%E3%82%B3%E3%83%84%E3%81%84%E3%82%89%E3%81%9A%E3%81%AE%E8%B6%85%E7%B0%A1%E5%8D%98%E3%81%AA%E6%96%B9%E6%B3%95%E3%82%82%E3%81%94%E7%B4%B9%E4%BB%8B%E3%81%97%E3%81%BE%E3%81%99%2Curl.https%3A%2F%2Fnew-challenge123%252Ecom%2Fwhipping-cream%2F%2Cimage.https%3A%2F%2Fnew-challenge123%252Ecom%2Fwp-content%2Fuploads%2F2019%2F12%2Falexandra-tincu-eHv6C67J%2Cimage%3Asecure_url.https%3A%2F%2Fnew-challenge123%252Ecom%2Fwp-content%2Fuploads%2F2019%2F12%2Falexandra-tincu-eHv6C67J%2Cimage%3Awidth.800%2Cimage%3Aheight.533%2Ctype.article%2Cdescription.%E7%94%9F%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%A0%E3%82%92%E6%B3%A1%E7%AB%8B%E3%81%A6%E3%82%8B%E6%99%82%E3%81%AE%E6%B3%A1%E7%AB%8B%E3%81%A6%E5%99%A8%E3%81%AE%E4%BB%A3%E7%94%A8%E6%96%B9%E6%B3%95%E3%81%A8%E3%81%97%E3%81%A6%E3%80%81%E3%81%A9%E3%82%93%E3%81%AA%E3%81%AE%E3%81%8C%E3%81%82%E3%82%8B%EF%BC%9F%E3%83%95%E3%82%A9%E3%83%BC%E3%82%AF%E3%82%84%E3%82%B9%E3%83%97%E3%83%BC%E3%83%B3%E3%80%81%E3%83%98%E3%83%A9%E3%81%AA%E3%82%93%E3%81%8B%E3%81%A7%E3%82%82%E6%B3%A1%E7%AB%8B%E3%81%A6%E3%82%8B%E3%81%93%E3%81%A8%E3%81%AF%E3%81%A7%E3%81%8D%E3%82%8B%EF%BC%9F%E3%82%B3%E3%83%84%E3%81%84%E3%82%89%E3%81%9A%E3%81%AE%E8%B6%85%E7%B0%A1%E5%8D%98%E3%81%AA%E6%96%B9%E6%B3%95%E3%82%82%E3%81%94%E7%B4%B9%E4%BB%8B%E3%81%97%E3%81%BE%E3%81%99%2Ctitle.%E7%94%9F%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%A0%E3%81%AE%E6%B3%A1%E7%AB%8B%E3%81%A6%E5%99%A8%E4%BB%A3%E7%94%A8%E3%81%AB%E3%81%AF%E3%83%95%E3%82%A9%E3%83%BC%E3%82%AF%E3%82%84%E3%83%98%E3%83%A9%E3%81%8C%E8%89%AF%E3%81%84%EF%BC%9F%E8%B6%85%E7%B0%A1%E5%8D%98%E3%81%AA%E6%96%B9%E6%B3%95%E3%82%82%EF%BC%81%2Curl.https%3A%2F%2Fnew-challenge123%252Ecom%2Fwhipping-cream%2F%2Cimage.https%3A%2F%2Fnew-challenge123%252Ecom%2Fwp-content%2Fuploads%2F2019%2F12%2Falexandra-tincu-eHv6C67J%2Csite_name.%E5%BF%85%E8%A6%81%E3%81%AA%E6%83%85%E5%A0%B1%E3%82%92%E3%81%8A%E5%B1%8A%E3%81%91%E3%83%96%E3%83%AD%E3%82%B0%2Clocale.ja_JP;ses=eca72c1a-d4fa-42a7-8b87-20de6f51eb6c;mdl=

Requested by

Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:36b5:1576:d999:6e52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 22:47:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BC3A 1 KB
377 B 44ms
44ms Stylesheet
text/css 2404:6800:4004:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E5%92%8C%E3%81%95%E3%83%83%E3%81%84%E3%83%96%E3%81%91%E5%B9%B3%E3%83%8D%E9%A8%93%E3%82%92%E5%BA%83%E3%83%B3%E3%83%BC%E7%B6%9A%E3%82%A4%E3%82%BF%E3%82%8B%E3%83%AD%E5%91%8A%E3%83%88%E4%BD%93%E3%81%97%E3%82%AF%E3%81%A6%E3%81%8F%E3%81%AA%E3%81%A0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38896159094889054b03ddbde2c5ebab06d9988e853ccb8194d85c7f4ddba48d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 22:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 22:47:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jan 2024 22:47:31 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame BC3A 2 KB
822 B 3ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:19:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:19:28 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame BC3A 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:19:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:19:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame BC3A 3 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:19:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame BC3A 20 KB
8 KB 4ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:19:06 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC3A 205 KB
65 KB 65ms
64ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 22:47:31 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame BC3A 37 KB
15 KB 4ms
3ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 06 Apr 2024 22:50:41 GMT

GET
DATA 200
OK truncated
/ Frame 299E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97271138958fe85a99b19fbdecd90dcdd9808dd94d9340dd31c8c53a3d46cf43

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 font
fonts.gstatic.com/l/ Frame 299E 20 KB
20 KB 4ms
3ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxpz8mZXv6lSRIo1mcOTstFY0a74Ecyk60TMt7-RxI_PW5ihYCLtpFzkP77piDrq3nBB3KgqNx4wH1JFq8MQzqahWpAhi7h4yTrM2Hlk4vR--QjFlPgqqIk405t6TCNGAsRZm95Z37rrBnYFlWJ_ZT1kntkAt6FXA9_iuw&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=e%E3%82%B5%E3%82%A4%E9%80%9F%E9%AB%98Vo%20%C2%AE2%E9%9F%B3%E3%83%A0Xa%E5%A0%B4%E9%81%A9P%E6%A5%BD%E7%99%BBG%E7%94%BB%E3%81%AB%E3%83%88%E8%A6%8Bd%E5%8B%95%E3%82%811%E6%96%B0C%E3%83%BC%E3%82%92Upgir%E3%82%B2%E5%BF%AB%E3%81%97%E6%90%AD%E3%81%A78%E8%BC%89%E3%82%82n%E3%82%8BS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2a58168d19821f9970474ab1fe9bc5d58e82acdbfbb5ae1cd87da90e704c74b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 10:45:16 GMT
x-content-type-options: nosniff
age: 43335
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20124
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 11 Jan 2024 10:45:16 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 299E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CVnU6gh6fZamHO4X47OsPt_un8AKA0YuWdamq8euSEvqn-9vXDhABIKnm6mJgifPFhPQToAGhnIm9KcgBCakCMmBrYEt-PT6oAwHIA8sEqgSBAk_QdbHcudm_J06CIyZnblp2ZwrC6nWBPzF...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9955c12c5acd0eb50000000000000000%22,%222%22:%220x7763ebf08c54e4b20000000000000000%22,%223%22:%220xcac61f...

