qrcode.onl.la Open in urlscan Pro
118.27.125.193 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://qrcode.onl.la/
Effective URL:
https://qrcode.onl.la/
Submission: On May 16 via manual (May 16th 2023, 4:16:44 am UTC) from JP — Scanned from JP

Summary HTTP 66 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 19 domains to perform 66 HTTP transactions. The main IP is 118.27.125.193, located in Japan and belongs to INTERQ GMO Internet,Inc, JP. The main domain is qrcode.onl.la.
TLS certificate: Issued by R3 on March 6th 2023. Valid for: 3 months.

This is the only time qrcode.onl.la was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	118.27.125.193 118.27.125.193	7506 (INTERQ GM...) (INTERQ GMO Internet)
4	2404:6800:400... 2404:6800:4004:820::200a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:823::2008	15169 (GOOGLE) (GOOGLE)
1	2a03:90c0:999... 2a03:90c0:9994::9994	199524 (GCORE) (GCORE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2404:6800:400... 2404:6800:4004:813::2002	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4004:828::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:827::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:821::2002	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:824::200a	15169 (GOOGLE) (GOOGLE)
12	2404:6800:400... 2404:6800:4004:825::2001	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:801::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:826::2003	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:824::2003	15169 (GOOGLE) (GOOGLE)
1 3	2404:6800:400... 2404:6800:4004:821::2004	15169 (GOOGLE) (GOOGLE)
1 1	103.229.205.243 103.229.205.243	30419 (MEDIAMATH...) (MEDIAMATH-INC)
5	142.251.222.2 142.251.222.2	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1 1	18.176.234.133 18.176.234.133	16509 (AMAZON-02) (AMAZON-02)
1	34.111.79.67 34.111.79.67	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
66	21

5 118.27.125.193 (Japan) 1 redirects

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: 118-27-125-193.virt.lolipop.jp

qrcode.onl.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:820::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:823::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:90c0:9994::9994 (Russian Federation)

ASN199524 (GCORE, LU)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:4004:813::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4004:828::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81c::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:827::2002 (Australia)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:821::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:824::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4004:825::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:801::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:826::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:824::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:821::2004 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.205.243 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.222.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.12.39 (Tokyo, Japan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.176.234.133 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-234-133.ap-northeast-1.compute.amazonaws.com

cs.r-ad.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.79.67 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 67.79.111.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	260 KB
13	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 234	64 KB
7	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 385 fonts.googleapis.com — Cisco Umbrella Rank: 50	117 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	60 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	onl.la 1 redirects qrcode.onl.la	31 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 324	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	106 KB
1	bluevoox.com 1 redirects im.bluevoox.com — Cisco Umbrella Rank: 13044	521 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1307	245 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1220	213 B
1	r-ad.ne.jp 1 redirects cs.r-ad.ne.jp — Cisco Umbrella Rank: 81445	684 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2107	173 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 505	875 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1044	595 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	252 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	39 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	37 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	78 KB
66	19

	Domain	Requested by
12	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	pagead2.googlesyndication.com	qrcode.onl.la pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	qrcode.onl.la	1 redirects qrcode.onl.la
4	ajax.googleapis.com	qrcode.onl.la ajax.googleapis.com
3	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	x.bidswitch.net	2 redirects
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
1	im.bluevoox.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	cs.r-ad.ne.jp	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	sync.mathtag.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	qrcode.onl.la
1	cdn.jsdelivr.net	qrcode.onl.la
1	www.googletagmanager.com	qrcode.onl.la
66	24

This site contains links to these domains. Also see Links.

Domain
qr.onl.la
file.onl.la
paint.onl.la
onl.la

Subject Issuer	Validity	Valid
onl.la R3	`2023-03-06` - `2023-06-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
cdn.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2022-10-01` - `2023-10-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-04-12` - `2023-07-11`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://qrcode.onl.la/
Frame ID: 2490AA7809DC633095C62A10D9C67E9B
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html
Frame ID: 52006E56BBEBDC7345812E3A118914DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2752181111354421&output=html&adk=1812271804&adf=3025194257&lmt=1684210600&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fqrcode.onl.la%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684210600176&bpp=3&bdt=231&idt=271&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=985721194422&frm=20&pv=2&ga_vid=1381042719.1684210600&ga_sid=1684210600&ga_hid=1277606264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759837%2C31074199%2C31074635%2C44772269%2C44788441%2C44789779%2C21065724&oid=2&pvsid=1753682607802201&tmod=519938372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=292
Frame ID: 429544E65C0EAE2F72490BD487E3B310
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2752181111354421&output=html&h=60&slotname=9634845112&adk=1186461218&adf=1252093405&pi=t.ma~as.9634845112&w=1600&lmt=1684210600&rafmt=12&format=1600x60&url=https%3A%2F%2Fqrcode.onl.la%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684210600180&bpp=1&bdt=235&idt=294&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=985721194422&frm=20&pv=1&ga_vid=1381042719.1684210600&ga_sid=1684210600&ga_hid=1277606264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759837%2C31074199%2C31074635%2C44772269%2C44788441%2C44789779%2C21065724&oid=2&pvsid=1753682607802201&tmod=519938372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ixF1jOzfk9&p=https%3A//qrcode.onl.la&dtd=298
Frame ID: 5D3758828AD31C800FACEB4088EB61E1
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2752181111354421&output=html&h=250&slotname=6531853833&adk=1429517203&adf=113767482&pi=t.ma~as.6531853833&w=250&lmt=1684210601&rafmt=12&format=250x250&url=https%3A%2F%2Fqrcode.onl.la%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684210601973&bpp=1&bdt=2028&idt=0&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c7f07fb20da0ae6-221f16d9a7df00e8%3AT%3D1684210600%3ART%3D1684210600%3AS%3DALNI_MZJxxmU3doa0sOVp1dJDk-EColdwQ&gpic=UID%3D00000c06dddd1d50%3AT%3D1684210600%3ART%3D1684210600%3AS%3DALNI_MZ_KJH2eQMxuWRsU_uNSVDQeFj7kQ&prev_fmts=0x0%2C1600x60&nras=1&correlator=985721194422&frm=20&pv=1&ga_vid=1381042719.1684210600&ga_sid=1684210600&ga_hid=1277606264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759837%2C31074199%2C31074635%2C44772269%2C44788441%2C44789779%2C21065724&oid=2&psts=ABHeCvjAx99FmUMSJswt5flEoPAvMsk26kvqWtfY5IVk6a6seyp5lrExwy1tQf5Y9dqyhyUL-gSaCRM8OQ_P-2ZyAyKEaCQ&pvsid=1753682607802201&tmod=519938372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaopenvEr%7C&abl=CA&pfx=0&fu=33024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sQeGDC4wKl&p=https%3A//qrcode.onl.la&dtd=4
Frame ID: 06F53DD5865418B53A0934146BE4FC8F
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
Frame ID: B4417EBC0A96B2BE362C20082C9DB211
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 84798E3068A526A21FA28C06DD3E7B48
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DD37CA66BD06823CCF15070F2CAC48EC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 56060E10C8929EDAC4F27C9D7BDEA246
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 598EBFD6511A85D330F7A6978AEF134D
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

QR SCANNER

Page URL History Show full URLs

http://qrcode.onl.la/ HTTP 301
https://qrcode.onl.la/ Page URL

Detected technologies

jQuery Mobile (Mobile Frameworks) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]mobile(?:-([\d.]))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

66
Requests

94 %
HTTPS

63 %
IPv6

19
Domains

24
Subdomains

21
IPs

5
Countries

795 kB
Transfer

2515 kB
Size

14
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://qr.onl.la/
Title: QR GENERATOR

Search URL Search Domain Scan URL

URL: https://file.onl.la/
Title: FILE WEB

Search URL Search Domain Scan URL

URL: https://paint.onl.la/
Title: PAINT WEB

Search URL Search Domain Scan URL

URL: https://onl.la/
Title: ONLINE TOOLS

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://qrcode.onl.la/ HTTP 301
https://qrcode.onl.la/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 67

