heli-air.net Open in urlscan Pro
87.118.122.225 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://heli-air.net/
Submission: On November 01 via manual (November 1st 2022, 11:10:41 am UTC) from JP — Scanned from JP

Summary HTTP 218 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 51 IPs in 10 countries across 60 domains to perform 218 HTTP transactions. The main IP is 87.118.122.225, located in Germany and belongs to KEYWEB-AS, DE. The main domain is heli-air.net.

This is the only time heli-air.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	87.118.122.225 87.118.122.225	31103 (KEYWEB-AS) (KEYWEB-AS)
3	2404:6800:400... 2404:6800:4004:820::200e	15169 (GOOGLE) (GOOGLE)
16	2404:6800:400... 2404:6800:4004:801::2002	15169 (GOOGLE) (GOOGLE)
2	95.163.114.204 95.163.114.204	12695 (DINET-AS) (DINET-AS)
1	2404:6800:400... 2404:6800:4004:820::200a	15169 (GOOGLE) (GOOGLE)
2 20	193.3.184.227 193.3.184.227	50214 (QWARTA) (QWARTA)
1 1	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
2 3	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
1	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2606:2800:248... 2606:2800:248:2f:1d8a:787:dc7:17df	15133 (EDGECAST) (EDGECAST)
1 6	2404:6800:400... 2404:6800:4004:825::200e	15169 (GOOGLE) (GOOGLE)
16	2404:6800:400... 2404:6800:4004:825::2002	15169 (GOOGLE) (GOOGLE)
1 2	2404:6800:400... 2404:6800:4004:80a::200e	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:80b::200d	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2404:6800:400... 2404:6800:4004:824::2003	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:822::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:824::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:826::2002	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4004:823::200a	15169 (GOOGLE) (GOOGLE)
25	2404:6800:400... 2404:6800:4004:810::2001	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:80a::2002	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:826::2003	15169 (GOOGLE) (GOOGLE)
3 3	46.4.114.109 46.4.114.109	24940 (HETZNER-AS) (HETZNER-AS)
2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
7	2404:6800:400... 2404:6800:4004:820::2003	15169 (GOOGLE) (GOOGLE)
2 5	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2 4	2404:6800:400... 2404:6800:4004:825::2004	15169 (GOOGLE) (GOOGLE)
2	2620:116:800e... 2620:116:800e:21:6c50:dbee:bef5:203d	16509 (AMAZON-02) (AMAZON-02)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
13	172.217.161.66 172.217.161.66	15169 (GOOGLE) (GOOGLE)
3 3	103.231.99.243 103.231.99.243	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.76.245.45 35.76.245.45	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4004:822::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4007:80f::2003	15169 (GOOGLE) (GOOGLE)
1	64.233.189.157 64.233.189.157	15169 (GOOGLE) (GOOGLE)
2 2	104.88.209.23 104.88.209.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
2 3	203.195.121.142 203.195.121.142	7979 (SERVERS-COM) (SERVERS-COM)
1 1	193.3.184.210 193.3.184.210	50214 (QWARTA) (QWARTA)
2 2	193.232.150.46 193.232.150.46	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
2 2	195.209.108.37 195.209.108.37	52007 (ADRIVER-AS) (ADRIVER-AS)
2	195.209.111.13 195.209.111.13	52007 (ADRIVER-AS) (ADRIVER-AS)
1	2606:4700:303... 2606:4700:3033::ac43:d997	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.88.82.46 23.88.82.46	24940 (HETZNER-AS) (HETZNER-AS)
1	37.18.103.16 37.18.103.16	205675 (HYBRID-AS) (HYBRID-AS)
2	185.15.175.132 185.15.175.132	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2 2	148.251.236.118 148.251.236.118	24940 (HETZNER-AS) (HETZNER-AS)
1 1	148.251.237.106 148.251.237.106	24940 (HETZNER-AS) (HETZNER-AS)
1 1	109.248.237.37 109.248.237.37	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	185.147.80.35 185.147.80.35	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
1 2	95.216.101.186 95.216.101.186	24940 (HETZNER-AS) (HETZNER-AS)
1 1	188.72.107.228 188.72.107.228	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	5.200.50.170 5.200.50.170	48096 (ITGRAD) (ITGRAD)
1 1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
1 2	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
3 3	217.66.147.35 217.66.147.35	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	() ()
3 4	89.108.119.43 89.108.119.43	() ()
1 1	176.9.79.218 176.9.79.218	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.135 31.220.27.135	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	65.109.65.188 65.109.65.188	24940 (HETZNER-AS) (HETZNER-AS)
1	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
1	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
1 2	31.172.81.160 31.172.81.160	() ()
1	2a02:6b8::90 2a02:6b8::90	() ()
1	148.251.217.100 148.251.217.100	() ()
1	139.45.228.100 139.45.228.100	() ()
1 1	23.111.107.44 23.111.107.44	() ()
1 1	216.130.169.24 216.130.169.24	() ()
1 1	2404:6800:400... 2404:6800:4004:823::200e	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:2d::a	15169 (GOOGLE) (GOOGLE)
218	51

38 87.118.122.225 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: ns.km34412-03.keymachine.de

heli-air.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:820::200e (Australia)

ASN15169 (GOOGLE, US)

maps.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2404:6800:4004:801::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.163.114.204 (Russian Federation)

ASN12695 (DINET-AS, RU)

w.uptolike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::200a (Australia)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 193.3.184.227 (Russian Federation) 2 redirects

ASN50214 (QWARTA, RU)

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.204 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:248:2f:1d8a:787:dc7:17df (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:825::200e (Australia) 1 redirects

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2404:6800:4004:825::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:80a::200e (Australia) 1 redirects

ASN15169 (GOOGLE, US)

developers.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:80b::200d (Australia)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:824::2003 (Australia)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:822::2002 (Australia)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:824::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:826::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:823::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2404:6800:4004:810::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:80a::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:826::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.4.114.109 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1271137.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:820::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:825::2004 (Australia) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800e:21:6c50:dbee:bef5:203d (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.217.161.66 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s09-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.231.99.243 (Japan) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.39.36.141 (Los Angeles, United States) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.76.245.45 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-76-245-45.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:822::200a (Australia)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:80f::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.189.157 (United States)

ASN15169 (GOOGLE, US)
PTR: tl-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.88.209.23 (Tokyo, Japan) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-88-209-23.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 203.195.121.142 (Singapore) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.3.184.210 (Russian Federation) 1 redirects

ASN50214 (QWARTA, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.46 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp3.senders.rutube.ru

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.37 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.111.13 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:d997 (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.82.46 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.82.88.23.clients.your-server.de

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.103.16 (Netherlands)

ASN205675 (HYBRID-AS, DE)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.132 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.236.118 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-4.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.237.106 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-1.community.moscow

82874eef-8bd6-4752-a758-487c45e5bb15.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.37 (Moscow, Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.147.80.35 (Russian Federation) 1 redirects

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: ssp2.bestssp.com

ssp.bestssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.216.101.186 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.186.101.216.95.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.72.107.228 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr04.segmento.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.200.50.170 (Moscow, Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation) 1 redirects

ASN16345 (BEE-AS Russia, RU)

1303420aabfe60632a00267b0256029f-sp.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.97.2 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.66.147.35 (St Petersburg, Russian Federation) 3 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-35-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (None, ) 1 redirects

ASN- ()

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 89.108.119.43 (None, ) 3 redirects

ASN- ()

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.79.218 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.218.79.9.176.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.135 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.109.65.188 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.188.65.109.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.160 (None, ) 1 redirects

ASN- ()

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::90 (None, )

ASN- ()

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.217.100 (None, )

ASN- ()

nr.bidderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.228.100 (None, )

ASN- ()

mediatoday.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.107.44 (None, ) 1 redirects

ASN- ()

cs.agency2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.130.169.24 (None, ) 1 redirects

ASN- ()

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:823::200e (Australia) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:2d::a (Australia)

ASN15169 (GOOGLE, US)

r5---sn-oguesn6k.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 167	486 KB
38	heli-air.net heli-air.net	1 MB
29	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 320 bid.g.doubleclick.net — Cisco Umbrella Rank: 698	204 KB
23	acint.net 5 redirects www.acint.net — Cisco Umbrella Rank: 20471 acint.net — Cisco Umbrella Rank: 16210	18 KB
19	google.com 4 redirects maps.google.com — Cisco Umbrella Rank: 3124 apis.google.com — Cisco Umbrella Rank: 172 developers.google.com — Cisco Umbrella Rank: 13433 accounts.google.com — Cisco Umbrella Rank: 126 adservice.google.com — Cisco Umbrella Rank: 134 www.google.com — Cisco Umbrella Rank: 17	316 KB
15	gstatic.com ssl.gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	170 KB
10	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 629 fonts.googleapis.com — Cisco Umbrella Rank: 118 imasdk.googleapis.com — Cisco Umbrella Rank: 468	134 KB
6	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 2098 an.yandex.ru	59 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1007 syndication.twitter.com — Cisco Umbrella Rank: 1255	150 KB
4	aidata.io 3 redirects x01.aidata.io	2 KB
4	mts.ru 4 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 23158 tech.rtb.mts.ru	3 KB
4	adriver.ru 2 redirects ad.adriver.ru — Cisco Umbrella Rank: 10888 ssp.adriver.ru — Cisco Umbrella Rank: 15767	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	188 KB
4	yadro.ru 3 redirects counter.yadro.ru — Cisco Umbrella Rank: 5673	2 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1105 r5---sn-oguesn6k.c.2mdn.net	2 MB
3	upravel.com 3 redirects sync.upravel.com — Cisco Umbrella Rank: 22569 82874eef-8bd6-4752-a758-487c45e5bb15.sync.upravel.com	2 KB
3	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2520	2 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 666	3 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 922	2 KB
2	bumlam.com 1 redirects sync.bumlam.com	1 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 9361	509 B
2	rktch.com 1 redirects ut.rktch.com — Cisco Umbrella Rank: 61084	679 B
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 12027	818 B
2	digitaltarget.ru tag.digitaltarget.ru — Cisco Umbrella Rank: 77507 dmg.digitaltarget.ru Failed	19 KB
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 10753	830 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2645	1 KB
2	adingo.jp 2 redirects cc.adingo.jp — Cisco Umbrella Rank: 4180	763 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 483	973 B
2	openx.net 2 redirects rtb.openx.net — Cisco Umbrella Rank: 2255	581 B
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 989	673 B
2	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 46768	914 B
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 600	142 KB
2	uptolike.com w.uptolike.com — Cisco Umbrella Rank: 105783	12 KB
1	adkernel.com 1 redirects sync.adkernel.com	309 B
1	agency2.ru 1 redirects cs.agency2.ru	753 B
1	mediatoday.ru mediatoday.ru	368 B
1	bidderstack.com nr.bidderstack.com	351 B
1	gnezdo.ru fcgi4.gnezdo.ru — Cisco Umbrella Rank: 33578	190 B
1	new-programmatic.com match.new-programmatic.com — Cisco Umbrella Rank: 26914	215 B
1	bidvol.com 1 redirects ssp.bidvol.com — Cisco Umbrella Rank: 19471	454 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 12216	208 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 11765	176 B
1	beeline.ru 1 redirects 1303420aabfe60632a00267b0256029f-sp.ops.beeline.ru	634 B
1	adlook.me 1 redirects ads.adlook.me — Cisco Umbrella Rank: 35659	201 B
1	rutarget.ru 1 redirects sape-sync.rutarget.ru — Cisco Umbrella Rank: 137184	411 B
1	bestssp.com 1 redirects ssp.bestssp.com — Cisco Umbrella Rank: 42789	304 B
1	adlmerge.com adlmerge.com — Cisco Umbrella Rank: 134342	117 B
1	adlabs.ru 1 redirects stat.adlabs.ru — Cisco Umbrella Rank: 162394	108 B
1	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 14123	333 B
1	republer.com sync.republer.com — Cisco Umbrella Rank: 37312	68 B
1	utraff.com a.utraff.com — Cisco Umbrella Rank: 32207	785 B
1	mail.ru ad.mail.ru — Cisco Umbrella Rank: 5412	764 B
1	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 20216	633 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1394	640 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1047	698 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	17 KB
0	advarkads.com Failed s3.advarkads.com Failed
0	gotechnology.io Failed dmp.gotechnology.io Failed
0	otm-r.com Failed sync.dmp.otm-r.com Failed
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
218	60

	Domain	Requested by
38	heli-air.net	heli-air.net
25	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com
19	www.acint.net	5 redirects heli-air.net www.acint.net
16	pagead2.googlesyndication.com	heli-air.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
13	cm.g.doubleclick.net	heli-air.net googleads.g.doubleclick.net www.acint.net
7	fonts.gstatic.com	fonts.googleapis.com
7	fonts.googleapis.com	googleads.g.doubleclick.net
6	apis.google.com	1 redirects heli-air.net apis.google.com accounts.google.com
5	mc.yandex.ru	2 redirects heli-air.net
5	www.gstatic.com	googleads.g.doubleclick.net
4	x01.aidata.io	3 redirects www.acint.net
4	acint.net	www.acint.net
4	www.google.com	2 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
4	platform.twitter.com	heli-air.net platform.twitter.com
4	counter.yadro.ru	3 redirects heli-air.net
3	sm.rtb.mts.ru	3 redirects
3	ads.betweendigital.com	2 redirects www.acint.net
3	ssum-sec.casalemedia.com	3 redirects
3	image6.pubmatic.com	3 redirects
3	maps.google.com	heli-air.net maps.google.com
2	r5---sn-oguesn6k.c.2mdn.net	heli-air.net
2	sync.bumlam.com	1 redirects www.acint.net
2	redirect.frontend.weborama.fr	2 redirects
2	ut.rktch.com	1 redirects www.acint.net
2	sync.1dmp.io	1 redirects www.acint.net
2	sync.upravel.com	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	ssp.adriver.ru	www.acint.net
2	ad.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	cc.adingo.jp	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	2 redirects
2	cms.quantserve.com	googleads.g.doubleclick.net
2	syndication.twitter.com	platform.twitter.com heli-air.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.jp	pagead2.googlesyndication.com
2	static.xx.fbcdn.net	www.facebook.com
2	accounts.google.com	apis.google.com heli-air.net
2	developers.google.com	1 redirects apis.google.com
2	w.uptolike.com	heli-air.net w.uptolike.com
1	gcdn.2mdn.net	1 redirects
1	sync.adkernel.com	1 redirects
1	cs.agency2.ru	1 redirects
1	mediatoday.ru	www.acint.net
1	nr.bidderstack.com	www.acint.net
1	an.yandex.ru	www.acint.net
1	fcgi4.gnezdo.ru	www.acint.net
1	match.new-programmatic.com	www.acint.net
1	ssp.bidvol.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	exchange.buzzoola.com	1 redirects
1	tech.rtb.mts.ru	1 redirects
1	1303420aabfe60632a00267b0256029f-sp.ops.beeline.ru	1 redirects
1	ads.adlook.me	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	ssp.bestssp.com	1 redirects
1	adlmerge.com	www.acint.net
1	stat.adlabs.ru	1 redirects
1	82874eef-8bd6-4752-a758-487c45e5bb15.sync.upravel.com	1 redirects
1	dm-eu.hybrid.ai	www.acint.net
1	sync.republer.com	www.acint.net
1	a.utraff.com	www.acint.net
1	ad.mail.ru	www.acint.net
1	ssp-rtb.sape.ru	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ssl.gstatic.com	accounts.google.com
1	www.facebook.com	heli-air.net
1	maps.googleapis.com	maps.google.com
0	dmg.digitaltarget.ru Failed	www.acint.net
0	s3.advarkads.com Failed	www.acint.net
0	dmp.gotechnology.io Failed	www.acint.net
0	sync.dmp.otm-r.com Failed	www.acint.net
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
218	81

This site contains links to these domains. Also see Links.

Domain
schoolsupplies.page.tl
kitchenwaremarket.com
www.helpwyz.com
www.cryptohubworld.com
globalcryptowallets.com
www.liveinternet.ru

Subject Issuer	Validity	Valid
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
uptolike.com R3	`2022-08-23` - `2022-11-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.acint.net R3	`2022-10-16` - `2023-01-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-10` - `2022-11-08`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-24` - `2023-01-23`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-11-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
sync.republer.com R3	`2022-10-01` - `2022-12-30`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-26` - `2023-09-26`	a year	crt.sh
tag.digitaltarget.ru R3	`2022-08-23` - `2022-11-21`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
ad.ad-blast.ru R3	`2022-10-16` - `2023-01-14`	3 months	crt.sh
fcgi4.gnezdo.ru R3	`2022-09-08` - `2022-12-07`	3 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-21` - `2023-04-21`	6 months	crt.sh
*.bidderstack.com Go Daddy Secure Certificate Authority - G2	`2021-11-18` - `2022-12-20`	a year	crt.sh
mediatoday.ru R3	`2022-09-06` - `2022-12-05`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-10-18` - `2022-12-27`	2 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh

This page contains 25 frames:

Primary Page: http://heli-air.net/
Frame ID: AD18DBA1F26A461DCF294DA544FB82B5
Requests: 67 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http://heli-air.net/&send=false&layout=box_count&width=50&show_faces=false&action=like&colorscheme=light&font&height=65&locale=en_US
Frame ID: 5EA1A3186B05F8C8A9E230E2A2DF5D14
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20190131/zrt_lookup.html
Frame ID: 7835BE7700ED2E62305C58D0B23C5A45
Requests: 1 HTTP requests in this frame

Frame: https://developers.google.com/
Frame ID: 3F65923944839B9796553D16F86FDBAE
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fheli-air.net&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.P0B2vZm_jJk.O%2Fd%3D1%2Frs%3DAHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA%2Fm%3D__features__
Frame ID: F2E3FEA006125678D953D7E896C0A02B
Requests: 5 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=http%3A%2F%2Fheli-air.net
Frame ID: 1D56D01EEF91F2DA0B10D26A4C404E47
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4432716862039161&output=html&h=180&slotname=7809766765&adk=3647433407&adf=523670212&pi=t.ma~as.7809766765&w=930&lmt=1667301034&format=930x180&url=http%3A%2F%2Fheli-air.net%2F&wgl=1&dt=1667301033736&bpp=5&bdt=1551&idt=282&shv=r20221027&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&correlator=4164455831652&frm=20&pv=2&ga_vid=462220224.1667301034&ga_sid=1667301034&ga_hid=635295232&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=300&ady=444&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44774606%2C44775016&oid=2&pvsid=3443725571182281&tmod=367231412&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=1bI746nqEp&p=http%3A//heli-air.net&dtd=299
Frame ID: 7361B760AFADC1CA0CDD87F5A7C76BC4
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4432716862039161&output=html&h=360&slotname=1800259161&adk=3271423649&adf=1601409732&pi=t.ma~as.1800259161&w=250&lmt=1667301034&format=250x360&url=http%3A%2F%2Fheli-air.net%2F&wgl=1&dt=1667301033741&bpp=1&bdt=1556&idt=299&shv=r20221027&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=930x180&correlator=4164455831652&frm=20&pv=1&ga_vid=462220224.1667301034&ga_sid=1667301034&ga_hid=635295232&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1034&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44774606%2C44775016&oid=2&pvsid=3443725571182281&tmod=367231412&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=N2NDAKSnJR&p=http%3A//heli-air.net&dtd=302
Frame ID: 9455615366C86A14878ABF1C48B8BF94
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4432716862039161&output=html&adk=1812271804&adf=3025194257&lmt=1667301034&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fheli-air.net%2F&ea=0&pra=7&wgl=1&dt=1667301033779&bpp=1&bdt=1594&idt=266&shv=r20221027&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=930x180%2C250x360&nras=1&correlator=4164455831652&frm=20&pv=1&ga_vid=462220224.1667301034&ga_sid=1667301034&ga_hid=635295232&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44774606%2C44775016&oid=2&pvsid=3443725571182281&tmod=367231412&uas=0&nvt=1&fsapi=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=272
Frame ID: 2D44CA1C605205B4FF9EA53A7F54040C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4432716862039161&output=html&h=280&adk=2531513781&adf=710384521&pi=t.aa~a.1381849204~i.39~rp.4&w=683&fwrn=4&fwrnh=100&lmt=1667301034&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2344483488&ad_type=text_image&format=683x280&url=http%3A%2F%2Fheli-air.net%2F&fwr=0&pra=3&rh=171&rw=683&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1667301034526&bpp=1&bdt=2341&idt=1&shv=r20221027&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da543bb861b89a69f-22731d1cf8d7008b%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_MaTcyEV9xmKPDANMFpoNtxGZUfNQw&gpic=UID%3D00000b72eec35254%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_Mbf0PISgGL2iccg9EdStIYFbIBa1w&prev_fmts=930x180%2C250x360%2C0x0&nras=2&correlator=4164455831652&frm=20&pv=1&ga_vid=462220224.1667301034&ga_sid=1667301034&ga_hid=635295232&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=310&ady=3630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44774606%2C44775016&oid=2&pvsid=3443725571182281&tmod=367231412&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=5jyQd5TyTL&p=http%3A//heli-air.net&dtd=6
Frame ID: BE59D29517683FCF2959CD8FCC2F8A6F
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4432716862039161&output=html&h=145&adk=4009089545&adf=1144970151&pi=t.aa~a.683047083~rp.4&w=260&lmt=1667301034&nsk=e285fdba&rafmt=11&pwprc=2344483488&ad_type=text_image&format=260x145&url=http%3A%2F%2Fheli-air.net%2F&pra=3&wgl=1&fa=26&dt=1667301034537&bpp=1&bdt=2352&idt=1&shv=r20221027&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da543bb861b89a69f-22731d1cf8d7008b%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_MaTcyEV9xmKPDANMFpoNtxGZUfNQw&gpic=UID%3D00000b72eec35254%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_Mbf0PISgGL2iccg9EdStIYFbIBa1w&prev_fmts=930x180%2C250x360%2C0x0%2C683x280&nras=3&correlator=4164455831652&frm=20&pv=1&ga_vid=462220224.1667301034&ga_sid=1667301034&ga_hid=635295232&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1034&ady=3875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44774606%2C44775016&oid=2&pvsid=3443725571182281&tmod=367231412&uas=0&nvt=1&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ZBcvPbohsG&p=http%3A//heli-air.net&dtd=9
Frame ID: 3BD88A32DF4A4D94F956B25302946169
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1
Frame ID: F426994FAF767F7A3821E5C16805A49F
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: FF7F573CE814B5B714421CD3F1CF6F8E
Requests: 7 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=10&tc=1
Frame ID: DE1DBE3FC9C7E345F5674CCA8E186F36
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 76DD0D6045A1CE307E2054D436BF530D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Frame ID: 9880DB4C1ED9B60DABAF7D6157E3D607
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Frame ID: AE1C50C26316D371E723258AA16238A3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Frame ID: CFBA7EA0BE1747A93A2AD5C72253305F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F4C7079F0E88C5CD9B86F9C7F0312818
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 54197AB251A3D8DB13C87C7B60FD78EB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Frame ID: 600D5A94F86EE2C68FE8D1D458BD9DD2
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.7dae38096d06923d683a2a807172322a.en.html
Frame ID: 4274E18ACFB4A8493DFB1D2A62EE4B6E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9BFA8BE4C9C640546A7C59600B7EEB48
Requests: 9 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=1303420AABFE60632A00267B0256029F
Frame ID: 39CD8596B884E7D75838E417BF8E8AB0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: BACE225190BF91D224714F2A9F69155C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Helicopters & Aircrafts

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

218
Requests

62 %
HTTPS

38 %
IPv6

60
Domains

81
Subdomains

51
IPs

10
Countries

5134 kB
Transfer

8784 kB
Size

100
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://schoolsupplies.page.tl/
Title: school supplies