0
0

42ms
41ms

Fetch
text/css

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9955c12c5acd0eb50000000000000000%22,%222%22:%220x7763ebf08c54e4b20000000000000000%22,%223%22:%220xcac61f1d3bf975190000000000000000%22,%224%22:%220xd6af752ea28a72ff0000000000000000%22,%225%22:%220x713d8282061b6bd10000000000000000%22},%22debug_key%22:%228962466783115554576%22,%22debug_reporting%22:true,%22destination%22:%22https://sony.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211133931041%22],%2222%22:[%22true%22],%224%22:[%2201-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22849281312363106529%22}&andc=true

Requested by

Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:32 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x9955c12c5acd0eb50000000000000000","2":"0x7763ebf08c54e4b20000000000000000","3":"0xcac61f1d3bf975190000000000000000","4":"0xd6af752ea28a72ff0000000000000000","5":"0x713d8282061b6bd10000000000000000"},"debug_key":"8962466783115554576","debug_reporting":true,"destination":"https://sony.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11133931041"],"22":["true"],"4":["01-10"],"6":["true"]},"priority":"500","source_event_id":"849281312363106529"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 10 Jan 2024 22:47:32 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 10 Jan 2024 22:47:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9955c12c5acd0eb50000000000000000","2":"0x7763ebf08c54e4b20000000000000000","3":"0xcac61f1d3bf975190000000000000000","4":"0xd6af752ea28a72ff0000000000000000","5":"0x713d8282061b6bd10000000000000000"},"debug_key":"8962466783115554576","debug_reporting":true,"destination":"https://sony.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11133931041"],"22":["true"],"4":["01-10"],"6":["true"]},"priority":"500","source_event_id":"849281312363106529"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame 4887 50 KB
19 KB 3ms
2ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 21:09:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 524291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 21:09:20 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
280 B 757ms
250ms Fetch
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_30/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

2c03a16ff350403d0f978bd91b058ffc5fae93fc3eda71735f925745747b80ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://new-challenge123.com/whipping-cream/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://new-challenge123.com
date: Wed, 10 Jan 2024 22:47:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 39ms
39ms Preflight
text/html 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 10 Jan 2024 22:47:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET

ping_match.gif
pm.w55c.net/
Redirect Chain

https://id5-sync.com/i/102/8.gif?id5id=ID5*Mp6pKnpWG_pjiCSyZVugWKfrbXho4ApUPQkLH-06kK17eskMwmE673LavMfZRgZMe3uWlUWrEmlbGUcuNDsvCQ&o=api&gdpr_consent=undefined&gdpr=0
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-8654cP6H5GkguKxv8zxGrUPxZmJIlko3oZcB55IMsw&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_...
https://id5-sync.com/c/102/102/7/2.gif?puid=4337286605742151663&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F102%2F2%2F6%2F3.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/102/2/6/3.gif?puid=4831174728172398760&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=31763bd4-cae9-4c42-8d80-b57097e2ebcc&ttl=%%TTL%%
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1
https://id5-sync.com/k/155.gif?puid=AADL6E7LPj0AABQaue42Kw&id5AccountNum=155&numCascadesAllowed=9
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F3%2F6.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F3%2F6.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/102/123/3/6.gif?puid=18cf58f3a9a-9690000010e5346&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F2%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F2%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/102/112/2/7.gif?puid=91C7A194861DB78C&gdpr=0&gdpr_consent=
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F1%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F1%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
https://id5-sync.com/c/102/104/1/8.gif?puid=f9d32763-b83b-488a-b949-534493cf6919&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F163%2F0%2F9.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D0%26gdpr_consent%3D

0
0

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
577 B 560ms
80ms Fetch
application/json 103.43.90.117
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12761/px.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 22:47:32 GMT
an-x-request-uuid: b97b985a-7387-45ec-84c3-f346c5310416
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://new-challenge123.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.145.168; 31.204.145.168; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
569 B 19ms
6ms Fetch
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=0fkciot&fmt=json
Requested by: Host: p.cpx.to
URL: https://p.cpx.to/p/12761/px.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 47915f2d145b140ccde7ddf02d08064db83e6b2c98db6372526dd3775a4b43d2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:31 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://new-challenge123.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Fri, 09 Feb 2024 22:47:31 GMT

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8FE5 50 KB
19 KB 2ms
2ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 21:09:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 524292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 21:09:20 GMT

POST
H2 200 fire.js Show response
s.cpx.to/ 50 B
338 B 1136ms
243ms Fetch 34.253.153.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cpx.to/fire.js?pid=12761&url=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&hn_ver=72&fid=3fa30afb-1236-4c80-95c3-a7d61efc3307&dsp=TTD&dsp_uid=31763bd4-cae9-4c42-8d80-b57097e2ebcc
Requested by: Host: p.cpx.to
URL: https://p.cpx.to/p/12761/px.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.153.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-153-2.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9f19ac105252eb393d28ec50c2da874ea8ab61ff7e31b1e106cf87aadcb8586d

Request headers

Referer: https://new-challenge123.com/whipping-cream/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://new-challenge123.com
date: Wed, 10 Jan 2024 22:47:33 GMT
access-control-allow-credentials: true
expires: Wed, 10 Jan 2024 22:47:33 GMT
content-length: 50
vary: Origin
p3p: CP="NOI DEV ADM"

POST
H2 200 12.json Show response
id5-sync.com/g/v2/ 625 B
1 KB 253ms
252ms Fetch
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/12.json

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_30/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

82b7d423e38b7341d38b7ecccead6ab2807abbcc661c3d67384e3fbd6092f384

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://new-challenge123.com/whipping-cream/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://new-challenge123.com
date: Wed, 10 Jan 2024 22:47:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 299E 42 B
64 B 47ms
46ms Fetch
image/gif 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsul7c7w8yP1DltekuAfeg5CMn_kHr87mivvrhMhkCqonT_gGglcyksyKl0fKEiDOZh4qfJMLORJ2D_OHbdwc5AdKJnakxyEjr01zV8eqzlhQET52JOVHH4TuDn_DjlYOCruffSxd0NepjebDb4bfviFlDtBiMhEaBnK8SeiCHgFB1yhIp-G2Xk&sai=AMfl-YQYf9Ukq2jNPXkqIunKJoSuZ0lIWqE9gCiVtO05wOkfejYNuv8zZpKkUvUrUCEAcAfqWwRL02GuYV11GHVQ5tKU5QC83gUL345gLVlkvgOU-MJd_Bm-W6e3J3r8QN448mc4mydQZMkQKurjTqtN&sig=Cg0ArKJSzC-a3zDd-CXkEAE&cid=CAQSTgAvHhf_7KBvfePq4Bd9YRwVLg0vwOkRAZOJS459gVH7WikZxRtYEM_EQk2-oRnnbXKI-Bv-UcPwqYKZ3hq3RFf5YzYNfu1M06vVJT7gMBgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=83,766,1000,1088,1210&tos=83,683,234,88,122&v=20240108&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704926851733&rpt=185&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 22:47:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wckr.php Show response
tag.leadplace.fr/ Frame CA43 0
246 B 249ms
248ms Document
text/html 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://new-challenge123.com/whipping-cream/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 10 Jan 2024 22:47:33 GMT
server: nginx/1.20.1
transfer-encoding: chunked
x-iplb-instance: 54208
x-iplb-request-id: 1FCC91A8:E8BA_91EFC0A6:01BB_659F1E85_417298C1:10B0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 152D
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

281 B
555 B

22ms
3ms

Document
text/html

23.40.149.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-40-149-60.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://new-challenge123.com/whipping-cream/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 10 Jan 2024 22:47:33 GMT
ETag: "280524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 10 Jan 2024 22:47:33 GMT
location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server: AkamaiGHost

GET
H2 200 compatibility.js Show response
fbcdn2.com/script/ 14 KB
5 KB 250ms
10ms Script
application/javascript 2606:4700::6810:da14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fbcdn2.com/script/compatibility.js
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:da14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cb4263ccaaa637a20896180c003024db4b27f66c7fda6369bf852176003422c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:33 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3574
x-guploader-uploadid: ABPtcPrnMugK9kRmTtUgPDdVgQdBvULLpEHEsWVm5EvVcGJOdqJwHnWem9ea_3VJbSvQ5uAm-1xROkV0gTH-0pyLDmjJjw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Tue, 21 Jun 2022 09:08:43 GMT
server: cloudflare
etag: W/"946bb9192a14e6dad035a9ec8178f073"
vary: Accept-Encoding
x-goog-hash: crc32c=COVK0Q==, md5=lGu5GSoU5trQNansgXjwcw==
x-goog-generation: 1655802523449377
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 14461
cf-ray: 84387662be5280ff-NRT
expires: Thu, 11 Jan 2024 02:47:33 GMT