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPSB9mDP-WwsducpPJyRO7Y&google_cver=1&google_push=ATf1kGPDrPatVHkIoXJJCG8KR17BYLzhUtAmlYqGUm_aUMvohAH22GEb-l_-sb2lMiXDv6MBKB5uRMfrwC1A9SnEbxGXIUGU2Drh0w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPDrPatVHkIoXJJCG8KR17BYLzhUtAmlYqGUm_aUMvohAH22GEb-l_-sb2lMiXDv6MBKB5uRMfrwC1A9SnEbxGXIUGU2Drh0w

Request Chain 69

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEH90QN2jkKW_eKKpLLY0tB8&google_cver=1&google_push=ATf1kGNfdYOvfnYLBV5GJCX8LA_MwNks2c0ew4m2wJumS5XV8oCl9_JWBs3jxBwLZlNHgjhnQV4HOAjmAmYWfWqoTGedMruYro8nBRA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEH90QN2jkKW_eKKpLLY0tB8&google_cver=1&google_push=ATf1kGNfdYOvfnYLBV5GJCX8LA_MwNks2c0ew4m2wJumS5XV8oCl9_JWBs3jxBwLZlNHgjhnQV4HOAjmAmYWfWqoTGedMruYro8nBRA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNfdYOvfnYLBV5GJCX8LA_MwNks2c0ew4m2wJumS5XV8oCl9_JWBs3jxBwLZlNHgjhnQV4HOAjmAmYWfWqoTGedMruYro8nBRA&google_hm=RqPCyI1KThaGv1gbS5Kttg==

Request Chain 70

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEHv1F5fXO-Y63LSlnpqb-yk&google_cver=1&google_push=ATf1kGPM_WdTgIyc05cc5lEVxYkUl_S8DZCAFRghs76j0P2tj-jjrlammwezZfzqUBJsZLGxTbR1RCxbZlQ820uzVU_JT3uS1YLJs0s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=ATf1kGPM_WdTgIyc05cc5lEVxYkUl_S8DZCAFRghs76j0P2tj-jjrlammwezZfzqUBJsZLGxTbR1RCxbZlQ820uzVU_JT3uS1YLJs0s&google_hm=NTRQNEdnMDEzQkRBWTAwOGtTU1E

Request Chain 73

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEKfG3z_EMRV_BQuPgTZxvdg&google_cver=1&google_push=ATf1kGPQXRhM2BHjD2fNyrBfu04Dzb0tb8nqN52k9BpmuXcVXuE9pi4zitsG8XJ66_xNNFpxSyHUI-6AkeCpNo9Enemvpl5kMMy4bIQt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGPQXRhM2BHjD2fNyrBfu04Dzb0tb8nqN52k9BpmuXcVXuE9pi4zitsG8XJ66_xNNFpxSyHUI-6AkeCpNo9Enemvpl5kMMy4bIQt&google_hm=QlMuNmE1YS1mNGY4LTRmZmUtOWRjYw==

66 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
qrcode.onl.la/
Redirect Chain

http://qrcode.onl.la/
https://qrcode.onl.la/

11 KB
3 KB

40ms
23ms

Document
text/html

118.27.125.193
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://qrcode.onl.la/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.193 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-193.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 53381e910960aceada2203c8dc0cae9354c42efd7ee5160ae642bb7b57d79f68

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 16 May 2023 04:16:39 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by
x-turbo-charged-by: LiteSpeed

Redirect headers

Connection: keep-alive
Content-Length: 707
Content-Type: text/html
Date: Tue, 16 May 2023 04:16:39 GMT
Server: LiteSpeed
location: https://qrcode.onl.la/
x-turbo-charged-by: LiteSpeed

GET
H2 200 jquery.mobile.min.css
ajax.googleapis.com/ajax/libs/jquerymobile/1.4.5/ 203 KB
24 KB 49ms
5ms Stylesheet
text/css 2404:6800:4004:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquerymobile/1.4.5/jquery.mobile.min.css

Requested by

Host: qrcode.onl.la
URL: https://qrcode.onl.la/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde718bbe26419b2789ee42b6816077570326691d41b5d8488df906931dc840a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://qrcode.onl.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 06:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24918
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 May 2024 06:06:11 GMT

GET
H2 200 app.css
qrcode.onl.la/ 26 KB
5 KB 20ms
17ms Stylesheet
text/css 118.27.125.193
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://qrcode.onl.la/app.css?v=20220502105043
Requested by: Host: qrcode.onl.la
URL: https://qrcode.onl.la/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.193 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-193.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 548a46089535ae34846d72876c60c2b8655d84edc9f8c285e386eaaa828f6f52

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://qrcode.onl.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 04:16:39 GMT
content-encoding: br
last-modified: Mon, 02 May 2022 01:50:43 GMT
server: LiteSpeed
etag: "68f1-626f38f3-1f10da98cf4c8e0b;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4965
expires: Tue, 23 May 2023 04:16:39 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 82 KB
30 KB 26ms
3ms Script
text/javascript 2404:6800:4004:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: qrcode.onl.la
URL: https://qrcode.onl.la/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://qrcode.onl.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 06:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29725
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 May 2024 06:06:10 GMT

GET
H2 200 jquery.mobile.min.js Show response
ajax.googleapis.com/ajax/libs/jquerymobile/1.4.5/ 195 KB
55 KB 21ms
20ms Script
text/javascript 2404:6800:4004:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquerymobile/1.4.5/jquery.mobile.min.js

Requested by

Host: qrcode.onl.la
URL: https://qrcode.onl.la/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3247d291b5e16684350b23f08c2df498f7cb17c88a1799f9eb89fd5af08b5f81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://qrcode.onl.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 06:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55746
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 May 2024 06:06:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
78 KB 109ms
58ms Script
application/javascript 2404:6800:4004:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H2NMEFG44P

Requested by

Host: qrcode.onl.la
URL: https://qrcode.onl.la/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d1236b3660bb86b6f0991fb2775214c396ddbeae67ef5c44c4f9dd312fc3ab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://qrcode.onl.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 04:16:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79499
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 May 2023 04:16:40 GMT

GET
H2 200 jsQR.min.js Show response
cdn.jsdelivr.net/npm/jsqr@1.4.0/dist/ 128 KB
37 KB 42ms
4ms Script
application/javascript 2a03:90c0:9994::9994
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jsqr@1.4.0/dist/jsQR.min.js

Requested by

Host: qrcode.onl.la
URL: https://qrcode.onl.la/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9994::9994 , Russian Federation, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

3129abb6e1e0027e674b41bddd89a4c401eed653348e02d24fa26c0a25cda5bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://qrcode.onl.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-id: am3-up-gc88, cc1-hw-edge-gc11
date: Tue, 16 May 2023 04:16:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
x-jsd-version: 1.4.0
x-cached-since: 2023-04-28T12:25:54+00:00, 2023-04-28T12:31:28+00:00
cross-origin-resource-policy: cross-origin
x-nginx: nginx-be, nginx-be
x-jsd-version-type: version
server: nginx
etag: W/"1fe21-OChgvyVhwqmLGUPRl9ddkEv14oA"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cache: HIT, HIT
timing-allow-origin: *

GET
H2 200 encoding.min.js Show response
cdnjs.cloudflare.com/ajax/libs/encoding-japanese/1.0.30/ 222 KB
39 KB 18ms
7ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/encoding-japanese/1.0.30/encoding.min.js

Requested by

Host: qrcode.onl.la
URL: https://qrcode.onl.la/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcdd6add2fc283f4cbd04474eb690d4f655822c1cbcc4ab29a58f67445d88572