Search URL Search Domain Scan URL

URL: https://kitchenwaremarket.com/
Title: Kitchenwaremarket.com

Search URL Search Domain Scan URL

URL: https://www.helpwyz.com/
Title: Social Media Service HelpWYZ

Search URL Search Domain Scan URL

URL: https://www.cryptohubworld.com/payback-ltd/
Title: Payback Ltd

Search URL Search Domain Scan URL

URL: https://globalcryptowallets.com/payback-ltd/
Title: Payback Ltd

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

http://counter.yadro.ru/hit?t17.1;r;s1600*1200*24;uhttp%3A//heli-air.net/;0.44411869353230515 HTTP 302
https://counter.yadro.ru/hit?t17.1;r;s1600*1200*24;uhttp%3A//heli-air.net/;0.44411869353230515 HTTP 302
https://counter.yadro.ru/hit?q;t17.1;r;s1600*1200*24;uhttp%3A//heli-air.net/;0.44411869353230515

Request Chain 42

http://www.facebook.com/plugins/like.php?href=http://heli-air.net/&send=false&layout=box_count&width=50&show_faces=false&action=like&colorscheme=light&font&height=65&locale=en_US HTTP 307
https://www.facebook.com/plugins/like.php?href=http://heli-air.net/&send=false&layout=box_count&width=50&show_faces=false&action=like&colorscheme=light&font&height=65&locale=en_US

Request Chain 49

https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=tall&origin=http%3A%2F%2Fheli-air.net&url=http%3A%2F%2Fheli-air.net%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.P0B2vZm_jJk.O%2Fd%3D1%2Frs%3DAHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA%2Fm%3D__features__ HTTP 301
http://developers.google.com/ HTTP 301
https://developers.google.com/

Request Chain 105

http://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10&tc=1

Request Chain 106

http://www.acint.net/hit/?v=0.4.0&uid=2714e800-6966-439c-920a-a3d7f2042e39&dp=10&tz=%2B00%3A00&nc=94785445&u=http%3A%2F%2Fheli-air.net%2F&r=&rs=1600x1200&t=Helicopters%20%26%20Aircrafts&oE=1&oP=1&dT=2022-11-01T11%3A10%3A34.717&fu=9c465597-04c6-49df-9471-01dab9215c3b HTTP 302
https://www.acint.net/hit/?v=0.4.0&uid=2714e800-6966-439c-920a-a3d7f2042e39&dp=10&tz=%2B00%3A00&nc=94785445&u=http%3A%2F%2Fheli-air.net%2F&r=&rs=1600x1200&t=Helicopters%20%26%20Aircrafts&oE=1&oP=1&dT=2022-11-01T11%3A10%3A34.717&fu=9c465597-04c6-49df-9471-01dab9215c3b

Request Chain 112

http://mc.yandex.ru/metrika/watch.js HTTP 302
https://mc.yandex.ru/metrika/watch.js

Request Chain 114

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 137

https://rtb.openx.net/sync/dds?google_gid=CAESENJI7IZUXKiASTfOHGNnAdg&google_cver=1&google_push=AZmPxg_lUJdVJxvbRgwxJVVRf7C4idli08sKYVdEpQUMKxwCvC8K0WCIemt3DhVtGJRPpF-6avuZKfgaolqFNmWM5MemeqrAazLo HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESENJI7IZUXKiASTfOHGNnAdg&google_cver=1&google_push=AZmPxg_lUJdVJxvbRgwxJVVRf7C4idli08sKYVdEpQUMKxwCvC8K0WCIemt3DhVtGJRPpF-6avuZKfgaolqFNmWM5MemeqrAazLo&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_lUJdVJxvbRgwxJVVRf7C4idli08sKYVdEpQUMKxwCvC8K0WCIemt3DhVtGJRPpF-6avuZKfgaolqFNmWM5MemeqrAazLo&google_hm=2qrDvf7rwXE8p24hLGsvcg==

Request Chain 138

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGduWHJt3cehjxtURhYrXU8&google_cver=1&google_push=AZmPxg_XupixExSlrEyE2cdGpADF9T2LNdoZTFAHTk5kHpXfGg-QL13rB7xvRGvCC4YhaiwUjP26Y31Cz_ZoU-GDT0iiaKrdMiI HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGduWHJt3cehjxtURhYrXU8&google_cver=1&google_push=AZmPxg_XupixExSlrEyE2cdGpADF9T2LNdoZTFAHTk5kHpXfGg-QL13rB7xvRGvCC4YhaiwUjP26Y31Cz_ZoU-GDT0iiaKrdMiI&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FAEYblfIT4-ffvm6MwRfGg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_XupixExSlrEyE2cdGpADF9T2LNdoZTFAHTk5kHpXfGg-QL13rB7xvRGvCC4YhaiwUjP26Y31Cz_ZoU-GDT0iiaKrdMiI

Request Chain 139

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENaePVpB76cEvfGoVE5rjE4&google_cver=1&google_push=AZmPxg_Xu2ii575Ru9NRAAqA8npwgbnn5Ax-NK3e_NT-EvPpE7iXeY2DFel78UWQ3wvgX37tgReIdARxZMyAu1kiW_uURtLaGDDH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlZM1pLUE4tMjAtM1FORg==&google_push=AZmPxg_Xu2ii575Ru9NRAAqA8npwgbnn5Ax-NK3e_NT-EvPpE7iXeY2DFel78UWQ3wvgX37tgReIdARxZMyAu1kiW_uURtLaGDDH

Request Chain 140

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDcBvcnVosjVxVuFVqzILVM&google_cver=1&google_push=AZmPxg8GxUJKXqFxKmkQpAgYHJES-VHbJRYrlZbc5yYX-rij5XcYGlo3AVUwW3wMk0v1s78kAEdewUekQzrka6QagmE6indaBuxu HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDcBvcnVosjVxVuFVqzILVM&google_push=AZmPxg8GxUJKXqFxKmkQpAgYHJES-VHbJRYrlZbc5yYX-rij5XcYGlo3AVUwW3wMk0v1s78kAEdewUekQzrka6QagmE6indaBuxu&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDcBvcnVosjVxVuFVqzILVM&google_hm=Y2D-qwe-C_KWJMNfUGhQmwAAFXkAAAAB&google_nid=index&google_push=AZmPxg8GxUJKXqFxKmkQpAgYHJES-VHbJRYrlZbc5yYX-rij5XcYGlo3AVUwW3wMk0v1s78kAEdewUekQzrka6QagmE6indaBuxu

Request Chain 141

https://cc.adingo.jp/adx/push/?google_gid=CAESEETJzJDahu9KhhFVInusMjg&google_cver=1&google_push=AZmPxg-4lc6560F4rxIPsWpWTQ4cWa6bkO5odoJlhNHc8IM5YHaWItPGrzLwwKVydU1Ff2j0mWcFIAgBijd7YGklP4f6aMVOZToq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg-4lc6560F4rxIPsWpWTQ4cWa6bkO5odoJlhNHc8IM5YHaWItPGrzLwwKVydU1Ff2j0mWcFIAgBijd7YGklP4f6aMVOZToq&google_hm=33095b60b51078f6f8190e44c18874ce

Request Chain 144

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 164

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_rFVj6Zd6ZINJLimTUgYnMJubJhzT9EdZdIVsed3mUZq5tarucLkQ2AQO5vL3fWen4h2fqnaxEEgMkrQQHyYv9JtYpjmS845IDCKEuFXfXdA4MF_DVspPXmXkIM8rceE3lc3go3zEXiORCI1nzgGw&google_gid=CAESEKb78tYLwsAWPdYbvlDPcrg&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_rFVj6Zd6ZINJLimTUgYnMJubJhzT9EdZdIVsed3mUZq5tarucLkQ2AQO5vL3fWen4h2fqnaxEEgMkrQQHyYv9JtYpjmS845IDCKEuFXfXdA4MF_DVspPXmXkIM8rceE3lc3go3zEXiORCI1nzgGw&google_gid=CAESEKb78tYLwsAWPdYbvlDPcrg&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMDExMTEwMzUwMDA5MTMxMzYzMzA3Mw%3D%3D&google_push=AZmPxg_rFVj6Zd6ZINJLimTUgYnMJubJhzT9EdZdIVsed3mUZq5tarucLkQ2AQO5vL3fWen4h2fqnaxEEgMkrQQHyYv9JtYpjmS845IDCKEuFXfXdA4MF_DVspPXmXkIM8rceE3lc3go3zEXiORCI1nzgGw

Request Chain 166

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEN6jRZMrss25WMCC_vhg1H8&google_cver=1&google_push=AZmPxg8qPdaOolN-OTzTXGpTdKhpZEZpObezFgJr-RxoEDamuAXDf4glR0IBZEGV6tjrjJX4RcfsoPjcuzfUnswr9yYlzQVld7FvhwgD__LvNy_zDkROvRR1wSX3QX-4GfwM_FKnxipsDKNv5PlmY76LYQo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FAEYblfIT4-ffvm6MwRfGg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8qPdaOolN-OTzTXGpTdKhpZEZpObezFgJr-RxoEDamuAXDf4glR0IBZEGV6tjrjJX4RcfsoPjcuzfUnswr9yYlzQVld7FvhwgD__LvNy_zDkROvRR1wSX3QX-4GfwM_FKnxipsDKNv5PlmY76LYQo

Request Chain 167

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDjQoTrgDHHk5VSTaEBC_Sw&google_cver=1&google_push=AZmPxg_olcTeFjHwv1WR9RRRp2YRsFddteRNObhKMpRgcBZIGKdqbu-chcWnfkAsAlQjZ6aUngJdze5h_0CW0htRYj26jsqpl3KiPyU7BQKg3g4PZiihR1QlbKwgervK-2TPbTADu16sQheD1Jx4iMTTVYM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlZM1pLU1QtUS1LRU1E&google_push=AZmPxg_olcTeFjHwv1WR9RRRp2YRsFddteRNObhKMpRgcBZIGKdqbu-chcWnfkAsAlQjZ6aUngJdze5h_0CW0htRYj26jsqpl3KiPyU7BQKg3g4PZiihR1QlbKwgervK-2TPbTADu16sQheD1Jx4iMTTVYM

Request Chain 168

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPeW6w6aEmsz7Hnbd-4_g5Q&google_cver=1&google_push=AZmPxg8AKpxXXYr1qdnQ2Ixw6D2klVlVAd6O3mfM9lDgP-_pj8BLk6c-WQD1Xm_lKCmspDpiJ-gIyLYzDe4bYEzqeNXlPWtbPf_in2xPr7QtDHtetgwyzzHBXeYXB7PqYBmdbO7fyJvOmGvV2pepR-Z72VU HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPeW6w6aEmsz7Hnbd-4_g5Q&google_hm=Y2D-qwe-C_KWJMNfUGhQmwAAFXkAAAAB&google_nid=index&google_push=AZmPxg8AKpxXXYr1qdnQ2Ixw6D2klVlVAd6O3mfM9lDgP-_pj8BLk6c-WQD1Xm_lKCmspDpiJ-gIyLYzDe4bYEzqeNXlPWtbPf_in2xPr7QtDHtetgwyzzHBXeYXB7PqYBmdbO7fyJvOmGvV2pepR-Z72VU

Request Chain 169

https://cc.adingo.jp/adx/push/?google_gid=CAESEGPgqOdMvJgAbDXVTkHnRuY&google_cver=1&google_push=AZmPxg9pvnJvdZxZnL2Qu74s6IF9qVU-SqdNaxZfh7mHBaiAY6qtYlq9Jt1tcdq0whddvwYwtvuazQGK0xiP-AP9y--c630cafpixNhRb93-pZjxHHKKoZ6Y2aLIwmxZ2dDpuEWdNhZi2LMYg6ydBgA5Ww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg9pvnJvdZxZnL2Qu74s6IF9qVU-SqdNaxZfh7mHBaiAY6qtYlq9Jt1tcdq0whddvwYwtvuazQGK0xiP-AP9y--c630cafpixNhRb93-pZjxHHKKoZ6Y2aLIwmxZ2dDpuEWdNhZi2LMYg6ydBgA5Ww&google_hm=33095b60b51078f6f8190e44c18874ce

Request Chain 171

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=1303420AABFE60632A00267B0256029F HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=1303420AABFE60632A00267B0256029F&crf=1

Request Chain 172

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=1403420AACFE60632400DA9702128D14

Request Chain 173

https://px.adhigh.net/p/cm/sape?u=1303420AABFE60632A00267B0256029F HTTP 302
https://px.adhigh.net/p/cm/sape?u=1303420AABFE60632A00267B0256029F&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=uLygHEMBRZEz.AikABlGEMuLR3g

Request Chain 175

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4560787694 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=Ara2izIfBvDzc8EmubhfmNQ&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1303420AABFE60633400817E020E210E

Request Chain 181

https://sync.upravel.com/sape/sync HTTP 302
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP 302
https://82874eef-8bd6-4752-a758-487c45e5bb15.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP 302
https://www.acint.net/match?dp=71&euid=82874eef-8bd6-4752-a758-487c45e5bb15

Request Chain 183

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=1303420AABFE60632A00267B0256029F HTTP 302
https://adlmerge.com/merge_gpsid/?sid=50&id=1303420AABFE60632A00267B0256029F

Request Chain 185

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP 302
https://www.acint.net/match?dp=95&euid=IOGQXNCF

Request Chain 186

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1303420AABFE60632A00267B0256029F HTTP 302
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1303420AABFE60632A00267B0256029F&cs=1

Request Chain 187

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=yycWivVPZQ90

Request Chain 188

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=107&euid=731dfbc8-27e7-5431-83cb-12d6e0abec7d

Request Chain 189

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
https://acint.net/match?dp=110&euid=1363d28d605e453ca2646780c1d6c911

Request Chain 190

https://1303420aabfe60632a00267b0256029f-sp.ops.beeline.ru/p?ssp=sp&id=1303420AABFE60632A00267B0256029F HTTP 301
https://www.acint.net/match?dp=111&euid=d3b02897-cdfa-4b29-aca3-c74196ae135b

Request Chain 191

https://ut.rktch.com/matchspm?pi=1000005&pui=1303420AABFE60632A00267B0256029F HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=769296974 HTTP 302
https://ut.rktch.com/matchspm?pi=1000006&pui=p/mI8b5n9thf3cVeWkDAQe&noredirect

Request Chain 192

https://sm.rtb.mts.ru/p?ssp=sape&id=1303420AABFE60632A00267B0256029F HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=30&exu=1303420AABFE60632A00267B0256029F HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=b6d882f3-26e0-4476-a30c-b81c9162172b&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D2%2526ssp%253Daidata%2526id%253D%2524UID HTTP 302
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID HTTP 302
https://sm.rtb.mts.ru/em?next=30&em=2&ssp=aidata&id=ezcDW/9PudEzhce2cuGJ7Q HTTP 301
https://www.acint.net/match?dp=125&euid=b6d882f3-26e0-4476-a30c-b81c9162172b

Request Chain 193

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=0d8d0f84-7392-482f-5f52-26902f531942

Request Chain 194

https://s.uuidksinc.net/match/396/?remote_uid=1303420AABFE60632A00267B0256029F HTTP 302
https://www.acint.net/match?dp=127&euid=Cm4Gxfb69cFKFihXqSE7

Request Chain 195

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
https://www.acint.net/match?dp=129&euid=tksbcybfop

Request Chain 198

https://x01.aidata.io/0.gif?pid=9401454&id=1303420AABFE60632A00267B0256029F HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=1303420AABFE60632A00267B0256029F&bounce=1 HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=BCA2DAD26DC6823AF183&back=STOP

Request Chain 200

https://sync.bumlam.com/?src=sap1&uid=1303420AABFE60632A00267B0256029F HTTP 302
https://sync.bumlam.com/?src=sap1&s_data=CAIQARiw_YObBmIgMTMwMzQyMEFBQkZFNjA2MzJBMDAyNjdCMDI1NjAyOUaiARDRw6cEWdUR7Y8KACWQyCQ3

Request Chain 204

https://cs.agency2.ru/p?ssp=sp&uid=1303420AABFE60632A00267B0256029F HTTP 301
https://www.acint.net/match?dp=186&euid=5a90e655-5cda-4d63-85a4-4aa78815e1c1

Request Chain 205

https://sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP 302
https://www.acint.net/match?dp=221&euid=A4104669953098215764

Request Chain 207

https://gcdn.2mdn.net/videoplayback/id/ac39d466cb3020d9/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809604885/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/2C014CC77AF977DA90AC3413A5BE8BA6C71E1D15.881560AB700AF06678BB0736A71C2A8F3E86F97F/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-oguesn6k.c.2mdn.net/videoplayback/id/ac39d466cb3020d9/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809604885/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3ED91BC5E2DF42437C7B93435C4CDE150A229688.29E6B50BA10103FBA61A37DDDE180DB5346EB2DA/key/cms1/cms_redirect/yes/mh/dt/mip/2001:ac8:40:b4::4e/mm/42/mn/sn-oguesn6k/ms/onc/mt/1667300697/mv/m/mvi/5/pl/48/file/file.mp4

Request Chain 217

https://mc.yandex.ru/watch/23414332?wmode=7&page-url=http%3A%2F%2Fheli-air.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afp%3A2700%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1631782168714%3Ahid%3A427688877%3Az%3A0%3Ai%3A20221101111037%3Aet%3A1667301037%3Ac%3A1%3Arn%3A918207522%3Arqn%3A1%3Au%3A16673010371047590307%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A507%2C248%2C583%2C249%2C%2C0%2C%2C1338%2C14%2C%2C%2C%2C2926%3Acpf%3A1%3Antf%3A1%3Ans%3A1667301030840%3Arqnl%3A1%3Ast%3A1667301037%3At%3AHelicopters%20%26%20Aircrafts&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fheli-air.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afp%3A2700%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1631782168714%3Ahid%3A427688877%3Az%3A0%3Ai%3A20221101111037%3Aet%3A1667301037%3Ac%3A1%3Arn%3A918207522%3Arqn%3A1%3Au%3A16673010371047590307%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A507%2C248%2C583%2C249%2C%2C0%2C%2C1338%2C14%2C%2C%2C%2C2926%3Acpf%3A1%3Antf%3A1%3Ans%3A1667301030840%3Arqnl%3A1%3Ast%3A1667301037%3At%3AHelicopters%20%26%20Aircrafts&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

Request Chain 219

http://www.acint.net/ping/?v=0.4.0&uid=2714e800-6966-439c-920a-a3d7f2042e39&dp=10&tz=%2B00%3A00&nc=38520273&dT=2022-11-01T11%3A10%3A37.734 HTTP 302
https://www.acint.net/ping/?v=0.4.0&uid=2714e800-6966-439c-920a-a3d7f2042e39&dp=10&tz=%2B00%3A00&nc=38520273&dT=2022-11-01T11%3A10%3A37.734

218 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
heli-air.net/ 44 KB
13 KB 1339ms
583ms Document
text/html 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: 89725a8666796a6366eddd3c8cd42e24ebaeea03efac94c283e17783848f5d19

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 01 Nov 2022 11:10:31 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Link: <http://heli-air.net/wp-json/>; rel="https://api.w.org/" <http://heli-air.net/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <http://heli-air.net/>; rel=shortlink
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK layout.css
heli-air.net/wp-content/plugins/special-recent-posts/css/ 5 KB
1 KB 236ms
235ms Stylesheet
text/css 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://heli-air.net/wp-content/plugins/special-recent-posts/css/layout.css?ver=5.5.1
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: f0b92945f599cd606acb1d5bf60b30d1f6a6b4cee0ff6cb8ea0a29e6903a8cae

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Nov 2015 14:00:09 GMT
Server: Apache
ETag: "121c-52549c2776c40-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1156

GET
H/1.1 200
OK style.min.css
heli-air.net/wp-includes/css/dist/block-library/ 53 KB
8 KB 472ms
237ms Stylesheet
text/css 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://heli-air.net/wp-includes/css/dist/block-library/style.min.css?ver=5.5.1
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Oct 2020 20:25:00 GMT
Server: Apache
ETag: "d293-5b10664a80395-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7907

GET
H/1.1 200
OK default-style.css
heli-air.net/wp-content/plugins/contextual-related-posts/css/ 1 KB
791 B 472ms
235ms Stylesheet
text/css 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://heli-air.net/wp-content/plugins/contextual-related-posts/css/default-style.css?ver=1.0
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: 1f70155e13733ac4d343295b69ef6c33152cfbe26d98c3336629fccd726f44ad

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Oct 2020 20:27:02 GMT
Server: Apache
ETag: "55d-5b1066bec8c6a-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 472

GET
H/1.1 200
OK style.css
heli-air.net/wp-content/plugins/ram108-sape/ 165 B
447 B 486ms
249ms Stylesheet
text/css 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://heli-air.net/wp-content/plugins/ram108-sape/style.css?ver=5.5.1
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: 63186a2fc650b794ae138c5f72e53411f0dfc71dbb1be501f33a58257feb6a09

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Feb 2016 16:42:55 GMT
Server: Apache
ETag: "a5-52b6d20309d3d-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 129

GET
H/1.1 200
OK index.css
heli-air.net/wp-content/themes/heliair/css/ 15 KB
4 KB 474ms
236ms Stylesheet
text/css 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://heli-air.net/wp-content/themes/heliair/css/index.css?ver=5.5.1
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: 168ef7f403eef9b4e6149fbbf8aec1fe280a5d77373bfdef3b560d3cbfe4b905

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Nov 2015 14:47:42 GMT
Server: Apache
ETag: "3c25-5254a6c84bf80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3649

GET
H/1.1 200
OK style.css
heli-air.net/wp-content/themes/heliair/ 13 KB
3 KB 503ms
251ms Stylesheet
text/css 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://heli-air.net/wp-content/themes/heliair/style.css?ver=5.5.1
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: 28bd8b67fd471cb6b3f84c9e273e0539326a01f2f94aa6e48327fc9d01a41145

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Nov 2015 14:47:41 GMT
Server: Apache
ETag: "3320-5254a6c757d40-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2909

GET
H/1.1 200
OK jquery.js Show response
heli-air.net/wp-includes/js/jquery/ 95 KB
33 KB 713ms
241ms Script
application/javascript 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://heli-air.net/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Oct 2020 20:25:00 GMT
Server: Apache
ETag: "17a69-5b10664b37d15-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 33776

GET
H2 200 js Show response
maps.google.com/maps/api/ 161 KB
53 KB 188ms
63ms Script
text/javascript 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps/api/js?sensor=false&ver=3

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

0354877d12384daadaad1741e0a790ec14b5256c0394d3f581a678c4825d87c4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:32 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=15
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53769
x-xss-protection: 0
expires: Tue, 01 Nov 2022 11:40:32 GMT

GET
H/1.1 200
OK wide.css
heli-air.net/wp-content/themes/heliair/css/ 2 KB
1 KB 525ms
263ms Stylesheet
text/css 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://heli-air.net/wp-content/themes/heliair/css/wide.css
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: ad658ae0a54b98392dcad812f6397673986669aa98d96fa47b310049124116c9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Nov 2015 14:47:42 GMT
Server: Apache
ETag: "91b-5254a6c84bf80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 747

GET
H/1.1 200
OK shortcode.css
heli-air.net/wp-content/themes/heliair/css/ 13 KB
2 KB 707ms
235ms Stylesheet
text/css 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://heli-air.net/wp-content/themes/heliair/css/shortcode.css
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: f5e40d4eaf8451b3bf83184a4d0a5c7f53df127042e6bc2ec49c13eb31f28056