GET
H/1.1 200
OK aip
euw2.smartadserver.com/h/ 43 B
270 B 743ms
247ms Image
image/gif 164.132.25.176
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://euw2.smartadserver.com/h/aip?uii=4928357993123841614&tmstp=423676222&ckid=4337286605742151663&systgt=%24qc%3d1314914935%3b%24ql%3dUnknown%3b%24qt%3d36_0_0t%3b%24dma%3d0%3b%24qo%3d3%3b%24b%3d16999%3b%24o%3d11100%3b%24sw%3d1600%3b%24sh%3d1200&acd=1704926853164&envtype=0&hol_cpm=0&opid=584faca4-9727-44cb-adc4-a4922fc9fc28&opdt=1704926853164&siteid=567966&tgt=%24dt%3d1t%3b%24hc&gdpr=0&bldv=15077&visit=V&statid=19&imptype=0&intgtype=0&pgDomain=https%3a%2f%2fnew-challenge123.com%2fwhipping-cream%2f&cappid=4337286605742151663&capp=0&mcrdbt=0&insid=8748517&imgid=0&pgid=1722151&fmtid=79570&isLazy=0
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 164.132.25.176 , France, ASN16276 (OVH, FR),
Reverse DNS: ip176.ip-164-132-25.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 10 Jan 2024 22:47:33 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 152D 40 KB
11 KB 4ms
3ms Script
text/html 23.40.149.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-40-149-60.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ec91ab5fea90c2a483418673e7c3249f380a02200870f4222212bd2c3c3266cd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 22:47:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jan 2024 16:50:46 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=64996
Connection: keep-alive
Content-Length: 10963
Expires: Thu, 11 Jan 2024 16:50:49 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 152D 7 B
776 B 341ms
81ms XHR
application/json 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 030b4ddd4a4f3e9891a065664f20c4bb
Expires: 0

GET
H2 200 identify.html Show response
ufpcdn.com/script/ Frame 54BE 2 KB
1 KB 322ms
300ms Document
text/html 2606:4700:3037::ac43:8e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufpcdn.com/script/identify.html?frmt=0
Requested by: Host: fbcdn2.com
URL: https://fbcdn2.com/script/compatibility.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

Referer: https://new-challenge123.com/whipping-cream/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 843876630d4380d5-NRT
content-encoding: br
content-type: text/html
date: Wed, 10 Jan 2024 22:47:33 GMT
last-modified: Tue, 15 May 2018 06:39:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYjjmXFASSPFpbtDlwLUEL6bzMnW4%2Be8UzMSnEWd1n8T6rveYhtghPSN5nkUaOsW5uOGL3%2FnvVziv4664SZYpw6%2FPV8%2FaE%2FDrHHgyEyyB1ux1BGlJLuSvQSAwJG03v94C%2BY%2BvVs8lvd8"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 204
No Content token
pixel.rubiconproject.com/ 0
654 B 330ms
81ms Image
text/plain 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/token?pid=34010&customParamenters
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4290507b7388fb86809e552482e2fff0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

sync
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm
https://s.cpx.to/sync?dsp_uid=CAESEAtKKzsT0iQRHKDKoohiAiM&dsp=dbm&google_cver=1

0
304 B

244ms
243ms

Image
text/plain

34.253.153.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp_uid=CAESEAtKKzsT0iQRHKDKoohiAiM&dsp=dbm&google_cver=1
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Server: 34.253.153.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-153-2.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 10 Jan 2024 22:47:33 GMT
date: Wed, 10 Jan 2024 22:47:33 GMT
p3p: CP="NOI DEV ADM"

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 22:47:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.cpx.to/sync?dsp_uid=CAESEAtKKzsT0iQRHKDKoohiAiM&dsp=dbm&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 284
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

fire.js
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D12761%26url%3Dhttps%253A%252F%252Fnew-challenge123.com%252Fwhipping-cream%252F%26hn_ver...
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=4831174728172398760&pid=12761&url=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&hn_ver=72&fid=3fa30afb-1236-4c80-95c3-a7d61efc3307&dsp=TTD&ds...

40 B
40 B

244ms
244ms

Image
text/plain

34.253.153.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=4831174728172398760&pid=12761&url=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&hn_ver=72&fid=3fa30afb-1236-4c80-95c3-a7d61efc3307&dsp=TTD&dsp_uid=31763bd4-cae9-4c42-8d80-b57097e2ebcc
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Server: 34.253.153.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-153-2.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p: CP="NOI DEV ADM"
date: Wed, 10 Jan 2024 22:47:33 GMT
content-length: 40
expires: Wed, 10 Jan 2024 22:47:33 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 22:47:33 GMT
an-x-request-uuid: 0c90b272-67bc-4c91-b145-2d0116685079
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=4831174728172398760&pid=12761&url=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&hn_ver=72&fid=3fa30afb-1236-4c80-95c3-a7d61efc3307&dsp=TTD&dsp_uid=31763bd4-cae9-4c42-8d80-b57097e2ebcc
x-proxy-origin: 31.204.145.168; 31.204.145.168; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=2BBE60C0-8D19-4FF3-A7B0-C9F0C73A7AE5

0
314 B

244ms
244ms

Image
text/plain

34.253.153.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=2BBE60C0-8D19-4FF3-A7B0-C9F0C73A7AE5
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Server: 34.253.153.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-153-2.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 10 Jan 2024 22:47:33 GMT
date: Wed, 10 Jan 2024 22:47:33 GMT
p3p: CP="NOI DEV ADM"

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=2BBE60C0-8D19-4FF3-A7B0-C9F0C73A7AE5
date: Wed, 10 Jan 2024 16:35:31 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 152D
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=smartadserver&khaos=LR8DFFPR-1B-MG70
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LR8DFFPR-1B-MG70

43 B
457 B

81ms
80ms

Image
image/gif

23.106.127.56
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LR8DFFPR-1B-MG70
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: HTTP/1.1
Server: 23.106.127.56 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 10 Jan 2024 22:47:34 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LR8DFFPR-1B-MG70
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0163a7456b0a5605e8b1fb1d4fba3e4d
Expires: 0

GET
H2 200 suurl.php Show response
onclickgenius.com/script/ 10 KB
3 KB 217ms
200ms Script
application/javascript 2606:4700:3037::ac43:d5fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onclickgenius.com/script/suurl.php?r=2414019&sub1=567966&cbrandom=0.010406514356117613&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=%E7%94%9F%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%A0%E3%81%AE%E6%B3%A1%E7%AB%8B%E3%81%A6%E5%99%A8%E4%BB%A3%E7%94%A8%E3%81%AB%E3%81%AF%E3%83%95%E3%82%A9%E3%83%BC%E3%82%AF%E3%82%84%E3%83%98%E3%83%A9%E3%81%8C%E8%89%AF%E3%81%84%EF%BC%9F%E8%B6%85%E7%B0%A1%E5%8D%98%E3%81%AA%E6%96%B9%E6%B3%95%E3%82%82%EF%BC%81&cbref=&cbdescription=%E7%94%9F%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%A0%E3%82%92%E6%B3%A1%E7%AB%8B%E3%81%A6%E3%82%8B%E6%99%82%E3%81%AE%E6%B3%A1%E7%AB%8B%E3%81%A6%E5%99%A8%E3%81%AE%E4%BB%A3%E7%94%A8%E6%96%B9%E6%B3%95%E3%81%A8%E3%81%97%E3%81%A6%E3%80%81%E3%81%A9%E3%82%93%E3%81%AA%E3%81%AE%E3%81%8C%E3%81%82%E3%82%8B%EF%BC%9F%E3%83%95%E3%82%A9%E3%83%BC%E3%82%AF%E3%82%84%E3%82%B9%E3%83%97%E3%83%BC%E3%83%B3%E3%80%81%E3%83%98%E3%83%A9%E3%81%AA%E3%82%93%E3%81%8B%E3%81%A7%E3%82%82%E6%B3%A1%E7%AB%8B%E3%81%A6%E3%82%8B%E3%81%93%E3%81%A8%E3%81%AF%E3%81%A7%E3%81%8D%E3%82%8B%EF%BC%9F%E3%82%B3%E3%83%84%E3%81%84%E3%82%89%E3%81%9A%E3%81%AE%E8%B6%85%E7%B0%A1%E5%8D%98%E3%81%AA%E6%96%B9%E6%B3%95%E3%82%82%E3%81%94%E7%B4%B9%E4%BB%8B%E3%81%97%E3%81%BE%E3%81%99%EF%BC%81&cbkeywords=%E7%94%9F%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%A0%20%E6%B3%A1%E7%AB%8B%E3%81%A6%20%E4%BB%A3%E7%94%A8%2C%E6%B3%A1%E7%AB%8B%E3%81%A6%E5%99%A8%20%E4%BB%A3%E7%94%A8%20%E3%83%95%E3%82%A9%E3%83%BC%E3%82%AF%2C%E6%B3%A1%E7%AB%8B%E3%81%A6%E5%99%A8%20%E4%BB%A3%E7%94%A8%20%E3%83%98%E3%83%A9&cbcdn=fbcdn2.com
Requested by: Host: fbcdn2.com
URL: https://fbcdn2.com/script/compatibility.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d5fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a3328381d11b3c586073d87f7e3ec5a90aeabae4bf951d87f43b13ef7c02934