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://qrcode.onl.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 04:16:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 15326817
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39568
last-modified: Mon, 04 May 2020 16:09:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e54-37707"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8aFo0DXp%2FftVZe5lAPDaNIMcoVxA%2Bfr1ze3qidVGZ%2BMRHQIhMl2NrAOqq8Se55JM9%2FCloo2uokmOv0%2FlXOMLnlf9PCVRzp6NRKTPhgpAwHt69dSsNmzMVZy4MzXYK%2BdKpmxg1Tw8GVadlxK4D99hkS3I"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c80ce7a5a9fdfc5-NRT
expires: Sun, 05 May 2024 04:16:40 GMT

GET
H2 200 app.js Show response
qrcode.onl.la/ 80 KB
20 KB 15ms
15ms Script
application/x-javascript 118.27.125.193
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://qrcode.onl.la/app.js?v=20220502105043
Requested by: Host: qrcode.onl.la
URL: https://qrcode.onl.la/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.193 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-193.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 3e61e18cd668c36d6cda438bd56729b112503ee2b5b0f2a40011a8b315e3868b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://qrcode.onl.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 04:16:40 GMT
content-encoding: br
last-modified: Mon, 02 May 2022 01:50:43 GMT
server: LiteSpeed
etag: "141ef-626f38f3-1cf12b1bb257382c;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 20385
expires: Tue, 23 May 2023 04:16:40 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 102ms
56ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2752181111354421

Requested by

Host: qrcode.onl.la
URL: https://qrcode.onl.la/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26a0c608e65f7cd3fd762b5cebb468d6b63f20c55e0a9b0ca2ef7a3f82982a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qrcode.onl.la/
Origin: https://qrcode.onl.la
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 04:16:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47263
x-xss-protection: 0
server: cafe
etag: 18188020074168442183
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 May 2023 04:16:40 GMT

GET
DATA 200
OK truncated
/ 666 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28e5b59bb3ad5784257180b11ea3608e4ff9f2120a5c6acbfc4a72379a0cf7cf

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 671 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9d56c89e8d74788a8e942bc52319e6c922c798bc7861d82810815235ea9c724

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 775 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c984eaaba265d0f33a2ca30ae9d33ea2d7665578d3e0e7e6c6c8594985fe56cc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 1001 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 710bb0a373f44eee4c83995024210a2b680e4be6cbf548a987cc5328d8e7ac60

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 595 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bbb9fa0e958673ac98015ef569ef0ac82a65392a6bf77b425696a501bd3ef9e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 727 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05e9ea4c52a8f03ee30564e95a2561de65606ab42263793f2f550be28af04c7c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
H2 206 dummy.mp4
qrcode.onl.la/ 2 KB
2 KB 14ms
14ms Media
video/mp4 118.27.125.193
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://qrcode.onl.la/dummy.mp4
Requested by: Host: qrcode.onl.la
URL: https://qrcode.onl.la/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.193 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-193.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 1a0e2ec1af9a1213c123f00c1587e9f02cb5350c68d74d405892bcfe80d378f8

Request headers

Referer: https://qrcode.onl.la/
Accept-Encoding: identity;q=1, *;q=0
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 16 May 2023 04:16:40 GMT
last-modified: Mon, 02 May 2022 01:50:43 GMT
server: LiteSpeed
etag: "65f-626f38f3-35487fdc6b42039;;;"
content-type: video/mp4
Content-Range: bytes 0-1630/1631
x-turbo-charged-by: LiteSpeed
Content-Length: 1631

GET
H3 200 ajax-loader.gif
ajax.googleapis.com/ajax/libs/jquerymobile/1.4.5/images/ 6 KB
6 KB 4ms
3ms Image
image/gif 2404:6800:4004:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ajax.googleapis.com/ajax/libs/jquerymobile/1.4.5/images/ajax-loader.gif

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquerymobile/1.4.5/jquery.mobile.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ajax.googleapis.com/ajax/libs/jquerymobile/1.4.5/jquery.mobile.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 10:21:19 GMT
x-content-type-options: nosniff
age: 496521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6242
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 May 2024 10:21:19 GMT

GET
DATA 200
OK truncated
/ 494 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d501ae712cfb59aadaef3a382f4963f085b6b1ed6c72223411108cbbc01a7ac

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a4d911fde54fb248ce602c16bfd778740dffb761dac2711b8763fa1cfddb3ba

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 571 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3407036df414d2846f6503862a9c7b0261d055632f1182121e276e09e37078d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 617 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9d606cf07457c8897f18ce13235d7271ce1b8e1f8550c01a3f256f1b2dada3a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 578 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0f8f520c8876a74eb54f59706270c0246cd7a2264372c926dc496397222fe06

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://qrcode.onl.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/ 356 KB
120 KB 167ms
125ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_fy2021.js?bust=31074635

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2752181111354421

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5624c7e083c28057455c0ebe9641e6b774da29adf127d9e03500d5081cc27ad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://qrcode.onl.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 04:16:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122586
x-xss-protection: 0
server: cafe
etag: 9347005712595760416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 04:16:40 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/ Frame 5200 10 KB
5 KB 43ms
2ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2752181111354421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qrcode.onl.la/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 22537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 22:01:03 GMT
etag: 15057649708203361565
expires: Mon, 29 May 2023 22:01:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
252 B 78ms
38ms Ping
text/plain 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H2NMEFG44P&gtm=45je35a0&_p=1277606264&cid=1381042719.1684210600&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1684210600&sct=1&seg=0&dl=https%3A%2F%2Fqrcode.onl.la%2F&dt=QR%20SCANNER&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H2NMEFG44P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://qrcode.onl.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 04:16:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qrcode.onl.la
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 379 B
595 B 83ms
38ms Script
text/javascript 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=qrcode.onl.la&callback=_gfp_s_&client=ca-pub-2752181111354421

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_fy2021.js?bust=31074635

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d602d003c47ed1d7eddbb47dbd71332bf2b92b41cf51d3815d2d9df1dbb4e91b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://qrcode.onl.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 04:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 243
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 79ms
39ms Script
application/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qrcode.onl.la

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_fy2021.js?bust=31074635

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://qrcode.onl.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 04:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=footer&cls=footer%20ui-footer%20ui-footer-fullscreen%20ui-bar-inherit%20ui-footer-fixed%20slideup&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: qrcode.onl.la
URL: https://qrcode.onl.la/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://qrcode.onl.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 04:16:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=header&cls=header%20ui-header%20ui-header-fullscreen%20ui-bar-inherit%20ui-header-fixed%20slidedown&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: qrcode.onl.la
URL: https://qrcode.onl.la/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://qrcode.onl.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 04:16:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4295 0
188 B 114ms
113ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2752181111354421&output=html&adk=1812271804&adf=3025194257&lmt=1684210600&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fqrcode.onl.la%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684210600176&bpp=3&bdt=231&idt=271&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=985721194422&frm=20&pv=2&ga_vid=1381042719.1684210600&ga_sid=1684210600&ga_hid=1277606264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759837%2C31074199%2C31074635%2C44772269%2C44788441%2C44789779%2C21065724&oid=2&pvsid=1753682607802201&tmod=519938372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=292

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_fy2021.js?bust=31074635

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qrcode.onl.la/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 04:16:40 GMT
expires: Tue, 16 May 2023 04:16:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5D37 88 KB
32 KB 1304ms
1301ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2752181111354421&output=html&h=60&slotname=9634845112&adk=1186461218&adf=1252093405&pi=t.ma~as.9634845112&w=1600&lmt=1684210600&rafmt=12&format=1600x60&url=https%3A%2F%2Fqrcode.onl.la%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684210600180&bpp=1&bdt=235&idt=294&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=985721194422&frm=20&pv=1&ga_vid=1381042719.1684210600&ga_sid=1684210600&ga_hid=1277606264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759837%2C31074199%2C31074635%2C44772269%2C44788441%2C44789779%2C21065724&oid=2&pvsid=1753682607802201&tmod=519938372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ixF1jOzfk9&p=https%3A//qrcode.onl.la&dtd=298