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Nov 2015 14:47:42 GMT
Server: Apache
ETag: "3342-5254a6c84bf80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1930

GET
H/1.1 200
OK superfish.js Show response
heli-air.net/wp-content/themes/heliair/js/ 4 KB
2 KB 709ms
236ms Script
application/javascript 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://heli-air.net/wp-content/themes/heliair/js/superfish.js?ver=3.3.1
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: 3e9fb74061133f9dc6c809fb777bdcdc8e02b6812ad5bf39aad5f6c69f1b96dd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Nov 2015 14:47:44 GMT
Server: Apache
ETag: "e82-5254a6ca34400-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1514

GET
H/1.1 404
Not Found smthemes.js
heli-air.net/wp-content/themes/heliair/js/ 0
0 1315ms
828ms Script
text/html 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://heli-air.net/wp-content/themes/heliair/js/smthemes.js?ver=11
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 11:10:32 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <http://heli-air.net/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=98
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK jquery.cycle.all.js Show response
heli-air.net/wp-content/themes/heliair/js/ 52 KB
14 KB 757ms
253ms Script
application/javascript 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://heli-air.net/wp-content/themes/heliair/js/jquery.cycle.all.js
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: 77e4efc5456de102b00a6cca1ee47970c9fc0959efd864edc372dc72ee589fa1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Nov 2015 14:47:44 GMT
Server: Apache
ETag: "d183-5254a6ca34400-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 14071

GET
H/1.1 200
OK arrow-up.png
heli-air.net/wp-content/themes/heliair/images/smt/ 3 KB
3 KB 240ms
239ms Image
image/png 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heli-air.net/wp-content/themes/heliair/images/smt/arrow-up.png
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: 2cc4f88a5c6519c9aafc2e9c7d063e8f229058764e4a9c212c03a616562c32f1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:33 GMT
Last-Modified: Tue, 24 Nov 2015 14:47:45 GMT
Server: Apache
ETag: "ab3-5254a6cb28640"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2739

GET
H/1.1 200
OK logo.png
heli-air.net/wp-content/themes/heliair/images/ 3 KB
3 KB 274ms
271ms Image
image/png 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heli-air.net/wp-content/themes/heliair/images/logo.png
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: c6da11b5e287e4895db93e023adf2c2c0380cc93086dbf9de5fbe5673591ad09

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:33 GMT
Last-Modified: Tue, 24 Nov 2015 14:54:08 GMT
Server: Apache
ETag: "a97-5254a8386a400"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2711

GET
H/1.1 200
OK 1.jpg
heli-air.net/wp-content/themes/heliair/images/slides/ 227 KB
227 KB 254ms
245ms Image
image/jpeg 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heli-air.net/wp-content/themes/heliair/images/slides/1.jpg
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: e669086faead169dcf3788c3cd782b7b4fe99516abaa0b30c90349f731d2214f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:33 GMT
Last-Modified: Tue, 24 Nov 2015 15:06:49 GMT
Server: Apache
ETag: "38b00-5254ab0e29440"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 232192

GET
H/1.1 200
OK 2.jpg
heli-air.net/wp-content/themes/heliair/images/slides/ 127 KB
128 KB 252ms
244ms Image
image/jpeg 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heli-air.net/wp-content/themes/heliair/images/slides/2.jpg
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: 7449a704d1619eabc3e8ba7de945cbfb2ed162adee50b7974db7af85ad1e44cd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:33 GMT
Last-Modified: Tue, 24 Nov 2015 15:06:49 GMT
Server: Apache
ETag: "1fd16-5254ab0e29440"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 130326

GET
H/1.1 200
OK 3.jpg
heli-air.net/wp-content/themes/heliair/images/slides/ 153 KB
153 KB 797ms
262ms Image
image/jpeg 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heli-air.net/wp-content/themes/heliair/images/slides/3.jpg
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: 47d3384aae8baa215c48f66d09d3df4efd2783fe6fda57ea912f92a3a2013414

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:34 GMT
Last-Modified: Tue, 24 Nov 2015 15:06:49 GMT
Server: Apache
ETag: "2626c-5254ab0e29440"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 156268

GET
H/1.1 200
OK 4.jpg
heli-air.net/wp-content/themes/heliair/images/slides/ 116 KB
117 KB 534ms
259ms Image
image/jpeg 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heli-air.net/wp-content/themes/heliair/images/slides/4.jpg
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: c95553bb3c7d5ffb6824bd0ea37e4b3c5513f72a6d7d15edf837146d865fc13b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:34 GMT
Last-Modified: Tue, 24 Nov 2015 15:06:49 GMT
Server: Apache
ETag: "1d19c-5254ab0e29440"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 119196

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 170 KB
58 KB 146ms
100ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

HTTP/1.1

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f634fd86b734aea9355112838f95c68203a3fc88db1d0fb97e86d0254398ab2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 58402
X-XSS-Protection: 0
Server: cafe
ETag: 5767463382084447988
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Tue, 01 Nov 2022 11:10:33 GMT

GET
H/1.1 200
OK zp.js Show response
w.uptolike.com/widgets/v1/ 44 KB
12 KB 1260ms
285ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/zp.js?pid=lf39bae24547d9f341a9460c9b9e92c5c3f751761f
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: d5b8f6eb68c4913c7232e1bc0729e7e179598eec63f586d8e29fa7eeb84fab70

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31556926
Connection: keep-alive

GET
H/1.1 200
OK srpthumb-p246-100x100-no.jpeg
heli-air.net/wp-content/plugins/special-recent-posts/cache/ 3 KB
3 KB 493ms
247ms Image
image/jpeg 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heli-air.net/wp-content/plugins/special-recent-posts/cache/srpthumb-p246-100x100-no.jpeg
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: b70c0b713f4d68e7a2e07103e5a1f0e7cf72886364930ad52a9ae2efb72ef3bc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:34 GMT
Last-Modified: Tue, 24 Nov 2015 16:45:00 GMT
Server: Apache
ETag: "c7d-5254c10041b00"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3197

GET
H/1.1 200
OK srpthumb-p133-100x100-no.jpg
heli-air.net/wp-content/plugins/special-recent-posts/cache/ 2 KB
3 KB 237ms
236ms Image
image/jpeg 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heli-air.net/wp-content/plugins/special-recent-posts/cache/srpthumb-p133-100x100-no.jpg
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: 44637b754166b3086d6b0a92f4dc8adf323521f3e6d7e7f595f6b91c8b203275

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:34 GMT
Last-Modified: Tue, 24 Nov 2015 16:45:00 GMT
Server: Apache
ETag: "902-5254c10041b00"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2306

GET
H/1.1 200
OK srpthumb-p99-100x100-no.jpg
heli-air.net/wp-content/plugins/special-recent-posts/cache/ 3 KB
3 KB 237ms
237ms Image
image/jpeg 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heli-air.net/wp-content/plugins/special-recent-posts/cache/srpthumb-p99-100x100-no.jpg
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: 4e3f1b36efe79a8aab2fc40792f5e47f44faa7bd682669faa9143011d7dc8b0e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:34 GMT
Last-Modified: Tue, 24 Nov 2015 16:45:00 GMT
Server: Apache
ETag: "c94-5254c10041b00"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3220

GET
H/1.1 200
OK srpthumb-p104-100x100-no.jpg
heli-air.net/wp-content/plugins/special-recent-posts/cache/ 3 KB
3 KB 248ms
248ms Image
image/jpeg 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heli-air.net/wp-content/plugins/special-recent-posts/cache/srpthumb-p104-100x100-no.jpg
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: 360fe80954b26ecc8865c62f03ff2d597731f16db08774dda6b4a9b3491e7816

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:34 GMT
Last-Modified: Tue, 24 Nov 2015 16:45:00 GMT
Server: Apache
ETag: "ca8-5254c10041b00"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3240

GET
H/1.1 200
OK srpthumb-p186-100x100-no.jpg
heli-air.net/wp-content/plugins/special-recent-posts/cache/ 2 KB
2 KB 232ms
232ms Image
image/jpeg 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heli-air.net/wp-content/plugins/special-recent-posts/cache/srpthumb-p186-100x100-no.jpg
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: 1b4c5228f44906b78c64eb73cfb50f51e84b562d2829c55dc3c5b7077f7700a0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:35 GMT
Last-Modified: Tue, 24 Nov 2015 16:45:00 GMT
Server: Apache
ETag: "8e5-5254c10041b00"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2277

GET
H/1.1 200
OK wp-embed.min.js Show response
heli-air.net/wp-includes/js/ 1 KB
1 KB 263ms
262ms Script
application/javascript 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://heli-air.net/wp-includes/js/wp-embed.min.js?ver=5.5.1
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Oct 2020 20:25:00 GMT
Server: Apache
ETag: "59a-5b10664aef8d5-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 769

GET
H/1.1 200
OK comment-reply.min.js Show response
heli-air.net/wp-includes/js/ 3 KB
2 KB 252ms
252ms Script
application/javascript 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://heli-air.net/wp-includes/js/comment-reply.min.js?ver=5.5.1
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: d06df4184ba84e09a4be6a6ed101d1c3adefea0eaa833ddecf2f2251f6af33a3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Oct 2020 20:25:00 GMT
Server: Apache
ETag: "b2d-5b10664b37d15-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1313

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
heli-air.net/wp-includes/js/ 14 KB
5 KB 236ms
236ms Script
application/javascript 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://heli-air.net/wp-includes/js/wp-emoji-release.min.js?ver=5.5.1
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Oct 2020 20:25:00 GMT
Server: Apache
ETag: "37a6-5b10664b18915-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 4671

GET
H/1.1 200
OK font.css
heli-air.net/wp-content/themes/heliair/css/ 1 KB
589 B 283ms
262ms Stylesheet
text/css 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://heli-air.net/wp-content/themes/heliair/css/font.css
Requested by: Host: heli-air.net
URL: http://heli-air.net/wp-content/themes/heliair/style.css?ver=5.5.1
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: edb0ad703d78bce114734b1fa88cd9112ecbe866f0411cde6202242d2f0fcffa

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/wp-content/themes/heliair/style.css?ver=5.5.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Nov 2015 14:47:42 GMT
Server: Apache
ETag: "548-5254a6c84bf80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 270

GET
H2 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
447 B 197ms
73ms XHR
application/json 2404:6800:4004:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?sensor=false&ver=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: http://heli-air.net
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H/1.1 200
OK mobile.css
heli-air.net/wp-content/themes/heliair/css/ 2 KB
1 KB 262ms
262ms Stylesheet
text/css 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://heli-air.net/wp-content/themes/heliair/css/mobile.css
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: e09e79965bf00105ca1fb4b3ee3b6611ef61a0e8ad51dd57e6443d61adba12e8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Nov 2015 14:47:42 GMT
Server: Apache
ETag: "9b8-5254a6c84bf80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 912

GET
H/1.1 200
OK tablet.css
heli-air.net/wp-content/themes/heliair/css/ 3 KB
1 KB 264ms
264ms Stylesheet
text/css 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://heli-air.net/wp-content/themes/heliair/css/tablet.css
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: e8e3afc1c8a67f71efdfb77d4f0f8c909bb71789dd2c80d6a9f772ca440afb18

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Nov 2015 14:47:42 GMT
Server: Apache
ETag: "a58-5254a6c84bf80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 945

GET
H/1.1 200
OK search.png
heli-air.net/wp-content/themes/heliair/images/ 1 KB
2 KB 452ms
235ms Image
image/png 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heli-air.net/wp-content/themes/heliair/images/search.png
Requested by: Host: heli-air.net
URL: http://heli-air.net/wp-content/themes/heliair/css/index.css?ver=5.5.1
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: 6f7b77ce49aabc8f764538a8604c586e0217605f45f682fff1a0c941e46cfca1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/wp-content/themes/heliair/css/index.css?ver=5.5.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:33 GMT
Last-Modified: Tue, 24 Nov 2015 14:47:43 GMT
Server: Apache
ETag: "54b-5254a6c9401c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1355

GET
H/1.1 404
Not Found ubuntu-r-webfont.woff2
heli-air.net/wp-content/themes/heliair/css/ 0
0 782ms
579ms Font
text/html 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://heli-air.net/wp-content/themes/heliair/css/ubuntu-r-webfont.woff2
Requested by: Host: heli-air.net
URL: http://heli-air.net/wp-content/themes/heliair/css/font.css
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash

Request headers

Referer: http://heli-air.net/wp-content/themes/heliair/css/font.css
Origin: http://heli-air.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 11:10:33 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <http://heli-air.net/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=96
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 aci.js Show response
www.acint.net/ 22 KB
7 KB 1175ms
284ms Script
application/x-javascript 193.3.184.227
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.227 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:34 GMT
content-encoding: gzip
last-modified: Tue, 25 Oct 2022 14:21:14 GMT
server: openresty
etag: "6357f0da-1d25"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7461
expires: Tue, 01 Nov 2022 23:10:34 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t17.1;r;s1600*1200*24;uhttp%3A//heli-air.net/;0.44411869353230515
https://counter.yadro.ru/hit?t17.1;r;s1600*1200*24;uhttp%3A//heli-air.net/;0.44411869353230515
https://counter.yadro.ru/hit?q;t17.1;r;s1600*1200*24;uhttp%3A//heli-air.net/;0.44411869353230515

188 B
674 B

209ms
208ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t17.1;r;s1600*1200*24;uhttp%3A//heli-air.net/;0.44411869353230515

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

18fe0940eef48896f4182c60bc6052b40a224c05611eadaf0ab751176035230f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 11:10:34 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 188
Expires: Sun, 31 Oct 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 11:10:34 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t17.1;r;s1600*1200*24;uhttp%3A//heli-air.net/;0.44411869353230515
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Sun, 31 Oct 2021 21:00:00 GMT

GET
H/1.1 200
OK slide-right.png
heli-air.net/wp-content/themes/heliair/images/ 1 KB
2 KB 498ms
262ms Image
image/png 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heli-air.net/wp-content/themes/heliair/images/slide-right.png
Requested by: Host: heli-air.net
URL: http://heli-air.net/wp-content/themes/heliair/css/index.css?ver=5.5.1
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: 4d211131414923ef4bf1ee3412242dc70fa5f97b296078830bfe6399d261cadc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/wp-content/themes/heliair/css/index.css?ver=5.5.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:33 GMT
Last-Modified: Tue, 24 Nov 2015 14:47:43 GMT
Server: Apache
ETag: "58b-5254a6c9401c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1419

GET
H/1.1 200
OK slide-left.png
heli-air.net/wp-content/themes/heliair/images/ 1 KB
2 KB 495ms
259ms Image
image/png 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heli-air.net/wp-content/themes/heliair/images/slide-left.png
Requested by: Host: heli-air.net
URL: http://heli-air.net/wp-content/themes/heliair/css/index.css?ver=5.5.1
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: f1b3eb21bd6250426e1e4494a4428fa8f1bb71ba35d7e106d53f291f938fe7ad

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/wp-content/themes/heliair/css/index.css?ver=5.5.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:33 GMT
Last-Modified: Tue, 24 Nov 2015 14:47:43 GMT
Server: Apache
ETag: "58f-5254a6c9401c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1423

GET
H/1.1 200
OK helicopter-vs-aircraft.jpg
heli-air.net/wp-content/uploads/2015/11/ 189 KB
190 KB 658ms
231ms Image
image/jpeg 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heli-air.net/wp-content/uploads/2015/11/helicopter-vs-aircraft.jpg
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: 74f1a361e4fe314845b0aa7d55e47364e5c5a9e95bb40d5e8fec7afb768e90ba

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:34 GMT
Last-Modified: Tue, 24 Nov 2015 15:51:22 GMT
Server: Apache
ETag: "2f53c-5254b50355280"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 193852

GET
H/1.1 200
OK airplans.jpg
heli-air.net/wp-content/uploads/2015/11/ 117 KB
117 KB 237ms
237ms Image
image/jpeg 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heli-air.net/wp-content/uploads/2015/11/airplans.jpg
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: 56fe7ec9d5c4fd3fbaa582a20ae7abf5335bc1b2d5574c6ff75d2de541a4f4dc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:35 GMT
Last-Modified: Tue, 24 Nov 2015 15:52:31 GMT
Server: Apache
ETag: "1d350-5254b54522dc0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 119632

GET
H/1.1 200
OK helicopters.jpg
heli-air.net/wp-content/uploads/2015/11/ 142 KB
142 KB 255ms
254ms Image
image/jpeg 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heli-air.net/wp-content/uploads/2015/11/helicopters.jpg
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: c73c4aeed81fece6d4b0583ac18c7d8950f35b59fea697dc6787a1ff35af2a9a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:35 GMT
Last-Modified: Tue, 24 Nov 2015 15:53:46 GMT
Server: Apache
ETag: "2372e-5254b58ca9680"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 145198

GET
H2

200

like.php Show response
www.facebook.com/plugins/ Frame 5EA1
Redirect Chain

http://www.facebook.com/plugins/like.php?href=http://heli-air.net/&send=false&layout=box_count&width=50&show_faces=false&action=like&colorscheme=light&font&height=65&locale=en_US
https://www.facebook.com/plugins/like.php?href=http://heli-air.net/&send=false&layout=box_count&width=50&show_faces=false&action=like&colorscheme=light&font&height=65&locale=en_US

46 KB
17 KB

277ms
269ms

Document
text/html

2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http://heli-air.net/&send=false&layout=box_count&width=50&show_faces=false&action=like&colorscheme=light&font&height=65&locale=en_US

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

da3dc122dddfe9176ebeb588f7ef4817d9824883544b307fafe1b6f023584e23

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heli-air.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Tue, 01 Nov 2022 11:10:33 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: VXR1AC8nVbAkX5l3N34DpvbQLppc0nCweckbqevBM6oanTl7/SlFLx/oDYlIgTD+iEA9XD07klN3bKWaQpIpgA==
x-fb-rlafr: 0
x-xss-protection: 0

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.facebook.com/plugins/like.php?href=http://heli-air.net/&send=false&layout=box_count&width=50&show_faces=false&action=like&colorscheme=light&font&height=65&locale=en_US
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 309ms
140ms Script
application/javascript 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: HTTP/1.1
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mbw/47A4) /
Resource Hash: 9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:33 GMT
Content-Encoding: gzip
Age: 65
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 29223
x-amzn-internal-status: 304
Last-Modified: Wed, 28 Sep 2022 20:05:37 GMT
Server: ECS (mbw/47A4)
Etag: "f26384f93da6974ed577808dfa1fede5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 146ms
55ms Script
text/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34ef5c96adb1ab0e4676622213390264273bd007d4d09489c4923a69d538acd8

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 01 Nov 2022 11:10:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20987
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "c1b020d722de3a38"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Nov 2022 11:10:33 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/ 353 KB
117 KB 160ms
119ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c9302e65b380bc29556244b1c8c5ba2226c52dd45aaeec46511880631447ccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118883
x-xss-protection: 0
server: cafe
etag: 7006950718531608769
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 11:10:33 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221027/r20190131/ Frame 7835 10 KB
5 KB 52ms
2ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221027/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heli-air.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 69544
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Oct 2022 15:51:29 GMT
etag: 9671129459699598864
expires: Mon, 14 Nov 2022 15:51:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.P0B2vZm_jJk.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA/ 146 KB
50 KB 4ms
4ms Script
text/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.P0B2vZm_jJk.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9853da6f1e470183bfd76acb23b6473a09ac72e2fae8af255b1285a7f1cdfb26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 16:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51265
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 15:24:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 16:39:58 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.P0B2vZm_jJk.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA/ 100 KB
35 KB 6ms
5ms Script
text/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.P0B2vZm_jJk.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09e03115e59331185fc489b1d63d14f7dd982a7f8992af7c98da3365193fa18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 16:40:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35307
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 15:24:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 16:40:24 GMT

GET
H2

200

/
developers.google.com/ Frame 3F65
Redirect Chain

https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=tall&origin=http%3A%2F%2Fheli-air.net&url=http%3A%2F%2Fheli-air.net%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dga...
http://developers.google.com/
https://developers.google.com/

0
0

510ms
469ms

Document
text/html

2404:6800:4004:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://developers.google.com/

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-RnfzI8PKXqnb7I77ciCesCy/KEbynk' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://heli-air.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 22329
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-RnfzI8PKXqnb7I77ciCesCy/KEbynk' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
content-type: text/html; charset=utf-8
date: Tue, 01 Nov 2022 11:10:34 GMT
expires: 0
last-modified: Tue, 01 Nov 2022 08:13:24 GMT
pragma: no-cache
server: Google Frontend
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-cloud-trace-context: 425d3c4cb26399c7753ad36dd68f32a0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Redirect headers

Content-Length: 0
Content-Type: text/html
Date: Tue, 01 Nov 2022 11:10:33 GMT
Location: https://developers.google.com/
Server: Google Frontend
X-Cloud-Trace-Context: 0dcbadcefe9da3133149a7da8a906ce6

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame F2E3 566 B
906 B 138ms
99ms Document
text/html 2404:6800:4004:80b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fheli-air.net&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.P0B2vZm_jJk.O%2Fd%3D1%2Frs%3DAHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.P0B2vZm_jJk.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::200d , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f48fc2f539dbcd2b99a2cd7464dea1ea44b383894f995115c3821a1ab4977ef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VJo7GwHFYDug0EqDzH1nZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heli-air.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-VJo7GwHFYDug0EqDzH1nZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Tue, 01 Nov 2022 11:10:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 5EA1 299 B
706 B 12ms
4ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=http://heli-air.net/&send=false&layout=box_count&width=50&show_faces=false&action=like&colorscheme=light&font&height=65&locale=en_US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:33 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
x-fb-rlafr: 0
x-fb-debug: 8dmq8Pd2tF5Z3/aSPunHyR+fd0AIl25B/s51JukKaevs8gJ+5dKvIEZMPe89nwc3WfMqn1SvCwpdaHWAp1evZA==
x-fb-trip-id: 382461245
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 27 Oct 2023 03:14:03 GMT

GET
H2 200 ozH53mSt876.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yX/l/en_US/ Frame 5EA1 540 KB
141 KB 10ms
5ms XHR
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yX/l/en_US/ozH53mSt876.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7f513efbaa9169a5bae761b1240877199694d14910b4dc9e989b43ee98d60bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: by8NXq66R/CiobWklAaa4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 143679
x-fb-rlafr: 0
x-fb-debug: wxgzVzl2+YzGzvS24MtN6uQyw5yhAhI1cYv2y5w7wWdbe2jIBKetwI28R3k0x1Ik61Gr0CMsxGuzV2U3LYFOCg==
x-fb-trip-id: 382461245
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 Oct 2023 16:50:45 GMT

GET
H/1.1 200
OK widget_iframe.7dae38096d06923d683a2a807172322a.html Show response
platform.twitter.com/widgets/ Frame 1D56 320 KB
104 KB 564ms
143ms Document
text/html 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=http%3A%2F%2Fheli-air.net
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mbw/479E) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: http://heli-air.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1038392
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Tue, 01 Nov 2022 11:10:34 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mbw/479E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

POST
H3 204 cspreport
accounts.google.com/o/ Frame F2E3 0
20 B 154ms
111ms Other
text/html 2404:6800:4004:80b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::200d , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gwTJxyoHOZBu6BR93Z1BmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fheli-air.net&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.P0B2vZm_jJk.O%2Fd%3D1%2Frs%3DAHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA%2Fm%3D__features__
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-gwTJxyoHOZBu6BR93Z1BmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1832714284-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame F2E3 10 KB
5 KB 83ms
4ms Script
text/javascript 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fheli-air.net&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.P0B2vZm_jJk.O%2Fd%3D1%2Frs%3DAHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 07:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 532406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4294
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 08:09:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 07:17:08 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame F2E3 17 KB
7 KB 56ms
55ms Script
text/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52c2be759f6ad87888eab50463512864f47c4a9db42c567acd106e45410bed80