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:33 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rG%2FvE6X%2FXH5SAWwH8L4xeWpm65TkOc2Jm3dbqy4LH4CLhz%2Fi3Lsr7V1cqNc3j%2FNGjDhPGhlzoHd443QfL9bmNXcfVRJK0JP1TJ6z5NSiVk7UESpRrk5USi7C6fgM%2BTbJn%2Fl1xzkvS4TtkWFnt2g3kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
cf-ray: 843876644a23e388-NRT
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

GET
H2 200 chrome.js Show response
fbcdn2.com/script/ 25 KB
8 KB 9ms
9ms Script
application/javascript 2606:4700::6810:da14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fbcdn2.com/script/chrome.js
Requested by: Host: fbcdn2.com
URL: https://fbcdn2.com/script/compatibility.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:da14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fb0528bac2609b5962ecd7eae6ce2c7bd0463aa999d9fe37fb8570cb58e0bd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:33 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1568
x-guploader-uploadid: ABPtcPq_vLKLv7oFoKlOWfgLTQG9J63miRJC07AAbX-SPKLjhRarNDTf9ZCVDet4WRluevTQe04RQl7wKdzCnQmaSyYlMAyRKzQf
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Thu, 27 Jul 2023 08:49:33 GMT
server: cloudflare
etag: W/"4f5441983252efffb00ed3193873615d"
vary: Accept-Encoding
x-goog-hash: crc32c=axIBUA==, md5=T1RBmDJS7/+wDtMZOHNhXQ==
x-goog-generation: 1690447773356900
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 25812
cf-ray: 843876642f8380ff-NRT
expires: Thu, 11 Jan 2024 02:47:33 GMT

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 152D
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t

43 B
855 B

319ms
318ms

Image
image/gif

67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t

Requested by

Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/

Protocol

HTTP/1.1

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 22:47:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VETFST4XMGTSV3AGDCPB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 22:47:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GJG5ZCJASRT5QC7XRFAP
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 152D
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=31763bd4-cae9-4c42-8d80-b57097e2ebcc&gdpr=0&gdpr_consent=&expires=30

42 B
841 B

276ms
80ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=31763bd4-cae9-4c42-8d80-b57097e2ebcc&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: cc2b9026541f49c9c095b4cedfcedb9a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=31763bd4-cae9-4c42-8d80-b57097e2ebcc&gdpr=0&gdpr_consent=&expires=30
date: Wed, 10 Jan 2024 22:47:33 GMT
server: Kestrel
content-length: 289

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 152D
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmE2NDQyOTBmMjEwOGFkNjg3MmFmZmJiYjI2ZGY5NDdkZTY3ZGUxYg

170 B
188 B

42ms
40ms

Image
image/png

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmE2NDQyOTBmMjEwOGFkNjg3MmFmZmJiYjI2ZGY5NDdkZTY3ZGUxYg

Requested by

Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 22:47:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmE2NDQyOTBmMjEwOGFkNjg3MmFmZmJiYjI2ZGY5NDdkZTY3ZGUxYg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 550b0c1400f70e56269f7c1848fb3166
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 152D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
https://s.amazon-adsystem.com/ecm3?id=LR8DFFPR-1B-MG70&ex=d-rubiconproject.com&status=ok

43 B
479 B

517ms
176ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LR8DFFPR-1B-MG70&ex=d-rubiconproject.com&status=ok

Requested by

Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 22:47:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: K5XW5X2T4X7N2H78GEPG
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LR8DFFPR-1B-MG70&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c80248407eff6cf595ce43a76c04e23f
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 152D
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=JJ9LFInKRviMsFiOUkZb_Q&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=JJ9LFInKRviMsFiOUkZb_Q

43 B
720 B

181ms
180ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=JJ9LFInKRviMsFiOUkZb_Q

Requested by

Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 22:47:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AWYJC2C3X4S0ZXKBDJM9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=JJ9LFInKRviMsFiOUkZb_Q
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 152D
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/egSNBhsOsD3mHKde1FgWFMn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-DqNr0zVE2oKDQkl9LlGSu3.nqbOk00wln9PH2g--~A

42 B
841 B

81ms
81ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-DqNr0zVE2oKDQkl9LlGSu3.nqbOk00wln9PH2g--~A
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: beb52df1a5a4b2f2cb3f37642c514298
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 10 Jan 2024 22:47:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-DqNr0zVE2oKDQkl9LlGSu3.nqbOk00wln9PH2g--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 152D
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFI4REZGUFItMUItTUc3MA==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH6nhvYxlDXZkXcVeNNu8p8&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI4REZGUFItMUItTUc3MA==&google_push=

170 B
188 B

42ms
40ms

Image
image/png

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI4REZGUFItMUItTUc3MA==&google_push=

Requested by

Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 22:47:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI4REZGUFItMUItTUc3MA==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0d2bd05215470efb17ae41aff76c3f98
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 152D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKowSL2OAXFR6AkuVaKwGLk&google_cver=1

42 B
841 B

287ms
82ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKowSL2OAXFR6AkuVaKwGLk&google_cver=1
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 550b0c1400f70e56269f7c1848fb3166
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 22:47:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKowSL2OAXFR6AkuVaKwGLk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 152D
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR8DFFPR-1B-MG70

0
513 B

129ms
105ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR8DFFPR-1B-MG70
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:33 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 920C4CCAB4F1481DB68EF2AE26C58DC1 Ref B: TYBEDGE0619 Ref C: 2024-01-10T22:47:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYOnzeEh+cEoHWB054LpQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR8DFFPR-1B-MG70
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0d2bd05215470efb17ae41aff76c3f98
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 152D
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADL6E7LPj0AABQaue42Kw&expires=30

42 B
841 B

309ms
82ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADL6E7LPj0AABQaue42Kw&expires=30
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 0d2bd05215470efb17ae41aff76c3f98
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADL6E7LPj0AABQaue42Kw&expires=30
Date: Wed, 10 Jan 2024 22:47:33 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 152D
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=7f3f2d37-1a1e-48b7-8df0-902fb01d627d&expires=30

42 B
841 B

83ms
82ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=7f3f2d37-1a1e-48b7-8df0-902fb01d627d&expires=30
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 7d5ff5cea86970f029093dfe0a29d015
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=7f3f2d37-1a1e-48b7-8df0-902fb01d627d&expires=30
Date: Wed, 10 Jan 2024 22:47:34 GMT
Connection: keep-alive
X-CI-RTID: 0811b94c-0539-473d-be72-1485f7127ef4
Content-Length: 144
Content-Type: text/html; charset=utf-8

GET
H2

200

cksync
hb.yahoo.net/ Frame 152D
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LR8DFFWS-1V-GM9Z&redir=true
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LR8DFFWS-1V-GM9Z&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LR8DFFWS-1V-GM9Z&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1TVC5CZURWRTJ1RzltUUNZX25VREZNWVdCYWhFVG1VMH5B&ovsid=LR8DFFWS-1V-GM9Z&dpid=58160

57 B
651 B

169ms
18ms

Image
image/gif

23.192.45.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS1TVC5CZURWRTJ1RzltUUNZX25VREZNWVdCYWhFVG1VMH5B&ovsid=LR8DFFWS-1V-GM9Z&dpid=58160