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_fy2021.js?bust=31074635

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb657cf75de729086b7bb0c891fb31e0457f82b222b339ccacf978426f2515cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qrcode.onl.la/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 32888
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 04:16:41 GMT
expires: Tue, 16 May 2023 04:16:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 5D37 237 B
664 B 78ms
39ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E9%96%8B%E3%81%8F

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2752181111354421&output=html&h=60&slotname=9634845112&adk=1186461218&adf=1252093405&pi=t.ma~as.9634845112&w=1600&lmt=1684210600&rafmt=12&format=1600x60&url=https%3A%2F%2Fqrcode.onl.la%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684210600180&bpp=1&bdt=235&idt=294&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=985721194422&frm=20&pv=1&ga_vid=1381042719.1684210600&ga_sid=1684210600&ga_hid=1277606264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759837%2C31074199%2C31074635%2C44772269%2C44788441%2C44789779%2C21065724&oid=2&pvsid=1753682607802201&tmod=519938372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ixF1jOzfk9&p=https%3A//qrcode.onl.la&dtd=298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7b579f3f51f5887ff92b75fbb96a652f626f9c684932499907688b1a0a3b4a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 May 2023 04:16:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 May 2023 04:16:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 May 2023 04:16:41 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5D37 6 KB
779 B 80ms
41ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 May 2023 04:16:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 May 2023 02:37:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 May 2023 04:16:41 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 5D37 2 KB
846 B 46ms
4ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 18:07:51 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5D37 0
0 54ms
54ms Fetch
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ci3sdqANjZKXHH6mC29gP5-eYgAzg39rLcLf6kb6GEbHSgbznAhABINaqvihgifPFhPQToAHIyb7ZKMgBCakCyIU0Mw5GPz6oAwHIA8sEqgTjAU_QpUvQFak96sv4XPAfL8v59y2L921FU4T2O42fFLRunkM8fv9dWM2H7jZfJBL7KocxU4Hr_K6JNw2zqNugii-ThrIyNgjcMQeyhXK35ooFiSqG6N1AHMiW6zoDv1IQq4EzvtTtnFHc97eItsPLNHYFR4YcsYffzSTiKX02RZ_3S2xYOKaR0JwNtpRWGrDTLxE9z0RNj2kAlsHrVsoaG-kMk3D1RDScsoNQ-Xp1F8fMsoBDMeVnPuLYiT_unzMAPiM-p97ugPww0JWaE0CdvIfONmyCJHxSgAMe1ipLUDXwaScpwASfp7eb-gOSBQQIBBgBkgUECAUYBKAGLoAHyIGPuQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDC30TSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAbgT5APYEwrQFQGAFwGyFxwKGggAEhRwdWItMjc1MjE4MTExMTM1NDQyMRgA&sigh=BsJQt4wAnUA&uach_m=[UACH]&cid=CAQSGwBygQiDynxr-b3-xP57xHkR5eTlT-t5D6d1rRgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2752181111354421&output=html&h=60&slotname=9634845112&adk=1186461218&adf=1252093405&pi=t.ma~as.9634845112&w=1600&lmt=1684210600&rafmt=12&format=1600x60&url=https%3A%2F%2Fqrcode.onl.la%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684210600180&bpp=1&bdt=235&idt=294&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=985721194422&frm=20&pv=1&ga_vid=1381042719.1684210600&ga_sid=1684210600&ga_hid=1277606264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759837%2C31074199%2C31074635%2C44772269%2C44788441%2C44789779%2C21065724&oid=2&pvsid=1753682607802201&tmod=519938372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ixF1jOzfk9&p=https%3A//qrcode.onl.la&dtd=298
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 16 May 2023 04:16:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 16 May 2023 04:16:41 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 5D37 22 KB
9 KB 43ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 22:01:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22533
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 22:01:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 5D37 3 KB
1 KB 44ms
4ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 22:01:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22533
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 22:01:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 5D37 19 KB
8 KB 43ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 22:01:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22533
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 22:01:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D37 170 KB
53 KB 111ms
66ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 04:16:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 04:16:41 GMT

GET
H2 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame 5D37 32 KB
14 KB 41ms
2ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:16:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 20:29:28 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8921143302647382979/ Frame 5D37 4 KB
4 KB 33ms
5ms Image
image/png 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8921143302647382979/14763004658117789537?w=195&h=102

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1facd00c0fc0e1b97f336c60be4c2273ec3b1ea6ddc846504a681ca78b75e9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:37:42 GMT
x-content-type-options: nosniff
age: 5939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3896
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 07:12:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 May 2024 02:37:42 GMT

GET
DATA 200
OK truncated
/ Frame 5D37 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3341ed3033c346fc8c04c63afabedbf5b3928e31ec20bb1c2278722b4668c83a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5D37 15 KB
16 KB 44ms
3ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:24:24 GMT
x-content-type-options: nosniff
age: 208338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 18:24:24 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5D37 15 KB
15 KB 44ms
4ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:37:56 GMT
x-content-type-options: nosniff
age: 207526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 18:37:56 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame 5D37 1 KB
1 KB 44ms
5ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj757A0Fe-NykB6g&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E9%96%8B%E3%81%8F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6d37ee99a8931a2bcaceb61c1f5efb73f56abec4db0755e24e7aa471adb80a19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 19:57:36 GMT
x-content-type-options: nosniff
age: 29946
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1248
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Mon, 15 May 2023 19:57:36 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 41ms
40ms Script
application/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qrcode.onl.la

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_fy2021.js?bust=31074635

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://qrcode.onl.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 04:16:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 06F5 75 KB
25 KB 466ms
465ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2752181111354421&output=html&h=250&slotname=6531853833&adk=1429517203&adf=113767482&pi=t.ma~as.6531853833&w=250&lmt=1684210601&rafmt=12&format=250x250&url=https%3A%2F%2Fqrcode.onl.la%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684210601973&bpp=1&bdt=2028&idt=0&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c7f07fb20da0ae6-221f16d9a7df00e8%3AT%3D1684210600%3ART%3D1684210600%3AS%3DALNI_MZJxxmU3doa0sOVp1dJDk-EColdwQ&gpic=UID%3D00000c06dddd1d50%3AT%3D1684210600%3ART%3D1684210600%3AS%3DALNI_MZ_KJH2eQMxuWRsU_uNSVDQeFj7kQ&prev_fmts=0x0%2C1600x60&nras=1&correlator=985721194422&frm=20&pv=1&ga_vid=1381042719.1684210600&ga_sid=1684210600&ga_hid=1277606264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759837%2C31074199%2C31074635%2C44772269%2C44788441%2C44789779%2C21065724&oid=2&psts=ABHeCvjAx99FmUMSJswt5flEoPAvMsk26kvqWtfY5IVk6a6seyp5lrExwy1tQf5Y9dqyhyUL-gSaCRM8OQ_P-2ZyAyKEaCQ&pvsid=1753682607802201&tmod=519938372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaopenvEr%7C&abl=CA&pfx=0&fu=33024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sQeGDC4wKl&p=https%3A//qrcode.onl.la&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_fy2021.js?bust=31074635

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9745254cbcf1ec865d83566072e51794f7b7c5d4d57e1c40afe98bf690848e8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qrcode.onl.la/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 25857
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 04:16:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 52ms
52ms XHR
application/json 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_fy2021.js?bust=31074635

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55fa4ff11112b026ff57bb52fce609b2f2abcff86612282f9908e763dc83c488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://qrcode.onl.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 04:16:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11270
x-xss-protection: 0

GET
H3 200 A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js Show response
pagead2.googlesyndication.com/bg/ Frame B441 37 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 23:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 May 2024 23:54:01 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 93ms
92ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_fy2021.js?bust=31074635

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://qrcode.onl.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 04:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 May 2023 04:16:42 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8479 13 KB
5 KB 3ms
2ms Document
text/html 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qrcode.onl.la/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 22528
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 22:01:14 GMT
expires: Tue, 14 May 2024 22:01:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DD37 783 B
1 KB 81ms
41ms Document
text/html 2404:6800:4004:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2950f8dce0e1036c0931cee085c866be4cbfa31ac333796c7b44a1ba2f8c7f92