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 01 Nov 2022 11:10:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6899
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "ca731a140f3f79c4"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Nov 2022 11:10:34 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
698 B 199ms
38ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=heli-air.net&callback=_gfp_s_&client=ca-pub-4432716862039161&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03c5fabcefe12265688346a415bddb16a476ddef8425967f65621cc75012155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 161ms
41ms Script
application/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=heli-air.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 119ms
39ms Script
application/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=heli-air.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7361 81 KB
30 KB 620ms
580ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4432716862039161&output=html&h=180&slotname=7809766765&adk=3647433407&adf=523670212&pi=t.ma~as.7809766765&w=930&lmt=1667301034&format=930x180&url=http%3A%2F%2Fheli-air.net%2F&wgl=1&dt=1667301033736&bpp=5&bdt=1551&idt=282&shv=r20221027&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&correlator=4164455831652&frm=20&pv=2&ga_vid=462220224.1667301034&ga_sid=1667301034&ga_hid=635295232&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=300&ady=444&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44774606%2C44775016&oid=2&pvsid=3443725571182281&tmod=367231412&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=1bI746nqEp&p=http%3A//heli-air.net&dtd=299

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

159b41c5f01da32367b70d6701dde4f9a5ff547d3dd6b2ff03ee546cf2146ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heli-air.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30667
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 11:10:34 GMT
expires: Tue, 01 Nov 2022 11:10:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9455 95 KB
33 KB 541ms
509ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4432716862039161&output=html&h=360&slotname=1800259161&adk=3271423649&adf=1601409732&pi=t.ma~as.1800259161&w=250&lmt=1667301034&format=250x360&url=http%3A%2F%2Fheli-air.net%2F&wgl=1&dt=1667301033741&bpp=1&bdt=1556&idt=299&shv=r20221027&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=930x180&correlator=4164455831652&frm=20&pv=1&ga_vid=462220224.1667301034&ga_sid=1667301034&ga_hid=635295232&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1034&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44774606%2C44775016&oid=2&pvsid=3443725571182281&tmod=367231412&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=N2NDAKSnJR&p=http%3A//heli-air.net&dtd=302

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21c7d73680f2100456a479b987c70afc00fed06a150e2b594aab0288aaec2fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heli-air.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33371
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 11:10:34 GMT
expires: Tue, 01 Nov 2022 11:10:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
36ms Image
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fheli-air.net%2F&tn=DIV&id=scrollUp&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 76ms
40ms Image
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fheli-air.net%2F&tn=DIV&id=scrollUp&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2D44 174 KB
46 KB 388ms
363ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4432716862039161&output=html&adk=1812271804&adf=3025194257&lmt=1667301034&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fheli-air.net%2F&ea=0&pra=7&wgl=1&dt=1667301033779&bpp=1&bdt=1594&idt=266&shv=r20221027&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=930x180%2C250x360&nras=1&correlator=4164455831652&frm=20&pv=1&ga_vid=462220224.1667301034&ga_sid=1667301034&ga_hid=635295232&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44774606%2C44775016&oid=2&pvsid=3443725571182281&tmod=367231412&uas=0&nvt=1&fsapi=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=272

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0bdf714152b28168ab3607dce92a40680766ffef938d43d0f39cbcdf430397b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heli-air.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46768
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 11:10:34 GMT
expires: Tue, 01 Nov 2022 11:10:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.P0B2vZm_jJk.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA/ Frame F2E3 54 KB
19 KB 3ms
3ms Script
text/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.P0B2vZm_jJk.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

719bdb34bfb0e2de7bdc2ff4d7e75b325e995ea832b6533b84d02715700e103d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:14:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19175
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 15:24:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 20:14:14 GMT

GET
H/1.1 200
OK ubuntu-r-webfont.woff
heli-air.net/wp-content/themes/heliair/css/ 36 KB
36 KB 407ms
235ms Font
application/font-woff 87.118.122.225
KEYWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://heli-air.net/wp-content/themes/heliair/css/ubuntu-r-webfont.woff
Requested by: Host: heli-air.net
URL: http://heli-air.net/wp-content/themes/heliair/css/font.css
Protocol: HTTP/1.1
Server: 87.118.122.225 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: ns.km34412-03.keymachine.de
Software: Apache /
Resource Hash: 64f324e9652423dabe3779020df730bb3b7e7cdb0746836bfda14218a5c64bc1

Request headers

Referer: http://heli-air.net/wp-content/themes/heliair/css/font.css
Origin: http://heli-air.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:34 GMT
Last-Modified: Tue, 24 Nov 2015 14:47:42 GMT
Server: Apache
ETag: "90b0-5254a6c84bf80"
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 37040

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/ 151 KB
51 KB 89ms
89ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

887dc554dfa64d009b65c0649d1021b8d8aace5a6c4445bde485ccb0ba424e71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52400
x-xss-protection: 0
server: cafe
etag: 6004772116570154993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 11:10:34 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
122 B 81ms
43ms Script
application/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=heli-air.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 88ms
47ms Script
application/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=heli-air.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BE59 74 KB
24 KB 774ms
773ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4432716862039161&output=html&h=280&adk=2531513781&adf=710384521&pi=t.aa~a.1381849204~i.39~rp.4&w=683&fwrn=4&fwrnh=100&lmt=1667301034&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2344483488&ad_type=text_image&format=683x280&url=http%3A%2F%2Fheli-air.net%2F&fwr=0&pra=3&rh=171&rw=683&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1667301034526&bpp=1&bdt=2341&idt=1&shv=r20221027&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da543bb861b89a69f-22731d1cf8d7008b%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_MaTcyEV9xmKPDANMFpoNtxGZUfNQw&gpic=UID%3D00000b72eec35254%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_Mbf0PISgGL2iccg9EdStIYFbIBa1w&prev_fmts=930x180%2C250x360%2C0x0&nras=2&correlator=4164455831652&frm=20&pv=1&ga_vid=462220224.1667301034&ga_sid=1667301034&ga_hid=635295232&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=310&ady=3630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44774606%2C44775016&oid=2&pvsid=3443725571182281&tmod=367231412&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=5jyQd5TyTL&p=http%3A//heli-air.net&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50be84b305e1dc71413ebb192c08904add565fe48676b157ed1546b56090873c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heli-air.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 24655
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 11:10:35 GMT
expires: Tue, 01 Nov 2022 11:10:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3BD8 115 KB
43 KB 471ms
470ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4432716862039161&output=html&h=145&adk=4009089545&adf=1144970151&pi=t.aa~a.683047083~rp.4&w=260&lmt=1667301034&nsk=e285fdba&rafmt=11&pwprc=2344483488&ad_type=text_image&format=260x145&url=http%3A%2F%2Fheli-air.net%2F&pra=3&wgl=1&fa=26&dt=1667301034537&bpp=1&bdt=2352&idt=1&shv=r20221027&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da543bb861b89a69f-22731d1cf8d7008b%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_MaTcyEV9xmKPDANMFpoNtxGZUfNQw&gpic=UID%3D00000b72eec35254%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_Mbf0PISgGL2iccg9EdStIYFbIBa1w&prev_fmts=930x180%2C250x360%2C0x0%2C683x280&nras=3&correlator=4164455831652&frm=20&pv=1&ga_vid=462220224.1667301034&ga_sid=1667301034&ga_hid=635295232&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1034&ady=3875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44774606%2C44775016&oid=2&pvsid=3443725571182281&tmod=367231412&uas=0&nvt=1&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ZBcvPbohsG&p=http%3A//heli-air.net&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66269dbfe55d50c358afce5628e9387858f6e4968ea408449f68f8b5fcaacb95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heli-air.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 44307
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 11:10:34 GMT
expires: Tue, 01 Nov 2022 11:10:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 9455 8 KB
968 B 93ms
45ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4432716862039161&output=html&h=360&slotname=1800259161&adk=3271423649&adf=1601409732&pi=t.ma~as.1800259161&w=250&lmt=1667301034&format=250x360&url=http%3A%2F%2Fheli-air.net%2F&wgl=1&dt=1667301033741&bpp=1&bdt=1556&idt=299&shv=r20221027&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=930x180&correlator=4164455831652&frm=20&pv=1&ga_vid=462220224.1667301034&ga_sid=1667301034&ga_hid=635295232&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1034&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44774606%2C44775016&oid=2&pvsid=3443725571182281&tmod=367231412&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=N2NDAKSnJR&p=http%3A//heli-air.net&dtd=302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 01 Nov 2022 11:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 09:53:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Nov 2022 11:10:34 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 9455 2 KB
799 B 139ms
10ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:01:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 00:01:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame 9455 23 KB
10 KB 134ms
5ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 15:21:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 15:21:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 9455 3 KB
1 KB 135ms
10ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 19:56:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 19:56:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 9455 17 KB
7 KB 135ms
6ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 22:40:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 22:40:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9455 153 KB
48 KB 129ms
43ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Nov 2022 11:10:34 GMT

GET
H2 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 9455 33 KB
14 KB 51ms
8ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 17:46:10 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9455 0
0 55ms
55ms Fetch
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CC-83qv5gY8vTBv2NvcAPzJGloAnr576JZ67nqenWD_LO2eWODhABIOWm6SRgifPFhPQToAGRt4C0AcgBCagDAcgDywSqBNQBT9AHx8Xjp0gfBOrgy2MGklgpLFe8dWTgcTiGdLDhgEEZTVeimZTwy5hH3pSSJIj_zXlVxdjEpxUI7QXXYCFc1b945yuxoulUHtTYBK-KBdOGowAucELEkGvX9qv0XLT5lbGG_IZq5Ke1DzFP87NjbUka12Lm2PuvPCMwa-J8KfZXk9mbFi9gmNnB2Qnm9T_VLAH6x_coNKMOUn3BnCYrBtC8f1euPRBCgEziYJGTJLsgv5YLB7CyGbTrZ2QY7bdfPcdaW2C94SbOfcvImbi_qoNSm23ABJ6dm-_iA5IFBAgEGAGSBQQIBRgEoAYugAfXyP_LAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEN-SCtIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi00NDMyNzE2ODYyMDM5MTYxGAA&sigh=XfL64kYx62c&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4432716862039161&output=html&h=360&slotname=1800259161&adk=3271423649&adf=1601409732&pi=t.ma~as.1800259161&w=250&lmt=1667301034&format=250x360&url=http%3A%2F%2Fheli-air.net%2F&wgl=1&dt=1667301033741&bpp=1&bdt=1556&idt=299&shv=r20221027&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=930x180&correlator=4164455831652&frm=20&pv=1&ga_vid=462220224.1667301034&ga_sid=1667301034&ga_hid=635295232&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1034&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44774606%2C44775016&oid=2&pvsid=3443725571182281&tmod=367231412&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=N2NDAKSnJR&p=http%3A//heli-air.net&dtd=302
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 01 Nov 2022 11:10:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 01 Nov 2022 11:10:34 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16997614574454643664/ Frame 9455 12 KB
12 KB 123ms
12ms Image
image/jpeg 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16997614574454643664/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d115bc231ccfb61d291a6b0c4c02506147d4e4990d7e9ec83aa1d661c34a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:44:16 GMT
x-content-type-options: nosniff
age: 336378
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12578
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 19:38:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 13:44:16 GMT

GET
DATA 200
OK truncated
/ Frame 9455 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9455 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/ Frame F426 10 KB
4 KB 12ms
12ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heli-air.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 73033
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Oct 2022 14:53:21 GMT
etag: 9671129459699598864
expires: Mon, 14 Nov 2022 14:53:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame F426 4 KB
1 KB 43ms
43ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 01 Nov 2022 11:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 09:47:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Nov 2022 11:10:34 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F426 205 B
518 B 9ms
9ms Image
image/png 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 10:03:38 GMT
x-content-type-options: nosniff
age: 4016
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 01 Nov 2023 10:03:38 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F426 604 B
695 B 10ms
9ms Image
image/png 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 22:47:14 GMT
x-content-type-options: nosniff
age: 44600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 31 Oct 2023 22:47:14 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/ Frame F426 19 KB
8 KB 85ms
6ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e70f196596d57a6f3570a0983040f63d9ed88bb9da8849a302ad19fea617dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 05:28:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20525
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8012
x-xss-protection: 0
server: cafe
etag: 16149103330692230356
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 05:28:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7361 4 KB
694 B 46ms
46ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4432716862039161&output=html&h=180&slotname=7809766765&adk=3647433407&adf=523670212&pi=t.ma~as.7809766765&w=930&lmt=1667301034&format=930x180&url=http%3A%2F%2Fheli-air.net%2F&wgl=1&dt=1667301033736&bpp=5&bdt=1551&idt=282&shv=r20221027&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&correlator=4164455831652&frm=20&pv=2&ga_vid=462220224.1667301034&ga_sid=1667301034&ga_hid=635295232&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=300&ady=444&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44774606%2C44775016&oid=2&pvsid=3443725571182281&tmod=367231412&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=1bI746nqEp&p=http%3A//heli-air.net&dtd=299

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 01 Nov 2022 11:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 10:13:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Nov 2022 11:10:34 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 7361 2 KB
847 B 64ms
9ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:01:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 00:01:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7361 0
0 50ms
50ms Fetch
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3xt6qv5gY8jzBpOwvcAPhJyO6A3r576JZ8yL-aqPEPLO2eWODhABIOWm6SRgifPFhPQToAGRt4C0AcgBCagDAcgDy4SAAqoE0QFP0BAveNnpdne4kcZbjPVa08HMQ5zG_1CWdCNu7vCf4w_dkW0qIHfHWkVt_59t2oP9EkpgPPhOonnnkKr_NcoaskkFST-RGL41PnrTm_XbEpYjhH8WNMKyso_0FE-NBkg3CBdI55YPCChTUzZgb7MNj90ZcwjiJnSWnlvGHP5bT2D9XuuN8Qx0fbo8vDZykIlXkyNNr7-_-a-IXa86hpqX-vrepnd3ApjCGHefd69wO3983dpjEFxg79GQ4C8lua88vOYgIvoQj7vvwSlXgZXmEMAEnp2b7-IDkgUECAQYAZIFBAgFGASgBi6AB9fI_8sCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQwLEV0ggPCIBhEAEYHzICigI6AoBAgAoByAsBuBPkA9gTCtAVAYAXAbIXHAoaCAASFHB1Yi00NDMyNzE2ODYyMDM5MTYxGAA&sigh=bpm8qfzoVs4&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4432716862039161&output=html&h=180&slotname=7809766765&adk=3647433407&adf=523670212&pi=t.ma~as.7809766765&w=930&lmt=1667301034&format=930x180&url=http%3A%2F%2Fheli-air.net%2F&wgl=1&dt=1667301033736&bpp=5&bdt=1551&idt=282&shv=r20221027&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&correlator=4164455831652&frm=20&pv=2&ga_vid=462220224.1667301034&ga_sid=1667301034&ga_hid=635295232&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=300&ady=444&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44774606%2C44775016&oid=2&pvsid=3443725571182281&tmod=367231412&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=1bI746nqEp&p=http%3A//heli-air.net&dtd=299
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 01 Nov 2022 11:10:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame 7361 23 KB
9 KB 61ms
7ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 15:21:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 15:21:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 7361 3 KB
1 KB 63ms
9ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 19:56:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 19:56:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 7361 17 KB
7 KB 61ms
7ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 22:40:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 22:40:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7361 153 KB
47 KB 96ms
84ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Nov 2022 11:10:34 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 7361 33 KB
14 KB 44ms
2ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 17:46:10 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16997614574454643664/ Frame 7361 12 KB
13 KB 56ms
11ms Image
image/jpeg 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16997614574454643664/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d115bc231ccfb61d291a6b0c4c02506147d4e4990d7e9ec83aa1d661c34a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:44:16 GMT
x-content-type-options: nosniff
age: 336378
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12578
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 19:38:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 13:44:16 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8372995501092405564/ Frame 7361 3 KB
3 KB 56ms
11ms Image
image/jpeg 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8372995501092405564/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea9394b20f1b52e8e2f483ccd8b8a20f67b3dda56727d853528eece5ea8e53e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:13:04 GMT
x-content-type-options: nosniff
age: 341850
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2849
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 19:41:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 12:13:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FF7F 8 KB
895 B 81ms
43ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 01 Nov 2022 11:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 10:51:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Nov 2022 11:10:34 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame FF7F 2 KB
799 B 33ms
11ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:01:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 00:01:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame FF7F 23 KB
9 KB 29ms
8ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 15:21:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 15:21:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame FF7F 3 KB
1 KB 31ms
10ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 19:56:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 19:56:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame FF7F 17 KB
7 KB 30ms
8ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 22:40:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 22:40:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FF7F 153 KB
47 KB 70ms
70ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Nov 2022 11:10:34 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame FF7F 33 KB
14 KB 14ms
4ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 17:46:10 GMT

GET
H2

200

/ Show response
www.acint.net/mc/ Frame DE1D
Redirect Chain

http://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10&tc=1

4 KB
5 KB

290ms
290ms

Document
text/html

193.3.184.227
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=10&tc=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.227 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: ded45059ec102a9b40b74b747783c5bd60befa7f67124a43144f60129e308e45

Request headers

Referer: http://heli-air.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 01 Nov 2022 11:10:35 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
server: openresty

Redirect headers

content-length: 154
content-type: text/html
date: Tue, 01 Nov 2022 11:10:35 GMT
location: /mc/?dp=10&tc=1
server: openresty

GET
H2

200

/
www.acint.net/hit/
Redirect Chain

http://www.acint.net/hit/?v=0.4.0&uid=2714e800-6966-439c-920a-a3d7f2042e39&dp=10&tz=%2B00%3A00&nc=94785445&u=http%3A%2F%2Fheli-air.net%2F&r=&rs=1600x1200&t=Helicopters%20%26%20Aircrafts&oE=1&oP=1&d...
https://www.acint.net/hit/?v=0.4.0&uid=2714e800-6966-439c-920a-a3d7f2042e39&dp=10&tz=%2B00%3A00&nc=94785445&u=http%3A%2F%2Fheli-air.net%2F&r=&rs=1600x1200&t=Helicopters%20%26%20Aircrafts&oE=1&oP=1&...

43 B
342 B

297ms
297ms

Image
image/gif

193.3.184.227
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.4.0&uid=2714e800-6966-439c-920a-a3d7f2042e39&dp=10&tz=%2B00%3A00&nc=94785445&u=http%3A%2F%2Fheli-air.net%2F&r=&rs=1600x1200&t=Helicopters%20%26%20Aircrafts&oE=1&oP=1&dT=2022-11-01T11%3A10%3A34.717&fu=9c465597-04c6-49df-9471-01dab9215c3b
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: H2
Server: 193.3.184.227 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 01 Nov 2022 11:10:35 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/hit/?v=0.4.0&uid=2714e800-6966-439c-920a-a3d7f2042e39&dp=10&tz=%2B00%3A00&nc=94785445&u=http%3A%2F%2Fheli-air.net%2F&r=&rs=1600x1200&t=Helicopters%20%26%20Aircrafts&oE=1&oP=1&dT=2022-11-01T11%3A10%3A34.717&fu=9c465597-04c6-49df-9471-01dab9215c3b
Date: Tue, 01 Nov 2022 11:10:35 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 1D56 915 B
696 B 377ms
191ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=fb72546e2568cba1851875d9022238fb170a2c9b

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=http%3A%2F%2Fheli-air.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

e7520035e4f26af334db98fcf2635887d960d5ab70a574e651343a7d8f621bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-response-time: 96
date: Tue, 01 Nov 2022 11:10:34 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 01 Nov 2022 11:10:34 GMT
server: tsa_m
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: b736547c357d4e86
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: d24ff5a816476e25b348c5018fab8043ae6a93109a5444be416259d9b8001192
content-length: 375

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 76DD 143 B
166 B 3ms
2ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1963
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 10:37:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7361 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e02b14332b197a441b52b1829a3d28b37fb66b48ec59e7a87b3b53a1f37ebfd9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9455 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65c7c9fe3180050847fdb64c6f181d8ee3d9790a1aec69aac0d1f98eb3ce96d9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 9455 28 KB
28 KB 45ms
5ms Font
font/woff2 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:35:04 GMT
x-content-type-options: nosniff
age: 484530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 20:35:04 GMT

GET
H2

200

watch.js Show response
mc.yandex.ru/metrika/
Redirect Chain

http://mc.yandex.ru/metrika/watch.js
https://mc.yandex.ru/metrika/watch.js

160 KB
57 KB

1263ms
637ms

Script
application/javascript

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a1cf62faca35612e6efc3f6c593cd5c8f99cae0a6405e9e6adb624cb6e874c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
etag: "63575841-e1aa"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 57770
expires: Tue, 01 Nov 2022 12:10:36 GMT

Redirect headers

Location: https://mc.yandex.ru/metrika/watch.js
Content-Length: 0

GET
H/1.1 200
OK version.js Show response
w.uptolike.com/widgets/v1/ 70 B
844 B 280ms
280ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1667301034852290
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=lf39bae24547d9f341a9460c9b9e92c5c3f751761f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 71edadb1ef28809e6ee29e869d0282e8061a21bcd3681a4c996159e6deaad9a9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 11:10:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Connection: keep-alive
Expires: Mon, 31 Oct 2022 16:51:19 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 76DD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

70ms
70ms

Document
text/html

2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 11:10:35 GMT
expires: Tue, 01 Nov 2022 11:10:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 11:10:34 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7361 15 KB
16 KB 10ms
3ms Font
font/woff2 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 19:32:54 GMT
x-content-type-options: nosniff
age: 488260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 19:32:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7361 15 KB
15 KB 10ms
3ms Font
font/woff2 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:33:35 GMT
x-content-type-options: nosniff
age: 441419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 08:33:35 GMT

GET
H3 200 nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response
pagead2.googlesyndication.com/bg/ Frame 9880 36 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:49:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 01:49:59 GMT

GET
H3 200 nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response
pagead2.googlesyndication.com/bg/ Frame AE1C 36 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:49:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 01:49:59 GMT

GET
H3 200 nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response
pagead2.googlesyndication.com/bg/ Frame CFBA 36 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:49:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 01:49:59 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3BD8 11 KB
907 B 50ms
50ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400|Roboto:300,400,500,700&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4432716862039161&output=html&h=145&adk=4009089545&adf=1144970151&pi=t.aa~a.683047083~rp.4&w=260&lmt=1667301034&nsk=e285fdba&rafmt=11&pwprc=2344483488&ad_type=text_image&format=260x145&url=http%3A%2F%2Fheli-air.net%2F&pra=3&wgl=1&fa=26&dt=1667301034537&bpp=1&bdt=2352&idt=1&shv=r20221027&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da543bb861b89a69f-22731d1cf8d7008b%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_MaTcyEV9xmKPDANMFpoNtxGZUfNQw&gpic=UID%3D00000b72eec35254%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_Mbf0PISgGL2iccg9EdStIYFbIBa1w&prev_fmts=930x180%2C250x360%2C0x0%2C683x280&nras=3&correlator=4164455831652&frm=20&pv=1&ga_vid=462220224.1667301034&ga_sid=1667301034&ga_hid=635295232&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1034&ady=3875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44774606%2C44775016&oid=2&pvsid=3443725571182281&tmod=367231412&uas=0&nvt=1&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ZBcvPbohsG&p=http%3A//heli-air.net&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c43b4ac725a783ec233b86a55a66f90d9051252c72bd1ea4ff5b1ca55d25264