Requested by

Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/

Protocol

Server

23.192.45.98 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-192-45-98.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Wed, 10 Jan 2024 22:47:34 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Wed, 10 Jan 2024 22:47:34 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1TVC5CZURWRTJ1RzltUUNZX25VREZNWVdCYWhFVG1VMH5B&ovsid=LR8DFFWS-1V-GM9Z&dpid=58160
date: Wed, 10 Jan 2024 22:47:34 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 152D
Redirect Chain

https://token.rubiconproject.com/token?pid=37556&a=1
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR8DFFPR-1B-MG70
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LR8DFFPR-1B-MG70

95 B
429 B

43ms
43ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LR8DFFPR-1B-MG70

Requested by

Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:34 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Wed, 10 Jan 2024 22:47:34 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LR8DFFPR-1B-MG70
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 152D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=18694
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR8DFFPR-1B-MG70

68 B
280 B

274ms
75ms

Image
image/png

18.140.29.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR8DFFPR-1B-MG70
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Server: 18.140.29.15 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-29-15.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:34 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR8DFFPR-1B-MG70
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 030b4ddd4a4f3e9891a065664f20c4bb
Expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 152D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
https://ce.lijit.com/merge?pid=80&3pid=LR8DFFPR-1B-MG70
https://ce.lijit.com/merge?pid=80&3pid=LR8DFFPR-1B-MG70&dnr=1

43 B
664 B

116ms
115ms

Image
image/gif

209.191.163.210
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LR8DFFPR-1B-MG70&dnr=1
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: HTTP/1.1
Server: 209.191.163.210 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 22:47:34 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4sfo1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 22:47:34 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=80&3pid=LR8DFFPR-1B-MG70&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4sfo1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

pixel
capi.connatix.com/us/ Frame 152D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=19564
https://capi.connatix.com/us/pixel?puid=LR8DFFPR-1B-MG70&pId=11&gdpr=&gdpr_consent=&us_privacy=
https://capi.connatix.com/us/pixel?puid=LR8DFFPR-1B-MG70&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

82 B
82 B

137ms
132ms

Image
image/gif

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/us/pixel?puid=LR8DFFPR-1B-MG70&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by: Host: new-challenge123.com
URL: https://new-challenge123.com/whipping-cream/
Protocol: H2
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 84387669bc55af94-NRT
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 10 Jan 2024 22:47:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
location: https://capi.connatix.com/us/pixel?puid=LR8DFFPR-1B-MG70&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 84387668dba4af94-NRT
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 54ms
54ms XHR
application/json 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_fy2021.js?bust=31080218

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53db01dacc37bc4a7cd71e92a5e86054e15f84bda555ba76443ab1f118102ebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12195
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 76ms
74ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_fy2021.js?bust=31080218

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Jan 2024 22:47:35 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ABF2 13 KB
5 KB 7ms
2ms Document
text/html 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://new-challenge123.com/whipping-cream/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 56367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 07:08:08 GMT
expires: Thu, 09 Jan 2025 07:08:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 85E8 829 B
560 B 50ms
46ms Document
text/html 2404:6800:400a:804::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:804::2004 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a7e8e1b085b798fb4d45fbeb5b87427ced8a4acbe16a45b050bdac17e2200855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fuFMjuYG7fSs7xuvzY1Hjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://new-challenge123.com/whipping-cream/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-fuFMjuYG7fSs7xuvzY1Hjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 22:47:36 GMT
expires: Wed, 10 Jan 2024 22:47:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame ABF2 39 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jan 2025 07:08:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 85E8 0
0 38ms
38ms Image
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=4270021573324575&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame ABF2 0
11 B 2ms
2ms Image
text/plain 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?A_1ijA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:47:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 47ms
46ms Ping
text/plain 2404:6800:400a:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-WTRJSYC2WT&gtm=45je4180v9134568112&_p=1704926850601&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1148661662.1704926851&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEII&sid=1704926850&sct=1&seg=0&dl=https%3A%2F%2Fnew-challenge123.com%2Fwhipping-cream%2F&dt=%E7%94%9F%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%A0%E3%81%AE%E6%B3%A1%E7%AB%8B%E3%81%A6%E5%99%A8%E4%BB%A3%E7%94%A8%E3%81%AB%E3%81%AF%E3%83%95%E3%82%A9%E3%83%BC%E3%82%AF%E3%82%84%E3%83%98%E3%83%A9%E3%81%8C%E8%89%AF%E3%81%84%EF%BC%9F%E8%B6%85%E7%B0%A1%E5%8D%98%E3%81%AA%E6%96%B9%E6%B3%95%E3%82%82%EF%BC%81&_s=2&tfd=6540
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WTRJSYC2WT&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:813::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://new-challenge123.com/whipping-cream/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 22:47:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://new-challenge123.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=4270021573324575&bg=!SUqlSgXNAAaumcC-jpk7ADQBe5WfOJ3TGAtRdHVeoibzWQTXqMvocAtMoH-0NNY_1AKv69nu0_BfLT7BbnGaNxCoNZGcAgAAAD5SAAAABWgBB5kCsLJBLkVxKprIkyWVY3rQwRcp88F6phNWFfbUIqLUbnLeTd0J5kz7dr8fsEkQ-CCMXzVOTl9v4wMQupTxl-K2AI8R_ynyU8dRbFmdV_yFO5c4WJcU7X-spbelyBcJtcQKaqKpMWA-6-r77gsheddI8_yDh08QjLT5-Zc7a7-YYMTJn4Hb2Q3JFP7Adh-LqFwsMgIfCLxvKSeJG2Gz1KyTVoFptz0TZz7wKGvT-Vmri0kbo8CZvtpBdsBcxzHPdBteyDfkkyU9vGavtzAOFXyj7qkkngMJUbz2-4qBN3o2Xp6GGNYImY4V1GFehvhWgkId0zodCUV3UvWwmCGUy6oBrVyhr2mkmuhlp1pmOfeUQBm_N01CS7wx0leJoTNdOiulyGyXgwPVOs2jRrGpm0jYZE4VKbBGcJ9PH6mmuyZZK5zgSyR3UtfLCaWLtXvd6G8Jgu67_pvDL6nL8P6FdF9vQfBeN56bMe5X-cNrIoWOGGrhU5lJaUjqiCLHyfB219AT-CfrJMOfmy4Ta9l1Ni6Kb8sZ3_o-7JHZImOUMNNUucAVc2s8dan7ReMuZulUL6WNH7gmYsJtak88QCOh-8zoM7E4YD_rGoCCBWWe40HAs3Bqz4ViHbcEmSi2Qza7UTw6ISUkyi1Jd-T7osoOhGE3xWa_3mH838Xn9AnJUR4Cylxfm7Aq3We0bt37-mtcqlTVEnhhKsO7CQXVDaCyaeeoVCLC3oovj9JgTt72g8BBR_Dn5pjy_BzQX_10mVwi7wfh49nmJds4g3wVLpaU8hJxdp_DZF8HyD5sWiJ1Q5ijrWRlUt6gDDMiTpITxg__zO7uaMJhxqnpZWBPnPNJbwSEnwRDLVAh3oVMNIuVAeEM3GsjUSjTMc27ahy_H476U3SoLyKLX52nZbTXOeJ3IbfFCIE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://new-challenge123.com/whipping-cream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pm.w55c.net
URL: https://pm.w55c.net/ping_match.gif?st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F163%2F0%2F9.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D0%26gdpr_consent%3D