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cuXGOYemVU7aE3JkNFI5tA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qrcode.onl.la/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-cuXGOYemVU7aE3JkNFI5tA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 04:16:42 GMT
expires: Tue, 16 May 2023 04:16:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js Show response
pagead2.googlesyndication.com/bg/ Frame 8479 37 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 23:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 May 2024 23:54:01 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8479 0
10 B 2ms
1ms Image
text/plain 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2kz3_g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 04:16:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DD37 0
0 39ms
38ms Image
text/html 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=1753682607802201&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ Frame 06F5 9 KB
1 KB 41ms
40ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2752181111354421&output=html&h=250&slotname=6531853833&adk=1429517203&adf=113767482&pi=t.ma~as.6531853833&w=250&lmt=1684210601&rafmt=12&format=250x250&url=https%3A%2F%2Fqrcode.onl.la%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684210601973&bpp=1&bdt=2028&idt=0&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c7f07fb20da0ae6-221f16d9a7df00e8%3AT%3D1684210600%3ART%3D1684210600%3AS%3DALNI_MZJxxmU3doa0sOVp1dJDk-EColdwQ&gpic=UID%3D00000c06dddd1d50%3AT%3D1684210600%3ART%3D1684210600%3AS%3DALNI_MZ_KJH2eQMxuWRsU_uNSVDQeFj7kQ&prev_fmts=0x0%2C1600x60&nras=1&correlator=985721194422&frm=20&pv=1&ga_vid=1381042719.1684210600&ga_sid=1684210600&ga_hid=1277606264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759837%2C31074199%2C31074635%2C44772269%2C44788441%2C44789779%2C21065724&oid=2&psts=ABHeCvjAx99FmUMSJswt5flEoPAvMsk26kvqWtfY5IVk6a6seyp5lrExwy1tQf5Y9dqyhyUL-gSaCRM8OQ_P-2ZyAyKEaCQ&pvsid=1753682607802201&tmod=519938372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaopenvEr%7C&abl=CA&pfx=0&fu=33024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sQeGDC4wKl&p=https%3A//qrcode.onl.la&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 May 2023 04:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 May 2023 02:32:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 May 2023 04:16:42 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 06F5 2 KB
765 B 4ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36531
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 18:07:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 06F5 22 KB
9 KB 3ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 22:01:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 22:01:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 06F5 3 KB
1 KB 4ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 22:01:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 22:01:08 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 06F5 19 KB
8 KB 4ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 22:01:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 22:01:08 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 06F5 0
0 42ms
40ms Image
text/html 2404:6800:4004:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTRhanuqaMGgWO7fs46Rgh_P3fWO1PN2QCxl5N5Ogtgn_J6Y0b0k-qvCSL9HXPdaFu3x-3ikomvSGI1KZwmW-QTWdXzDw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2752181111354421&output=html&h=250&slotname=6531853833&adk=1429517203&adf=113767482&pi=t.ma~as.6531853833&w=250&lmt=1684210601&rafmt=12&format=250x250&url=https%3A%2F%2Fqrcode.onl.la%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684210601973&bpp=1&bdt=2028&idt=0&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c7f07fb20da0ae6-221f16d9a7df00e8%3AT%3D1684210600%3ART%3D1684210600%3AS%3DALNI_MZJxxmU3doa0sOVp1dJDk-EColdwQ&gpic=UID%3D00000c06dddd1d50%3AT%3D1684210600%3ART%3D1684210600%3AS%3DALNI_MZ_KJH2eQMxuWRsU_uNSVDQeFj7kQ&prev_fmts=0x0%2C1600x60&nras=1&correlator=985721194422&frm=20&pv=1&ga_vid=1381042719.1684210600&ga_sid=1684210600&ga_hid=1277606264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759837%2C31074199%2C31074635%2C44772269%2C44788441%2C44789779%2C21065724&oid=2&psts=ABHeCvjAx99FmUMSJswt5flEoPAvMsk26kvqWtfY5IVk6a6seyp5lrExwy1tQf5Y9dqyhyUL-gSaCRM8OQ_P-2ZyAyKEaCQ&pvsid=1753682607802201&tmod=519938372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaopenvEr%7C&abl=CA&pfx=0&fu=33024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sQeGDC4wKl&p=https%3A//qrcode.onl.la&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:821::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 06F5 170 KB
53 KB 86ms
84ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 04:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 04:16:42 GMT

GET
H2 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame 06F5 32 KB
13 KB 4ms
2ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:16:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 20:29:28 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5606 143 B
166 B 3ms
2ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2752181111354421&output=html&h=250&slotname=6531853833&adk=1429517203&adf=113767482&pi=t.ma~as.6531853833&w=250&lmt=1684210601&rafmt=12&format=250x250&url=https%3A%2F%2Fqrcode.onl.la%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684210601973&bpp=1&bdt=2028&idt=0&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c7f07fb20da0ae6-221f16d9a7df00e8%3AT%3D1684210600%3ART%3D1684210600%3AS%3DALNI_MZJxxmU3doa0sOVp1dJDk-EColdwQ&gpic=UID%3D00000c06dddd1d50%3AT%3D1684210600%3ART%3D1684210600%3AS%3DALNI_MZ_KJH2eQMxuWRsU_uNSVDQeFj7kQ&prev_fmts=0x0%2C1600x60&nras=1&correlator=985721194422&frm=20&pv=1&ga_vid=1381042719.1684210600&ga_sid=1684210600&ga_hid=1277606264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759837%2C31074199%2C31074635%2C44772269%2C44788441%2C44789779%2C21065724&oid=2&psts=ABHeCvjAx99FmUMSJswt5flEoPAvMsk26kvqWtfY5IVk6a6seyp5lrExwy1tQf5Y9dqyhyUL-gSaCRM8OQ_P-2ZyAyKEaCQ&pvsid=1753682607802201&tmod=519938372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaopenvEr%7C&abl=CA&pfx=0&fu=33024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sQeGDC4wKl&p=https%3A//qrcode.onl.la&dtd=4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 04:13:11 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 598E 1 KB
643 B 4ms
4ms Document
text/html 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 14089
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 00:21:53 GMT
etag: 48472445140208031
expires: Wed, 17 May 2023 00:21:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5606
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

46ms
45ms

Document
text/html

2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 04:16:42 GMT
expires: Tue, 16 May 2023 04:16:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 04:16:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 598E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPSB9mDP-WwsducpPJyRO7Y&google_cver=1&google_push=ATf1kGPDrPatVHkIoXJJCG8KR17BYLzhUtAmlYqGUm_aUMvohAH22GEb-l_-sb2lMiXDv6MBKB5uRMfrwC1A9SnE...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPDrPatVHkIoXJJCG8KR17BYLzhUtAmlYqGUm_aUMvohAH22GEb-l_-sb2lMiXDv6MBKB5uRMfrwC1A9SnEbxGXIUGU2Drh0w

170 B
329 B

72ms
39ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPDrPatVHkIoXJJCG8KR17BYLzhUtAmlYqGUm_aUMvohAH22GEb-l_-sb2lMiXDv6MBKB5uRMfrwC1A9SnEbxGXIUGU2Drh0w