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 01 Nov 2022 11:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 11:10:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Nov 2022 11:10:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3BD8 8 KB
716 B 45ms
44ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&text=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 01 Nov 2022 11:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 11:10:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Nov 2022 11:10:35 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 3BD8 35 KB
14 KB 60ms
11ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5645da2fda11aa729057832cf0439ad2899331a14989b6ed5890ad7d9e7e74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 04:07:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25391
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13949
x-xss-protection: 0
server: cafe
etag: 10882980839202096411
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 04:07:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3BD8 153 KB
47 KB 157ms
115ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Nov 2022 11:10:35 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame 3BD8 23 KB
9 KB 49ms
5ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 15:21:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 15:21:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 3BD8 3 KB
1 KB 6ms
6ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 19:56:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 19:56:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 3BD8 17 KB
7 KB 54ms
8ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 22:40:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 22:40:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3BD8 0
0 79ms
37ms Image
text/html 2404:6800:4004:825::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvSqvNcRvkmHv9VTq4arcahjr89Ym_-N77b1_LvTafeoqFSYr89ztFZ1THY1f83v7ALr5x4aCS0ytultySTDPUmxAlog
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4432716862039161&output=html&h=145&adk=4009089545&adf=1144970151&pi=t.aa~a.683047083~rp.4&w=260&lmt=1667301034&nsk=e285fdba&rafmt=11&pwprc=2344483488&ad_type=text_image&format=260x145&url=http%3A%2F%2Fheli-air.net%2F&pra=3&wgl=1&fa=26&dt=1667301034537&bpp=1&bdt=2352&idt=1&shv=r20221027&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da543bb861b89a69f-22731d1cf8d7008b%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_MaTcyEV9xmKPDANMFpoNtxGZUfNQw&gpic=UID%3D00000b72eec35254%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_Mbf0PISgGL2iccg9EdStIYFbIBa1w&prev_fmts=930x180%2C250x360%2C0x0%2C683x280&nras=3&correlator=4164455831652&frm=20&pv=1&ga_vid=462220224.1667301034&ga_sid=1667301034&ga_hid=635295232&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1034&ady=3875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44774606%2C44775016&oid=2&pvsid=3443725571182281&tmod=367231412&uas=0&nvt=1&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ZBcvPbohsG&p=http%3A//heli-air.net&dtd=9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:825::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 15671706373545132836
tpc.googlesyndication.com/daca_images/simgad/ Frame 3BD8 19 KB
19 KB 6ms
6ms Image
image/png 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15671706373545132836

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ebb55bc62e795767274b87380c5fd7c43012bcc1ebcf78942200d26bcd51cd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 06:06:03 GMT
x-content-type-options: nosniff
age: 18272
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19442
x-xss-protection: 0
last-modified: Sat, 06 May 2017 04:45:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Nov 2023 06:06:03 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3BD8 0
0 50ms
50ms Fetch
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CW5Jmqv5gY83II4OOvcAP8ai0gAbo85nyW52ggqOSCvLO2eWODhABIOWm6SRgifPFhPQToAHw0YHcAsgBAagDAcgDwwSqBMUBT9CxGyaSVDM7TcHeSMk99nDb89lpOyI36_6zNJzjfIumFYs_jPWqxeqYkZBvJffuLhNALVhQHht-ICmfnSgXVvVpp6kLs19P4wCfVVQOjzRcqJK5Gv69_i4RxyVKZdG9KbymN3TpOTL0Ant4Sucu71QXa1wR1LAgZTuh9W0tbyJWcItmTZyyKko1la3a_p4OsGHzV5YYw7YJP6u4CEMDhXc1mUdpfqIMfPkGTRr2LqqSyQ7SD0MiiuN9NKeInKgw5CS_jVjABK3F4IOOApIFBAgEGAGSBQQIBRgEoAZRgAf4rf6jAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENKGB9IIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi00NDMyNzE2ODYyMDM5MTYxGAA&sigh=lW8zuEu60HY&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4432716862039161&output=html&h=145&adk=4009089545&adf=1144970151&pi=t.aa~a.683047083~rp.4&w=260&lmt=1667301034&nsk=e285fdba&rafmt=11&pwprc=2344483488&ad_type=text_image&format=260x145&url=http%3A%2F%2Fheli-air.net%2F&pra=3&wgl=1&fa=26&dt=1667301034537&bpp=1&bdt=2352&idt=1&shv=r20221027&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da543bb861b89a69f-22731d1cf8d7008b%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_MaTcyEV9xmKPDANMFpoNtxGZUfNQw&gpic=UID%3D00000b72eec35254%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_Mbf0PISgGL2iccg9EdStIYFbIBa1w&prev_fmts=930x180%2C250x360%2C0x0%2C683x280&nras=3&correlator=4164455831652&frm=20&pv=1&ga_vid=462220224.1667301034&ga_sid=1667301034&ga_hid=635295232&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1034&ady=3875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44774606%2C44775016&oid=2&pvsid=3443725571182281&tmod=367231412&uas=0&nvt=1&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ZBcvPbohsG&p=http%3A//heli-air.net&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 01 Nov 2022 11:10:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3BD8 16 KB
16 KB 43ms
3ms Font
font/woff2 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400|Roboto:300,400,500,700&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 15:51:28 GMT
x-content-type-options: nosniff
age: 328747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 15:51:28 GMT

GET
H/1.1 200
OK button.d2f864f87f544dc0c11d7d712a191c1f.js Show response
platform.twitter.com/js/ 7 KB
3 KB 141ms
140ms Script
application/javascript 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mbw/47A9) /
Resource Hash: 236dca679b9983d1fbea0415d584b17d80f1c6942506fc508a5384db924e8795

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:35 GMT
Content-Encoding: gzip
Age: 1038396
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 2362
Last-Modified: Wed, 28 Sep 2022 20:04:20 GMT
Server: ECS (mbw/47A9)
Etag: "7bb2d17ac20be3bd6ec1079356afecd9+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F4C7 143 B
166 B 7ms
6ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4432716862039161&output=html&h=145&adk=4009089545&adf=1144970151&pi=t.aa~a.683047083~rp.4&w=260&lmt=1667301034&nsk=e285fdba&rafmt=11&pwprc=2344483488&ad_type=text_image&format=260x145&url=http%3A%2F%2Fheli-air.net%2F&pra=3&wgl=1&fa=26&dt=1667301034537&bpp=1&bdt=2352&idt=1&shv=r20221027&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da543bb861b89a69f-22731d1cf8d7008b%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_MaTcyEV9xmKPDANMFpoNtxGZUfNQw&gpic=UID%3D00000b72eec35254%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_Mbf0PISgGL2iccg9EdStIYFbIBa1w&prev_fmts=930x180%2C250x360%2C0x0%2C683x280&nras=3&correlator=4164455831652&frm=20&pv=1&ga_vid=462220224.1667301034&ga_sid=1667301034&ga_hid=635295232&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1034&ady=3875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44774606%2C44775016&oid=2&pvsid=3443725571182281&tmod=367231412&uas=0&nvt=1&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ZBcvPbohsG&p=http%3A//heli-air.net&dtd=9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1964
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 10:37:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5419 1 KB
643 B 7ms
6ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 4277
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 09:59:18 GMT
etag: 48472445140208031
expires: Wed, 02 Nov 2022 09:59:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3BD8 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42caeeda0fe2e2650b29b331c09edc0dac7baedebfb2266e730727c1ec3827d0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 3BD8 16 KB
16 KB 6ms
5ms Font
font/woff2 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400|Roboto:300,400,500,700&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 19:07:08 GMT
x-content-type-options: nosniff
age: 57807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16740
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 19:07:08 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5419 35 B
463 B 247ms
85ms Image
image/gif 2620:116:800e:21:6c50:dbee:bef5:203d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENr4yN_aD3fF9kkr62SDCLU&google_cver=1&google_push=AZmPxg-2llsg_LpdmtVTXsSswk52tk3g4hI9Nh-CimdOnyVSRAE0cqB2USS4L2OvGO0F8kf3bf5gWsv0biFwkGMjIbH63rEbsVM

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:6c50:dbee:bef5:203d , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:35 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5419
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESENJI7IZUXKiASTfOHGNnAdg&google_cver=1&google_push=AZmPxg_lUJdVJxvbRgwxJVVRf7C4idli08sKYVdEpQUMKxwCvC8K0WCIemt3DhVtGJRPpF-6avuZKfgaolqFNmWM5MemeqrAazLo
https://rtb.openx.net/sync/dds?google_gid=CAESENJI7IZUXKiASTfOHGNnAdg&google_cver=1&google_push=AZmPxg_lUJdVJxvbRgwxJVVRf7C4idli08sKYVdEpQUMKxwCvC8K0WCIemt3DhVtGJRPpF-6avuZKfgaolqFNmWM5MemeqrAazLo&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_lUJdVJxvbRgwxJVVRf7C4idli08sKYVdEpQUMKxwCvC8K0WCIemt3DhVtGJRPpF-6avuZKfgaolqFNmWM5MemeqrAazLo&google_hm=2qrDvf7rwXE8p24hLGsvcg==

170 B
232 B

47ms
47ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_lUJdVJxvbRgwxJVVRf7C4idli08sKYVdEpQUMKxwCvC8K0WCIemt3DhVtGJRPpF-6avuZKfgaolqFNmWM5MemeqrAazLo&google_hm=2qrDvf7rwXE8p24hLGsvcg==

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:34 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_lUJdVJxvbRgwxJVVRf7C4idli08sKYVdEpQUMKxwCvC8K0WCIemt3DhVtGJRPpF-6avuZKfgaolqFNmWM5MemeqrAazLo&google_hm=2qrDvf7rwXE8p24hLGsvcg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: e5dd16lm7mvo065afolrp7f5smju8l01

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5419
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FAEYblfIT4-ffvm6MwRfGg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

84ms
56ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FAEYblfIT4-ffvm6MwRfGg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_XupixExSlrEyE2cdGpADF9T2LNdoZTFAHTk5kHpXfGg-QL13rB7xvRGvCC4YhaiwUjP26Y31Cz_ZoU-GDT0iiaKrdMiI

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FAEYblfIT4-ffvm6MwRfGg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_XupixExSlrEyE2cdGpADF9T2LNdoZTFAHTk5kHpXfGg-QL13rB7xvRGvCC4YhaiwUjP26Y31Cz_ZoU-GDT0iiaKrdMiI
date: Tue, 01 Nov 2022 11:10:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5419
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENaePVpB76cEvfGoVE5rjE4&google_cver=1&google_push=AZmPxg_Xu2ii575Ru9NRAAqA8npwgbnn5Ax-NK3e_NT-EvPpE7iXeY2DFel78UWQ3wvgX37tgRe...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlZM1pLUE4tMjAtM1FORg==&google_push=AZmPxg_Xu2ii575Ru9NRAAqA8npwgbnn5Ax-NK3e_NT-EvPpE7iXeY2DFel78UWQ3wvgX37tgReIdARxZMyAu1kiW_uURtLaGDDH

170 B
188 B

46ms
45ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlZM1pLUE4tMjAtM1FORg==&google_push=AZmPxg_Xu2ii575Ru9NRAAqA8npwgbnn5Ax-NK3e_NT-EvPpE7iXeY2DFel78UWQ3wvgX37tgReIdARxZMyAu1kiW_uURtLaGDDH

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlZM1pLUE4tMjAtM1FORg==&google_push=AZmPxg_Xu2ii575Ru9NRAAqA8npwgbnn5Ax-NK3e_NT-EvPpE7iXeY2DFel78UWQ3wvgX37tgReIdARxZMyAu1kiW_uURtLaGDDH
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5419
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDcBvcnVosjVxVuFVqzILVM&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDcBvcnVosjVxVuFVqzILVM&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDcBvcnVosjVxVuFVqzILVM&google_hm=Y2D-qwe-C_KWJMNfUGhQmwAAFXkAAAAB&google_nid=index&google_push=AZmPxg8GxUJKXqFxKmkQpAgYHJES-VHbJRYrl...

170 B
232 B

58ms
58ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDcBvcnVosjVxVuFVqzILVM&google_hm=Y2D-qwe-C_KWJMNfUGhQmwAAFXkAAAAB&google_nid=index&google_push=AZmPxg8GxUJKXqFxKmkQpAgYHJES-VHbJRYrlZbc5yYX-rij5XcYGlo3AVUwW3wMk0v1s78kAEdewUekQzrka6QagmE6indaBuxu

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QK8%2BkbeXw0BoKBQTwmSG1UkBUeizcVN7lyyiMaHkpIrnoozjd%2FgZl3M8VEeYUfnaDP7LZSrck%2Fsef%2FN%2FBSrDrj95uCKwJ7sndk7LpjzcG214g%2BDYakgngZKR233noPZrS2QjHabI0k1b%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDcBvcnVosjVxVuFVqzILVM&google_hm=Y2D-qwe-C_KWJMNfUGhQmwAAFXkAAAAB&google_nid=index&google_push=AZmPxg8GxUJKXqFxKmkQpAgYHJES-VHbJRYrlZbc5yYX-rij5XcYGlo3AVUwW3wMk0v1s78kAEdewUekQzrka6QagmE6indaBuxu
cache-control: no-cache
cf-ray: 76342f4eef0e34f9-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5419
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEETJzJDahu9KhhFVInusMjg&google_cver=1&google_push=AZmPxg-4lc6560F4rxIPsWpWTQ4cWa6bkO5odoJlhNHc8IM5YHaWItPGrzLwwKVydU1Ff2j0mWcFIAgBijd7YGklP4f6aMVOZToq
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg-4lc6560F4rxIPsWpWTQ4cWa6bkO5odoJlhNHc8IM5YHaWItPGrzLwwKVydU1Ff2j0mWcFIAgBijd7YGklP4f6aMVOZToq&google_hm=33095b60b51078f6f81...

170 B
502 B

87ms
47ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg-4lc6560F4rxIPsWpWTQ4cWa6bkO5odoJlhNHc8IM5YHaWItPGrzLwwKVydU1Ff2j0mWcFIAgBijd7YGklP4f6aMVOZToq&google_hm=33095b60b51078f6f8190e44c18874ce

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg-4lc6560F4rxIPsWpWTQ4cWa6bkO5odoJlhNHc8IM5YHaWItPGrzLwwKVydU1Ff2j0mWcFIAgBijd7YGklP4f6aMVOZToq&google_hm=33095b60b51078f6f8190e44c18874ce
date: Tue, 01 Nov 2022 11:10:35 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET googleredir
googlecm.hit.gemius.pl/ Frame 5419 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5419 0
50 B 155ms
52ms Image
text/html 172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ict0mh4F8DBQN0bBYtqHMWqvsQOC9_Z7z_BCaRf8WnxPoP1_Cge6pTSS_BPsADaxLS7Pq8Pg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F4C7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

70ms
69ms

Document
text/html

2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 11:10:35 GMT
expires: Tue, 01 Nov 2022 11:10:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 11:10:35 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response
pagead2.googlesyndication.com/bg/ Frame 600D 36 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:49:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 01:49:59 GMT

GET
H/1.1 200
OK tweet_button.7dae38096d06923d683a2a807172322a.en.html Show response
platform.twitter.com/widgets/ Frame 4274 37 KB
14 KB 155ms
154ms Document
text/html 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.7dae38096d06923d683a2a807172322a.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mbw/47A9) /
Resource Hash: 9ef70c77286b42ad41baf16b6895cf1e921540d159438439a9a31dc05e11ef5a

Request headers

Referer: http://heli-air.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1038399
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13753
Content-Type: text/html; charset=utf-8
Date: Tue, 01 Nov 2022 11:10:35 GMT
Etag: "5f5bf2b99100f854c01f4f321282f861+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:24 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mbw/47A9)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
127 B 213ms
213ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fheli-air.net%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1667301035321%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=fb72546e2568cba1851875d9022238fb170a2c9b

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-response-time: 107
date: Tue, 01 Nov 2022 11:10:34 GMT
strict-transport-security: max-age=631138519
last-modified: Tue, 01 Nov 2022 11:10:35 GMT
server: tsa_m
vary: Origin
content-type: image/gif
x-transaction-id: e9f89bc18b149cad
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: d24ff5a816476e25b348c5018fab8043ae6a93109a5444be416259d9b8001192
content-length: 43

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame BE59 23 KB
9 KB 12ms
11ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4432716862039161&output=html&h=280&adk=2531513781&adf=710384521&pi=t.aa~a.1381849204~i.39~rp.4&w=683&fwrn=4&fwrnh=100&lmt=1667301034&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2344483488&ad_type=text_image&format=683x280&url=http%3A%2F%2Fheli-air.net%2F&fwr=0&pra=3&rh=171&rw=683&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1667301034526&bpp=1&bdt=2341&idt=1&shv=r20221027&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da543bb861b89a69f-22731d1cf8d7008b%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_MaTcyEV9xmKPDANMFpoNtxGZUfNQw&gpic=UID%3D00000b72eec35254%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_Mbf0PISgGL2iccg9EdStIYFbIBa1w&prev_fmts=930x180%2C250x360%2C0x0&nras=2&correlator=4164455831652&frm=20&pv=1&ga_vid=462220224.1667301034&ga_sid=1667301034&ga_hid=635295232&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=310&ady=3630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44774606%2C44775016&oid=2&pvsid=3443725571182281&tmod=367231412&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=5jyQd5TyTL&p=http%3A//heli-air.net&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 15:21:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 15:21:34 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BE59 8 KB
716 B 47ms
46ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 01 Nov 2022 11:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 10:07:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Nov 2022 11:10:35 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/ Frame BE59 14 KB
3 KB 101ms
20ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 10:29:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2442
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 10:41:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 10:29:53 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/ Frame BE59 362 KB
124 KB 102ms
21ms Script
text/javascript 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c216dc2c163cef46ce19c9156c05aa2edfae28210be29ccfbf902a75190293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 12:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126916
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 10:41:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 12:53:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame BE59 17 KB
7 KB 13ms
12ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 22:40:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 22:40:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BE59 0
0 41ms
41ms Image
text/html 2404:6800:4004:825::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSya_d9NIzcK7WvwULfeIla5Roa2R8JYCIZtiGeYNFEMyAbfZmITmxuSGRcmdsyVAsCGi_Wyv6kE0rdQW34Bj4yTx_yrw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4432716862039161&output=html&h=280&adk=2531513781&adf=710384521&pi=t.aa~a.1381849204~i.39~rp.4&w=683&fwrn=4&fwrnh=100&lmt=1667301034&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2344483488&ad_type=text_image&format=683x280&url=http%3A%2F%2Fheli-air.net%2F&fwr=0&pra=3&rh=171&rw=683&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1667301034526&bpp=1&bdt=2341&idt=1&shv=r20221027&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da543bb861b89a69f-22731d1cf8d7008b%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_MaTcyEV9xmKPDANMFpoNtxGZUfNQw&gpic=UID%3D00000b72eec35254%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_Mbf0PISgGL2iccg9EdStIYFbIBa1w&prev_fmts=930x180%2C250x360%2C0x0&nras=2&correlator=4164455831652&frm=20&pv=1&ga_vid=462220224.1667301034&ga_sid=1667301034&ga_hid=635295232&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=310&ady=3630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44774606%2C44775016&oid=2&pvsid=3443725571182281&tmod=367231412&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=5jyQd5TyTL&p=http%3A//heli-air.net&dtd=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:825::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame BE59 0
327 B 754ms
257ms Ping
image/gif 2a00:1450:4007:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=1~l9y3zkkf&c=2848897097623&slotId=1424448548811.5&qqid=CNL6mK_sjPsCFZJaDwIdudoBqg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4007:80f::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:36 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BE59 15 KB
16 KB 14ms
13ms Font
font/woff2 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 19:32:54 GMT
x-content-type-options: nosniff
age: 488261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 19:32:54 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BE59 15 KB
15 KB 14ms
13ms Font
font/woff2 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:33:35 GMT
x-content-type-options: nosniff
age: 441420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 08:33:35 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BE59 0
20 B 43ms
42ms Image
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CFxeBqv5gY9L9IpK1vcAPubWH0ArA0PLxbN-f6s3HEN3dw9G1LhABIOWm6SRgifPFhPQToAGp_-XGAcgBBagDAcgDmwSqBO0BT9BGuX-5mKXiPPi3krOgFDR0C9a7FACH2CMxUl9PNbbZGqtClUonBeIfQr1epsaKZkcHVH3qpmOXN6BNCW9BLQxFrcX3CJKdc4H4Rvyyuov2Y4y9gIu18pzSmxiBJVF-yBZai6hGey8cBiXRdHviDpE5jnxxTum_IhGPYIIO5Qtakuy2XiHtZxnrcuw9ojkDdnd_uMgsgYyvK7BG_13z0jG_5_IXZwRWcspiCNyiHPmvea6ULs2dt4GhS0fYfWtwhMMsUPrufB6AK3_yRFXXYbKXoyQQhX98m_8lUCkzmkJpX9wjX6UQgc5MlWOhwATYgNmTmgTgBAOQBgGgBk6AB7-AmrkCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB8yAooCOgKAQIAKAZgLAcgLAYAMAbAT6t_rENgTDYgUAtgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1667301035506&ai=CFxeBqv5gY9L9IpK1vcAPubWH0ArA0PLxbN-f6s3HEN3dw9G1LhABIOWm6SRgifPFhPQToAGp_-XGAcgBBagDAcgDmwSqBO0BT9BGuX-5mKXiPPi3krOgFDR0C9a7FACH2CMxUl9PNbbZGqtClUonBeIfQr1epsaKZkcHVH3qpmOXN6BNCW9BLQxFrcX3CJKdc4H4Rvyyuov2Y4y9gIu18pzSmxiBJVF-yBZai6hGey8cBiXRdHviDpE5jnxxTum_IhGPYIIO5Qtakuy2XiHtZxnrcuw9ojkDdnd_uMgsgYyvK7BG_13z0jG_5_IXZwRWcspiCNyiHPmvea6ULs2dt4GhS0fYfWtwhMMsUPrufB6AK3_yRFXXYbKXoyQQhX98m_8lUCkzmkJpX9wjX6UQgc5MlWOhwATYgNmTmgTgBAOQBgGgBk6AB7-AmrkCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB8yAooCOgKAQIAKAZgLAcgLAYAMAbAT6t_rENgTDYgUAtgUAdAVAfgWAYAXAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame BE59 29 KB
16 KB 264ms
80ms XHR
text/xml 64.233.189.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-D1aJ90cM61BYvSfwy8oCL8X6zS4VPLecJhvKqykFGv9IcSlcl1PbxcM0sagE-UFtoI_B94pS5mCJX0e-EP6nfw5nWt6A&dbm_d=AKAmf-ALV_DvyYV0X1zaNo2E67-ls_UC63eRwjPVx1-nfnl4XWuUYvPERBhed0agK8KhwB26QT0d0bJyZmizmOfPN8LdBFJFkv35NkDdEaCo2Mz-AvxZqyu5lBZEjjqk-EFJykcHW7Wp96seHxhvBF7fWSJl1CEquP8vTkJLHax-mL775URFmhSGxxZb21obiwqN04QkbEwBh-QrN8z1DPcOVGAARGK2bL1jNOcFC4vjlztYxNaRtqmQhkuIRzo8ABR10CuClP65UJa8Gy7d548C1tEJNq5Zj2_8sbuPSlqCaa97ssnZQQi8AsDPFpn3uzL_-Y468LnjvtLjqEWcvb3ttl9CBC8X7ZyU7l7e7_Dg2Nq01QsfxIT-lXtAuIU1EXtGp0tq8XiajUMzVffovP1kZ5vqlHOPc8sx9ASkqcjJSl_TsxU7--nzfEl1Loltr5OlK_Q1-w76aodtUPZNe3OutIkDwaRm5h00dBimJUCbrKC7h6Olx91YFoaYzpGOpl-T61varypNbyNZz8TNTK9vnGaFHVraEFyLxdOOm2CgMiFiNfA35rvn5S8hYIsZTSZeLZVTS3HWIzYuzNHJ46DRMSePnlfEsYcnXBBqK3k0R2dpqPGZ3pEbF3SRqfjFZY2RK28bR7kBrGHGj0MjQ1KpvsHADZEZsnDjDii884kLZTt1Z0YLlQPnzb-wCAUldcOtV8xP1ZmRdHISv00O0X3GkWBJwLRzI_-0-X9c9EcEnvs6OxGbJ2JBilIC5iX7-teUKM8ek1kMZHdLkNZXSPLnm2fbEbDf3qvOmOOuzE3K9O_HUmLJkRmkUp18YigUNJvKt2zllkMxEgH8alkBR08sdHaqbzPXkFz9-_aIhLaRDZhvC-UPTu2sG92UBtQFa-Rq_kqRm7nqua5K2wGXiy-gnqrlI9kzuonizE6sPVY3EsaZxZG6ipd63dl7vIen6pKyaTgEymfdhS0p1LSP-BZPYPS8h-UwCF5bI_nTPiO8XKf_vbjS7M5bTyFrjOJwFjjUDoX8T_TIHBIRQueYCCPkqa8X_KGJ9qinqTz98nbqZ031V0yhhioyauSz-nw5KczLgLZsQe3rQHSOh-V5oScbwdz4bw6blU_Yf3H7kdD3u-RFI_8TyKXbLTaCu9J4wd2A9Y_rkElRwyg5rGamuWWSBNrKFmdq2n-XqO7e8TmLiZNeL_eauHh1MzByjHdZxdKmpyXD4OSGlpwNgqGVVVN_x6Gv2O1ioKI08vfBQZkD1_QN0_r9SsXpvfKRL8qX5lBS0TAb5mNropc5GLD9ZBBwkyKGnIc66dTLYBmQ2wWrg4rXWjulDZSnk2aTawqU03sBDEaAARCofkz-AJ-x-M_AJow5dq54LvBO65wDwAUJvSBX-z28JySMCmQEHBXxg0QRgQaxXiAjoCCnRLneYGlVCgaF-q3DV-NVEzkt2qsDj9xv7minRl7DTd3oPvtz6f3lEXRBT9bzUesJdsSGKVfueWYVG0Qd5TBp47OAo5LhsqW2JpBsKiXqDIfVv8-aNCrMMxsJj5VjJPW4G2dyIOCas-cDDrY5JjQEcKkyvB669ByCgLSDEe0WKriWTLLvE-G7Mk3kolQThFGpgS70v2dD9Xm7j8NRBqZ7guRifXdiVyzUhx341-GU8K9aZwbsInBwx4gwcNW2oWhifYf2vW0F1Xvmbaxi3KClX3DRayNk86QNVqTjVfFtA-W1iLXJ_JdnwfE5g07eYwk7k5Quqe-cNIK-WrqMaH_GOp_XeXM-JWxl11P8dbS7hYp4dRiR6cXhpBF4t5o53BdJN2eTyvkDnrkbhvcKnWK8WLK37F10vEC27ENTCYGzF7inVZmVnb7dkvIVSEjYT_tqkwNhrEVISi2OY7Jc3taMuR8sLBsGEm4eHkGr0Ou7PImtmUgxQulyO2prSwXl1G6aHYTQRv-TOk9fujHKRrDnuzvcNN8Yl1DTs3jwcUpEByNKsSWtndVxYMzxJa0jkaJs6KaSR0NQqA4yYXXwITgGYV7sS2czdNUH221dvEY8hb0MlesJNpf3BSuD_RNDJ8mw1--lpFOzhVcpDwwYF3Pe9n1BBl4soaLg1V7I9NWsx10a-l_e_VFk-RssPY_ax8vY8dfwPpaqp3bkNcDbWuUz7UAGqANymvhrkztSiIn6lHmzz97w-siTLMqdmXdPJ_tX91euqJq-ZKcBg-jSw9QpxaMOsMa8WgolZM3aHMvsmiizsauvnXr2IV89ELDxYHHozZMS9yTk-WIPTjNvZ-YVahqvY7RTzot4m68EQ7xdHoSEdHo0tHvyBJJwoSYKJ3Tzoqk_pwqgSE6cFV622Jp3owsXJxqBgqrsMSPwVD-pS_-FSIM02uA7U522psLh5Ex1bCZvcs80w0FTykYY19jiPNpu8EEeTK1TSc1J42qb0m0wdEphGoK-qW4ZlMAp32ARiSVWYn6pms1rJ1eB-qzMSwQbvYPxzlZFoeZUKGG8lUOMdzyfpw-bfzbmZoBGbZQGRbZM9tnttIEIWZni_kgcFJWt8zFJ8JJixXNB24HTDI6GNv_876z-FYmGNePh-0jIET58XQa-CeaTyAQQcbE8w-7pWKbnDKNggPa-1Hwko3R52OXluLzDcFvCzxKmv6lZuPi3DMADenMUIDggnh8_QSG_ReMoZNyUfGzrVBLBQ-c2vcIen4POhcwmzxneR-t8TMNLqM0Y33lrEUr8SopGe7dP7X6yfvHqkayMKzmivcCmum1ies0KsN4PQYKD9uK3jYyaePtERlj0h39g117VfaRFTYPn_pGOLHRCQ1AtzXrVKZ9EV5iD-LtOaRkxN9skJnF9oxciRHQRT-6sX_PeaIFzaDiWCd9UoXLLFU7xuzb277IXCxl7QyB6WzjRjE4YcZ17ocW2UP-HEsg0OIPVI6QUFb-p3sjoD_cKXiG0Ah6JBg2HIPrN5FjHeaPr8z1MiY_B_7kENjrcbQGScpNq-U1CLmIAa07hUh8eHL3uBYwj4aZzX2gHiD37Z_p1jdZRJ_Bj-xkRaHxu89l8aNG-MWXcuw4QVxgOjAqJ2xwS4PxsXzslNUqRn65cky8IuZvwT5XR89xB4nJtcW1Ly6Qh33FrS6uPxlz9WTRIN0ew5tGPIh0xNaDzHyNgGt1a-HQ0j7NELKY-0urNopQ7BQ&cid=CAASJeRoFFqeeSaEvk2QlUY1PguAQchy6nVNifK99TxX1Cm5msnOXRk&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.189.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tl-in-f157.1e100.net