Verdicts & Comments Add Verdict or Comment

236 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

72 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
new-challenge123.com/whipping-cream	1969-12-31 23:59:59	Name: quads_browser_width Value: 1600
.new-challenge123.com/	1970-01-20 17:36:53	Name: _gid Value: GA1.2.1207574947.1704926851
.new-challenge123.com/	1970-01-20 17:35:26	Name: _gat_gtag_UA_112012224_6 Value: 1
.new-challenge123.com/	1970-01-21 03:11:26	Name: _ga Value: GA1.1.1148661662.1704926851
.new-challenge123.com/	1970-01-20 19:45:02	Name: sharedid Value: adcdf0e4-2094-44d1-bd2f-11c1f8991102
.new-challenge123.com/	1970-01-20 19:45:02	Name: sharedid_cst Value: zix7LPQsHA%3D%3D
.new-challenge123.com/	1970-01-21 02:57:02	Name: __gads Value: ID=e9fd8dd6231ade96:T=1704926851:RT=1704926851:S=ALNI_MZ8i1WTisH_iHxmkaDnSacnQ6H4nA
.new-challenge123.com/	1970-01-21 02:57:02	Name: __gpi Value: UID=00000cd54d617592:T=1704926851:RT=1704926851:S=ALNI_MalNlRN02d19z-yATWZwK6TMocqAA
.doubleclick.net/	1970-01-20 17:35:30	Name: DSID Value: NO_DATA
.crwdcntrl.net/	1970-01-21 00:04:12	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-21 00:04:12	Name: _cc_id Value: 1d8a140f39b2cc4b1383259afc5ef24b
.crwdcntrl.net/	1970-01-21 00:04:14	Name: _cc_cc Value: "ACZ4XmNQMEyxSDQ0MUgztkwySk42STI0tjA2MrVMTEs2TU0zMkliAILU%2BXLNIBoKAFVKCqw%3D"
.crwdcntrl.net/	1970-01-21 00:04:14	Name: _cc_aud Value: "ABR4XmNgYGBInS%2FXDKSgAAAUtAGm"
.doubleclick.net/	1970-01-21 03:11:26	Name: IDE Value: AHWqTUldqZkKu6K359Z7yqMZFJ1LD8TF9dePAPED4b5yL19Iu_k-MP7zO-YCLPIZStw
.new-challenge123.com/	1970-01-20 17:36:53	Name: panoramaId_expiry Value: 1705013251455
.new-challenge123.com/	1970-01-21 00:04:14	Name: _cc_id Value: 1d8a140f39b2cc4b1383259afc5ef24b
.googleadservices.com/	1970-01-20 19:45:02	Name: ar_debug Value: 1
.new-challenge123.com/	1970-01-21 03:11:26	Name: _ga_WTRJSYC2WT Value: GS1.1.1704926850.1.0.1704926851.0.0.0
.quantserve.com/	1970-01-21 03:05:41	Name: mc Value: 659f1e83-d5372-d9075-e5e89
.new-challenge123.com/	1970-01-21 02:59:55	Name: __qca Value: P0-1226144314-1704926851571
.adsrvr.org/	1970-01-21 02:22:29	Name: TDID Value: 31763bd4-cae9-4c42-8d80-b57097e2ebcc
.smartadserver.com/	1970-01-21 02:22:29	Name: pid Value: 4337286605742151663
.smartadserver.com/	1970-01-21 03:07:07	Name: TestIfCookieP Value: ok
.new-challenge123.com/	1970-01-21 02:57:35	Name: cto_bundle Value: dfNDwV90M094TGtsaTNDNklQa05QVk5LQ0R1TjQ3JTJCOGpNUHhaJTJGOVVmdFNLbkV2RkYlMkJjTHBhaTVrUFpiWHhYaEtNOGtWWFBMVXhXeWszUHlsd1VFZFNsbkJVS3FaeXZEUDE1UlRlMCUyRiUyRm4ydnpaYzBGVFVZWHY4ZFpRb0pBNSUyQkJ1SzBXdg
.new-challenge123.com/	1970-01-21 02:57:35	Name: cto_bidid Value: ChVPw191cHMxRFlCc2hMUTVWSVBrTk9DOFdFJTJGZSUyQklYQkk2SkZMWFB3bmdqZXVldW9uODh3a1ZYMmpYTkNhQVFHWDVHdWZ3RzhhZ2NSZDNiJTJCM04xVDVUUEZVTFhJdW1scXR6NWU3QlFRem15SEE1TSUzRA
.adnxs.com/	1970-01-20 19:45:02	Name: uuid2 Value: 4831174728172398760
.id5-sync.com/	1970-01-20 19:45:02	Name: id5 Value: b719e018-6ad6-70fe-b115-4458543793a4#1704926851844#3
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 567966=5798807
.smartadserver.com/	1970-01-20 17:36:53	Name: sasd2 Value: q=%24qc%3D1314914935%3B%24ql%3DUnknown%3B%24qt%3D36_0_0t%3B%24dma%3D0%3B%24qo%3D3&c=1&l=-669273157&lo=1739943965&lt=638405236531714623&o=1
.smartadserver.com/	1970-01-20 17:36:53	Name: sasd Value: %24qc%3D1314914935%3B%24ql%3DUnknown%3B%24qt%3D36_0_0t%3B%24dma%3D0%3B%24qo%3D3
.bidr.io/	1970-01-21 03:03:56	Name: bito Value: AADL6E7LPj0AABQaue42Kw
.bidr.io/	1970-01-21 03:03:56	Name: bitoIsSecure Value: ok
.cpx.to/	1970-01-21 02:21:02	Name: cpSess Value: 370c3fe89c5c233
.pubmatic.com/	1970-01-20 19:45:02	Name: KTPCACOOKIE Value: true
.pubmatic.com/	1970-01-21 02:21:02	Name: KADUSERCOOKIE Value: 2BBE60C0-8D19-4FF3-A7B0-C9F0C73A7AE5
.adnxs.com/	1970-01-21 03:11:26	Name: XANDR_PANID Value: v6GMrtOAwwc7ZzUi17mEiubv8XiNRaP6GGf_h5dWkUggqq1gO6rfV4TgkODycQcc8OtFU7kD2GAlbGbL61TXO82H2-e9ahjq-vHtNarq0uE.
adtrack.adleadevent.com/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 9FC54D150466C174912E5199B1F8E822A79961F459222A4796B3BC5A624746187924E5A9D85256CD101C7B5617B87EC222DB6810D5FA7F2601127727C3997A195B0D3022C0
.eyeota.net/	1970-01-21 02:22:29	Name: mako_uid Value: 18cf58f3a9a-9690000010e5346
.eyeota.net/	1970-01-20 17:35:27	Name: SERVERID Value: 21318~DM
.adsrvr.org/	1970-01-21 02:22:29	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCMShka-Fjsk8EAUYASACKAIyCwiklpXVm47JPBAFOAFaBzhoOXUxMWhgAg..
new-challenge123.com/	1970-01-20 19:01:50	Name: adcashufpv3 Value: 79958338113355225961403534645
.cpx.to/	1970-01-21 02:21:02	Name: dsp_pubmatic Value: 2BBE60C0-8D19-4FF3-A7B0-C9F0C73A7AE5#1704926853838
.cpx.to/	1970-01-21 02:21:02	Name: dsp_app_nexus Value: 4831174728172398760#1704926853910
.cpx.to/	1970-01-21 02:21:02	Name: dsp_TTD Value: 31763bd4-cae9-4c42-8d80-b57097e2ebcc#1704926853910
.cpx.to/	1970-01-21 02:21:02	Name: dsp_dbm Value: CAESEAtKKzsT0iQRHKDKoohiAiM#1704926853963
.rubiconproject.com/	1970-01-21 02:21:02	Name: khaos Value: LR8DFFPR-1B-MG70
pixel.rubiconproject.com/	1970-01-20 19:45:02	Name: receive-cookie-deprecation Value: 1
.linkedin.com/	1970-01-21 02:21:02	Name: bcookie Value: "v=2&570cc20f-7a2f-42c5-89be-7c599849648f"
.linkedin.com/	1970-01-20 17:36:53	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3109:u=1:x=1:i=1704926854:t=1705013254:v=2:sig=AQEvtwSikDlmiMsWL9wpSlf9cJ9Avrcr"
.tapad.com/	1970-01-20 19:01:50	Name: TapAd_TS Value: 1704926854369
.tapad.com/	1970-01-20 19:01:50	Name: TapAd_DID Value: f884cf51-7e9f-48b6-8350-ef6480f7e634
.tapad.com/	1970-01-20 19:01:50	Name: TapAd_3WAY_SYNCS Value:
.yahoo.com/	1970-01-21 02:21:24	Name: A3 Value: d=AQABBIYen2UCEGFPxbLSPFXKFJqlr0v5CogFEgEBAQFwoGWpZWChyyMA_eMAAA&S=AQAAAsCODQFp_JUy1NlbKxhgGYE
.ipredictive.com/	1970-01-21 02:21:02	Name: cu Value: 7f3f2d37-1a1e-48b7-8df0-902fb01d627d\|1704926854529
.semasio.net/	1970-01-21 02:21:02	Name: SEUNCY Value: 91C7A194861DB78C
.amazon-adsystem.com/	1970-01-21 03:11:26	Name: ad-privacy Value: 0
.connatix.com/	1970-01-20 18:18:38	Name: cnx_userId Value: 03f2b43dfbf04f279837e531fd0c65f8
.sharethrough.com/	1970-01-20 18:18:38	Name: stx_user_id Value: af79cb4e-8b8f-4f97-a146-be850ae5daf4
.analytics.yahoo.com/	1970-01-21 02:21:02	Name: IDSYNC Value: "18vk~2g3y:19e0~2g3y"
.lijit.com/	1970-01-21 02:21:02	Name: ljt_reader Value: H-GXEQZHBLNhl-ZmSpSmzm7i
.hb.yahoo.net/	1970-01-20 21:54:38	Name: visitor-id Value: 3479284540032873000V10
.hb.yahoo.net/	1970-01-21 02:21:02	Name: data-mag Value: LR8DFFWS-1V-GM9Z~~63
.lijit.com/	1970-01-21 02:21:02	Name: _ljtrtb_80 Value: LR8DFFPR-1B-MG70
.amazon-adsystem.com/	1970-01-20 23:57:02	Name: ad-id Value: A-Lw_zKuS0fFjd0N1U5vcqE
.rubiconproject.com/	1970-01-21 02:21:02	Name: audit Value: 1\|uzPnWTZexr9FsNVm/+ZCpWKUz7iL38JkxJp6AZadNesNIXVBPorKWhe85E7OpYW6Rffc1Fkcad0iZ07GJqnMnujPGTiJ9gcmpmvllXEtYN4=
pixel-eu.rubiconproject.com/	1970-01-20 19:45:02	Name: receive-cookie-deprecation Value: 1
.smartadserver.com/	1970-01-21 02:22:29	Name: csync Value: 104:LR8DFFPR-1B-MG70\|111:ID5-8654cP6H5GkguKxv8zxGrUPxZmJIlko3oZcB55IMsw
.bidswitch.net/	1970-01-21 02:21:02	Name: tuuid Value: f9d32763-b83b-488a-b949-534493cf6919
.bidswitch.net/	1970-01-21 02:21:02	Name: c Value: 1704926855
.bidswitch.net/	1970-01-21 02:21:02	Name: tuuid_lu Value: 1704926855
.id5-sync.com/	1970-01-20 19:45:02	Name: 3pi Value: 112#1704926854828#-149245240#91C7A194861DB78C\|2#1704926853029#-1087942470#4831174728172398760\|102#1704926852620#2054344141\|264#1704926853293#-1256834809#31763bd4-cae9-4c42-8d80-b57097e2ebcc\|104#1704926855286#1281642678#f9d32763-b83b-488a-b949-534493cf6919\|155#1704926853567#-697683454#AADL6E7LPj0AABQaue42Kw\|123#1704926853918#1854955124
.w55c.net/	1970-01-21 03:04:50	Name: wfivefivec Value: 0I3cwCfR1RnHmf5