Requested by

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 04:16:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 16 May 2023 04:16:42 GMT
Server: MT3 851 9bd98ae master nrt-pixel-x15 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPDrPatVHkIoXJJCG8KR17BYLzhUtAmlYqGUm_aUMvohAH22GEb-l_-sb2lMiXDv6MBKB5uRMfrwC1A9SnEbxGXIUGU2Drh0w
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 16 May 2023 04:16:41 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 598E 0
173 B 86ms
76ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEKunbGSIdObP2QStENQ986M&google_cver=1&google_push=ATf1kGO6NQh20ZZoXcst0NkHTq05zLLrqFDl0gXXkNVro41a_LjG6xsy-4M2Ud_651VH8-wYEFypcgdauCTuAaSxlmfR1r2-7LTOIas
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2752181111354421&output=html&h=250&slotname=6531853833&adk=1429517203&adf=113767482&pi=t.ma~as.6531853833&w=250&lmt=1684210601&rafmt=12&format=250x250&url=https%3A%2F%2Fqrcode.onl.la%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684210601973&bpp=1&bdt=2028&idt=0&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c7f07fb20da0ae6-221f16d9a7df00e8%3AT%3D1684210600%3ART%3D1684210600%3AS%3DALNI_MZJxxmU3doa0sOVp1dJDk-EColdwQ&gpic=UID%3D00000c06dddd1d50%3AT%3D1684210600%3ART%3D1684210600%3AS%3DALNI_MZ_KJH2eQMxuWRsU_uNSVDQeFj7kQ&prev_fmts=0x0%2C1600x60&nras=1&correlator=985721194422&frm=20&pv=1&ga_vid=1381042719.1684210600&ga_sid=1684210600&ga_hid=1277606264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759837%2C31074199%2C31074635%2C44772269%2C44788441%2C44789779%2C21065724&oid=2&psts=ABHeCvjAx99FmUMSJswt5flEoPAvMsk26kvqWtfY5IVk6a6seyp5lrExwy1tQf5Y9dqyhyUL-gSaCRM8OQ_P-2ZyAyKEaCQ&pvsid=1753682607802201&tmod=519938372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaopenvEr%7C&abl=CA&pfx=0&fu=33024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sQeGDC4wKl&p=https%3A//qrcode.onl.la&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 04:16:42 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 598E
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEH90QN2jkKW_eKKpLLY0tB8&google_cver=1&google_push=ATf1kGNfdYOvfnYLBV5GJCX8LA_MwNks2c0ew4m2wJumS5XV8oCl9_JWBs3jxBwLZlNHgjhnQV4HOAjmAmYWfWqoTGed...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEH90QN2jkKW_eKKpLLY0tB8&google_cver=1&google_push=ATf1kGNfdYOvfnYLBV5GJCX8LA_MwNks2c0ew4m2wJumS5XV8oCl9_JWBs3jxBwLZlNHgjhnQV4HOAjmAmYWfW...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNfdYOvfnYLBV5GJCX8LA_MwNks2c0ew4m2wJumS5XV8oCl9_JWBs3jxBwLZlNHgjhnQV4HOAjmAmYWfWqoTGedMruYro8nBRA&google_hm=RqPCyI1KThaGv1gbS5Kt...

170 B
232 B

64ms
42ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNfdYOvfnYLBV5GJCX8LA_MwNks2c0ew4m2wJumS5XV8oCl9_JWBs3jxBwLZlNHgjhnQV4HOAjmAmYWfWqoTGedMruYro8nBRA&google_hm=RqPCyI1KThaGv1gbS5Kttg==

Requested by

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 04:16:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNfdYOvfnYLBV5GJCX8LA_MwNks2c0ew4m2wJumS5XV8oCl9_JWBs3jxBwLZlNHgjhnQV4HOAjmAmYWfWqoTGedMruYro8nBRA&google_hm=RqPCyI1KThaGv1gbS5Kttg==
Date: Tue, 16 May 2023 04:16:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 598E
Redirect Chain

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEHv1F5fXO-Y63LSlnpqb-yk&google_cver=1&google_push=ATf1kGPM_WdTgIyc05cc5lEVxYkUl_S8DZCAFRghs76j0P2tj-jjrlammwezZfzqUBJsZLGxTbR1RCxbZlQ820uzVU_JT3uS1YLJs0s
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=ATf1kGPM_WdTgIyc05cc5lEVxYkUl_S8DZCAFRghs76j0P2tj-jjrlammwezZfzqUBJsZLGxTbR1RCxbZlQ820uzVU_JT3uS1YLJs0s&google_hm=NTRQNEdnMDEzQkRBWTAw...

170 B
232 B

69ms
40ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=ATf1kGPM_WdTgIyc05cc5lEVxYkUl_S8DZCAFRghs76j0P2tj-jjrlammwezZfzqUBJsZLGxTbR1RCxbZlQ820uzVU_JT3uS1YLJs0s&google_hm=NTRQNEdnMDEzQkRBWTAwOGtTU1E

Requested by

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 04:16:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-store, no-cache
Date: Tue, 16 May 2023 04:16:42 GMT
Server: nginx
P3P: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location: //cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=ATf1kGPM_WdTgIyc05cc5lEVxYkUl_S8DZCAFRghs76j0P2tj-jjrlammwezZfzqUBJsZLGxTbR1RCxbZlQ820uzVU_JT3uS1YLJs0s&google_hm=NTRQNEdnMDEzQkRBWTAwOGtTU1E
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
X-SID: 159f32b0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 598E 42 B
213 B 53ms
40ms Image
image/gif 34.111.79.67
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEMIPJWK1onrVAOQVwEUzUJ8&google_cver=1&google_push=ATf1kGMegDqVosAKITg593Blr4Ssamcvj_se7ZeG14AO6EwNLxcINmG9cuyCW2TzVwDB03EcN6r9kiZkFlSZAn2gBuU24oGcUtC6GZM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2752181111354421&output=html&h=250&slotname=6531853833&adk=1429517203&adf=113767482&pi=t.ma~as.6531853833&w=250&lmt=1684210601&rafmt=12&format=250x250&url=https%3A%2F%2Fqrcode.onl.la%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684210601973&bpp=1&bdt=2028&idt=0&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c7f07fb20da0ae6-221f16d9a7df00e8%3AT%3D1684210600%3ART%3D1684210600%3AS%3DALNI_MZJxxmU3doa0sOVp1dJDk-EColdwQ&gpic=UID%3D00000c06dddd1d50%3AT%3D1684210600%3ART%3D1684210600%3AS%3DALNI_MZ_KJH2eQMxuWRsU_uNSVDQeFj7kQ&prev_fmts=0x0%2C1600x60&nras=1&correlator=985721194422&frm=20&pv=1&ga_vid=1381042719.1684210600&ga_sid=1684210600&ga_hid=1277606264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759837%2C31074199%2C31074635%2C44772269%2C44788441%2C44789779%2C21065724&oid=2&psts=ABHeCvjAx99FmUMSJswt5flEoPAvMsk26kvqWtfY5IVk6a6seyp5lrExwy1tQf5Y9dqyhyUL-gSaCRM8OQ_P-2ZyAyKEaCQ&pvsid=1753682607802201&tmod=519938372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaopenvEr%7C&abl=CA&pfx=0&fu=33024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sQeGDC4wKl&p=https%3A//qrcode.onl.la&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.79.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 67.79.111.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 04:16:42 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 dds
rtb.openx.net/sync/ Frame 598E 43 B
245 B 50ms
40ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEOzcd8Q1Q_GYgsJycw-U0wY&google_cver=1&google_push=ATf1kGO7otPlymsSLX-WIPJt0_GyIrhhWCFTM_QxyYO98LTrm1KitbKFjVk6bc6BStTCoa6p9qbmXKadYPJObbKAEjfry-3d6CLyJG8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2752181111354421&output=html&h=250&slotname=6531853833&adk=1429517203&adf=113767482&pi=t.ma~as.6531853833&w=250&lmt=1684210601&rafmt=12&format=250x250&url=https%3A%2F%2Fqrcode.onl.la%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684210601973&bpp=1&bdt=2028&idt=0&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c7f07fb20da0ae6-221f16d9a7df00e8%3AT%3D1684210600%3ART%3D1684210600%3AS%3DALNI_MZJxxmU3doa0sOVp1dJDk-EColdwQ&gpic=UID%3D00000c06dddd1d50%3AT%3D1684210600%3ART%3D1684210600%3AS%3DALNI_MZ_KJH2eQMxuWRsU_uNSVDQeFj7kQ&prev_fmts=0x0%2C1600x60&nras=1&correlator=985721194422&frm=20&pv=1&ga_vid=1381042719.1684210600&ga_sid=1684210600&ga_hid=1277606264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759837%2C31074199%2C31074635%2C44772269%2C44788441%2C44789779%2C21065724&oid=2&psts=ABHeCvjAx99FmUMSJswt5flEoPAvMsk26kvqWtfY5IVk6a6seyp5lrExwy1tQf5Y9dqyhyUL-gSaCRM8OQ_P-2ZyAyKEaCQ&pvsid=1753682607802201&tmod=519938372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaopenvEr%7C&abl=CA&pfx=0&fu=33024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sQeGDC4wKl&p=https%3A//qrcode.onl.la&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 04:16:42 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 598E
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEKfG3z_EMRV_BQuPgTZxvdg&google_cver=1&google_push=ATf1kGPQXRhM2BHjD2fNyrBfu04Dzb0tb8nqN52k9BpmuXcVXuE9pi4zi...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGPQXRhM2BHjD2fNyrBfu04Dzb0tb8nqN52k9BpmuXcVXuE9pi4zitsG8XJ66_xNNFpxSyHUI-6AkeCpNo9Enemvpl5kMMy4bIQt&google_hm=QlMuNmE1YS1mNG...