Software

cafe /

Resource Hash

70b0ba6a3f6393acadb69b7dd62df654658fe39f56875575a4f3bbbe64425b25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16119
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BE59 0
0 47ms
46ms Fetch
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSbPiqv5gY9L9IpK1vcAPubWH0ArA0PLxbN-f6s3HEN3dw9G1LhABIOWm6SRgifPFhPQToAGp_-XGAcgBBagDAaoE6gFP0Ea5f7mYpeI8-LeSs6AUNHQL1rsUAIfYIzFSX081ttkaq0KVSicF4h9CvV6mxopmRwdUfeqmY5c3oE0Jb0EtDEWtxfcIkp1zgfhG_LK6i_ZjjL2Ai7XynNKbGIElUX7IFlqLqEZ7LxwGJdF0e-IOkTmOfHFO6b8iEY9ggg7lC1qS7LZeIe1nGety7D2iOQN2d3-4yCyBjK8rsEb_XfPSMb_n8hdnBFZyymII3KIc-fd4NGG9X9slX0nsLxraWOsBlY7Vq1fhSjmeL9NO0d5Iqhc5oUQ8wKiz0T3Xr67M4M6O9A9Hec0-po7ABNiA2ZOaBOAEA4gFyL3u6USSBQYIAxABGAGSBQYIGxADGAGSBQoIIhACGAFImKx8kgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAe_gJq5AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEL3GERizi7LVAdIIDwiAYRABGB8yAooCOgKAQIAKAcgLAbAT6t_rEMgT28ib4QPYEw2IFALYFAHQFQGAFwGyFxwKGggAEhRwdWItNDQzMjcxNjg2MjAzOTE2MRgA&sigh=JvhYYZxr3AQ&uach_m=[UACH]&cid=CAQSPADq26N9X9lcSdZt4godDk1ExZjxVJX9G8SLYEW6O7AR4s5O8KifAuxJBBH4-aTtVENn6O5XtxRjczQgOCAT&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4432716862039161&output=html&h=280&adk=2531513781&adf=710384521&pi=t.aa~a.1381849204~i.39~rp.4&w=683&fwrn=4&fwrnh=100&lmt=1667301034&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2344483488&ad_type=text_image&format=683x280&url=http%3A%2F%2Fheli-air.net%2F&fwr=0&pra=3&rh=171&rw=683&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1667301034526&bpp=1&bdt=2341&idt=1&shv=r20221027&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da543bb861b89a69f-22731d1cf8d7008b%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_MaTcyEV9xmKPDANMFpoNtxGZUfNQw&gpic=UID%3D00000b72eec35254%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_Mbf0PISgGL2iccg9EdStIYFbIBa1w&prev_fmts=930x180%2C250x360%2C0x0&nras=2&correlator=4164455831652&frm=20&pv=1&ga_vid=462220224.1667301034&ga_sid=1667301034&ga_hid=635295232&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=310&ady=3630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44774606%2C44775016&oid=2&pvsid=3443725571182281&tmod=367231412&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=5jyQd5TyTL&p=http%3A//heli-air.net&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 01 Nov 2022 11:10:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9BFA 1 KB
643 B 8ms
8ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 4277
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 09:59:18 GMT
etag: 48472445140208031
expires: Wed, 02 Nov 2022 09:59:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4274 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BE59 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cd92114340e2ecf8f29c1627b01a48f12b31e186b032d8552515a93a134e5cf

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9BFA 35 B
210 B 72ms
70ms Image
image/gif 2620:116:800e:21:6c50:dbee:bef5:203d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGSAVUdZ7iQN0UBgHswAot0&google_cver=1&google_push=AZmPxg-Mj-2jy1LUUCskPDvJ17y297zJsawW13zrFzS6oOs6Lrvakz1DoGuG00kvK-UdNwXhiVFi9FDNAJybWvRFFRHjLE7iXdN-sLdQy1j-ppjCmxD2iFM3E3ovpgtEcfiyUHRQNaQ0NbCW49plbz8lCB8

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:6c50:dbee:bef5:203d , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 01 Nov 2022 11:10:35 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9BFA
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_rFVj6...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_rFVj6...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMDExMTEwMzUwMDA5MTMxMzYzMzA3Mw%3D%3D&google_push=AZmPxg_rFVj6Zd6ZINJLimTUgYnMJubJhzT9EdZdIVsed3mUZq5tarucLkQ2AQO5vL3fWe...

170 B
188 B

44ms
44ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMDExMTEwMzUwMDA5MTMxMzYzMzA3Mw%3D%3D&google_push=AZmPxg_rFVj6Zd6ZINJLimTUgYnMJubJhzT9EdZdIVsed3mUZq5tarucLkQ2AQO5vL3fWen4h2fqnaxEEgMkrQQHyYv9JtYpjmS845IDCKEuFXfXdA4MF_DVspPXmXkIM8rceE3lc3go3zEXiORCI1nzgGw

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMDExMTEwMzUwMDA5MTMxMzYzMzA3Mw%3D%3D&google_push=AZmPxg_rFVj6Zd6ZINJLimTUgYnMJubJhzT9EdZdIVsed3mUZq5tarucLkQ2AQO5vL3fWen4h2fqnaxEEgMkrQQHyYv9JtYpjmS845IDCKEuFXfXdA4MF_DVspPXmXkIM8rceE3lc3go3zEXiORCI1nzgGw
pragma: no-cache
date: Tue, 01 Nov 2022 11:10:35 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Tue, 01 Nov 2022 11:10:35 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 9BFA 43 B
640 B 57ms
47ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEGqLj_RXKyrlGuGBYCqUtKY&google_cver=1&google_push=AZmPxg_vfhE23zmDAHUEqm2FV9joIPiyqk2NCkk0_mKNbezReSkojzm_mTxFCzkVhKPAcnAcySkB_Mbbb5UrmLWWXWGxFNqUagcJHev8Wmoxpf7pkvCkBeK39a7zxRw6Vd1qU7kVlYqpOMaY_Bk5Q_Dj-Io
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4432716862039161&output=html&h=280&adk=2531513781&adf=710384521&pi=t.aa~a.1381849204~i.39~rp.4&w=683&fwrn=4&fwrnh=100&lmt=1667301034&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2344483488&ad_type=text_image&format=683x280&url=http%3A%2F%2Fheli-air.net%2F&fwr=0&pra=3&rh=171&rw=683&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1667301034526&bpp=1&bdt=2341&idt=1&shv=r20221027&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da543bb861b89a69f-22731d1cf8d7008b%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_MaTcyEV9xmKPDANMFpoNtxGZUfNQw&gpic=UID%3D00000b72eec35254%3AT%3D1667301034%3ART%3D1667301034%3AS%3DALNI_Mbf0PISgGL2iccg9EdStIYFbIBa1w&prev_fmts=930x180%2C250x360%2C0x0&nras=2&correlator=4164455831652&frm=20&pv=1&ga_vid=462220224.1667301034&ga_sid=1667301034&ga_hid=635295232&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=310&ady=3630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44774606%2C44775016&oid=2&pvsid=3443725571182281&tmod=367231412&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=5jyQd5TyTL&p=http%3A//heli-air.net&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:35 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9BFA
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FAEYblfIT4-ffvm6MwRfGg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

86ms
48ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FAEYblfIT4-ffvm6MwRfGg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8qPdaOolN-OTzTXGpTdKhpZEZpObezFgJr-RxoEDamuAXDf4glR0IBZEGV6tjrjJX4RcfsoPjcuzfUnswr9yYlzQVld7FvhwgD__LvNy_zDkROvRR1wSX3QX-4GfwM_FKnxipsDKNv5PlmY76LYQo

Requested by

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FAEYblfIT4-ffvm6MwRfGg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8qPdaOolN-OTzTXGpTdKhpZEZpObezFgJr-RxoEDamuAXDf4glR0IBZEGV6tjrjJX4RcfsoPjcuzfUnswr9yYlzQVld7FvhwgD__LvNy_zDkROvRR1wSX3QX-4GfwM_FKnxipsDKNv5PlmY76LYQo
date: Tue, 01 Nov 2022 11:10:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9BFA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDjQoTrgDHHk5VSTaEBC_Sw&google_cver=1&google_push=AZmPxg_olcTeFjHwv1WR9RRRp2YRsFddteRNObhKMpRgcBZIGKdqbu-chcWnfkAsAlQjZ6aUngJ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlZM1pLU1QtUS1LRU1E&google_push=AZmPxg_olcTeFjHwv1WR9RRRp2YRsFddteRNObhKMpRgcBZIGKdqbu-chcWnfkAsAlQjZ6aUngJdze5h_0CW0htRYj26jsqpl3KiPyU7B...

170 B
188 B

38ms
38ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlZM1pLU1QtUS1LRU1E&google_push=AZmPxg_olcTeFjHwv1WR9RRRp2YRsFddteRNObhKMpRgcBZIGKdqbu-chcWnfkAsAlQjZ6aUngJdze5h_0CW0htRYj26jsqpl3KiPyU7BQKg3g4PZiihR1QlbKwgervK-2TPbTADu16sQheD1Jx4iMTTVYM

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlZM1pLU1QtUS1LRU1E&google_push=AZmPxg_olcTeFjHwv1WR9RRRp2YRsFddteRNObhKMpRgcBZIGKdqbu-chcWnfkAsAlQjZ6aUngJdze5h_0CW0htRYj26jsqpl3KiPyU7BQKg3g4PZiihR1QlbKwgervK-2TPbTADu16sQheD1Jx4iMTTVYM
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9BFA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPeW6w6aEmsz7Hnbd-4_g5Q&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPeW6w6aEmsz7Hnbd-4_g5Q&google_hm=Y2D-qwe-C_KWJMNfUGhQmwAAFXkAAAAB&google_nid=index&google_push=AZmPxg8AKpxXXYr1qdnQ2Ixw6D2klVlVAd6O3...

170 B
188 B

62ms
43ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPeW6w6aEmsz7Hnbd-4_g5Q&google_hm=Y2D-qwe-C_KWJMNfUGhQmwAAFXkAAAAB&google_nid=index&google_push=AZmPxg8AKpxXXYr1qdnQ2Ixw6D2klVlVAd6O3mfM9lDgP-_pj8BLk6c-WQD1Xm_lKCmspDpiJ-gIyLYzDe4bYEzqeNXlPWtbPf_in2xPr7QtDHtetgwyzzHBXeYXB7PqYBmdbO7fyJvOmGvV2pepR-Z72VU

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnrNPkXwUqdq%2FJwdaUsYVVlD9Jv4nP%2BQ5ZqWUy%2FXF5HmMWTZOmxlpDKFQSlBJM3J1PYmLqpGx%2FWYi1nbNPfnG17r6DfDMdiCjRs4VpKdeDap9Ma0Ud41CxDdjxturJXsBaC2EMKHatjaNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPeW6w6aEmsz7Hnbd-4_g5Q&google_hm=Y2D-qwe-C_KWJMNfUGhQmwAAFXkAAAAB&google_nid=index&google_push=AZmPxg8AKpxXXYr1qdnQ2Ixw6D2klVlVAd6O3mfM9lDgP-_pj8BLk6c-WQD1Xm_lKCmspDpiJ-gIyLYzDe4bYEzqeNXlPWtbPf_in2xPr7QtDHtetgwyzzHBXeYXB7PqYBmdbO7fyJvOmGvV2pepR-Z72VU
cache-control: no-cache
cf-ray: 76342f50385a34f9-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9BFA
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEGPgqOdMvJgAbDXVTkHnRuY&google_cver=1&google_push=AZmPxg9pvnJvdZxZnL2Qu74s6IF9qVU-SqdNaxZfh7mHBaiAY6qtYlq9Jt1tcdq0whddvwYwtvuazQGK0xiP-AP9y--c630cafpix...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg9pvnJvdZxZnL2Qu74s6IF9qVU-SqdNaxZfh7mHBaiAY6qtYlq9Jt1tcdq0whddvwYwtvuazQGK0xiP-AP9y--c630cafpixNhRb93-pZjxHHKKoZ6Y2aLIwmxZ2d...

170 B
188 B

80ms
45ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg9pvnJvdZxZnL2Qu74s6IF9qVU-SqdNaxZfh7mHBaiAY6qtYlq9Jt1tcdq0whddvwYwtvuazQGK0xiP-AP9y--c630cafpixNhRb93-pZjxHHKKoZ6Y2aLIwmxZ2dDpuEWdNhZi2LMYg6ydBgA5Ww&google_hm=33095b60b51078f6f8190e44c18874ce

Requested by

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg9pvnJvdZxZnL2Qu74s6IF9qVU-SqdNaxZfh7mHBaiAY6qtYlq9Jt1tcdq0whddvwYwtvuazQGK0xiP-AP9y--c630cafpixNhRb93-pZjxHHKKoZ6Y2aLIwmxZ2dDpuEWdNhZi2LMYg6ydBgA5Ww&google_hm=33095b60b51078f6f8190e44c18874ce
date: Tue, 01 Nov 2022 11:10:35 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9BFA 0
12 B 88ms
46ms Image
text/html 172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IydXtFUAsH7tNf1_f1GwEWieAbUDBnLRcEg1GAyzhbnSf3EQf8bnBM-ozy5y0XDdi2rIBB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

match
ads.betweendigital.com/ Frame DE1D
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=1303420AABFE60632A00267B0256029F
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=1303420AABFE60632A00267B0256029F&crf=1

68 B
607 B

71ms
70ms

Image
image/png

203.195.121.142
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=1303420AABFE60632A00267B0256029F&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=1303420AABFE60632A00267B0256029F&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame DE1D
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=1403420AACFE60632400DA9702128D14

43 B
269 B

286ms
285ms

Image
image/gif

193.3.184.227
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=1403420AACFE60632400DA9702128D14
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.227 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:37 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Tue, 01 Nov 2022 11:10:36 GMT
Server: openresty
Access-Control-Allow-Methods: GET
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Location: https://acint.net/match?dp=14&euid=1403420AACFE60632400DA9702128D14
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame DE1D
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=1303420AABFE60632A00267B0256029F
https://px.adhigh.net/p/cm/sape?u=1303420AABFE60632A00267B0256029F&bounced=1
https://acint.net/match?dp=17&euid=uLygHEMBRZEz.AikABlGEMuLR3g

43 B
269 B

281ms
279ms

Image
image/gif

193.3.184.227
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=uLygHEMBRZEz.AikABlGEMuLR3g
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.227 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:36 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:36 GMT
server: nginx
x-backend-id: f19-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://acint.net/match?dp=17&euid=uLygHEMBRZEz.AikABlGEMuLR3g
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame DE1D 43 B
764 B 798ms
282ms Image
image/gif 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=1303420AABFE60632A00267B0256029F
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:36 GMT
Last-Modified: Tue, 01 Nov 2022 11:10:36 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Tue, 01 Nov 2022 17:10:36 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame DE1D
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4560787694
https://www.acint.net/rmatch?dp=45&euid=Ara2izIfBvDzc8EmubhfmNQ&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1303420AABFE60633400817E020E210E

42 B
201 B

719ms
248ms

Image
image/gif

195.209.111.13
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1303420AABFE60633400817E020E210E
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 195.209.111.13 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:37 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Tue, 01 Nov 2022 11:10:36 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1303420AABFE60633400817E020E210E
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame DE1D 0
785 B 532ms
512ms Image
text/plain 2606:4700:3033::ac43:d997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=sape
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qmazjihZqDovNXCmt%2FqknlRmGaoOewdlk0yDSvZPFvTTNrexheZ7RmQBaBYKmMQ1XQ9mIm4w6xPCs30RN0YBfoigyXnpvtAVf%2Fq%2FVGFDfqpV8e9o3NhyZwE3t1tcnf4KSd2aWi5hEdoIjc%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 76342f522b3f1fcf-NRT
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 match
sync.republer.com/ Frame DE1D 0
68 B 1659ms
270ms Image
text/plain 23.88.82.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.republer.com/match?dsp=sape

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.88.82.46 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.46.82.88.23.clients.your-server.de

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:37 GMT
strict-transport-security: max-age=0
server: nginx

GET
H2 204 match
dm-eu.hybrid.ai/ Frame DE1D 0
333 B 746ms
256ms Image
text/plain 37.18.103.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=1303420AABFE60632A00267B0256029F

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.16 , Netherlands, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:36 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 523
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame DE1D 3 KB
3 KB 1023ms
223ms Script
application/javascript 185.15.175.132
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.132 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:36 GMT
Last-Modified: Tue, 01 Nov 2022 11:04:39 GMT
Server: nginx
ETag: "6360fd47-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET sape
sync.dmp.otm-r.com/match/ Frame DE1D 0
0

GET
H2

200

match
www.acint.net/ Frame DE1D
Redirect Chain

https://sync.upravel.com/sape/sync
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
https://82874eef-8bd6-4752-a758-487c45e5bb15.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
https://www.acint.net/match?dp=71&euid=82874eef-8bd6-4752-a758-487c45e5bb15

43 B
269 B

295ms
294ms

Image
image/gif

193.3.184.227
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=71&euid=82874eef-8bd6-4752-a758-487c45e5bb15
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.227 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:38 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Tue, 01 Nov 2022 11:10:37 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://www.acint.net/match?dp=71&euid=82874eef-8bd6-4752-a758-487c45e5bb15
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame DE1D 170 B
188 B 49ms
44ms Image
image/png 172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=EwNCCqv-YGMqACZ7AlYCnw