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://loader.unblockia.com/c/new-challenge123.com/id.json Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://pm.w55c.net/ping_match.gif?st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F163%2F0%2F9.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D0%26gdpr_consent%3D Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.googleapis.com
c.tmyzer.com
capi.connatix.com
cdn.unblockia.com
cdnjs.cloudflare.com
ce.lijit.com
ced.sascdn.com
cm.g.doubleclick.net
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eus.rubiconproject.com
euw2.smartadserver.com
fbcdn2.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
hbb.afl.rakuten.co.jp
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
lb.eu-1-id5-sync.com
loader.unblockia.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mug.criteo.com
new-challenge123.com
onclickgenius.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
pm.w55c.net
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.amazon-adsystem.com
s.cpx.to
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
static.affiliate.rakuten.co.jp
stats.wp.com
sync.ipredictive.com
tag.leadplace.fr
thumbnail.image.rakuten.co.jp
token.rubiconproject.com
tpc.googlesyndication.com
ufpcdn.com
ups.analytics.yahoo.com
ww1097.smartadserver.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
pm.w55c.net
103.43.90.117
104.18.41.104
13.214.50.225
133.237.48.7
142.250.196.98
142.250.199.98
145.239.192.166
15.197.193.217
162.19.138.116
162.19.138.120
164.132.25.176
178.32.210.226
18.140.29.15
18.143.106.89
182.161.74.11
183.181.98.15
192.0.76.3
207.65.34.80
209.191.163.210
213.19.162.90
23.106.127.56
23.192.45.98
23.195.91.136
23.208.233.60
23.40.149.60
23.60.109.202
2404:6800:4004:80b::2008
2404:6800:4004:80f::200a
2404:6800:4004:810::2002
2404:6800:4004:812::2002
2404:6800:4004:821::2003
2404:6800:4004:821::200e
2404:6800:4004:822::200e
2404:6800:4004:823::2003
2404:6800:4004:823::200a
2404:6800:4004:825::2001
2404:6800:4004:828::2002
2404:6800:400a:804::2004
2404:6800:400a:805::200e
2404:6800:400a:813::200e
2406:2600:4::b
2406:da18:929:5a01:7f06:dee3:5d67:3d00
2600:140b:dc00::173e:6a51
2600:9000:2066:fc00:6:44e3:f8c0:93a1
2600:9000:21ee:1600:12:abfb:9280:93a1
2600:9000:21ee:8000:12:abfb:9280:93a1
2606:4700:3037::ac43:8e31
2606:4700:3037::ac43:d5fa
2606:4700::6810:da14
2606:4700::6811:180e
2620:116:800e:21:36b5:1576:d999:6e52
2620:1ec:21::14
2a02:6ea0:d300::23
34.111.113.62
34.253.153.2
51.79.154.29
52.17.192.98
52.46.130.91
54.157.90.217
54.194.222.16
54.38.64.100
54.64.238.180
67.220.224.144
69.173.158.64
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
01fa4c25f5538938fab407d075732bd41411cd7845f6d2572a63987fed0af9d5
03b46c8ba3370ae92dff86252cddf2a45b1e9dd08d45fca58a0b74e7d4246694
09c7862ce50e9d8643376d2c0dd9a461b086c944abd5d9b1fa5741e968407b08
0a3328381d11b3c586073d87f7e3ec5a90aeabae4bf951d87f43b13ef7c02934
0b822d9fdd1d6e43f77403f4f29ffcde7ac733280389be849984925ed05c51c7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d219e2c4ef25017a3f58cdb24b069430b6708f5d797b861499a9fe5e46b7d12
0ddf527b6f51467e3acbc4f5a2991d0f5c3bb4ee5779ea9dde4abbf75def49bc
0f528b9ba01109026363e739295e39b49b294416ef6cbb2222bc1ca05d7f7198
106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8
13b51aabcb301fe17ea986e50a28e5b39811a98155f84351143b0bf31177456b
15d543225c00b9c3c25093addae90f168711a1e3b0116aae1d0e05e129233865
16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892
16f8e9d3c8f62ed85126178e302337ce5e301fd6a4c2fd710546655f857d95e0
175c4fe3443878bf56533ef4f3911719314806ededecdf3417b75a3e39873316
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ace0b41e6edf47af144ac8a85a7f26fac7262c182275bd5cc7dd48825555e5f
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
1e897125786bddd7832a3352b7477cf469493bec08359ccfaf831d718cf0f933
23f50e78088d702434a208cf161e6ca9cffaf1da8337df1a4902a081659dbb05
244e0869dcec925214583fbe28a07c07dd7f2eb15e02f8a9430119366ab34a45
24618759553d2d90a974988b439a698f4fb0a69a2e00526b64555b900a280527
2a58168d19821f9970474ab1fe9bc5d58e82acdbfbb5ae1cd87da90e704c74b4
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b0142ce4d05b963624c6e5996c5466bc01f8ca5ba312a1dd7d6932882a3916e
2c03a16ff350403d0f978bd91b058ffc5fae93fc3eda71735f925745747b80ef
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2deb2dfe8534b648034f2d5ac8161da5f10649290a313689c2fda0c384ab576a
2eea22b4af3460211e173c83a145c9fdea326d91400feac018f492e4094700e6
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
30e91c4e908076065d2600d6136b034c9d7c35d993c6038dcd441ff131002d3e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3324d20d2228f1eaf2e89974c040176e580d47956909cd60c2ff087f9348a7d0
36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38896159094889054b03ddbde2c5ebab06d9988e853ccb8194d85c7f4ddba48d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f05670ce03ae2bf06b48e05ab042494c7858db58886f351a3d576c4ff8f5ce3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
434cba3583106ab91e5c771561294ce33f5db58921e465b9ddece36d8329d5ed
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
46c3794d8000e7eed704a8d275bc9e958527d150e511e895539842dc265a2454
47915f2d145b140ccde7ddf02d08064db83e6b2c98db6372526dd3775a4b43d2
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
4fb0528bac2609b5962ecd7eae6ce2c7bd0463aa999d9fe37fb8570cb58e0bd7
52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97
53db01dacc37bc4a7cd71e92a5e86054e15f84bda555ba76443ab1f118102ebb