170 B
232 B

44ms
42ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGPQXRhM2BHjD2fNyrBfu04Dzb0tb8nqN52k9BpmuXcVXuE9pi4zitsG8XJ66_xNNFpxSyHUI-6AkeCpNo9Enemvpl5kMMy4bIQt&google_hm=QlMuNmE1YS1mNGY4LTRmZmUtOWRjYw==

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 04:16:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGPQXRhM2BHjD2fNyrBfu04Dzb0tb8nqN52k9BpmuXcVXuE9pi4zitsG8XJ66_xNNFpxSyHUI-6AkeCpNo9Enemvpl5kMMy4bIQt&google_hm=QlMuNmE1YS1mNGY4LTRmZmUtOWRjYw==
Date: Tue, 16 May 2023 04:16:42 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 598E 0
139 B 83ms
38ms Image
text/html 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KNlD46wRjMC6E8WaIrxSEtCEsNzR20sLeC8nlojtC8en4FboM7v3aX4FEoGl8DXrC5ot4rpw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 04:16:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 06F5 0
19 B 52ms
51ms Image
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTl1tqgNjZK1ShsLaBOmsmuANysX1-WuRzcui2AyO4Ln73w4QASDWqr4oYInzxYT0E6ABk_u-3wPIAQGoAwGqBNoBT9BYESGZhr2HAPhcHLILTJcV4ReIV5uJ2UL_mdApUFjuuOc3MkhBV9pmZCSVMZomLUdemCQ0jna9L8ZLIK7bPdbNJb32oXlQVPkMpvpmLh7ZtvLuDsb9zARoF3xCCB8CNNQniZA7p9VOkqxGTICgMsJtDGEfgz_d6t2xorViM3iW2ON76loTSx8vz26dNck_EDVWQEIxxVRSaUagOrd4j0fwk5_AnGN5I28YxeYIvksIMICCGrUh4UkQeLbm2Blwj4gmAPi_Eq7YP_LomqUMgqmPL-FheSlu7hPABP7Np7mVA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAfVhMEgqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQqYcB0ggUCIBhEAEYHzICigI6AoBASL39wTqACgHICwHYEwyIFB3QFQGYFgGAFwGyFxwKGggAEhRwdWItMjc1MjE4MTExMTM1NDQyMRgA&sigh=4kWvH3-by5Q&uach_m=[UACH]&cid=CAQSOwBygQiDSkuLXMmGeGXN9Q27B6ctjbmgI2trpES2YARxibVekBGLE4H4rvj9CeggYu65L20qi2PkakC9GAE&template_id=5007&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2752181111354421&output=html&h=250&slotname=6531853833&adk=1429517203&adf=113767482&pi=t.ma~as.6531853833&w=250&lmt=1684210601&rafmt=12&format=250x250&url=https%3A%2F%2Fqrcode.onl.la%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684210601973&bpp=1&bdt=2028&idt=0&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c7f07fb20da0ae6-221f16d9a7df00e8%3AT%3D1684210600%3ART%3D1684210600%3AS%3DALNI_MZJxxmU3doa0sOVp1dJDk-EColdwQ&gpic=UID%3D00000c06dddd1d50%3AT%3D1684210600%3ART%3D1684210600%3AS%3DALNI_MZ_KJH2eQMxuWRsU_uNSVDQeFj7kQ&prev_fmts=0x0%2C1600x60&nras=1&correlator=985721194422&frm=20&pv=1&ga_vid=1381042719.1684210600&ga_sid=1684210600&ga_hid=1277606264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759837%2C31074199%2C31074635%2C44772269%2C44788441%2C44789779%2C21065724&oid=2&psts=ABHeCvjAx99FmUMSJswt5flEoPAvMsk26kvqWtfY5IVk6a6seyp5lrExwy1tQf5Y9dqyhyUL-gSaCRM8OQ_P-2ZyAyKEaCQ&pvsid=1753682607802201&tmod=519938372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaopenvEr%7C&abl=CA&pfx=0&fu=33024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sQeGDC4wKl&p=https%3A//qrcode.onl.la&dtd=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 16 May 2023 04:16:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 42ms
42ms Image
text/html 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=1753682607802201&bg=!XV6lXgrNAAYldGN0BXQ7ADkAdvg8Wpk7BYGD-2Dm2Jm0QCrzBigor1Rj_QGQDaYQjLKYIk7bwkGArysGTz1WCmVgQ8CQjvWMwDoCAAAAPVIAAAACaAEHmQK30L-nUZ_oTe_C4Q0gvw-R9Zn_CrjKOyHfAZV56dqX-V-vXMFZKA44ze4hDb7n_itY6nYARRlDTDLEOETpvsg8GJXmJBocPyJjo3qTLvufqPhmVxx3er1oUJqglpqszms972dqgM5lNiyn1Z2YYHsxzXE6xNY6m-1Ofj13cG1czWAtYa7duv1J-7TdG07AMaIfNSVUic6Y5WEW1QcOnvcU2L20Rx4zlveyqVFCLb36stwAXjsGygjpOfTR9jnMfWdgCIMShRXv6Is3zxr8xKLNVMKlj8K0GNxqw4ckCs5MEldpMKmvcpjkv64q6sL0Q4w59pMN0gKoiKuQbHs7IZJhk_iPldS7adRh7gPYBU6FV1oGjdwsh_1UxGM14L-l1VNknZ2ZHUkMjKJ5-Z4ehkk0_885Bt8zTwV8tnIcKehhwUNH4Fi1C8894ltsL9dIlavBHx0I2CV6CUTXy6WIm01MiCyCf08Q2jHWAcel4pUhx8-XVsuYKjHiOihhUjWtlO4Mgzto2Lkpi2oiZTSVDBy4UdQM22BMNOkqgdidpkNxMmNMU5AnqxqenF_pLxTzAm8Z5RC4jSv42157JflMipq0iAl_BcV8Jn8Q6PsDyUuzD-1SvJ4LkidgQNuQY82RTEJnIQvHe36f0kNbRUUkqKglEgc_nT7Sd5QmQC4WNow4nYcD1qQ83ecw_Q1DfSARENR9dKNF1l5pHFObaNnohBxxlEto9ppPEy86J9iwa_6mj_mBXPvF6DbprawS293ugiydqBeJdPJbRV4AtuYQOyTLJuxt6Gbh9VahPGYwLoyhMAmWZhggmbwxBEOJonwd0GUI4t7qI7qUMkcjg645rLnz-jJM7WQP3Urrkk8Z1TL9OkE-tw6Wizr0Zo7P2ZU052ZQjYIhX9Yll22job4eRBmf1KWuqjQt1ZI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://qrcode.onl.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5D37 42 B
64 B 41ms
40ms Fetch
image/gif 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_rdIlbTylMyH36uZfTypcmcVRkwYFi2FqWSzH2rdIuA0TbBiD7pwZqWFdPBCvz6MCRX2J-V_sZ8Gvmr0crxYKbAgtTvy7Nqec3ooc77Db_eZMukC0z9LJfsBSwPdHhA6lSWY&sai=AMfl-YQM6C1G1oDdCDw_YIsJLU4mAca-fr49uZbxIg8NvsvP48zDY8Rn-siEjLlhqjXhMtk0A4mGuokcv1HL&sig=Cg0ArKJSzJXkBW7DHSNzEAE&cid=CAQSGwBygQiDynxr-b3-xP57xHkR5eTlT-t5D6d1rRgB&id=lidar2&mcvt=1000&p=0,0,60,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230515&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1186461218&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684210600481&rpt=1489&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 04:16:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onl.la/	1970-01-20 21:26:10	Name: _ga Value: GA1.1.1381042719.1684210600
.onl.la/	1970-01-20 21:26:10	Name: _ga_H2NMEFG44P Value: GS1.1.1684210600.1.0.1684210600.0.0.0