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adlmerge.com/merge_gpsid/ Frame DE1D
Redirect Chain

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=1303420AABFE60632A00267B0256029F
https://adlmerge.com/merge_gpsid/?sid=50&id=1303420AABFE60632A00267B0256029F

43 B
117 B

750ms
247ms

Image
image/gif

95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adlmerge.com/merge_gpsid/?sid=50&id=1303420AABFE60632A00267B0256029F
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:38 GMT
iseu: noneu
server: nginx/1.16.0
content-type: image/gif

Redirect headers

location: //adlmerge.com/merge_gpsid/?sid=50&id=1303420AABFE60632A00267B0256029F
date: Tue, 01 Nov 2022 11:10:37 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame DE1D 42 B
201 B 973ms
236ms Image
image/gif 195.209.111.13
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1303420AABFE60632A00267B0256029F
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.209.111.13 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:37 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

match
www.acint.net/ Frame DE1D
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
https://www.acint.net/match?dp=95&euid=IOGQXNCF

43 B
269 B

292ms
291ms

Image
image/gif

193.3.184.227
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=95&euid=IOGQXNCF
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.227 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:37 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=95&euid=IOGQXNCF
Date: Tue, 01 Nov 2022 11:10:37 GMT
Server: nginx/1.16.1
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame DE1D
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1303420AABFE60632A00267B0256029F
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1303420AABFE60632A00267B0256029F&cs=1

35 B
378 B

261ms
261ms

Image
image/gif

95.216.101.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1303420AABFE60632A00267B0256029F&cs=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 95.216.101.186 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.186.101.216.95.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 01 Nov 2022 11:10:37 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1303420AABFE60632A00267B0256029F&cs=1
date: Tue, 01 Nov 2022 11:10:37 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

match
www.acint.net/ Frame DE1D
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=yycWivVPZQ90

43 B
269 B

294ms
294ms

Image
image/gif

193.3.184.227
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=yycWivVPZQ90
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.227 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:38 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=yycWivVPZQ90
Date: Tue, 01 Nov 2022 11:10:37 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame DE1D
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=107&euid=731dfbc8-27e7-5431-83cb-12d6e0abec7d

43 B
269 B

301ms
301ms

Image
image/gif

193.3.184.227
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=731dfbc8-27e7-5431-83cb-12d6e0abec7d
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.227 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:37 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=731dfbc8-27e7-5431-83cb-12d6e0abec7d
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame DE1D
Redirect Chain

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
https://acint.net/match?dp=110&euid=1363d28d605e453ca2646780c1d6c911

43 B
269 B

298ms
297ms

Image
image/gif

193.3.184.227
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=110&euid=1363d28d605e453ca2646780c1d6c911
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.227 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:38 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=110&euid=1363d28d605e453ca2646780c1d6c911
date: Tue, 01 Nov 2022 11:10:37 GMT
server: Microsoft-IIS/10.0

GET
H2

200

match
www.acint.net/ Frame DE1D
Redirect Chain

https://1303420aabfe60632a00267b0256029f-sp.ops.beeline.ru/p?ssp=sp&id=1303420AABFE60632A00267B0256029F
https://www.acint.net/match?dp=111&euid=d3b02897-cdfa-4b29-aca3-c74196ae135b

43 B
269 B

280ms
279ms

Image
image/gif

193.3.184.227
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=111&euid=d3b02897-cdfa-4b29-aca3-c74196ae135b
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.227 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:39 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Tue, 01 Nov 2022 11:10:38 GMT
x-route: http://upstream_cookiesync
server: nginx
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
location: https://www.acint.net/match?dp=111&euid=d3b02897-cdfa-4b29-aca3-c74196ae135b
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.59
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

matchspm
ut.rktch.com/ Frame DE1D
Redirect Chain

https://ut.rktch.com/matchspm?pi=1000005&pui=1303420AABFE60632A00267B0256029F
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=769296974
https://ut.rktch.com/matchspm?pi=1000006&pui=p/mI8b5n9thf3cVeWkDAQe&noredirect

84 B
84 B

270ms
269ms

Image
image/png

89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000006&pui=p/mI8b5n9thf3cVeWkDAQe&noredirect
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:39 GMT
Server: nginx/1.22.0
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Content-Length: 84

Redirect headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:38 GMT
via: 1.1 google
last-modified: Tue, 01 Nov 2022 11:10:39 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://ut.rktch.com/matchspm?pi=1000006&pui=p/mI8b5n9thf3cVeWkDAQe&noredirect
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame DE1D
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=1303420AABFE60632A00267B0256029F
https://sm.rtb.mts.ru/match/second?ssp=30&exu=1303420AABFE60632A00267B0256029F
https://tech.rtb.mts.ru/?dsp_uid=b6d882f3-26e0-4476-a30c-b81c9162172b&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D3...
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID
https://sm.rtb.mts.ru/em?next=30&em=2&ssp=aidata&id=ezcDW/9PudEzhce2cuGJ7Q
https://www.acint.net/match?dp=125&euid=b6d882f3-26e0-4476-a30c-b81c9162172b

43 B
269 B

290ms
289ms

Image
image/gif

193.3.184.227
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=125&euid=b6d882f3-26e0-4476-a30c-b81c9162172b
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.227 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:40 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Tue, 01 Nov 2022 11:10:40 GMT
Server: nginx
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Location: https://www.acint.net/match?dp=125&euid=b6d882f3-26e0-4476-a30c-b81c9162172b
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame DE1D
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=0d8d0f84-7392-482f-5f52-26902f531942

43 B
269 B

285ms
284ms

Image
image/gif

193.3.184.227
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=0d8d0f84-7392-482f-5f52-26902f531942
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.227 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:38 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=0d8d0f84-7392-482f-5f52-26902f531942
date: Tue, 01 Nov 2022 11:10:38 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame DE1D
Redirect Chain

https://s.uuidksinc.net/match/396/?remote_uid=1303420AABFE60632A00267B0256029F
https://www.acint.net/match?dp=127&euid=Cm4Gxfb69cFKFihXqSE7

43 B
269 B

285ms
283ms

Image
image/gif

193.3.184.227
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=Cm4Gxfb69cFKFihXqSE7
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.227 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:38 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=Cm4Gxfb69cFKFihXqSE7
date: Tue, 01 Nov 2022 11:10:38 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

match
www.acint.net/ Frame DE1D
Redirect Chain

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
https://www.acint.net/match?dp=129&euid=tksbcybfop

43 B
269 B

289ms
288ms

Image
image/gif

193.3.184.227
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=129&euid=tksbcybfop
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.227 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:39 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:38 GMT
server: nginx/1.22.0
surrogate-control: no-store
vary: Origin
access-control-allow-origin: *
location: https://www.acint.net/match?dp=129&euid=tksbcybfop
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: 5eeda8cc-c411-41bd-8a3b-54abd857efd5
expires: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame DE1D 0
215 B 806ms
263ms Image
text/plain 217.65.2.150
CITYTELECOM-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=1303420AABFE60632A00267B0256029F
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 , Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 01 Nov 2022 11:10:38 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 204 1303420AABFE60632A00267B0256029F
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame DE1D 0
190 B 587ms
192ms Image
text/plain 93.95.102.105
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/1303420AABFE60632A00267B0256029F
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

server: nginx
date: Tue, 01 Nov 2022 11:10:38 GMT
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2

204

0.gif
x01.aidata.io/ Frame DE1D
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=1303420AABFE60632A00267B0256029F
https://x01.aidata.io/0.gif?pid=9401454&id=1303420AABFE60632A00267B0256029F&bounce=1
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=BCA2DAD26DC6823AF183&back=STOP

0
432 B

278ms
277ms

Image
text/plain

89.108.119.43

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=BCA2DAD26DC6823AF183&back=STOP
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 89.108.119.43 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:40 GMT
last-modified: Tue, 01 Nov 2022 11:10:39 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Tue, 01 Nov 2022 11:10:39 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=BCA2DAD26DC6823AF183&back=STOP
Date: Tue, 01 Nov 2022 11:10:40 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1

GET sape
dmp.gotechnology.io/match/ Frame DE1D 0
0

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame DE1D
Redirect Chain

https://sync.bumlam.com/?src=sap1&uid=1303420AABFE60632A00267B0256029F
https://sync.bumlam.com/?src=sap1&s_data=CAIQARiw_YObBmIgMTMwMzQyMEFBQkZFNjA2MzJBMDAyNjdCMDI1NjAyOUaiARDRw6cEWdUR7Y8KACWQyCQ3

0
523 B

241ms
241ms

Image
text/html

31.172.81.160

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&s_data=CAIQARiw_YObBmIgMTMwMzQyMEFBQkZFNjA2MzJBMDAyNjdCMDI1NjAyOUaiARDRw6cEWdUR7Y8KACWQyCQ3
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 31.172.81.160 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Date: Tue, 01 Nov 2022 11:10:40 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Tue, 01 Nov 2022 11:10:40 GMT
Server: nginx
ETag: d1c3a704-59d5-11ed-8f0a-002590c82437
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARiw_YObBmIgMTMwMzQyMEFBQkZFNjA2MzJBMDAyNjdCMDI1NjAyOUaiARDRw6cEWdUR7Y8KACWQyCQ3
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2 200 1303420AABFE60632A00267B0256029F
an.yandex.ru/mapuid/sapeis/ Frame DE1D 43 B
387 B 977ms
317ms Image
image/gif 2a02:6b8::90

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/1303420AABFE60632A00267B0256029F

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 01 Nov 2022 11:10:39 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 01 Nov 2022 11:10:39 GMT

GET
H/1.1 200
OK cm
nr.bidderstack.com/sape/ Frame DE1D 44 B
351 B 999ms
467ms Image
image/gif 148.251.217.100

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nr.bidderstack.com/sape/cm?user_id=1303420AABFE60632A00267B0256029F
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.217.100 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:40 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 44
Content-Type: image/gif

GET
H2 200 match.gif
mediatoday.ru/core/ Frame DE1D 43 B
368 B 1227ms
273ms Image
image/gif 139.45.228.100

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediatoday.ru/core/match.gif?s=32&id=1303420AABFE60632A00267B0256029F
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.45.228.100 -, , ASN (),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:40 GMT
server: nginx/1.20.2
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: image/gif
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 43
expires: Thursday, 01-Jan-1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame DE1D
Redirect Chain

https://cs.agency2.ru/p?ssp=sp&uid=1303420AABFE60632A00267B0256029F
https://www.acint.net/match?dp=186&euid=5a90e655-5cda-4d63-85a4-4aa78815e1c1

43 B
269 B

284ms
283ms

Image
image/gif

193.3.184.227
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=186&euid=5a90e655-5cda-4d63-85a4-4aa78815e1c1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.227 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:40 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Tue, 01 Nov 2022 11:10:40 GMT
Server: fasthttp
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Location: https://www.acint.net/match?dp=186&euid=5a90e655-5cda-4d63-85a4-4aa78815e1c1
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Host: 23.111.107.44
Connection: keep-alive
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame DE1D
Redirect Chain

https://sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
https://www.acint.net/match?dp=221&euid=A4104669953098215764

43 B
269 B

287ms
286ms

Image
image/gif

193.3.184.227
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=221&euid=A4104669953098215764
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.227 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:40 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=221&euid=A4104669953098215764
Date: Tue, 01 Nov 2022 11:10:39 GMT
Server: nginx
Connection: close
Content-Length: 0

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame BE59 41 KB
15 KB 3ms
3ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 11:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518561
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 11:07:54 GMT

HEAD
H/1.1

200
OK

file.mp4
r5---sn-oguesn6k.c.2mdn.net/videoplayback/id/ac39d466cb3020d9/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809604885/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame BE59
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/ac39d466cb3020d9/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809604885/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r5---sn-oguesn6k.c.2mdn.net/videoplayback/id/ac39d466cb3020d9/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809604885/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

117ms
3ms

Fetch
video/mp4

2404:6800:4004:2d::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-oguesn6k.c.2mdn.net/videoplayback/id/ac39d466cb3020d9/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809604885/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3ED91BC5E2DF42437C7B93435C4CDE150A229688.29E6B50BA10103FBA61A37DDDE180DB5346EB2DA/key/cms1/cms_redirect/yes/mh/dt/mip/2001:ac8:40:b4::4e/mm/42/mn/sn-oguesn6k/ms/onc/mt/1667300697/mv/m/mvi/5/pl/48/file/file.mp4

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

HTTP/1.1

Server

2404:6800:4004:2d::a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:36 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2032223
Last-Modified: Fri, 07 Oct 2022 15:31:51 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 01 Nov 2022 11:10:36 GMT

Redirect headers

date: Tue, 01 Nov 2022 11:10:35 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 648
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r5---sn-oguesn6k.c.2mdn.net/videoplayback/id/ac39d466cb3020d9/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809604885/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3ED91BC5E2DF42437C7B93435C4CDE150A229688.29E6B50BA10103FBA61A37DDDE180DB5346EB2DA/key/cms1/cms_redirect/yes/mh/dt/mip/2001:ac8:40:b4::4e/mm/42/mn/sn-oguesn6k/ms/onc/mt/1667300697/mv/m/mvi/5/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET frame.html
s3.advarkads.com/modules/match/ Frame 39CD 0
0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame BACE 23 KB
9 KB 3ms
3ms Document
text/html 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 498367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 16:44:28 GMT
expires: Thu, 26 Oct 2023 16:44:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame BACE 36 KB
16 KB 3ms
2ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 19:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 400915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 19:48:40 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7361 42 B
64 B 77ms
39ms Fetch
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsus-qR_N-W-b9ba2sb59chcfD0V-CA-ZmXifKe11o_5V-RZ7AsXXdx88FAcBVMaJGWbiUjfddERacIrohGwWBKjaKhlztcypePB3wMNW2pjC0oNCVA6QwfqjRPMTg1ALw-Mdjg&sai=AMfl-YSJEuFC1fFsWNoHzjWuWvJ2G2IEQG_9iafGg-ALwhyeAKHcQnlJvYWm8VRv4-Ht1vvhXu9WGt0rc0MIGuc&sig=Cg0ArKJSzLD9HWp5Z3PDEAE&id=lidar2&mcvt=1000&p=0,0,180,930&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3647433407&rs=2&la=0&cr=0&vs=4&r=v&rst=1667301034036&rpt=880&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9455 42 B
64 B 61ms
42ms Fetch
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxlSi16SYu2SMirMVNcf4Znm6T0EHOt5_OoZyCarW0TyllE3D_ZeuCaJGAMXhBlhBgvL_5UpWvAT_lpohtnA4IT-a8nTSDQ4VuIBZ6vz-FT6w4mYAhqtAoR2yeJMiyWypFsv0&sai=AMfl-YQQWayLAScYo2cJR6YtNh3NoxTL3jw0y2-IeyR8m50GUvC-ew8u_eTb_DVeZmSKHaPcmzSw09IQ4kc3ILU&sig=Cg0ArKJSzMs_3QfgR_4DEAE&id=lidar2&mcvt=1007&p=0,0,360,250&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3271423649&rs=2&la=0&cr=0&vs=4&r=v&rst=1667301034044&rpt=884&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BACE 0
20 B 41ms
41ms Image
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BhUB-q_5gY7uELdrKs8IP1pKdgAsAAAAAOAHgBAI&bg=!R0SlRADNAAZPh4lnb4c7ACkAdvg8Wllj5iC82YuHxDCkyg9u1QxOmd0wSx9h-Bjj1lHb22VQ9MKTnQIAAAA_UgAAAAFoAQcKAKCyiNDKJ6Z2crMj7mXLgsxQcJAngWoJXMgwIYWPUWdgkPGWLaz6KgzjCb1kQHwjWe3ldWoTdnLmv-8t4SBp6KsafZGBIq_4W52FCC0RC4DK5Bhpps_RURZmcUBf84BZHdbueW1NuP2AhK6dHQa1Mky24JtI5oHsSdWvao97q1adgzYE_Yi5xEZnjwYOgKMVoG2bEFeXU6tssZ1Z9VlTbicXmQLDRqXt2H_6I9WsJfcz7M4565o-awqIei2Nsgx2P5kNuoxtLxeCM-Ckr-jML5DvvLbWkkDlHvk1_ajDfGpcgGwBU5ld2odY6jM_i_UNj3E0pIHxt8Fcie_5PEokNOE-rzJE6hCfun8nt_xgJHT53F6Raoh1NK5FT7h-JT7CeO_WnIUbmx-z2OFqYRbOuYYA-iVf_75D3beYDOSMxK8YabDGeDdpvbv_VbeLgiIDhf-9zduoc9YoCekcQUjuAG1INL7dXnxx3Bgvk6kflezUQoq4As0n_lM7Ka64C6TwxT0tqvH4JCBr3xkUgFFUI-0P4wv8URdkITcn5-dN-K7SKF1i7Q7VRsqRLGBYxQ2oj5bqjuJR-rZVFkSN_TgcIWVuBYKRsmT6-hz_GWLvmngRxMBKHkj9eqwVqd2kZPfDXH-PGbNDUvRrNvdr-zlyb1qwpVrXHlhRmli5NVBFgF4wxwAP-0mWuVyPTCKiioVZpAnEucTXfqgHkGe3vf7eMn2PZJl6xKSV3YP1FmC773AEaocAZNTPd1-zawlOP1SG8ivYFFhC5HsR_5B7Z__YMoMhRWuCZ_gdZBnO2joue892nja-mwYEuqyRRqXcJjoS4RmSoXj7do12a5Qu-CPhgPb_NXf5MJwIoSio4cPOrgk4JRvqd-EKIHe_VygI8KvEJOqcNEaPVIJOtXU4lRFepMI_IRtuff1bHITUU4hel8udlfAsx3cTgolKcECK5uBX82a4U6ubhx5BRqvhqfWbj5nXAHIGrBUH6EbjQ2iyhuvKDQiEhHCLgsYdisoDGgZkC6d6U0fKyXdTq2SfutbqNT058LmuDTwCta45JKDBnu9SnRawcxcBcCSWKWyVr6BfFuQbTGN6dN8iWb38WnMpyy5K6usXuX9hQkMFaCuyGmkvWMdNurn1OII-dMxxf0QaNCyn9yBE6no

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r5---sn-oguesn6k.c.2mdn.net/videoplayback/id/ac39d466cb3020d9/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809604885/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame BE59 2 MB
2 MB 12ms
6ms Media
video/mp4 2404:6800:4004:2d::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:2d::a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e40219992a74030247fcd7f81c04c43ab8c80da6ce630af9d4f4010fa27ba81e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 01 Nov 2022 11:10:36 GMT
date: Tue, 01 Nov 2022 11:10:36 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2032222/2032223
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2032223
last-modified: Fri, 07 Oct 2022 15:31:51 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

POST
H2 204 csi
csi.gstatic.com/ Frame BE59 0
54 B 544ms
243ms Ping
image/gif 2a00:1450:4007:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=2~l9y3zkl0&c=2848897097623&slotId=1424448548811.5&qqid=CNL6mK_sjPsCFZJaDwIdudoBqg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=885&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C0&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4007:80f::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame DE1D 16 KB
16 KB 405ms
405ms Script
application/javascript 185.15.175.132
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=530734548199974
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.132 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 51cf59da6b7e03337540ee3ab9f8e135ff2ead958475c1bacc8683df57823fb0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 11:10:40 GMT
Last-Modified: Tue, 01 Nov 2022 11:04:40 GMT
Server: nginx
ETag: "6360fd48-3e19"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15897

GET
H2

200

1 Show response
mc.yandex.ru/watch/23414332/
Redirect Chain

https://mc.yandex.ru/watch/23414332?wmode=7&page-url=http%3A%2F%2Fheli-air.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afp%3A2700%3Afu%3A0%3Aen%3Autf-8%3Ala%3...
https://mc.yandex.ru/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fheli-air.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afp%3A2700%3Afu%3A0%3Aen%3Autf-8%3Ala...

427 B
509 B

321ms
320ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fheli-air.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afp%3A2700%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1631782168714%3Ahid%3A427688877%3Az%3A0%3Ai%3A20221101111037%3Aet%3A1667301037%3Ac%3A1%3Arn%3A918207522%3Arqn%3A1%3Au%3A16673010371047590307%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A507%2C248%2C583%2C249%2C%2C0%2C%2C1338%2C14%2C%2C%2C%2C2926%3Acpf%3A1%3Antf%3A1%3Ans%3A1667301030840%3Arqnl%3A1%3Ast%3A1667301037%3At%3AHelicopters%20%26%20Aircrafts&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

43433ee6bec18d01ba467b17a431c4fb9923d3bcbff9e48f384914cce71748fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 01-Nov-2022 11:10:37 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: http://heli-air.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Tue, 01-Nov-2022 11:10:37 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Nov 2022 11:10:37 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 01-Nov-2022 11:10:37 GMT
location: /watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fheli-air.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afp%3A2700%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1631782168714%3Ahid%3A427688877%3Az%3A0%3Ai%3A20221101111037%3Aet%3A1667301037%3Ac%3A1%3Arn%3A918207522%3Arqn%3A1%3Au%3A16673010371047590307%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A507%2C248%2C583%2C249%2C%2C0%2C%2C1338%2C14%2C%2C%2C%2C2926%3Acpf%3A1%3Antf%3A1%3Ans%3A1667301030840%3Arqnl%3A1%3Ast%3A1667301037%3At%3AHelicopters%20%26%20Aircrafts&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
access-control-allow-origin: http://heli-air.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 01-Nov-2022 11:10:37 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
160 B 306ms
306ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: heli-air.net
URL: http://heli-air.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:10:37 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
etag: "63575841-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 01 Nov 2022 12:10:37 GMT

GET
H2

200

/
www.acint.net/ping/
Redirect Chain

http://www.acint.net/ping/?v=0.4.0&uid=2714e800-6966-439c-920a-a3d7f2042e39&dp=10&tz=%2B00%3A00&nc=38520273&dT=2022-11-01T11%3A10%3A37.734
https://www.acint.net/ping/?v=0.4.0&uid=2714e800-6966-439c-920a-a3d7f2042e39&dp=10&tz=%2B00%3A00&nc=38520273&dT=2022-11-01T11%3A10%3A37.734

43 B
224 B

294ms
293ms

Image
image/gif

193.3.184.227
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.4.0&uid=2714e800-6966-439c-920a-a3d7f2042e39&dp=10&tz=%2B00%3A00&nc=38520273&dT=2022-11-01T11%3A10%3A37.734
Requested by: Host: heli-air.net
URL: http://heli-air.net/
Protocol: H2
Server: 193.3.184.227 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 01 Nov 2022 11:10:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/ping/?v=0.4.0&uid=2714e800-6966-439c-920a-a3d7f2042e39&dp=10&tz=%2B00%3A00&nc=38520273&dT=2022-11-01T11%3A10%3A37.734
Date: Tue, 01 Nov 2022 11:10:37 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H3 200 common.js Show response
maps.google.com/maps-api-v3/api/js/50/11/ 248 KB
68 KB 61ms
17ms Script
text/javascript 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/50/11/common.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?sensor=false&ver=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

534c915703921b8eb31d4b9bcbc3ef9d91aba85db65446412a23b1e601da82a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 483397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69651
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 20:31:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 20:54:01 GMT

GET
H3 200 util.js Show response
maps.google.com/maps-api-v3/api/js/50/11/ 164 KB
61 KB 63ms
20ms Script
text/javascript 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/50/11/util.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?sensor=false&ver=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f9c207bca487e5567297cc1d5fd029b94bc160b17dd479aa3f0085d4ecbe70f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heli-air.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 483397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61952
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 20:31:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 20:54:01 GMT