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56fb58953df35255267860dc524d2bf4c84322dfa5da830e6f9dfe9f83a204f4
5734f1b66dcb622529d435aba20990813d43553f949bc0813719b4e7d1252527
588cc054f12d99a10d26fc568cb002503e2642db4e854a2f1a5bf5aabff59607
58ef01cf054184b5b7ee5b05ef529f9937708b1b07d4d37277117756d9139a3f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fb62e9c3200fa29039822e9f1a07a051d3fa8e6ca02591b1dc5f8cd3afec282
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60dcc01e15842e83aac7bfee94fcf29f667cf27c29cdede9a9d74046ecdf2064
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628143a4a9ec4807216204454c67a3e26dc9f7120ff76bf5853d9e89c978ef97
650f30f317ec4dfacc102202f75cfe3cf669fe646a1046ea14597f4b67d253af
66168935c985d45b60e78b83aaba7a8fb40ef45801f42396610421dc8358c031
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df
6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f
70b31859862eb4792df8aa4daa383b355918490f84d956eb5ec12f3aa53b98bd
7278214b0f01bfd6c59032cb72f2ddf23530e597ee18bc2653505118bce7516f
734066ffa58cefe455436ea1ba8612ba4ecc5e67d2402dcecefda2b3fa667cd4
770158d16cb2ccb530d70933b5bd84f4569dab6fe2f56f915efb4408bb7fdaf5
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7cb4263ccaaa637a20896180c003024db4b27f66c7fda6369bf852176003422c
7e84408aa66b9c10dd6e2d630f717b4b4f03345cd77fc5360f4ccba99ce1fa74
7ecd4338c1c8750762999d918a7e6b80ee1686339e86392bb2aec8553d0a2cf3
82b7d423e38b7341d38b7ecccead6ab2807abbcc661c3d67384e3fbd6092f384
851f8da92c164172cb58c771529f8197af7894c458b2ae201aef027f9d379511
85cc06d8596be6d8d84478c57e368ca4c62a62baf8995fb88d0c0a83900f3322
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
883acb93dcdc5b924d32549a10561f1b998af1ee2bc83bd1de5b0d8738ca2856
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d2b0d3968390b8e2a65670d756c65a6210ae418cc4e3d51950aaa6d27402b5f
910655b66685abc4f2bba909d60dfa6aaf19186f2678fa87213b161a87ef6252
920b1fb1c1a386a8708e4ffad2da3bf664f6f3f6f448feb237a68276e9ae646d
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
97271138958fe85a99b19fbdecd90dcdd9808dd94d9340dd31c8c53a3d46cf43
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
97c32278e8275102822dd3f18f9de62b7ff1f796bb43cf04c0845114ec912d16
9ad992d8bee311a5f4568cd5f74fc0666a328b43ee09271a0c31eb0dfc82ddb6
9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2
9f19ac105252eb393d28ec50c2da874ea8ab61ff7e31b1e106cf87aadcb8586d
a039d27d15dfd1092a9770dc18807257ea73e08f16c0887f698f42c0bd4668ad
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a63e79b5a97bf477e7d6ad34b4f8be2e4e8c7f3162f7d58b156ff0557f65c312
a7e8e1b085b798fb4d45fbeb5b87427ced8a4acbe16a45b050bdac17e2200855
a868308d4ca1802090bfd3cc581924bc22275a3bc16fad2df4480e3976a0a5a2
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3
b0bb9969a7c75f2d24e8c08cacb1856ecc281c6759da8ab8c60b43605b8c3b5b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7d2974070cf9f476d97e4401209a440e8fee787781d9084655cca366dad4d21
bbfdc013e8f8b2024092639f589c254f44efa0ba008098a208605a210669db81
bded2fafdcb56681a7ec7d3854133cc916ac2268bbb20d5bd783a2de708c4fd8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c79267d5322afb9348828cf5b1e38be06a6a54428ad9fc6a0e5221240ba290d7
c81029c6b8f6b8badfa68508ca68fdb53dca16d8cacf894eff8a54be8caa125f
c9fe63e7f088355861b07d94f70315d9edd0a084805184415e8d5b452bc2c993
cf74ad67677396ce9f821a2b7ec2180da8b22711f67e2d03912234ff19b7ed21
d04b1faa2da8b85f4f650a0ed3645bb5aee8b8faa5ce054de1115b315059ad68
d04fa817da92f0a8df1bd32c33c2392693baeaa393d763066a9ef8dee539f655
d14fb24c37234368d688c39915a6c76c65d542aab34b5ef8cda4534cc2affaa8
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
ddbc822c300779b7e3a684cff7979eec9ab675ba48a16cb3b8bdfdf0b86b5320
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e22810429746923c1c759ce52dbfc15fddd1994ab645fb74708188081d9d0f1b
e24a5fefc526444231dbcb81349b64d257aee6142b619f4d940482547c47cadb
e2e5685c38df339f14f980645e78aac716ddccd8e9a1939554f4985c5155a1f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ec91ab5fea90c2a483418673e7c3249f380a02200870f4222212bd2c3c3266cd
ec9525bd99fea507aa6807b02db85f9d7f33e7e12096b107024ba46386656c5d
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
eeaac89cfeb579ae2e2f1dc78eefbfd26e68779a836ff6b63c60961e25bd407d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef76f153d610c355de8f8aeb1fbe3c17c3f40927d999d2ad4fbf54a7034e43f0
eff8e6a844522897b74ff661425c391c856245255ee4e41508ed8c066a722261
f1238aeb0cfbba3ccb5433e1c5134e8d01b566f0daa2436082141b86bcad4e1d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f638fb146c0ffb0980d15c048d16357bdbcebb2089ae2619b368ee39feecd1c5
f8dfb3fa0c1e5fc30b35396abc6218cf8d16972546a200789a323922a7593c72
fec081682f0b3914dd548a7efdd1b871b37feb1cc20fbe95115886261274b2c4
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a
ffd610007ab341360059eca0e6b94c22e89f25c81ec612003ee4f814cb1a38b0

new-challenge123.com Open in urlscan Pro 183.181.98.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

210 Requests

87 %HTTPS

42 %IPv6

46 Domains

69 Subdomains

57 IPs

10 Countries

2882 kBTransfer

7518 kBSize

72 Cookies

10 Outgoing links

Redirected requests

210 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

new-challenge123.com Open in urlscan Pro
183.181.98.15 Public Scan

Screenshot
Live screenshot

Full Image

210
Requests

87 %
HTTPS

42 %
IPv6

46
Domains

69
Subdomains

57
IPs

10
Countries

2882 kB
Transfer

7518 kB
Size

72
Cookies

210 HTTP transactions
4 data transactions