.onl.la/	1970-01-20 21:11:46	Name: __gads Value: ID=0c7f07fb20da0ae6-221f16d9a7df00e8:T=1684210600:RT=1684210600:S=ALNI_MZJxxmU3doa0sOVp1dJDk-EColdwQ
.onl.la/	1970-01-20 21:11:46	Name: __gpi Value: UID=00000c06dddd1d50:T=1684210600:RT=1684210600:S=ALNI_MZ_KJH2eQMxuWRsU_uNSVDQeFj7kQ
.doubleclick.net/	1970-01-20 21:26:10	Name: IDE Value: AHWqTUkVpEIjyPc059y9F6-iFewfXOqdw4Xvc6UgIh9nnJ5kf8A-tHcMszfXgZ7Pcew
.mathtag.com/	1970-01-20 21:16:05	Name: uuid Value: f7da6463-03aa-4900-82a1-91e17e450dfe
.mathtag.com/	1970-01-20 12:33:22	Name: mt_mop Value: 4:1684210602
.r-ad.ne.jp/	1970-01-20 16:09:22	Name: r_ad_token Value: 54P4Gg013BDAY008kSSQ
.bidswitch.net/	1970-01-20 20:35:46	Name: tuuid Value: 46a3c2c8-8d4a-4e16-86bf-581b4b92adb6
.bidswitch.net/	1970-01-20 20:35:46	Name: c Value: 1684210602
.bidswitch.net/	1970-01-20 20:35:46	Name: tuuid_lu Value: 1684210602
.bidswitch.net/	1970-01-20 11:50:10	Name: google_push Value: ATf1kGNfdYOvfnYLBV5GJCX8LA_MwNks2c0ew4m2wJumS5XV8oCl9_JWBs3jxBwLZlNHgjhnQV4HOAjmAmYWfWqoTGedMruYro8nBRA
.blismedia.com/	1970-01-20 20:35:50	Name: b Value: 646303AAA3DC0AD3E3B565D4BLIS
.doubleclick.net/	1970-01-20 11:50:14	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cs.r-ad.ne.jp
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
im.bluevoox.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
qrcode.onl.la
rtb.openx.net
sync.mathtag.com
tpc.googlesyndication.com
tr.blismedia.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
103.229.205.243
118.27.125.193
142.251.222.2
18.176.234.133
2404:6800:4004:801::2002
2404:6800:4004:813::2002
2404:6800:4004:81c::200e
2404:6800:4004:820::200a
2404:6800:4004:821::2002
2404:6800:4004:821::2004
2404:6800:4004:823::2008
2404:6800:4004:824::2003
2404:6800:4004:824::200a
2404:6800:4004:825::2001
2404:6800:4004:826::2003
2404:6800:4004:827::2002
2404:6800:4004:828::2002
2606:4700::6811:180e
2a03:90c0:9994::9994
34.111.79.67
34.96.105.8
35.186.253.211
35.213.12.39
52.45.175.185
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8
05e9ea4c52a8f03ee30564e95a2561de65606ab42263793f2f550be28af04c7c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a0e2ec1af9a1213c123f00c1587e9f02cb5350c68d74d405892bcfe80d378f8
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1facd00c0fc0e1b97f336c60be4c2273ec3b1ea6ddc846504a681ca78b75e9a0
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
26a0c608e65f7cd3fd762b5cebb468d6b63f20c55e0a9b0ca2ef7a3f82982a2e
28e5b59bb3ad5784257180b11ea3608e4ff9f2120a5c6acbfc4a72379a0cf7cf
2950f8dce0e1036c0931cee085c866be4cbfa31ac333796c7b44a1ba2f8c7f92
3129abb6e1e0027e674b41bddd89a4c401eed653348e02d24fa26c0a25cda5bc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3247d291b5e16684350b23f08c2df498f7cb17c88a1799f9eb89fd5af08b5f81
3341ed3033c346fc8c04c63afabedbf5b3928e31ec20bb1c2278722b4668c83a
3e61e18cd668c36d6cda438bd56729b112503ee2b5b0f2a40011a8b315e3868b
4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950
4a4d911fde54fb248ce602c16bfd778740dffb761dac2711b8763fa1cfddb3ba
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53381e910960aceada2203c8dc0cae9354c42efd7ee5160ae642bb7b57d79f68
548a46089535ae34846d72876c60c2b8655d84edc9f8c285e386eaaa828f6f52
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55fa4ff11112b026ff57bb52fce609b2f2abcff86612282f9908e763dc83c488
5624c7e083c28057455c0ebe9641e6b774da29adf127d9e03500d5081cc27ad2
5d1236b3660bb86b6f0991fb2775214c396ddbeae67ef5c44c4f9dd312fc3ab6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
6d37ee99a8931a2bcaceb61c1f5efb73f56abec4db0755e24e7aa471adb80a19
6d501ae712cfb59aadaef3a382f4963f085b6b1ed6c72223411108cbbc01a7ac
710bb0a373f44eee4c83995024210a2b680e4be6cbf548a987cc5328d8e7ac60
9745254cbcf1ec865d83566072e51794f7b7c5d4d57e1c40afe98bf690848e8e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bbb9fa0e958673ac98015ef569ef0ac82a65392a6bf77b425696a501bd3ef9e
a3407036df414d2846f6503862a9c7b0261d055632f1182121e276e09e37078d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b7b579f3f51f5887ff92b75fbb96a652f626f9c684932499907688b1a0a3b4a0
bde718bbe26419b2789ee42b6816077570326691d41b5d8488df906931dc840a
c0f8f520c8876a74eb54f59706270c0246cd7a2264372c926dc496397222fe06
c984eaaba265d0f33a2ca30ae9d33ea2d7665578d3e0e7e6c6c8594985fe56cc
d602d003c47ed1d7eddbb47dbd71332bf2b92b41cf51d3815d2d9df1dbb4e91b
daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb
dcdd6add2fc283f4cbd04474eb690d4f655822c1cbcc4ab29a58f67445d88572
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9d56c89e8d74788a8e942bc52319e6c922c798bc7861d82810815235ea9c724
e9d606cf07457c8897f18ce13235d7271ce1b8e1f8550c01a3f256f1b2dada3a
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fb657cf75de729086b7bb0c891fb31e0457f82b222b339ccacf978426f2515cf

qrcode.onl.la Open in urlscan Pro 118.27.125.193 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

94 %HTTPS

63 %IPv6

19 Domains

24 Subdomains

21 IPs

5 Countries

795 kBTransfer

2515 kBSize

14 Cookies

4 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

qrcode.onl.la Open in urlscan Pro
118.27.125.193 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

94 %
HTTPS

63 %
IPv6

19
Domains

24
Subdomains

21
IPs

5
Countries

795 kB
Transfer

2515 kB
Size

14
Cookies

66 HTTP transactions
13 data transactions