GET i
dmg.digitaltarget.ru/1/1093/i/ Frame DE1D 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESELpbUdcBVS10XnyiB0dK9HY&google_cver=1&google_push=AZmPxg9EmLF6tLhhyjCkDAdxs6UqokoF6tcIufn3085_oJ2KEjGTDtz1x0YyOslsaUy9A3-oMwftFe6QjNtvrd9t0hlgrXzHWe3w

Domain: sync.dmp.otm-r.com
URL: https://sync.dmp.otm-r.com/match/sape?id=1303420AABFE60632A00267B0256029F

Domain: dmp.gotechnology.io
URL: https://dmp.gotechnology.io/match/sape?id=1303420AABFE60632A00267B0256029F

Domain: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=1303420AABFE60632A00267B0256029F

Domain: dmg.digitaltarget.ru
URL: https://dmg.digitaltarget.ru/1/1093/i/i?i=426702235095187.548717308759042&a=77&e=1303420AABFE60632A00267B0256029F&pref=http%3A%2F%2Fheli-air.net%2F&c=ss:77.up:1303420AABFE60632A00267B0256029F.sync:up.xdua:duqRetwopZcVucTClGYWXElI.xps:xpsC7aBr1I5PVxJB6BkHiuV0W.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Domain: dmg.digitaltarget.ru
URL: https://dmg.digitaltarget.ru/1/1093/i/i?i=426702235095187.565072885144409&a=77&e=1303420AABFE60632A00267B0256029F&pref=http%3A%2F%2Fheli-air.net%2F&c=ss:77.up:1303420AABFE60632A00267B0256029F.sync:up.xdua:duqRetwopZcVucTClGYWXElI.xps:xpsC7aBr1I5PVxJB6BkHiuV0W.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

100 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
heli-air.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2vvcfv13ptdub75mavr9bejdhf
.heli-air.net/	1970-01-20 16:29:57	Name: __gads Value: ID=a543bb861b89a69f-22731d1cf8d7008b:T=1667301034:RT=1667301034:S=ALNI_MaTcyEV9xmKPDANMFpoNtxGZUfNQw
.heli-air.net/	1970-01-20 16:29:57	Name: __gpi Value: UID=00000b72eec35254:T=1667301034:RT=1667301034:S=ALNI_Mbf0PISgGL2iccg9EdStIYFbIBa1w
.yadro.ru/	1970-01-20 15:53:06	Name: FTID Value: 1ZOFwg13MteR1ZOFwg00222M
heli-air.net/	1970-01-20 16:44:21	Name: fid Value: 9c465597-04c6-49df-9471-01dab9215c3b
.w.uptolike.com/	1970-01-20 16:44:21	Name: utl_id2 Value: 29417072754
.w.uptolike.com/	1970-01-20 16:44:21	Name: utl_dat Value: "CImVi5fDMBAAIInm1Z/DMCiJ5tWfwzAwAF3+9aWhvEKxhil4mM/L39o="
.yadro.ru/	1970-01-20 15:53:06	Name: VID Value: 3_b8lA24iwOR1ZOFwg00224Q
.doubleclick.net/	1970-01-20 07:08:24	Name: DSID Value: NO_DATA
.pubmatic.com/	1970-01-20 07:09:47	Name: KTPCACOOKIE Value: YES
.adingo.jp/	1970-01-20 07:51:33	Name: ID Value: 33095b60b51078f6f8190e44c18874ce
.casalemedia.com/	1970-01-20 15:53:57	Name: CMID Value: Y2D.qwe.C-KWJMNfUGhQmwAA
.casalemedia.com/	1970-01-20 09:17:57	Name: CMPS Value: 5497
.casalemedia.com/	1970-01-20 09:17:57	Name: CMPRO Value: 5497
.doubleclick.net/	1970-01-20 16:44:21	Name: IDE Value: AHWqTUkBlKCQE8lcIT4oSXCXBKdfxO8VK0m9GJfmW_HIgwC1boj3LM3q9ZsiK3yGZx4
.openx.net/	1970-01-20 15:53:57	Name: i Value: d65076d8-feea-47a8-8005-ea7e9b552635\|1667301035
.pubmatic.com/	1970-01-20 09:17:57	Name: KADUSERCOOKIE Value: 1401186E-57C8-4F8F-9F7E-F9BA33045F1A
.acint.net/	1970-01-20 07:08:21	Name: test_cookie Value: CheckForPermission
.quantserve.com/	1970-01-20 09:17:57	Name: d Value: EAMBCQG8J4EA
.quantserve.com/	1970-01-20 16:38:35	Name: mc Value: 6360feab-7233a-465b2-29ac2
.acint.net/	1970-01-20 16:44:21	Name: aid Value: CkIDE2Ng/qt+gQA0DiEOAn7wbZVh82ERqCvVb7+MOemNSybn
.casalemedia.com/	1970-01-20 09:17:57	Name: CMTS Value: 5527
.mookie1.com/	1970-01-20 16:37:09	Name: id Value: 10525756756088797668
.mookie1.com/	1970-01-20 16:37:09	Name: mdata Value: 1\|10525756756088797668\|1667301035585
.mookie1.com/	1970-01-20 16:37:09	Name: ov Value: 40184dd138daa886690a6a59a3e16795
.e.dlx.addthis.com/	1970-01-20 16:38:35	Name: na_tc Value: Y
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp7v2 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp14v3 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp17 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp32 Value: 1667301035
.acint.net/	1970-01-20 07:09:47	Name: cSyncDp45v3 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp53 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp54v2 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp62 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp67v2 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp68 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp71 Value: 1667301035
.acint.net/	1970-01-20 07:28:30	Name: cSyncDp77 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp84 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp85 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp95v3 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp101 Value: 1667301035
.acint.net/	1970-01-20 07:28:30	Name: cSyncDp104v2 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp107 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp110 Value: 1667301035
.acint.net/	1970-01-20 07:28:30	Name: cSyncDp111v2 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp112v2 Value: 1667301035
.acint.net/	1970-01-20 07:29:57	Name: cSyncDp125v2 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp126 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp127 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp129 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp136v2 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp138 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp144 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp146 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp148 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp149 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp151 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp178 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp179 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp186 Value: 1667301035
.acint.net/	1970-01-20 07:51:33	Name: cSyncDp221 Value: 1667301035
.addthis.com/	1970-01-20 16:38:35	Name: na_id Value: 2022110111103500091313633073
.addthis.com/	1970-01-20 16:38:35	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:38:35	Name: uid Value: 6360feabb0049a58
.addthis.com/	1970-01-20 16:38:35	Name: ouid Value: 6360feab0001bcfe9fe79b2a31205bc033272a41ef4661119525
.dlx.addthis.com/	1970-01-20 07:51:33	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 07:51:33	Name: na_sr Value: 20221101
.dlx.addthis.com/	1970-01-20 07:08:21	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 07:51:33	Name: na_sc_e Value: 0
.betweendigital.com/	1970-01-20 15:53:57	Name: dc Value: sin1
.betweendigital.com/	1970-01-20 15:53:57	Name: tuuid Value: 731dfbc8-27e7-5431-83cb-12d6e0abec7d
.betweendigital.com/	1970-01-20 15:53:57	Name: ss Value: 1
.utraff.com/	1970-01-20 07:51:43	Name: preutid Value: 1
.hybrid.ai/	1970-01-20 15:53:57	Name: vid Value: a2e18997431a00178640
.adhigh.net/	1970-01-20 15:53:57	Name: gi_u Value: uLygHEMBRZEz.AikABlGEMuLR3g
.mail.ru/	1970-01-20 15:55:23	Name: VID Value: 3iOouT0uvYYD0022XP2mCCID:::0-0-0-87b576c:CAASEN68oOuqPAaYQwYGadvW03IaYHSlbbX3ggFolNpi_EdWLO7HNkm3PDQ0wOaK1moCOtiLCfpWd3urnLeQSxVyEUe9udxwMkWnqu78YQZIF9YSW4QOVDw1EfQJD8lcqI87HLmcXh9R0ieF-opnxFZRSD8FSA
.adriver.ru/	1970-01-20 16:44:21	Name: cid Value: Ara2izIfBvDzc8EmubhfmNQ
.adhigh.net/	1970-01-20 15:53:57	Name: sape_sync Value: jZH
.ssp-rtb.sape.ru/	1970-01-20 16:44:21	Name: sspuid Value: CkIDFGNg/qyX2gAkFI0SAjK9PL50hW0PRmFxOpEBVLmxLQz0
.upravel.com/	1970-01-20 07:08:21	Name: session_tptc Value: 1667301036935
.heli-air.net/	1970-01-20 15:53:57	Name: _ym_uid Value: 16673010371047590307
.heli-air.net/	1970-01-20 15:53:57	Name: _ym_d Value: 1667301037
.betweendigital.com/	1970-01-20 15:53:57	Name: ut Value: Y2D-rQAC9dBw3mTFWQDb8jP9tKc2Z5yDw26-yA==
.upravel.com/	1970-01-20 16:44:21	Name: user_id Value: 82874eef-8bd6-4752-a758-487c45e5bb15
.heli-air.net/	1970-01-20 07:09:33	Name: _ym_isad Value: 2
.yandex.ru/	1970-01-20 16:44:21	Name: yandexuid Value: 5894336821667301037
.yandex.ru/	1970-01-20 16:44:21	Name: yuidss Value: 5894336821667301037
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 260164931667301037
.yandex.ru/	1970-01-20 16:44:21	Name: i Value: XumSMzqpNTPtWvOKH0VvIhvhfuVkVN1aL3BN1UlO6CLYI0miG1HQsO3J/aX1CpblfbSu0BA0NzNcn6wM7BDjtGc/UQk=
.yandex.ru/	1970-01-20 15:53:57	Name: ymex Value: 1982661037.yrts.1667301037#1982661037.yrtsi.1667301037
.1dmp.io/	1970-01-20 15:53:57	Name: uid Value: d0414d02-59d5-11ed-8ff0-f832e4719dd9
.rutarget.ru/	1970-01-20 11:27:33	Name: userId Value: yycWivVPZQ90
.uuidksinc.net/	1970-01-20 15:53:57	Name: jcsuuid Value: Cm4Gxfb69cFKFihXqSE7
.rktch.com/	1970-01-20 07:51:33	Name: b_uid Value: 7fc53ca71717cf3103d761e7a711c99eaef5
.mts.ru/	1970-01-20 15:40:59	Name: dspid Value: b6d882f3-26e0-4476-a30c-b81c9162172b
.gnezdo.ru/	1970-01-20 16:44:21	Name: uid Value: XV9maWNg/q4zPLkkk+DtAg==
.ops.beeline.ru/	1970-01-20 15:40:59	Name: BeeAID Value: d3b02897-cdfa-4b29-aca3-c74196ae135b
ssp.bidvol.com/	1970-01-20 16:44:21	Name: bvuid Value: tksbcybfop
.weborama.fr/	1970-01-20 16:34:16	Name: AFFICHE_W Value: NHyenKFgwFE071

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://heli-air.net/wp-content/themes/heliair/js/smthemes.js?ver=11 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: http://heli-air.net/wp-content/themes/heliair/css/ubuntu-r-webfont.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://developers.google.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESELpbUdcBVS10XnyiB0dK9HY&google_cver=1&google_push=AZmPxg9EmLF6tLhhyjCkDAdxs6UqokoF6tcIufn3085_oJ2KEjGTDtz1x0YyOslsaUy9A3-oMwftFe6QjNtvrd9t0hlgrXzHWe3w Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1303420aabfe60632a00267b0256029f-sp.ops.beeline.ru
82874eef-8bd6-4752-a758-487c45e5bb15.sync.upravel.com
a.utraff.com
accounts.google.com
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.adlook.me
ads.betweendigital.com
adservice.google.co.jp
adservice.google.com
an.yandex.ru
apis.google.com
bid.g.doubleclick.net
cc.adingo.jp
cm.g.doubleclick.net
cms.quantserve.com
counter.yadro.ru
cs.agency2.ru
csi.gstatic.com
developers.google.com
dm-eu.hybrid.ai
dmg.digitaltarget.ru
dmp.gotechnology.io
e.dlx.addthis.com
exchange.buzzoola.com
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
heli-air.net
image6.pubmatic.com
imasdk.googleapis.com
maps.google.com
maps.googleapis.com
match.new-programmatic.com
mc.yandex.ru
mediatoday.ru
nr.bidderstack.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
platform.twitter.com
px.adhigh.net
r5---sn-oguesn6k.c.2mdn.net
redirect.frontend.weborama.fr
rtb.openx.net
s.uuidksinc.net
s3.advarkads.com
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssl.gstatic.com
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.bestssp.com
ssp.bidvol.com
ssum-sec.casalemedia.com
stat.adlabs.ru
static.xx.fbcdn.net
sync.1dmp.io
sync.adkernel.com
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync.upravel.com
syndication.twitter.com
tag.digitaltarget.ru
tech.rtb.mts.ru
tpc.googlesyndication.com
ut.rktch.com
w.uptolike.com
www.acint.net
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
x01.aidata.io
dmg.digitaltarget.ru
dmp.gotechnology.io
googlecm.hit.gemius.pl
s3.advarkads.com
sync.dmp.otm-r.com
103.231.99.243
104.18.19.126
104.244.42.8
104.88.209.23
109.248.237.37
139.45.228.100
148.251.217.100
148.251.236.118
148.251.237.106
172.217.161.66
176.9.79.218
185.147.80.35
185.15.175.132
188.72.107.228
193.232.150.46
193.3.184.210
193.3.184.227
195.209.108.37
195.209.111.13
203.195.121.142
213.87.44.187
216.130.169.24
217.65.2.150
217.66.147.35
23.111.107.44
23.88.82.46
2404:6800:4004:2d::a
2404:6800:4004:801::2002
2404:6800:4004:80a::2002
2404:6800:4004:80a::200e
2404:6800:4004:80b::200d
2404:6800:4004:810::2001
2404:6800:4004:820::2003
2404:6800:4004:820::200a
2404:6800:4004:820::200e
2404:6800:4004:822::2002
2404:6800:4004:822::200a
2404:6800:4004:823::200a
2404:6800:4004:823::200e
2404:6800:4004:824::2002
2404:6800:4004:824::2003
2404:6800:4004:825::2002
2404:6800:4004:825::2004
2404:6800:4004:825::200e
2404:6800:4004:826::2002
2404:6800:4004:826::2003
2606:2800:248:2f:1d8a:787:dc7:17df
2606:4700:3033::ac43:d997
2620:116:800e:21:6c50:dbee:bef5:203d
2a00:1148:db00::17
2a00:1450:4007:80f::2003
2a02:6b8::1:119
2a02:6b8::90
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
31.172.81.160
31.220.27.135
35.186.253.211
35.190.24.218
35.227.202.26
35.76.245.45
37.18.103.16
37.9.245.57
46.4.114.109
5.200.50.170
64.233.189.157
65.109.65.188
8.39.36.141
87.118.122.225
88.212.201.198
88.212.201.204
89.108.119.43
89.108.97.2
93.95.102.105
95.163.114.204
95.211.66.35
95.216.101.186
0354877d12384daadaad1741e0a790ec14b5256c0394d3f581a678c4825d87c4
03c5fabcefe12265688346a415bddb16a476ddef8425967f65621cc75012155e
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
09e03115e59331185fc489b1d63d14f7dd982a7f8992af7c98da3365193fa18f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
0c9302e65b380bc29556244b1c8c5ba2226c52dd45aaeec46511880631447ccf
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
159b41c5f01da32367b70d6701dde4f9a5ff547d3dd6b2ff03ee546cf2146ed0
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
168ef7f403eef9b4e6149fbbf8aec1fe280a5d77373bfdef3b560d3cbfe4b905
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18fe0940eef48896f4182c60bc6052b40a224c05611eadaf0ab751176035230f
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
1b4c5228f44906b78c64eb73cfb50f51e84b562d2829c55dc3c5b7077f7700a0
1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f70155e13733ac4d343295b69ef6c33152cfbe26d98c3336629fccd726f44ad
21c7d73680f2100456a479b987c70afc00fed06a150e2b594aab0288aaec2fe2
236dca679b9983d1fbea0415d584b17d80f1c6942506fc508a5384db924e8795
24d115bc231ccfb61d291a6b0c4c02506147d4e4990d7e9ec83aa1d661c34a29
28bd8b67fd471cb6b3f84c9e273e0539326a01f2f94aa6e48327fc9d01a41145
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2cc4f88a5c6519c9aafc2e9c7d063e8f229058764e4a9c212c03a616562c32f1
2ebb55bc62e795767274b87380c5fd7c43012bcc1ebcf78942200d26bcd51cd8
34ef5c96adb1ab0e4676622213390264273bd007d4d09489c4923a69d538acd8
360fe80954b26ecc8865c62f03ff2d597731f16db08774dda6b4a9b3491e7816
3e9fb74061133f9dc6c809fb777bdcdc8e02b6812ad5bf39aad5f6c69f1b96dd
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
42caeeda0fe2e2650b29b331c09edc0dac7baedebfb2266e730727c1ec3827d0
43433ee6bec18d01ba467b17a431c4fb9923d3bcbff9e48f384914cce71748fa
44637b754166b3086d6b0a92f4dc8adf323521f3e6d7e7f595f6b91c8b203275
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
47d3384aae8baa215c48f66d09d3df4efd2783fe6fda57ea912f92a3a2013414
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d211131414923ef4bf1ee3412242dc70fa5f97b296078830bfe6399d261cadc
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d5645da2fda11aa729057832cf0439ad2899331a14989b6ed5890ad7d9e7e74
4e3f1b36efe79a8aab2fc40792f5e47f44faa7bd682669faa9143011d7dc8b0e
4e70f196596d57a6f3570a0983040f63d9ed88bb9da8849a302ad19fea617dd2
4f9c207bca487e5567297cc1d5fd029b94bc160b17dd479aa3f0085d4ecbe70f
50be84b305e1dc71413ebb192c08904add565fe48676b157ed1546b56090873c
51cf59da6b7e03337540ee3ab9f8e135ff2ead958475c1bacc8683df57823fb0
52c2be759f6ad87888eab50463512864f47c4a9db42c567acd106e45410bed80
534c915703921b8eb31d4b9bcbc3ef9d91aba85db65446412a23b1e601da82a2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56fe7ec9d5c4fd3fbaa582a20ae7abf5335bc1b2d5574c6ff75d2de541a4f4dc
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
63186a2fc650b794ae138c5f72e53411f0dfc71dbb1be501f33a58257feb6a09
64f324e9652423dabe3779020df730bb3b7e7cdb0746836bfda14218a5c64bc1
65c7c9fe3180050847fdb64c6f181d8ee3d9790a1aec69aac0d1f98eb3ce96d9
66269dbfe55d50c358afce5628e9387858f6e4968ea408449f68f8b5fcaacb95
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6c43b4ac725a783ec233b86a55a66f90d9051252c72bd1ea4ff5b1ca55d25264
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6f7b77ce49aabc8f764538a8604c586e0217605f45f682fff1a0c941e46cfca1
70b0ba6a3f6393acadb69b7dd62df654658fe39f56875575a4f3bbbe64425b25
719bdb34bfb0e2de7bdc2ff4d7e75b325e995ea832b6533b84d02715700e103d
71edadb1ef28809e6ee29e869d0282e8061a21bcd3681a4c996159e6deaad9a9
7449a704d1619eabc3e8ba7de945cbfb2ed162adee50b7974db7af85ad1e44cd
74f1a361e4fe314845b0aa7d55e47364e5c5a9e95bb40d5e8fec7afb768e90ba
77e4efc5456de102b00a6cca1ee47970c9fc0959efd864edc372dc72ee589fa1
7f513efbaa9169a5bae761b1240877199694d14910b4dc9e989b43ee98d60bee
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
887dc554dfa64d009b65c0649d1021b8d8aace5a6c4445bde485ccb0ba424e71
89725a8666796a6366eddd3c8cd42e24ebaeea03efac94c283e17783848f5d19
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
8cd92114340e2ecf8f29c1627b01a48f12b31e186b032d8552515a93a134e5cf
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9853da6f1e470183bfd76acb23b6473a09ac72e2fae8af255b1285a7f1cdfb26
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
9ef70c77286b42ad41baf16b6895cf1e921540d159438439a9a31dc05e11ef5a
9f48fc2f539dbcd2b99a2cd7464dea1ea44b383894f995115c3821a1ab4977ef
a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1cf62faca35612e6efc3f6c593cd5c8f99cae0a6405e9e6adb624cb6e874c59
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a9c216dc2c163cef46ce19c9156c05aa2edfae28210be29ccfbf902a75190293
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad658ae0a54b98392dcad812f6397673986669aa98d96fa47b310049124116c9
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b70c0b713f4d68e7a2e07103e5a1f0e7cf72886364930ad52a9ae2efb72ef3bc
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c6da11b5e287e4895db93e023adf2c2c0380cc93086dbf9de5fbe5673591ad09
c73c4aeed81fece6d4b0583ac18c7d8950f35b59fea697dc6787a1ff35af2a9a
c95553bb3c7d5ffb6824bd0ea37e4b3c5513f72a6d7d15edf837146d865fc13b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06df4184ba84e09a4be6a6ed101d1c3adefea0eaa833ddecf2f2251f6af33a3
d5b8f6eb68c4913c7232e1bc0729e7e179598eec63f586d8e29fa7eeb84fab70
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
da3dc122dddfe9176ebeb588f7ef4817d9824883544b307fafe1b6f023584e23
ded45059ec102a9b40b74b747783c5bd60befa7f67124a43144f60129e308e45
e02b14332b197a441b52b1829a3d28b37fb66b48ec59e7a87b3b53a1f37ebfd9
e09e79965bf00105ca1fb4b3ee3b6611ef61a0e8ad51dd57e6443d61adba12e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40219992a74030247fcd7f81c04c43ab8c80da6ce630af9d4f4010fa27ba81e
e669086faead169dcf3788c3cd782b7b4fe99516abaa0b30c90349f731d2214f
e7520035e4f26af334db98fcf2635887d960d5ab70a574e651343a7d8f621bfd
e8e3afc1c8a67f71efdfb77d4f0f8c909bb71789dd2c80d6a9f772ca440afb18
ea9394b20f1b52e8e2f483ccd8b8a20f67b3dda56727d853528eece5ea8e53e7
edb0ad703d78bce114734b1fa88cd9112ecbe866f0411cde6202242d2f0fcffa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b92945f599cd606acb1d5bf60b30d1f6a6b4cee0ff6cb8ea0a29e6903a8cae
f0bdf714152b28168ab3607dce92a40680766ffef938d43d0f39cbcdf430397b
f1b3eb21bd6250426e1e4494a4428fa8f1bb71ba35d7e106d53f291f938fe7ad
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5e40d4eaf8451b3bf83184a4d0a5c7f53df127042e6bc2ec49c13eb31f28056
f634fd86b734aea9355112838f95c68203a3fc88db1d0fb97e86d0254398ab2c
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

heli-air.net Open in urlscan Pro 87.118.122.225 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

218 Requests

62 %HTTPS

38 %IPv6

60 Domains

81 Subdomains

51 IPs

10 Countries

5134 kBTransfer

8784 kBSize

100 Cookies

6 Outgoing links

Redirected requests

218 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

heli-air.net Open in urlscan Pro
87.118.122.225 Public Scan

Screenshot
Live screenshot

Full Image

218
Requests

62 %
HTTPS

38 %
IPv6

60
Domains

81
Subdomains

51
IPs

10
Countries

5134 kB
Transfer

8784 kB
Size

100
Cookies

218 HTTP transactions
7 data transactions